Software is equally important. The iOS and Android operating systems that run on nearly every smartphone conceal uncountable numbers of programming flaws, known as security vulnerabilities, that mean common apps like iMessage or web browsers become dangerous: you can be hacked.
Conversation
If I were configuring a smartphone today, I'd use 's as the base operating system. I'd desolder the microphones and keep the radios (cellular, wifi, and bluetooth) turned off when I didn't need them. I would route traffic through the network.
75
1,041
2,904
This Tweet was deleted by the Tweet author. Learn more
It doesn't support the Nexus 6P anymore since that device doesn't meet the security standards and is also end-of-life without full security updates available. It has never supported it while being known as AndroidHardening or GrapheneOS, only during the previous incarnation.
1
3
This Tweet was deleted by the Tweet author. Learn more
The Librem 5 doesn't meet the basic security expectations of GrapheneOS including having full security updates. It will ship on day one with serious vulnerabilities and no way to fix them. Similarly, it doesn't meet a lot of other standard privacy/security expectations either.
2
1
2
The current hardware targets already have isolation for hardware components including the baseband. The claim that they do not is dishonest misinformation that they're repeatedly spread in their marketing. In general, that has been their approach: attacking others with lies,
1
1
This Tweet was deleted by the Tweet author. Learn more
An audio recording kill switch has substantial value as a final line of defence after the device has been compromised and all the data on it has already been obtained. They aren't providing one, but rather one disabling only a portion of the hardware able to do audio recording.
1
1
It's important to keep in mind the threat model for kill switches is that the device has already been compromised, all data on it has been obtained and it is now being used as a monitoring device. Preventing audio recording when not explicitly enabling it is useful in that case.
1
1
Of course, when turning on audio recording to do something like an encrypted voice call via Signal, the attacker will be recording that like everything else. The threat model for the other kill switches is unclear. Camera switch can be useful but can be approached other ways too.
This Tweet was deleted by the Tweet author. Learn more
I don't want to make posts about them. I responded only because you were directly asking the GrapheneOS project to support it. They've spent years flinging mud with dishonest attacks / false claims but I'd rather not engage with them beyond answering direct questions like this.
1