i am once again asking you to free me from the necessity to compile android from source to have a phone i'm comfortable using
11
14
200
Conversation
Replying to
I’m very curious what you think of GrapheneOS. Compatible with verified boot and
I recall reading that they make it very easy to spin up a build server on Amazon periodically and OTA update your device.
Seems like it would handle the thwarting-thief-w/-fastboot use case?
1
5
Replying to
i would use upstream GrapheneOS but my understanding is that i cannot do factory reset after locking bootloader and without the ability to go past lockscreen. it is far more likely that i'll forget the passphrase than the phone being stolen
3
8
That used to be the case but hasn't been the case since it became Android Hardening and then GrapheneOS. GrapheneOS no longer removes the wipe data option from recovery since we don't think anti-theft is worth any kind of sacrifice. No matter what, it leads to bricked devices.
1
7
Covered in grapheneos.org/faq#anti-theft. You're remembering how it used to be before the revival of the project as Android Hardening / GrapheneOS. It was a probably misguided attempt at providing an equivalent to the stock OS anti-theft feature without Google account integration.
1
5
We don't think it's useful for deterring theft since it's unlikely an attacker would steal a phone specifically because they know it runs GrapheneOS so they can wipe it and use / sell it. In theory, we'd like to have an opt-in variant of it, but it's not worth developing it.
1
5
So, for example, there could be a toggle for having the option in recovery and it could read some state (not in data) to determine if it should offer it. It probably makes more sense to use FRP to store a token requiring credentials after wiping, so people can set a reset pass.
Regardless, not interested in trying to offer it since it doesn't seem to be genuinely useful. It's not worth a sacrifice like users losing their passphrase and bricking their phones. Not worth developing a better alternative since there's near zero return on that investment.
1
2
oh, got it! I'll take another look at GrapheneOS then. the person this specific Pixel will be used wants Google services so I probably still have to build my own for now, but it does seem like I could use GrapheneOS myself now
2