What are the most privacy respecting smartphones to buy, I am also looking for the one which respects your privacy the most. So far going to privacy communities esp on reddit, I often see Google Pixel + GrapheneOS being recommended.
But the thing is I don’t really trust Google with privacy, as we have seen they are last one to respect privacy. What if Google has some backdoor in the hardware that cannot be changed? And the problem with the more privacy respecting OSes for mobiles like GrapheneOS, CalyxOS etc are that they are only supported for Google pixel phones.
So I am really confused here.
Google Pixels have no backdoors. Recently, Maxime Rossi Bellom , Philippe Teuwen and Damiano Melotti did a deep research about the Google’s Chip, called TITAN M, in order to give an understanding regard it’s attack surface as well as the known and previously vulnerabilities.
Presentation Material
Download Slides
Download Whitepaper
There is also a repository on GitHub, which contains the tools they used in their research on the Google Titan M chip.
There is also a very interesting thread from Daniel Cuthbert, in which he showed some part about their presention. In the same thread, he also wrote that the Titan M is the reason why he switch from iPhone to Pixel.
We’re are talking about BlackHat here, not some random guy which claims things without any proof.
Regard the OS, GrapheneOS is far better than Calyx; it offers much better privacy and security improvements. You can see the list of the features here; https://grapheneos.org/features
This is interesting to hear. So research finds no presence of any backdoors on the TITAN M chips of Google pixel phones. I wanted to buy a new smartphone which is more private and so far the most private OSes are only supported for pixel phones. On a sidenote, how does the GrapheneOS compare to other OSes like the LineageOS or DivestOS?
I don’t know about DivestOS. However, GrapheneOS is dramatically better than LineageOS. That’s because GrapheneOS is focused on privacy and security rather than customization like LineageOS. GrapheneOS starts from the strong baseline of the Android security model and brings a lot of privacy and security improvements. While LineageOS doesn’t have real privacy and security improvements, it also weakens the android security model.
There is a very good article written by madaidan, who explain the security of Android and the problems about lineageOS; https://madaidans-insecurities.github.io/android.html
Thanks. DivestOS is a fork of LineageOS. Website: https://divestos.org/
Madaidan’s article also seems to recommend Pixel + GrapheneOS. Would there be any significant difference between Pixel 3, 4 or 5 when it comes to privacy? Asking since, Pixel 5 costs more than 4 and 3 and whether it would be worth paying an extra hundreds of dollars for the latest Pixel.
Hi! Really sorry for the delay.
Every new generation of pixel bring privacy and security improvements hardware wise. In particular, the new pixels have set a new standard for mobile security;
https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
This article smells bullshit.
Having a separate chip for some system activity is reasonable security, but what about running a libre GSM modem with some clear (hardware) limits on what it can reach in case it’s compromised (this is what Pinephone/Librem is doing)?
Encouraging fingerprints as passwords. Worst security advice ever.
I don’t know about the details, but this smells like some really privacy-invasive tech.