Fairphone 6 is switching to a new design that's even more sustainable

(www.androidcentral.com)

401 points Bluestein | 3 comments | 23 Jun 25 15:29 UTC | HN request time: 0.001s | source

Show context

stiray ◴[24 Jun 25 07:35 UTC] No.44363735[source]▶

I am still waiting for Fairphone and Graphene OS collaboration. This is match made in heaven.

Any Fairphone/GrapheneOS developer reading this? Just do it, document if something is not secure enough for you, but do it. Nothing to think about, you fit together like hand and a glove and any seconds thoughts are depriving the planet of THE PHONE!

Pick the cash we will throw at you and make second generation with the cpu GrapheneOS wants, that will make the /r/GrapheneOS members eyes shine, drooling and crying of joy at the same time. +throw them in a few hardware switches for camera, mic, connectivity,... disabling. No need to wait to be perfect in first iteration (and due to that craziness and perfectionism will never happen), to gain the possibility to be perfect in second or third.

I would love so much to stop buying Google Pixel phones just to install Graphene OS and protect myself from Google and its ecosystem, it seems so counterproductive.

replies(4): >>44363775 #>>44363839 #>>44364179 #>>44364441 #

WhyNotHugo ◴[24 Jun 25 09:53 UTC] No.44364441[source]▶

>>44363735 #

I recently suggested that GrapheneOS support devices with average security on Mastodon. Much like yourself, I think "moderately okay security" is better than "just use Google's spyware infested OS".

The GrapheneOS folks replied in disagreement, insisting that this is a terrible idea because security would be less than perfect. They then started making up stories about me and throwing around unfounded accusations. I don't trust them in the slightest, and strongly recommend staying away from them.

replies(4): >>44365722 #>>44366110 #>>44380726 #>>44380887 #

1. mbananasynergy ◴[25 Jun 25 19:12 UTC] No.44380887[source]▶

>>44364441 #

I'm the community manager for GrapheneOS. That isn't what happened, and it is very weird to not only see that on Mastodon, but also that you're going around saying it in other places, too.

People involved with the project you're working on have a history of making attacks on GrapheneOS, but what I mostly want to focus on is your suggestion because my goal here isn't to get in a back-and-forth with you or convince you, but rather provide context for others reading this.

Our hardware requirements are not arbitrary. They are what we need in order to be able to provide usable security to people who depend on it. There's no "average security" for devices that are missing patches for known vulnerabilities for months. That's a non-starter, not something imperfect that an OEM can work on improving. Multiple OEMs have reached out to us and actually want to do the work of improving their devices so that we can use them to provide security for people. It's very weird for people to be fixated on this idea that GrapheneOS should instead be supporting devices which can't actually provide what the OS is known for.

Without a secure element, a 6 digit PIN is no longer secure and can be bruteforced. What average person is using a long diceware passphrase to unlock their phone? Our device requirements are reasonable, and can be found at https://grapheneos.org/faq#future-devices. Every time people ask us to support another device, we have to point to that explain that we cannot, because to date, no other devices meet them, and those who do purposefully go out of their way to cripple third-party OS support (Samsung chief among them). Then, we ask people which of our requirements we should drop in order to support that other device, and why people think that requirement is unreasonable. To date, we have received no convincing reply to that.

You think we're chasing "perfection" but Pixels are just the best that exists right now and is extremely far from perfect. Our requirements aren't a wishlist, they're based on what is possible and reasonable today, not in the future.

replies(1): >>44397761 #

2. WhyNotHugo ◴[27 Jun 25 15:50 UTC] No.44397761[source]▶

>>44380887 (TP) #

> Without a secure element, a 6 digit PIN is no longer secure and can be bruteforced.

Thanks for providing an actual example which we can use as a realistic reference.

Right now such device can run OSs which ship first party spyware. If GrapheneOS supported those devices, they’d be usable with an OS without that spyware, which is a net improvement. The security issue of “a PIN can be brute-forced” exists regardless of OS.

replies(1): >>44401029 #

3. mbananasynergy ◴[27 Jun 25 22:53 UTC] No.44401029[source]▶

>>44397761 #

It has always been the goal of the project to provide security and privacy features while maintaining usability. People are expected to acquire a device to use GrapheneOS rather than us supporting as many devices as possible where we cannot offer the same protections.

We're hoping to have a non-Pixel device that actually meets the projects requirements in the near future, potentially. Our requirements aren't exotic and OEMs are confirming that they're well within their capabilities. We'll focus on working with OEMs interested in shipping secure devices in order to expand our offerings, which should offer more choices for potential users as well.

↑