Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking

They couldn't answer the question most on my mind: "We’ve reached out to Google to inquire about why a custom ROM created by volunteers is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say."

GrapheneOS makes security trade-off that are inconvenient to the user. This results in a far more secure device, but nonetheless a device that the general public would find far more annoying. Google would lose a proportion of its user base by implementing the same protections.

Example: https://old.reddit.com/r/GooglePixel/comments/ytk1ng/graphen...

Also Google Pay is missing.

Which particular thing you consider inconvenient or even annoying? You can even install Google Play there.

I see just one minor tradeoff - no face unlock.

Google OS-level integration is absent, and while Google Play Services can be installed, you're still missing things like Chromecast. Also, there's more manual configuration (although I don't remember exactly what, I've never used GrapheneOS). A lot of stuff you do get for free, but not all of it, and stuff that's been removed as a "feature" isn't always stuff that nobody wants.

I have no idea what you're talking about. Graphene is my daily driver. "Manual configuration" does not ring any bells. Google OS-level integration being "absent" is a core feature, not an annoyance.

The problem with Graphene is that some app publishers are absolute asshats, they think their app is "more secure" when they require the Google verification spiel, when it is the other way around.

Is the battery life better with Graphene?

I would say, similar. In theory it may be slightly worse, because you are not using play services to deliver notifications, but each app does their own fetching (I believe that's how it works), but you will also restrict apps more (due to e.g. being able to restrict network access), so the two sort of cancel out.