Leaker reveals which Pixels are vulnerable to Cellebrite phone hacking

They couldn't answer the question most on my mind: "We’ve reached out to Google to inquire about why a custom ROM created by volunteers is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say."

GrapheneOS makes security trade-off that are inconvenient to the user. This results in a far more secure device, but nonetheless a device that the general public would find far more annoying. Google would lose a proportion of its user base by implementing the same protections.

Example: https://old.reddit.com/r/GooglePixel/comments/ytk1ng/graphen...

Also Google Pay is missing.

Which particular thing you consider inconvenient or even annoying? You can even install Google Play there.

I see just one minor tradeoff - no face unlock.

They removed pattern lock, which makes me uncomfortable.

I don't care for touch/fingerprint (or face) because biometrics aren't protected in the fifth amendment right to be free from self-incrimination.

The only screen lock is PIN.

Straight from the horse's mouth: https://discuss.grapheneos.org/d/16393-maybe-re-instate-patt...

> Pattern unlock is a badly designed lock method that's a major downgrade from the security of a PIN for multiple reasons.

> Pattern lock is even more dangerous to people who are as you say more casual users. It is a badly designed and dangerous feature. iPhones not having this is very good for users. We will not add back a major flaw in the OS security design.

If this makes you uncomfortable somehow? OK? Maybe it's not an OS for you :)

That is hardly the only problem.

The browser is astonishingly bad at dark mode.

The launcher forces almost all icons to greyscale black and white and does not accept icon packs.

I feel like I'm downgrading by my compulsion for Brave and Lawnchair, but some attention is lacking in aesthetics. (e/os has this problem to a lesser degree with the Bliss launcher.)

There is no rooted ADB. Even if a giant OS TAINTED notification appears every five minutes if I ever turn it on, I want it.

There are a few other annoyances that regulate Graphene to one of my experimental spares.

Vanadium is pretty good but I agree there are problems I can circumvent only by using another one (Brave); I presume it's the strict tracking protection that breaks some sites.

Not sure about your launcher problem, but you had to turn it on yourself? I don't experience anything like this on my phones. I miss Nova though; none of the other launchers I tried came near (last tried: uLauncher, Kvaesito, Olauncher, Lawnchar, Niagara. Need to try Square home perhaps).

Lack of rooted adb is a good, conscious choice for the security focused OS. It's not about _you_, it's about the integrity of the OS.

You demand access to adb root. Today Cellebrite cannot extract entire phone with one profile unlocked. I bet they'd be thrilled to hear about the new, beautiful target.

If you really need that, you can build yourself debug image and have access to it. You want it, but that's incompatible with the security model. They give you ways to get it, of course, but without their stamp of OS integrity.

To me safe defaults are a good choice.