As has been said, the first one is that with a Pixel, the company manufacturing the phone and providing the OS including all standard apps is just Google. As all parties involved will try to spy on you (generally), having just one involved beats multiple. If you’re using Android, Google will usually be involved anyways, so a pixel is the only device where it’s just Google instead of Google + another party. You get the stock Android experience, without anything forced on top.
Also, Pixels are relatively cheap, come with long update support and quick security updates. Generally, Google is one of the better companies when it comes to security. From the hardware side, Pixels are some of the most secure devices.
I don’t know whether iOS on an iPhone or Android on a Pixel is more private out of the box. From what I know, the difference isn’t too big. However, Android is more secure, as evidenced by higher exploit prices for Android than for iOS.
And Android, especially on a Pixel, gives the user a lot more options to make the phone more private. Not only can you install F-Droid, Accrescent or Obtainium — you can also just completely get rid of Google by opting for an AOSP custom ROM. The best option for privacy, security and usability here is GrapheneOS, which only works on Pixel because they’re the only devices meeting their security standards.
So Pixels at worst are a cheap, long supported, secure Android device with less parties spying on you. At best, they can be fully degoogled, alternatively almost degoogled with great usability (Sandboxed Google Play), extremely secure devices. No matter how much privacy/security you want to achieve and how much resources you want to put into that, for everyone from “I have nothing to hide” to Edward Snowden, Pixels are a great choice. In my opinion, the best.
Commenting from my GrapheneOS Pix6, I actively prefer GOS to stock, and get a sense of disdain or my soul sighing every time I pick up my stock rom Pix6 now.
I bought my girlfriend a Pixel 6A as birthday gift last year and whenever I use it I’m blown away by how smooth and fun everything feels on GOS. Every other Android I use feels so sluggish, blown up and hard to use in comparison
I was explaining today to a close friend that I (anecdotally) have noticed a significant reduction in battery usage on my GOS pix 6.
The whole device feels snappier, more responsive, and I can certainly attest that I got 9+hrs out of this thing at max brightness playing terraria. Can’t say the same for stock rom in the same conditions, while I don’t have the technical knowledge to prove it (and I’m happy to be proven wrong) I’m convinced the majority of my stock rom Pix’s battery is eaten by proprietary software phoning home.
With that said, unless I go out of my way to disable certain privacy aspects of this phone or implement spmit-tunneling on the VPN it’s set to go through, unfortunately many sites/apps break. For these instances I generally use the stock pix. (Eg. Gov services/KDE Connect).
K-9 Mail for Android has merged with Mozilla and will eventually be renamed to Thunderbird. Its UI has seen a lot of improvement these past couple of years, and the backend has always been reliable for IMAP (including push notifications).
Sorry for the delayed response here, however I primarily use a proton address, and I currently have a redirect in place for my Gmail to the proton. My intention is to close the Gmail all together, however that’s not yet possible as I will likely miss important emails in the process, I am (as discovering) updating my email addresses for each service as it becomes known so as to avoid such occurrences.
As it stands, I have GPS on another user profile to add to the security provided by GOS sandboxing, not that I don’t trust GOS devs, I don’t trust GPS not to sneak in somehow.
I hope this answers your query, do dm me if need be for further explanation.
Edit: I cannot speak further as to email clients, as I have yet to perform further experimentation. I do intend to get to it soon, though if you beat me to it, do message me to let me know how you went and what you’d do differently.
Edit pt2.: I have checked, both my pix6’s were from a close batch and manufactured the same month, I suspect due to this battery degradation is not applicable.
Could you explain more about how you’re using GPS whilst it is maintained in a different profile? How does GPS interact across profiles (which I assume is a prerequisite to use Google’s email addresses on one’s mobile)?
I sorely miss the hardware features from my previous phone, like a notification LED, MicroSD card slot and headphone jack, but I can’t go back to a phone where I can’t re-lock my bootloader after installing a custom ROM like CalyxOS or GrapheneOS.
It requires a flashed rom with a valid (key signature? Crap, forget what it’s called).
If you flash an unsigned kernel and try to boot lock, it’ll brick.
I get from an absolute security perspective why this is deemed important, I just feel there’s a bit too much focus on it, as if an unlocked bootloader is really that insecure. It would still take tremendous effort to get the encryption key for storage, so it’s pretty effectively secure still.
From what I’ve read, that doesn’t really work - you’d need the encryption key, not the pin/password, because of how the encryption platform works.
Again, it’s been a while, and this isn’t my field. I just remember being properly surprised at how little I understood - that the pin/password are merely keys to accessing the encryption key, and it’s all tied together in validating during hoot. Like you can’t image the system and drop it in another phone if it’s been encrypted, even if you have the pin - the encryption system on the different hardware would calculate things incorrectly (I did this once, dropped an encrypted image on a duplicate phone. That was fun trying to figure out why it wouldn’t work).
There’s more to the puzzle that’s frankly above my pay grade, but last time I read about how to get into an encrypted phone, (even boot unlocked) required the expertise and tools of certain types of folks. Not your average “haxxor”.
Granted, that expertise and those tools are getting closer to us every day…
I thought the security chip was being disabled when unlocking the bootloader but apparently it just skips image validation.
So basically you can flash anything (which kinda is what you want). You could theoretically also modify the system files to being able to bruteforce your pincode.
Unlocking the bootloader also makes your device less secure in other ways. When there’s a root exploit in Android verified boof safes you from it being exploited.
Thing is, every Linux server and windows box suffers the same risk… But we don’t hear “the sky is falling” about those… Because it’s considered a measured risk and security is layered. As it should be.
Hell, people still run windows laptops unencrypted today - which is far worse than an unlocked bootloader on Android.
Pixels get verified boot and bootloader relocking for custom roms like grapheneos as well, so you can be sure your device isn’t compromised even with a privacy respecting custom rom. I guess this is what most people refer to… Oh, and Pixels are probably going to get security patches for the kernel as well as the vendor blobs unlike many other vendors…
pixels have the highest hardware security of all Android phones, which increases privacy potential. assuming you keep the stock os and default Google settings, though, it’s about the same as any other.
Google also has good support for alternative OS’/Android forks, which is likely where that claim is leading to.
Google One is the marketing people are probably referring to for privacy.
The pixel has the default function for DNS over HTTPS and their Google One offering has a VPN to “protect” your data. Both of those are sold as privacy measures.
I see a lot of responses here seem kinda out of touch with the actual functionality of the phone and what marketing pushes Google does.
Google Pixel has the most support for security, which relates to privacy. It does “phone home,” but likely only to Google. Removing all the Google software and installing GrapheneOS further hardens the security and vastly improves the privacy by stopping the “phoning home.”
Who the actual fuck said this to you? Google is one of the worst companies for privacy.
I mean i guess with a pixel, you’re just being spied on by Google rather than Samsung + Google if you buy a samsung android, so in that sense, sorta? But saying a pixel is good for privacy in general is an absolutely ridiculous statement.
Google Pixel hardware is focused on providing a private relationship between the user (your data and behavioral patterns) and Google.
Depending on your threat model you can flash custom roms to enhance your privacy and security posture.
A lot of folks here seem to be of the “…just flash GrapheneOS and you’re good…” crowd but it’s not that simple and there are trade-offs that impact usability and user experience.
There are a lot of interesting projects out there to choose from. Best advice is to work-up your real world threat model and do your reasearch.
Yeah the developer is very dramatic, but the project itself is still amazing. He did step down from lead, but the dude is a genius programmer. I’m still very confident on having it on my phone. I was using CalyxOS before, which I really like, but the sandboxed play services were a really killer feature for me on GrapheneOS.
it’s because of the Titan M chip, not because of ease of bootloader unlocking. Pixel’s have much higher hardware security with only iPhones and their secure enclave matching it afaik.
Yes, it is. I mean, GrapheneOS is the gold standard for privacy&security, but even stock Pixel is a good step up. Think of it like this: on stock Pixel, only Google is tracking you, not Google + Samsung, or Google + Xiaomi. Just Google. It’s guaranteed to be a step up from all other Android phones, stock or not.
Technically it is just better than the worst possible case, which is two companies or more spying on you instead of one that was already spying on you. It is still bad but better than the worst case.
Wait since when a monopoly is preferable to a duopoly? As far as I’m concerned if I can’t have 0 companies to spy on me I’d rather have them all fight each others in the data space…
In this case they don’t fight, they exploit your data in different ways and if one of the exploiters isn’t arsed to keep your data secure then everyone gets it and it’s not just corporate actors profiting from you but more harmful actors including scammers using your data.
Google claims to do some processing on their own tensor chip locally so it might reduce some data being sent to Google, but it doesn’t limit them from tracking you. With Pixel, you are only being tracked by Google and not Samsung or other manufacturer
Not sure how I should feel about that. It’s highly likely any party engaged in tracking activities will try to grab as much data as they can. So a non-Google device seems like it would be doing twice the amount of data collection.
But considering Google also controls the hardware design of the Pixel, it wouldn’t surprise me if they have some additional tricks up their sleeve.
What we really need is a full open-source phone, including firmware. Maybe we’ll get there one day.
Add comment