this post was submitted on 01 Dec 2024
1 points (100.0% liked)
Android
0 readers
3 users here now
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
General discussion about devices is welcome. Please direct technical support, upgrade questions, buy/sell, app recommendations, and carrier-related issues to other communities.
Rules
Rules
- Stay on topic: All posts should be related to the Android operating system or ecosystem.
- No support questions/rants/bug reports: All posts should benefit the community rather than the individual. Please refrain from posting individual support questions, rants, or bug reports.
- Describe images/videos: Please provide an explanation in the self-post body when sharing images or videos. Memes are not allowed.
- No self-promotional spam: Only active members of the community can post their apps, and they must participate in comments. Please do not post your own website, YouTube, or blog.
- No reposts/rehosted content: Submit original sources whenever possible, unless the content is not available in English. Reposts about the same content are not allowed.
- No editorializing titles: Do not change article titles when submitting. You may add the author if relevant.
- No piracy: Do not share or discuss pirated content.
- No unauthorized polls/bots/giveaways: Do not create unauthorized polls, use bots, or organize giveaways without proper authorization.
- No offensive/low-effort content: Avoid posting offensive or low-effort content that does not contribute positively to the community.
- No affiliate links: Posting affiliate links is not allowed.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
@nick @BafDyce @katzenberger Die Unterstützung eines anderen Herstellers würde _aktuell_ zulasten der Sicherheit gehen. Das wird GrapheneOS daher erst machen, wenn ein anderer Hersteller ein vergleichbares Sicherheitsniveau bietet: https://www.kuketz-blog.de/weshalb-grapheneos-aktuell-nur-google-pixel-geraete-unterstuetzt/
@mynacol
Das mit der angeblich besseren Sicherheit der Pixels kann ich nicht wirklich nachvollziehen. Auch Googles Geräte bringen proprietäre (Google (!), Qualcom, ...) BLOBs mit, auf die sich jedes OS stützen muss. Und dann hätten wir noch das Baseband. Da können überall hübsche Hintertüren versteckt sein, an denen das OS genau nichts retten kann. Man muss sich nur mal die Sicherheitsmitteilungen der FW-Hersteller ansehen.
@BafDyce @katzenberger @nick
@PC_Fluesterer @mynacol @BafDyce @katzenberger @nick Every ARM and x86_64 CPU is entirely closed source. CPU, GPU, MMU and everything else in them is closed source. This is not a negative or positive security property for this hardware but rather orthogonal to it. Even with reproducible builds, open source does not prevent a backdoor at all. That's clearly true based on the fact that unintentional, non-hidden critical vulnerabilities last for many years in open source projects. It's basic logic.
@PC_[email protected] @[email protected] @[email protected] @[email protected] @[email protected] CPU, GPU, MMU and all the other SoC components along with the RAM, SSD, cameras, Wi-Fi, Bluetooth, cellular, NFC, UWB and everything else in essentially any laptop, desktop, smartphone or tablet is closed source. What makes you think that your laptop has open source hardware and firmware? The highly inaccurate false marketing from companies like Purism? That's just false marketing misleading users into believing closed source hardware is open.
@PC_[email protected] @[email protected] @[email protected] @[email protected] @[email protected] Cellular basebands are very comparable to the basebands for Wi-Fi, Bluetooth, UWB, GNSS and other radios. They are not particularly special and do not have privileged access on a modern smartphone. Pixels have a well isolated cellular radio with a lot of extra hardening (https://security.googleblog.com/2024/10/pixel-proactive-security-cellular-modems.html). Compromising cellular radio with an exploit is very difficult and does not provide control over the device. You'd need an OS exploit from there.