Then buy a newer one with longer support this will always be a issue since the support window is the same as Google. Once a manufacturer stops updating drivers and device firmware the said device can no longer effectively be secure because any exploit in the drivers or firmware will forever go unfixed compromisimg the devices security. Doesn’t matter what devices you buy this will always be the case it just depends on what your personal threat model is.

Correct but GOS reverses alot of Google patches like always on voice requires kernel privalage it is disabled on GOS etc. But kernel level signature spoofing gives way for a malicious app to spoof as micro g and infect your device and you would never know because micro g requires the same thing to function it is making itself look like Google when it is not google. So using microg opens your device up to allot more ways for it to be compromised and also makes it harder to detect or notice once it is compromised. For me the security risk of kernel level spoofing is way to high to use on a production device used everyday. Also I trust neither Google or microg I only use Foss apps I don’t have Sandboxed play services installed at all I just don’t use Google anymore.

No because the data is encrypted especially on Graphene OS and even on stock pixel phones data at rest is fully encrypted and pixel phones also have a onboard security chip as well. So unless you can unlock the user data it would be useless. That is why a locked bootloader is so important it is needed to ensure at rest encryption its a requirement for it.

It could be included as both with a unlocked bootloader all user data could be easily retrived with physical access to device.

I use GOS and agree with you completely some of the things GOS has done and said in the past should have never happened and hurt GOS more than it helped it. Also on the micro G front You are correct still being debated but as long as Micro G is signature spoofing it is my opinion it is not secure as signature spoofing requires kernel changes that in fact weaken Android’s security model.

GOS Supports the pixel devices for the same amount of time as Google hard to keep a device secure once drivers are no longer being updated. But with Google extending support for pixel 6 and 7 series and the new 7 year guarantee on pixel 8 devices and newer this isn’t really a concern anymore. So pixel 7a and fold will be supported until 2028 and Pixel 6 and 6 pro until 2026 pixel 7, 7 pro, and 6a until 2027. Seems like plenty of time for support and that means as long as Google supports it so does GOS.

My last bank did that so I switched banks my new bank app works without any play services installed on GOS.

Once LinageOS is installed your bootloader is always unlocked so anyone who finds your phone if lost owns it. GrapheneOS and a few other ROMs I forget the names of allow the bootloader to be relocked keeping android security model intact allowing the device to still be secure.

Works on GrapheneOS

All apps work fine on GOS no tinkering needed if a app is broken its broken on linage as well because of play integrity

To my knowledge reddit has always worked like this when a mod removes a post no new users that have zero interaction with the post will see the comments it removes the post from all. But if you have commented in the past or are a original OP or have the direct link to the post the comments will always be there.

This just seperates it into a secondary profile but all apps in your main profile are already sandboxed as well the only apps that are not sandboxed are system apps such as Play services. But you could use the app in a work profile(shelter) under a seperate Google account that would add a bit more anonymity. But android default app sandbox could be more secure there are other custom ROMs that do just that making the regular app sandbox even more secure.

Here is more information on how each android app is sandboxed(except Play Services)

https://source.android.com/docs/security/app-sandbox

Hi how are you? 🤣🖖

Glad I don’t use any Google services and no apps on graphene OS then for my main computers I run Fedora silverblue with no Google once again.

Could always search and see if there are any builds for it many open source router firmware out there. OpenWrt, DD-WRT is where I would start looking.

No there would be no blocking the would just shut it down but the could sanction any company that violates the ban that’s about it for enforcement. But a VPN to another country would bypass it but it would not be US version of tiktok.

The apps would be delisted from all App stores and then tiktok said the would have to shut down the US Servers.

That sucks my bank app doesn’t seem to rely on it for anything other than notifications and I can live without those.

Because I am trapped here and have to use current tech and you know I dont do off the grid! 🖖

I have a work gmail as well with works apps with Google Play but it’s in a work profile so separate from. Main so I understand that.