Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

  • delirious_owl
    link
    fedilink
    arrow-up
    6
    arrow-down
    8
    ·
    6 months ago

    Phones are insecure devices, by design. Should be OK.

    Just don’t do anything on a phone that falls under “sensitive” on your threat model. Use a proper computer with a proper password for that.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 months ago

          You can use two factor, fingerprint plus pin and have the pin layout randomize each time.

              • jet@hackertalks.com
                link
                fedilink
                English
                arrow-up
                1
                ·
                6 months ago

                I think phones are the MOST secure devices most people have. They are locked down, they run software in very restricted containers, they have more restrictive feature allowance. for 99% of the people the phone is the most secure device, full stop.

                Can you do better on a computer? Sure, but it takes a bunch of work and isn’t the out of box experience

                  • jet@hackertalks.com
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    6 months ago

                    Please help me understand your point of view. So far all you have said in this conversation is that other people are wrong. That may be, but your not helping us understand you

              • delirious_owl
                link
                fedilink
                arrow-up
                1
                arrow-down
                2
                ·
                6 months ago

                So you’re saying that, in order for me to steal everything on your phone, all I have to do is stand behind you in a supermarket and film you unlock your screen once. Then, on the way to your car, I quickly pull a knife on you and force you to tap your finger on your phone, then I hop on a motorbike and ride away.

                Hope you didn’t have any banking apps or crypto on your phone, because now that’s gone.

                QubesOS on a laptop is much much safer.

                • zephyr@lemmy.today
                  link
                  fedilink
                  arrow-up
                  2
                  ·
                  6 months ago

                  If you have GrapheneOS, I’m pretty sure you can randomize the numbers on the pin. You can also set a password instead of a pin and disable biometrics if you use stock Android. All the more difficult to obtain access.

                  For banking/crypto, I assume a wallet app would allow you to set an app password/pin.

                  • delirious_owl
                    link
                    fedilink
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    6 months ago

                    What does randomizing the numbers do? I just film you tapping them, and it doesn’t provide any security.

                  • delirious_owl
                    link
                    fedilink
                    arrow-up
                    2
                    ·
                    6 months ago

                    They would need to kidnap you to type multiple different passwords. The point is that they can’t quickly unlock the device. Mobile phones are literally designed to be easy to unlock.