undefined | Better HN

0 pointsstrcat2y ago0 comments

GrapheneOS provides extended support for end-of-life devices but we strongly discourage using our extended support releases. You can see we do that from https://grapheneos.org/releases and https://grapheneos.org/faq. We set an accurate Android security patch level field and do not downplay it with inaccurate claims about it. We do not do what other alternate operating systems by splitting out a Vendor security patch level field and claiming to provide all open source patches which is fundamentally not possible especially considering that a lot of the firmware is based on open source projects.

Our hardware security requirements are listed at https://grapheneos.org/faq#future-devices. Pixels are the only devices providing the requirements we set for updates and the list of security features. They also provide proper alternate OS support where all those security features work correctly. Samsung has most of the expected features and provides a similar length of support and number of major yearly updates but is missing the proper alternate OS support, MTE and the monthly/quarterly updates.

Each month, there's a new Android release which are distinct from the partial backporting of privacy/security patches to older versions. It's not monthly security releases but rather monthly performance/security/feature releases with separate backports of all Critical/High severity patches to older versions. Android 14 and Android 14 QPR1 are older versions of Android, and there are security backports to Android 14 separate from the monthly releases. This is currently fairly exclusive to Pixels. Samsung is getting much better at doing the security backports and are reducing delays for major updates but they're still acting as if the monthly/quarterly releases don't exist.

0 comments

Sytten2y ago

I understand that from a security perspective, but from an e-waste perspective even the current 7 years support is disastrous let alone the previously 3-5 years that vendors.

Not everybody has the same security needs, I often gift my older phones to my family members and if I have the choice to leave them on a fully unpatched device vs a GrapheneOS that is a "best effort" patch I will happily choose GrapheneOS.

I am super glad for all the work you guys do in any case, you can only love from me and I am honestly not buying an phone that doesn't support GrapheneOS at this point.

strcatOP2y ago

Extended support is very difficult to provide in a way that fits into the expectations we have for robustness, app compatibility and security beyond the lack of incomplete patches. For example, it would be easiest for us to move the Pixel 4a (5G) and Pixel 5 to Android 14 QPR2 to avoid having a separate legacy Android 14 QPR1 branch where we need to apply backported AOSP patches which sometimes don't apply cleanly. However, the Pixel 4a (5G) and Pixel 5 do not officially supported Android 14 QPR2 but yet had a bunch of changes related to it done to their repositories. We also build the vendor image ourselves rather than using a prebuilt one, so it always gets built with the latest SELinux policies, HALs, etc. available in AOSP. Quarterly releases are now trunk-based so it's similar to the major yearly releases. Moving Pixel 4a (5G) and Pixel 5 to Android 14 QPR2 is entirely possible. We could revert the QPR2 changes for them and use a QPR1 vendor build. The issue is that we know there are going to be regressions, and we do not want to ship dozens of serious bugs to users which we then have to invest substantial time in resolving. It's all time taken away from our focus on privacy features, security features, trying to have perfect app compatibility beyond apps forbidding using a non-Google-certified OS, etc.

We're very happy that support increased to 5 years for 6th generation devices and then 7 years for 8th generation devices because we will no longer feel the need to do harm reduction via extended support. It will save us a huge amount of time and concern about people continuing to use these insecure devices.

7 years for a phone that's used as a main personal phone is a long time. Most people aren't going to use it that long, particularly a flagship phone. It mostly benefits people buying it used. It would be quite strange to buy a Pixel 8 Pro and use it for all 7 years. The audience for using a phone that long is probably going to buy a cheaper phone. The main benefit is to someone buying a used device where it still has 4 years of support after someone replaces it after 3 years. We aren't a fan of people unable to afford new phones getting insecure used devices. This is a big step towards that not happening anymore. 7 years is longer than iPhones have been getting full support updating them to the new major OS releases with full security patches.

We worry a lot that we're encouraging people to keep using insecure devices by providing extended support but we feel we have to provide it with how many people are clearly still using the end-of-life devices. However, how much of the amount of people still using them is because they think they are fine due to continued GrapheneOS support? This bothers us.

j / k navigate · click thread line to collapse