Motorola GrapheneOS devices will be bootloader unlockable/relockable

This is very useful context. Especially around Contact Scopes etc. It's never made sense to me that iOS shares if the user is choosing to not share their contacts.

Apple seems to basically do privacy-related things to an 80% level but not bothering with getting it totally correct. This makes business sense because the extra 20% is way more difficult, but it's great to see GrapheneOS going all the way.

> We've convinced multiple banks to permit GrapheneOS, and that's going to become MUCH easier now.

I did not know that. That is very interesting.

On that topic, an honest question: what is the killer feature of banking apps that everyone is so hot on? Are we talking like retail banking or money transmitters? I am not using any bespoke banking apps, and I don't feel like I'm missing out, but maybe I just don't know what I'm missing.

What does detract from my GrapheneOS experience is the keyboard. It's just ok. I need swipe typing though, and I haven't found anything even close to gboard glide.

What, exactly, is sandboxed Google play prevented from accessing? Can I feed it a fake location or disable location access? Is it prevented from running in the background 24/7? Can I force it and just it through a VPN? Or is it just blocked from accessing apps and files that aren't in the sandbox? There are many such questions and all could be considered "sandbox".

Our approach is why we have a partnership with Motorola where we're working with Motorola and Qualcomm on improving security of the devices to meet our requirements. It takes longer to get things done the way we want but that's part of the purpose of GrapheneOS. For example, it took us longer to have our own network-based location and geocoding but now we have great implementations of both. Our network-based location currently closely matches iOS but is going to have full offline support developed for it. We're working on our own local model text-to-speech at the moment too, although our focus is currently Android 16 QPR3 related work as a higher priority which delayed it. We do plan to overhaul or replace all the legacy AOSP apps, but our priority has been working on things people can't simply replace by installing more apps.

> In what ways has the pursuit of perfection harmed the good in their development?

Their lack of device support means I am still running Google's Android and will continue to be until a GraphineOS-supported device that meets my needs becomes available. This means I'm not just lacking in security, but I'm also stuck with Google and all of their anti-consumer practices.

Running GraphineOS without all the security features they want would be better for me than what I currently have.

Yes, but do these enthusiasts care at all if it meets some need for the users? I suspect that they do.

And how can they find out how well it meets that need other than receiving (respectful!) feedback?

Our approach is why we have a partnership with Motorola where we're working with Motorola and Qualcomm on improving security of the devices to meet our requirements. It takes longer to get things done the way we want but that's part of the purpose of GrapheneOS. For example, it took us longer to have our own network-based location and geocoding but now we have great implementations of both. Our network-based location currently closely matches iOS but is going to have full offline support developed for it. We're working on our own local model text-to-speech at the moment too, although our focus is currently Android 16 QPR3 related work as a higher priority which delayed it. We do plan to overhaul or replace all the legacy AOSP apps, but our priority has been working on things people can't simply replace by installing more apps.

I agree with your post, but I wanted to point out one thing:

> People bill it as making a ton of usability compromises in the name of security, but that doesn't match my experience.

When you are talking about something like GrapheneOS, most of the people who are talking about usability compromises aren't worth listening to since they are looking for something that is pretty much the exact opposite of what GrapheneOS is trying to provide. While there are likely some legitimate criticisms in the mix, the compromises required for "works by default, for everyone" are pretty much the opposite of what GrapheneOS is.

It's worth noting tap-to-pay is available via Curve Pay and other options in Europe. We intend to get the Google Pay issue resolved.

I would certainly be using GrapheneOS if only I could get one to run on something else than a Pixel.

I have a perfectly good phone whose bootloader can be unlocked and I can install LineageOS or other AOSP installations there but all I'm aware of and I've researched come short on the sandboxing and permissions. I'd be willing to use GrapheneOS without support for specific security hardware (if only they supported that configuration) just for the features mentioned but Pixel phones are just too expensive. I've always been more than happy with a decent low-tier phone and I don't see a technical reason to change that. Nothing wrong with my phone.

Mock Location exists but our Location Scopes feature will largely replace it for non-development use. Camera, Microphone and other scopes features will be provided too. We haven't fully fleshed out what the ones for other permission groups such as Phone will look like yet but it's planned.

Does pixel support alternate OSes or it just doesn't get in the way of custom firmware developers?

And for the gaming aspect, there is a huge market for mobile gaming, specially in Asia, so having a manufacturer like Motorola adopting GrapheneOS as a first class citizen will improve the chances that high performance applications will have better performance in such OSes which is a big win.

Lets hope those Motorola devices will be smaller then current Pixels.

I do hope however having a Snapdragon device will be beneficial to having postmarketOS support.

For now having Android-type OS on a daily driver is a must, but for older devices (thinking of 10 years time) I'd like to explore an OS which doesn't depend of Google open-source drops and delayed security open-source drops, which is the situation for ROMs without an ODM partner.

I wouldn't consider gachas to be "actual games" (sue me), but yeah, they do tend to have way more complex gameplay and graphics than the timewaster freemium games of yore. Genshin Impact is essentially a single-player MMO, it has an open world and lots of characters and different weapons etc etc.

Motorola Signature and Motorola Razr Fold are ranked above the Pixel 10 Pro on https://www.dxomark.com/smartphones/. Pixels have fantastic camera hardware and software which is fully functional on GrapheneOS which isn't something we need to lose on a Motorola flagship. There will be much better CPU and GPU performance via Snapdragon too. The compromises are mostly in terms of getting some security improvements while losing others but we'll still be able to meet all of our official security requirements.

Unfortunately from what I read a couple of times, including a month or so ago, GrapheneOS discourages and doesn't support rooting the phone for security reasons that seem vague to me and don't appeal to my need to actually own my phone and OS. You could still root it with some third party tools from what I know, but not having root as the default makes it less of a secure FOSS OS and more of a closed down toy.

As for payment apps and other crap that refuses to run if I, the owner and administrator of my own device, don't have admin access, I would just refuse to run it. What's next - websites refusing to work if I have root on my Linux desktop?

As far as I know, root and tap to pay are pretty much mutually exclusive, at least if you meant Google Pay? Unlocked and rooted devices do not pass remote attestation. And it's not just something you can fake when you have root, since it is anchored in hardware (the attestation certificate chain is signed by a hardware-backed key and contains the verified boot state and verified boot key).

GrapheneOS doesn't give you root access, citing security issues it introduces. You could re-compile your own copy with root access, though not sure if we'll then be back to some non-certified OS that can't make payments...

The way I see it, I don't have much direct control over the actualities of that kind of nation-state spying stuff. However:

1. I can direct my consumer-dollars towards the vendors that promise to respect ownership and privacy in general, and they will also have the most to lose if they are caught enabling spying.

2. Defense in depth. Security features generally add to the spying's difficulty, expense, or risk of detection, and that in turn decreases the incentive for abuse.

Ah nice so leave the phones in another room

Easy but for missing Step 1 of “Colocate with friends and business partners”

This. I know some people who work for the former and they are always having to say "no, I don't work for that Motorola". The shared name is entirely historic.

I did. There's long term patent cross-licensing agreements between the two companies. Motorola mobility may be a separate company now, but they didn't start from scratch.

Israel has sold nuclear US state secrets to China. Don't hold your breath. https://www.military.com/defensetech/2013/12/24/report-israe...

true, they want it for themselves

Actually Graphene has been shown to be resilient (uniquely) to some of the forensic tools used by governments.

They already have it and it isn't part of what needs to be developed. Qualcomm does that for them.

Ya, I believe that's the correct answer. I believe there is an IOMMU or equivalent on modern phones to prevent those doubts binary blobs bring.

defcon21 is from the pre-snowden world (2013), for anyone else wondering. Mobile landscape (our reliance on them, the central role they play in our lives) back then was a little bit different and indeed I'd not be surprised if most models support that the carrier can remotely read out any memory location or something

Those devices have atrocious security at a hardware, firmware and software level. Their microphone kill switch also doesn't prevent audio recording. They aren't open hardware despite many attempts to mislead people with the marketing.

> The latter even has most of the modem software freed.

Pinephones have entirely closed source baseband firmware. They use a highly unusual cellular radio which includes both an incredibly outdated Qualcomm baseband processor with atrocious updates and security combined with an extremely outdated proprietary fork of Android running on an extra CPU core which isn't present in any mainstream smartphone. It's only replacing the unusual extra OS which has been done. That whole component doesn't exist on other smartphones and the only reason it's possible to replace it is because the whole radio has absolutely atrocious security. The radio is connected via a far higher attack surface USB connection providing far less isolation for the OS and the USB connection can be used to flash the proprietary Android OS via the fastboot protocol. The baseband firmware itself doesn't have any replacement available.

Security theater, it has absolutely no use. If you can't trust your hardware that it won't actively listen to the microphone without your knowledge and permission then what are you even doing with that device?!

You're confusing Motorola Mobility with Motorola Solutions. These haven't been part of the same company since 2011. We would happily support devices from Motorola Solutions with their collaboration too but have no contact or partnership with them as they're an entirely different company. We want to support more devices meeting our requirements and if people have issues with one of the choices due to their opinions on geopolitics they can use another.

what exactly makes you feel good about a privacy black hole with the worlds foremost anti privacy captain at the helm ?

The issue of "enthusiast phones" is not the same as for small phones. The problem that MKBHD is describing is that a company that starts as an enthusiast phone can not grow by getting the niche larger, so they need to start competing in the "average consumer" market. But a large, established company like Motorola and Samsung can for sure segment their product line to serve a particular demand.

I think the issue of small phones is that, while there people saying they would buy if it was available, no one is saying "I would buy one small phone at flagship prices, even if they don't have flagship features".

> The small form factor phones simply do not sell.

And still in every phone topic people complain about phones being too big... I'd love to have a smaller affordable smartphone.

I'm not necessarily asking for a "small" phone as in 4.5" or less.

I'd like to have an Option around 6" and 150x70x9mm, which is not really small. Surprisingly the Pixel 8 has a smaller footprint than the Pixel *a variants while having a bigger display.

So my request would be a device around the size of the Pixel 8, having a similar battery size and if possible a headphone jack at a reasonable price point (350 bucks).

I consider the pixel 8 as really solid device for graphene OS.

They don't even need to fix the longpress for headphone remotes... Just a device that is the right size.

I watched the first video. One point they didn't mentioned is that their android example of the "last small flagship phone", asus zenfone 9/10, is about the same size as an iphone 12/13, not the mini.

Do regular iphones sell well? If so, the small flagship phones are not dead, because iphones are not dead. If iphones are not counted as small phones, then the small android flagship phones are dead long time ago.

>And the winning point is that the bootloader can be unlocked and is supported by LineageOS

Don't banking, security and payment apps detect the unlocked bootloader and prevent them from working on lineageos? At least that's what happened to me after i flashed lineage on my old tablet.

Because then what's the point of a smartphone if it can't do banking, payment, shopping, ticketing, etc? Use it as a gimped pocket web browser and ebook reader? There's not gonna be any mass market adoption for such "smartphones" until they can run all apps out of the box like vanilla androids and IOS phones.

Your average consumer isn't gonna wanna fuck around with signing keys and bootloader relock. Hell, even this tech savvy HN user doesn't want to do that because he has better things to do with his time. The days from my childhood when I always rooted my Android phone, installed custom ROMs with custom kernels, magisk, titanium backup, cerberus to make the phone "my own" are long behind me.

I run a Xperia 10 V. Great phone, great form factor, easy to unlock. It runs for days, almost a week, on one battery charge. Sony is doing something right here.

Oh, the guy who is still mentally on the level when he started his channel. And these shenanigans.... putting a phone in a mini coffin. sigh

Why it has to be a flagship? Sell them cheap. It's like AAA game makers cry about ballooning costs, and they make 60 hour games that literally nobody plays through....

> small form factor phones simply do not sell

Are we really sure "nobody actually wants it"? I need to help my family select the smallest possible phone every time. Meanwhile choices are dwindling and the remaining 2 models are either overpriced or outdated and so I need to tell them it's better to take a (whatever currently goes for) "medium sized" model, which shifts upwards every time I/they need a new one. No wonder that people don't buy small phones anymore if they don't exist

I don't buy this nonsense about small phones being a niche when so many people are actively seeking them out, both online and offline in my practical experience

It's just harder to make, heat dissipation or battery will be restricted, doubly so if you're a niche manufacturer without a big budget, or one who tries to keep it repairable and needs the extra space for screws. So I can understand that Fairphone doesn't release a small model (even if it means I simply cannot use it: I actually put my money down and bought one, but sadly had to sell it onwards after a few weeks of trying) but for Graphenorola I'm not sure that restriction exists. It may just not please everyone if the chip is underclocked for heat and battery efficiency reasons and so they're not likely to. Doesn't mean there's no market for a small variant for any manufacturer that has more than one device on the market

My mom's and my current phone (same model) is what I'd call medium sized (per 2019 standards, when it was new) and the battery life sucks, but I'd buy this model again anyway if it came out with a ≥2025 SoC because I can actually use it unlike nearly any other phone on the market. Not properly reach the top, but at least the left side so that'll have to do

I think I went through the first ~3 or so generations of the Motorola Moto G, and they were great for the price, besides the fact that each generation it got bigger and bigger, defeating the original motivation I bought them in the first place. Eventually the iPhone 12 Mini was released and I moved to iPhone at that point.

I also hope that the new GrapheneOS device from Motorola will be in the "smaller" size factor so it actually fits in my (apparently) tiny hands, but to be honest I'm probably getting one regardless, as iOS gets worse and worse every time I update it.

Lol, no, according to graphene, an aux jack is a security problem. So is a microsd. But the hole punch with the camera pointed at your face, that's just fine.

When my current phone dies, I'm basically returning to a dumb phone with a removable battery. Now that Xperia dropped open source, every phone out there is terrible and I just don't want any of them. Anything that would support a ROM has features to make my skin crawl.

No, it's not small, but it's afaik the smallest model you can find that's still unlockable and runs any ungoogled OS

> I'll be forced to go back to dumbphones in the future... along with many others, I guess.

Going back to a dumbphone for me would mean changing my outdoor hobbies (like contributing to openstreetmap), so I'll take my losses and continue on a smartphone, but I share the sentiment. Power to you if you do it!

wouldn't trust a flip phone with a display fold. i want small, thin and light.

That would be wonderful but cracking proprietary blobs which may be and probably are encrypted, would take massive amount of time, and later rework could take a lot of tokens and broken SoCs. Nowadays electronics are driven by software so one bit off and voltage can get 9V instead of 3V for example

Oh, This might be one of the few ideas I approve AI use of.

Cursor spent like Million dollars on creating a browser which people were able to make later with a 200$/100$ subscription in the same amount of days as cursor with human assistance.

I don't think that this can be "autonomous", we assumed that making browsers could be autonomous process but it wasn't. That was the take I took from it all.

Will this be an example of autonomous tho? I think we still need a human experienced with reverse engineering in the loop but it might significantly improve their workflow

I wish if cursor, instead of having burnt million $ to something worthless essentially, Could have atleast done this experiment.

the end of proprietary blobs has to be the oddest set of words that excites me

I don't think the market of people buying used phones for the purpose of graphene is going to make a dent in profits for Google. It raises resale value maybe by say, $0, considering the price is set by the average consumer

I never considered resale value when buying a phone. Is that really something people look for?

that depends what you consider a healthy resale value, I bought my Pixel 6a with no issues for 100EUR :-) (and not because I care about Google's business, I don't have gapps in my phone, I just like good deals/VFM)

Yes, because everyone is a perfectly rational agent in the economy.

Speaking of battery, veeeeery soon phones will have mandated replaceable batteries in the EU. I'm just hoping my current moto (a $99 job perfectly adequate for absolutely everything I do) survives until then.

Aside: I've noticed over the years that phones die in one of the following ways: - too fast charging (battery dies, charge controller dies) - usb port dies - screen broken - all sorts of falls

A lether folio case, gorilla glass, and a Qi charging adapter solve all of those problems (the charging adapter also limits the current by virtue of being inefficient). It has a magnetic connector (it's a simple two-pin job and it doesn't have any issues) - in the rare occasion I want to charge up real quick, I can still hook up directly via usb c, and meanwhile the port is stuffed with the converter's plug which prevents it from accumulating dirt and fluff.

I'm glad to say that even despite many falls, some directly onto the screen, the phone itself still works very well, even if the case and glass protector are obviously ragged.

I hope once unlockable Moto's come around I'll be able to keep that one for a long while as well.

well, it isn't receiving security updates https://grapheneos.org/faq#device-support

imo the RAM bloat/overly aggressive OS. on a similar aged device without zswap I couldn't run more than one maybe two things without the OS killing everything in the background. I think it was better before I got stuck updating to 15

Security patches.

Buying used introduces such a big supply chain risk. I stay safe by buying direct and asking the NSA not to open the shipment in the order notes.

(y’all know this one https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa... )

Why?

Honestly I’d prefer Chinese backdoors over western ones. China is still a land far far away and I couldn’t care less about what they’d do with my data, unlike western alphabet boys who could freeze my accounts and assets for ”wrongthinking” in the future.

You might want to add /s tag to it.

[dead]

Korean and western made stuff guarantee to have such thing. CNC devices in Russia stopped working. Even NVIDIA gpu has back door according to China and NVIDIA had to settle this matter behind the scene with China government. At this point, your phone is 100% backdoorable by western government. The only thing protect you is you are non-threat and too small to be bother with.

Yes, I agree in full. Did you think I was taking a position contrary to this one?