this post was submitted on 08 Jul 2023
16 points (100.0% liked)

Ask Android

2073 readers
1 users here now

A place to ask your questions and seek help related to your Android device and the Android ecosystem.

Whether you're looking for app recommendations, phone buying advice, or want to explore rooting and tutorials, this is the place for you!

Rules
  1. Be descriptive: Help us help you by providing as many details as you can.
  2. Be patient: You're getting free help from Internet strangers, so you may have to wait for an answer.
  3. Be helpful: If someone asks you for more information, tell us what you can. If someone asks you for a screenshot, please provide one!
  4. Be nice: Treat others with respect, even if you don't agree with their advice. Accordingly, you should expect others to be nice to you as well. Report intentionally rude answers.
  5. No piracy: Sharing or discussing pirated content is strictly prohibited. Do not ask others for a paid app or about how to acquire one.
  6. No affiliate/marketing links: Posting affiliate links is not allowed.
  7. No URL shorteners: These can hide the true location of the page and lead people to malicious places.
  8. No lockscreen bypasses: Please do not comment, link, or assist with bypassing lock screens or factory reset protection.
  9. No cross-posting: Please take the time to make a proper post instead of cross-posting.
Other Communities

founded 1 year ago
MODERATORS
[email protected]
[email protected]
16
Pixel 4a 5G: Good option these days? (infosec.pub)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
13 comments fedilink hide all child comments
 

I'll risk asking the first question. If it's not a good fit for the community, then at least I can serve as a negative example.

Here's the scenario. I'm going to be traveling over the next few months and expect to be in areas where I don't have a right to my digital privacy. My device might be inspected, cloned, etc without my knowledge. I might even be required to give up the passcode. I'll do my best to maintain physical control of my device at all times, but that might not always be possible. My intention is to responsibly recycle the device at the end of the summer once I return to a more secure environment. I'll try to take reasonable precautions like powering down the device completely when unattended but the potential for uncontrolled physical access has me concerned.

My thoughts are that I want something used to reduce my environmental impact but that still has up to date security patches at a reasonably low cost. I would also like it to provide an acceptable user experience. A used Pixel 4a 5G looks like a great candidate for that.

Are you using this device? Does it provide a good user experience today? I'm looking for some opinions or perhaps suggestions for a device that might meet my requirements.

you are viewing a single comment's thread
view the rest of the comments
[–] j4k3 6 points 1 year ago (1 children)

You can probably flash Graphene still on a 4a. Then you can setup remote Auditor. This may let you monitor if the device has been compromised in some way.

[–] [email protected] 4 points 1 year ago (1 children)

I've never experimented with Graphene, but I definitely heard that it is security-minded. One concern I have with custom ROM is that having an unlocked bootloader might make it easier for an adversary to flash anything they want on my device without my knowledge. In theory a locked bootloader would prevent that.

I understand that an adversary with physical access is very powerful. I don't pretend that I can prevent compromise here, but maybe I can make that a little more difficult.

[–] j4k3 5 points 1 year ago (1 children)

Graphene uses the pixels because it has hardware security locks. Bootloader is locked just like any OEM. The Auditor tool makes it possible to verify if the ROM has been tampered with. It is remotely checking that the software hashes correctly. There is no way to fake this type of check and verification.

[–] [email protected] 2 points 1 year ago

This sounds like a really good option! I think I'm going to go with this. I have enough technical background that I shouldn't have too much trouble getting it installed.