Fair enough, but is there any reason to suspect that the data collection is exclusive to a country of phone's manufacturing or origin? I would expect that, for example Samsung, co-operates with every possible data broker and data collector on the planet, depending on where one uses their products.
RE: GrapheneOS
I made a thread and got some pushback and very mixed reactions. I replied to a lot of separate posts, but I thought I should state my main points together in a cohesive post.
TO BE CLEAR:
- I didn't say GrapheneOS is compromised or is a honey trap.
- I don't think there is a more secure operating system available for a smart phone on a technical level (except some that are so dysfunctional you won't want them anyways), so I don't expect people to ditch GrapheneOS in fear of Google hardware.
- I still might use GrapheneOS as my next phone, I'm undecided.
- My security model puts Google in the "untrusted" box, and google products and services are suspicious to me, DESPITE technical superiority or being more open with their hardware specifications.
- I wish there was an OS like GrapheneOS (or actually GrapheneOS) on hardware produced in a country I wasn't so concerned about, like maybe India (Lava) that seems more neutral to me, or at least not at all interested in my politicial dissident ideas (which are never about India). Then I wouldn't have to worry about this.
- Maybe you run a bitcoin wallet on your phone, and so every country is untrustworthy to you (anybody might want to steal your bitcoin). But that's not my security model.
- The fact that none of the privacy and security android phones support any hardware produced outside of the US orbit anymore is I think a fact worth considering.
- The odds that there is a security backdoor in the hardware or software is many orders of magnitude greater than the odds that someone breaks your cryptography. So our concern should be that much greater. But we nitpick the cryptography and in cases like this we say "Ah well, he has reasons. Must be secure."
- Technology is so ridiculously complex now that there is almost no way to have security and/or privacy on computers, especially on a smart phone.
- Reasons given for why only Google Pixel is supported might be honest. Or they may be post-facto. And not being the ones who made those decisions, we cannot know which case is the true one. If you let "reasons" assuage your fears, that's not very intelligent of you. In the case where someone intelligent sets up a honey pot, they are going to create lots of benign-sounding reasons why it's not a honey pot.
You are all free to consider me a paranoid nut job.
Here was the original thread: nostr:nevent1qqsqg4vc860mnve4mkqzn5a9887q9cmj0tes6h4xevjhus32ane67ycpypmhxue69uhkx6r0wf6hxtndd94k2erfd3nk2u3wvdhk6w35xs6z7qgwwaehxw309ahx7uewd3hkctcpypmhxue69uhkummnw3ezuetfde6kuer6wasku7nfvuh8xurpvdjj7wgmz87
Discussion
Complex. I don't know. I haven't dug into this enough. I'm speaking in generalities still.