Is your current perception that a competive device could be produced by a small project (relative to Google) like yourself?
We're going to be moving forward under the expectation that future Pixel devices may not meet the requirements to run GrapheneOS (https://grapheneos.org/faq#future-devices) and may not support using another OS. We've been in talks with a couple OEMs about making devices and what it would cost.
Discussion
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqx458tl7h9xcxa66vr4a8pg0h2qz96pnhwnfpcra0le9090uk5t5qjlvqlu It would be produced by an OEM for us based on our requirements. We would be paying them to make it for us and support it long term. We'd be paying for Qualcomm Snapdragon and other licensing through the OEM making it for us. It will be very expensive but this is something which exists and we believe we can obtain the funds for it either by getting them ourselves or by doing crowdfunding with preorders specifically for this.
How much does this matter in practice?
nevent1qqsrcwg6d92ktcqxa4yszerajlv6m4gvgffafa5hfylsjdaqk57a3ecpzemhxue69uhky6t5vdhkjmn9wgh8xmmrd9skcq3qx458tl7h9xcxa66vr4a8pg0h2qz96pnhwnfpcra0le9090uk5t5qxpqqqqqqz4say8e
Reply didn't bridge.
It isn't a very practical concern and applies to essentially everything. Pixels have less threat of real world supply chain attacks happening than custom hardware with a much smaller userbase focused on privacy/security though. The problem with more specialized hardware focused on that is that it's easier to target, especially since as a much smaller organization we would have less oversight over the OEMs and components.
We still plan to support future Pixels after we have our own hardware. There will be advantages to using Pixels. We can gradually build advantages to using our custom hardware but simply keeping up with current era security is a hard problem and the main one we want to tackle. Our ambition is simply having a custom Snapdragon device with all the standard security features. As soon as Snapdragon has MTE, that is straightforward.
We had hoped Pixels would go in a different direction based on the fact they use the open source Trusty OS for the TEE and secure core, OpenTitan as the basis for their secure element, littlekernel for the late stage boot chain, etc. We hoped they would end up like Chromebooks with fully open drivers and more open firmware. Instead, they're cutting non-essential things to save money and have decided all of that is non-essential.
Ack.