Can you lock the bootloader on Fairphone?
One of the reasons given as to why GrapheneOS is not available for the Fairphone is because the end user cannot lock the bootloader.
I might be confusing things, but I’m running calyx on a fair phone 4. Pretty sure that I locked the bootloader after install
TIL.
Heard for years that it wasn’t possible. Would love to hear that I’m wrong. https://forum.fairphone.com/t/relock-bootloader-step-by-step/98339/10
Lock or unlock?
It works on CalyxOS and FP5
Approaching the point where I need a new phone. Curious what would be better. A fairphone 6 with calyx or /e/ os. Or a new pixel with graphene. I’ve heard graphene is the best but the fairphone is very tempting
You shouldn’t expect the next generate of Pixel phones to have GrapheneOS support out of the box. Google has stopped publishing device tree data, so custom ROMs for Pixels may not be a thing come the Pixel 10.
We’re all hoping this is reversed.
Better for what ?
For repairability ? The fairphone win easily
For privacy ? Graphene OS has a small edge, but e/os or calyx are still way better than stock android.
For not giving your money to evil corporation ? Fairphone is better.
Basically I would prefer not to buy a pixel, but if graphene is that much better than the other OS’s I would consider it
As far as smartphones go the pixels aren’t so bad if you ignore the endemic battery issues that have affected every pixel device from the 4a up…
Yep, I have a pixel 6a and will never buy a Pixel again because of this battery clusterfuck
Not in the market to change phones now, but always considering options in case I urgently need to replace it due to catastrophic failure (and fear of making an uninformed choice due to urgency).
With that said, I have an iphone 11 right now with lockdown, stolen device protection, cloud encryption, and FIDO keys enrolled and it feels very secure whilst still letting me use banking apps normally etc. How does /e/OS compare to something like that and how vulnerable is it to being plugged in and downloaded or wormed by malicious actors, zero-click SMS attacks etc?
I don’t have any of these devices, but Android devices do have lockdown and stolen phone protection if you use a Google account. Same, there is anti-phishing FIDO, etc…
The alternative ROMs for Android devices are based on Android, but there are users that do no want any Google in their phone and that takes away a few functions (like find my phone stuff [correct me if I’m wrong here]).
GrapheneOS is the strict option and locks the bootloader. e/OS can relock the bootloader on official builds. An unlocked bootloader is a security risk.
Different ROMs have different issues when it comes to banking apps or biometrics.
I don’t use an alternative ROM, but I use an Android phone without a Google account. The most concerning missing function is find my phone, but there is an app for that.
If someone has your phone and it isn’t locked, they can potentially connect it to a computer and extract info. A locked Android device, like a locked iPhone, increases friction for whoever is trying to access the device. Relying solely on what I’ve read, iPhones are far more annoying to gain access to.
Thanks this is very detailed! Don’t feel compelled to answer any follow-up questions (but you are welcome to!). Just wanna discuss with whoever has opinions and knowledge about it.
One question about lockdown mode on Android though. This means you can’t unlock using biometrics, so you can’t be forced to unlock? On iOS it means it won’t render a lot of scripts and images with tracking on websites, emails, SMS, apps etc. as to make it much harder to exploit anything remotely. I’m wondering if such a feature exists on Android too. I don’t care that lots of websites look janky, I just feel safer knowing most exploits won’t work.
I used LineageOS before my last phone crapped out on me. Ironically I needed to root my phone and use Magisk to hide root in order to make banking apps work. Because the bootloader had been unlocked it failed some google checks or something. Original software support was a pitiful 18 months, so kind of had to go custom rom too.
Not who you were talking to, but I use GrapheneOS on a Pixel 9. I don’t know if there’s a “lockdown” mode, but I have my phone set up where I can’t use biometrics to unlock the phone, but can use biometrics to log into my apps. As for the website/email based attacks, these are mostly rendered useless with the GrapheneOS subproject Vanadium, which is their security-hardened web browser, that I use by default. (https://grapheneos.org/usage#web-browsing)
I have a bunch of banking apps (chase, discover, american express, citi bank, ally, and my local bank) and while I did need to turn off some of the more extreme safety features for some of those apps (GrapheneOS has a toggle for them on a per-app basis), all of them work without Google Play Services, something I don’t have installed. Some of my other bills apps don’t work even with that setting turned on (student loans, local utilities, home loan, etc.) But I just add a link to their website to my home screen and it doesn’t really change my experience much. Also all my work apps (Slack, proprietary apps) have worked without Google Play Services. However, a bunch of apps do require google play services, and for my use cases most can be replaced with the website link, some can’t. Google Maps is the biggest one, and while I have devised a way to get the great search from Google Maps anonymously through TOR and import the coordinates into CoMaps (FOSS alternative map app), that’s the last part of my phone use that is still a pretty significant inconvenience.
Any app that needs the stricter security turned off gets put in a separate user on my phone, that can’t run in the background, to prevent any shenanigans there as well.
For all my security needs, I haven’t found a mobile OS that does everything I wanted as low-hassle as GrapheneOS, and I’ve tried a bunch.
Wow, thanks for sharing. I appreciate all the practical info. So you tried Calyx, Copperhead etc. too?
The biggest thing turning me off most of these security-oriented roms is having to buy a Pixel. I kind of don’t want to go from one American big tech phone to another.
As an FP4 owner, what is the point of getting an upgrade? I don’t use my smartphone beyond calls and texts and a Lemmy app and listening to music.
What can you do on a new phone that you can’t do on an old phone?
Honest question, I’m not being facetious.
When considering new customers or those who, for example, have irreparably damaged their Fairphone, it’s important to recognize that selling a three-year-old device as new may not be appealing to them. Additionally, many people today rely on their phones as their primary computer and therefore require the performance necessary to handle a variety of tasks.
I think Fairphone would say that they want you to keep using the FP4 forever, replacing individual parts as they fail. Their goal is the reduce waste in the smartphone industry, that’s why they make it so easy to maintain your device. Maybe eventually the main processor on your FP4 will be too slow to keep up with even those light apps. At that point, you come back to Fairphone and buy whatever the latest one is.
And as Sunshine said, continually releasing new generations of phones keeps them enticing to the vast majority of smartphone consumers that don’t already use a Fairphone. I’m literally looking at this new one and considering if that will be my next smartphone when my Pixel 7’s battery starts to turn. Seems like a pretty good deal to me, tbh. Might finally rip me from Google’s grasp.
FP4 will be too slow to keep up with even those light apps
That’s true however android is not very well optimized for older hardware. It would be cool to see fairphone become large enough that they can order better deals with cpu manufacturers in bulk to have more powerful chips while largely contributing to an efficient linux mobile distro.
A good OS would be a killer feature, but hard to implement.
i mean…they already have the versions with e/OS? Does that not fit that bill?
I just replaced the battery on my pixel 7 and I’m asking myself the same. I use my phone for fewer tasks than you. Calls and messages only.
Nobody should feel a strong need to upgrade after only two generations. Same deal with most tech like GPUs and CPUs.
I use my phone a lot and my Pixel 7 is fine. The primary factors driving my last couple upgrades were battery degradation and software support. Neither should be a big problem with a Fairphone.
I’m also trying to decide whether to stick with the Pixel/GrapheneOS ecosystem or go for Fairphone.
How hard/expensive was it to replace your battery? I looked on iFixIt and it seemed a lot harder than my orevious phones.
I’m currently in a part of the world were labor is pretty cheap so it didn’t cost me much.
It’s great for people running at the end of their phone’s lifespan such as those with pixel 5as and iphone 8s.
I am not dissing the phone, if I was in the market it would be a no-brainer, I am just interested in what a new phone could give me and when should I plan to switch.
Perhaps at the end of software support, that’s how I do my upgrades.
Same. Unless it stops getting security updates or has been dropped to the bottom of the sea, I’m holding on to the phone I have.
Android 16 is coming out with desktop mode soon. At that point I’ll have to pony up for a new one because my current device doesn’t support display port alt mode. And my laptop is on its last legs.
I’m glad there will be a us release :)
Murena is really cool!
this will likely be my next phone. I have a pixel 6a…
How long until Fairphone and Framework merge?
They do really go well together. It would be cool to see a partnership between them but still remain as separate companies.