cross-posted from: https://slrpnk.net/post/15995282
Real unfortunate news for GrapheneOS users as Revolut has decided to ban the use of ‘non-google’ approved OSes. This is currently being posted about and updated by GrahpeneOS over at Bluesky for those who want to follow it more closely.
Someone installing graphene os for security shouldn’t be trusting random second/third/etc hand hardware lol
Shouldn’t trust anything then. They could intercept your new phone and modify it. They did it for switches. But your not worth it for “them”.
There is absolutely no problem with that. The phone is wiped and encrypted when you flash graphene, and it does an integrity check every time it boots.
Hypothetically the hardware could have been modified, but that would take some insane level of a determined attacker to be fabricating modified pixels just to sell them on the used market.
Nothing too hypothetical nor an “insane” level of work. Didn’t Israel do just that with some beepers to blow up children?
It also comes with a hardware auditor, although you need another trusted graphene phone to use it. I don’t know about the details, but sounds very hard to mess with it.
No, Auditor can be installed on any Android phone. It’s even available on the Play Store: https://play.google.com/store/apps/details?id=app.attestation.auditor.play
You can even perform a remote verification, which uses GrapheneOS servers and doesn’t require a second device at all: https://attestation.app/tutorial#scheduled-remote-verification
Yes, this would only be a concern for targeted attacks by state actors, in which case not even buying new would be safe.
Thinking about it, in such a scenario buying used may even be safer
And you can even use the GrapheneOS Auditor app to perform a manual verification of the OS.