Im considering buying a new phone and i don’t really consider a Pixel. I really like Fairphones approach, with the self repairable stuff. Even though they don‘t have a headphone jack. But well… I can’t change it. I’ll definitely go with the adapter over wireless headphones.
But to my question: What private OSes are there? Fairphone sells FP4s with eOS, how is that? And does it work on the FP5? GrapheneOS only works on Google Pixels right?
Honestly trusting the bootloader feels very risky
In that case, have fun coding up your own bootloader and flashing it onto the device. If you can’t trust the bootloader, then you can’t trust anything at all from the operating system that sits on top of it, because it could be compromised. If you can’t trust a bootloader, then the only thing you can trust is a pen and a piece of paper.
True but it feels like obscurity via obscurity.
A huge part of the bootloader stack is opensource…
https://android.googlesource.com/platform/system/core/+/master/fastboot/
https://android.googlesource.com/trusty/lk/trusty/
https://android.googlesource.com/platform/external/avb/
why dont we just put uefi on phones
Phones don’t use an IBM-PC architecture. You’d need a phone based on an architecture phones aren’t usually based on or You’d need to re-engineer UEFI to work for an architecture it wasn’t designed for
GrapheneOS uses pixels because not even Google employees can break into it.
I’d be more worried about the ROM that runs before the bootloader that you can’t inspect, or possible hardware implants if you don’t trust the bootloader shipped to you from the vendor.
I don’t trust it not to be flawed
It has very minimal code and its implemented in a robust manner. Unlike UEFI and the desktop implementation of secure boot, it does work well and it has not yet been exploited on pixels. Its way better to have any kind of OS integrity check than none.