Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    5 months ago

    TPM in the SOC to transform the “convenient” pin into more robust encryption keys is the gold standard for civilian devices.

    “computers” (of which a phone very much is) also use a TPM for this very reason.

    But even taking what you say as gospel, the device isn’t insecure, its how people are using it.

    I will stand by my comments a phone is the MOST secure device a civilian will use. Even with a secured desktop computer where someone diligently types in a 64 bit random code to unencrypt the hard drive… if they use the computer as a general purpose device, the threat surface raises dramatically. Now information and programs are not compartmentalized, install one bad program and it can trivially take over everything.

    • delirious_owl@discuss.online
      link
      fedilink
      arrow-up
      1
      ·
      5 months ago

      TPMs protect the data on the drive if the drive is separated from the computer. If the drive is still in the computer, then it doesn’t protect the data. It doesn’t provide protection from physical attacks.