pull down to refresh
61 sats \ 1 reply \ @final 3 Oct 2023 \ on: Graphene OS questions tech
Pixels are essentially the reference/signature device for all other Android devices, since Google are the people behind Android after all. Pixels get anything to do with Android first before other OEMs, such as version upgrades (13 -> 14) among other things. Other OEMs like Samsung are in most cases the same as Pixels in security but Samsung are unnecessarily protective, so their security hardware permanently deactivates once you install another OS.
The main interest in Google is to make the best Android that takes advantage of all of it's capabilities, stock Android also takes advantage of the hardware the Pixel has. Developers of apps AND operating systems also rely on the Pixels as development kits, as they can develop software designed to take advantage of hardware security modules since they are the only ones that allow you to use them in a third-party operating system and also allow you to install other operating systems safely and securely.
Backdoors would be noticed and publicly known if they were to exist. There are a lot more reasons to attempt to disclose or discover it then to cover it up. Academic researchers, anti-Google companies/competitors, foreign countries hostile to Google/the US, forensics companies, spyware companies, hackers and paranoid individuals would have a field trip if they existed. Many people talk about backdoors but fail to look at the bigger picture that it's not just the USA interested in it. For example, Chinese actors have been attributed to implant malicious UEFI motherboard firmware to their targets. You could suggest the only reason we are able to know that is because intelligence against China want to publicise their exploits so that their exploits become useless. It would be in the same interests of nations hostile to yours to reveal that.
Just because a system isn't open doesn't mean that it can't be monitored, reverse engineered or modified. Ordinary people can and do attack hardware, like people exploiting Trezor to bruteforce the wallet, or Ledger's Donjon team assessing hardware of their competitors.
thks
reply