Not sure how I feel about this. Motorola seems to be the exclusive provider of encrypted cellular networks and associated devices to the Israeli military [1][2].
I'm under the impression that basebands still require a proprietary/binary blob, basically rendering the security features of the underlying Open Source OS useless, since it sits between the user and outside connectivity.
How can GrapheneOS ensure that there are no hidden backdoors (ie: Pegasus-like spyware, which was created by ex-IDF soldiers via NSO Group), etc, in the baseband?
In the same way they can(not) do it on Pixel phones - and I would be surprised if Google was not already cooperating with the state actors. You do what you can. Even open source drivers (which are not gonna happen when operating within tightly regulated radio bands) won't help if there's a hardware backdoor.
This. I know some people who work for the former and they are always having to say "no, I don't work for that Motorola". The shared name is entirely historic.
I did. There's long term patent cross-licensing agreements between the two companies. Motorola mobility may be a separate company now, but they didn't start from scratch.
I'm glad to hear that. That means these devices will be a popular target, perhaps the popular target for alternative operating systems both Android-based and non-Android Linux.
Didn't know more people are doing this. I am also using a used Pixel 4a which I got from eBay. Still has good battery. I don't see any reason to upgrade any time soon.
Does anyone know where I can read more about which devices will be supported? GrapheneOS website devices FAQ doesn't list any Motorola devices, and the press release doesn't have much either.
As I understand that situation, GrapheneOS developers are super picky about hardware they want to support. So out of all android phones they decided to support only Google Pixel because only these phones provide good enough hardware support for security features they want to provide.
So likely no existing Motorola phones are good enough and only new ones, developed in collaboration with GrapheneOS developers, will be suitable.
There's no details yet, but I was reading it won't likely emerge until 2027 so ostensibly these will be models that are yet to be announced. Might even be models dedicated to grapheneos (and other open source roms as they mentioned here)
I'm pretty sure strcat was saying on a previous thread that it will only be future models, so nothing in their current line up in guaranteed to be compatible.
Having physical disconnect switches (Bluetooth/Wifi, Modem, Power, Microphone/Speaker), and integrated lens cover like Lenovo laptops (at least for the front camera whereas a case can cover the rear cameras).
On a side-note:
Triple active SIM would be amazing, but one can dream. I would love to have a phone that has an active AT&T, T-Mobile, and Verizon SIM at the same time.
Also a disconnect switch for the telco signal. Yet in my experience, even when turned off, a phone may send out a signal periodically anyway for tracking / triangulation purposes.
However to avoid that, removal of the battery is required. A disconnect switch for power would do the same?
I think moving to micro-PCs is the answer, and then having an add-on to get a telco-signal. Why trust Motorola? Start at grass roots where possible. Everything needs to be open-source and based on open standards. No trojans, telemetry or remote overrides.
Maybe the product is an adapter case for a Pi that adds a screen, battery, antenna and whatever else is required to make it a smartphone alternative?
> A disconnect switch for power would do the same?
I would think so. I don't necessarily care about removable batteries because I use a portable power bank. Why carry an extra battery that only works for one device, when I can carry a "battery" that works for many devices?
I'm not so fond of it because it has a fan. But if you could use it at home, and then had a "phone conversion housing" you could attach it to a belt and have a smartphone. Run wired earbuds out it. Have a trackpoint nub.
Fi launched with Sprint and T-Mobile roaming and added US Cellular, but is presently T-Mobile only. I don't think AT&T has ever been a supporter carrier.
Grapheneos has well established its role in the android ecosystem. Having developed and upstreamed features that have as a whole, improved the security of android.
Pine64 has targeted a very different market around extensibility and hacker/maker mindset. However while their phones have a lot of potential, security measures are half baked (microphone cutoff switch doesn't actually cut off the microphone), performance mediocre, and demand missing. While I love my pinephone pro, its not a dailiable device. A phone that cannot access common services like your bank account are non viable for 99% of users.
Because, and I really mean no offense to them, their phones fucking suck. Like, dogshit slow hardware with terrible drivers and a modem that barely works with last gen tech.
Their most advanced phone is based on a >10 year old SoC, that wasn't even that good when it was first released.
So, what is Motorola's incentive here? I love it, but why are they pursuing this? It's an enterprise / government play around auditable privacy and security?
My guess is that this is a great way for them to standout, fill a niche, and get tons of free advertisements in order to gain back some of their Android market share.
Motorola has effectively lost in the Android market and are on downward spiral into irrelevance (already there?), so they have to do something different.
Add to that existing grapheneos users at best only care about good enough performance and a good camera, the selling feature is security and so a lot less overhead to market such a phone. Those who want the latest features will continue to buy pixels, Samsung, and iphones. The only thing I feel is missing from the picture at a quick glance is a tablet for the few who want a secure tablet device.
With Motorola being owned by the Chinese company Lenovo can these new devices be used in secure environments? I remember when Lenovo took over making ThinkPads they were banned in some secure environments because of Lenovo links to CCP.
Honestly I’d prefer Chinese backdoors over western ones. China is still a land far far away and I couldn’t care less about what they’d do with my data, unlike western alphabet boys who could freeze my accounts and assets for ”wrongthinking” in the future.
One has to be careful when flying. Your flight's origin or destination might not be in China, and may not even be through Chinese airspace, but if there is an in-flight emergency, an airport in China might be the closest landing spot.
The true reason you can't trust a Chinese company, and other countries can't trust US companies, is the Western patent regime that allows various companies to sit on patents for absurd amounts of times, preventing others from selling you completely clean hardware on which every piece of software can be replaced.
The whole point about having an open platform from boot is you don't have to trust it. You run your own code from first power on.
Is it possible that it's backdoored, have a secret opcode / management engine? Probably, but that goes to everyone, as it's not practical to analyze what's in the chip (unless you're decapping them and all)
I don't know what secure environments you're talking about, if it's an airgapped system then you should be secure even when what's inside 'tries to get out'.
Korean and western made stuff guarantee to have such thing. CNC devices in Russia stopped working. Even NVIDIA gpu has back door according to China and NVIDIA had to settle this matter behind the scene with China government. At this point, your phone is 100% backdoorable by western government. The only thing protect you is you are non-threat and too small to be bother with.
Iphone is made by Chinese companies too. Same with Tesla. A lot of those components made by purely Chinese companies and yes can be trace to individuals who are CCP. It is extremely hard to source another purely away from any Chinese connections. If you say the main company is USA, you seems to ignore how the pager exploding setup was done. Go into any IT rooms in USA and you audit it as zero from China even if you ignore Taiwan as recognized by American law as part of China. We can't buy anything truly made non-China. Even F35 has some components (and that is official, unofficial we dont know) made in China. Google want to sell Motorola to American companies, not even Pentagon or NSA bother back then. Think about it, how hard to engineer a backdoor exactly same components (say capacitor) or motors during shipment for those phones.
Not OP but I guess it’s where the threat model includes worrying about the foreign government actors. Like US infrastructure, government contracting or some major tech companies.
Given that Google has said they'll be delaying source code release for Android to every X months intervals (iirc), how is GrapheneOS planning to handle security updates? Will they just be Google's binary blobs?
This is how you can install GrapheneOS on these. Also, if you're wondering how does the security of something like this work: if you change the boot hash then the phone forgets all the hardware-stored secrets, for example the disk encryption keys.
Do we know if there there be Widevine L1 keys that aren't deleted on unlock? (Certain phones restore access to L1 on bootloader relock, as long as AVB passes, including with custom keys.)
Even though there doesn't seem to be huge mainstream consumer demand for this (although I actually question how well consumer demand for privacy and customization can ever be ascertained when the price signals are corrupted by a market where the winning players are essentially chosen by the state, as is arguably the case with both TSMC and Qualcomm), it still feels like the world simply couldn't go on with both iOS and Android become caged, cheapened, fragile shadows of the visions we once had for them (particularly AOSP).
I think we can only expect the demand for privacy to grow into the future given that people tracking in a trenchcoat schemes are popping up everywhere through governmental and private efforts trying to gather data for ads and control.
Not to be flippant but who cares? People don't know there's an option. I've run Graphene for years and will gladly pay a premium for it. Beyond the bolstered security the battery life is exponentially better than a default Android device because of all the constant background traffic that Google doesn't allow any control over that you instantly have a choice with on GrapheneOS.
And as soon as you start showing these things to people they do start to care and ask how. So the fact that the mainstream is ignorant and doesn't care enough yet doesn't matter because it's very likely a much larger segment of users will care when the tech evangelists they trust stop using IOS and Google Android. That's how these things started and that's how they could very well play out in this scenario as well.
Not all markets are trendy B2C stuff. The Motorola press release specifically mentioned B2B/corporate sales where security is important and there's plenty of government, journalist, non-profits/activists, etc usecases on top of the usual corporate locked-down environments like banking.
Well, I'll surely be buying a Motorola device when GrapheneOS support lands.
I've been running on several half-working recent android ports to my Xiaomi Mi 9t for many years now.
If I can get a modern phone, modern android, my privacy preserved and a hackable phone (to the extent an unlockable bootloader allows, which isn't a given nowadays, I especially hate how Xiaomi does it), I'm 100% sold.
This whole thing feels like a subversion, instead of having graphene independent from devices and widen the attack vector, now the spooks can just focus on the “supported official device” only. That being said, the hardware isn’t open source (cell modem is enough to expose you), some binary blobs for the firmware aren’t open source, motorola is a US company with all what that means, if you are after anonymity or even privacy, I would stay away from it entirely, you will be like a person putting a full mask on while on public, except that mask is scanning your face in real time. You will stand out like a sore thumb, your best strategy is blending in, so the automated systems scanners won’t flag you and thus put you under further monitoring.
The timing is super weird too, when all corporations are pushing for digital ID, are actively lobbying to deanonymize the users, cooperating with gov too to have a smooth pipeline for such process, and motorola the known company of having defense contracts, are suddenly caring about open source privacy?! Cmon
The only speculation part is the timing, the rest are facts, only a naive will think a smart phone is ever private or anonymous. Your phone has a unique ID tied to the hardware that can ID you, your cell modem isn’t open source and is equipped with builtin high accuracy GNSS, plus other hardware and its non open drivers that can be exploited, among many attack vectors that are easily exploited on modern smartphones. This issue isn’t unique to phones too, many modern laptops are also part of it, TPM and plenty of hardware that aren’t really open, the only exception is a laptop can be used in an air gapped environment, not really the case with a smartphone, because assuming you managed to do so, it defeated its purpose to start with.
The conclusion here is if you are after anonymity then you should ditch your phone entirely, having a “secure OS” won’t provide such goal but it might bring more attention to you than using of-the-shelf average phone.
I'm under the impression that basebands still require a proprietary/binary blob, basically rendering the security features of the underlying Open Source OS useless, since it sits between the user and outside connectivity.
How can GrapheneOS ensure that there are no hidden backdoors (ie: Pegasus-like spyware, which was created by ex-IDF soldiers via NSO Group), etc, in the baseband?
[1] https://www.whoprofits.org/companies/company/3808
[2] https://www.motorolasolutions.com/newsroom/press-releases/mo...
Easy but for missing Step 1 of “Colocate with friends and business partners”
Ill leave you to investigate how != they are
> long term patern cross licensing
> israel
> pegasus
Basically lots of judgment based off of superficial facts with little understanding of implications and the actual consequences of those facts.
I WILL be buying their flagship model.
My go to for Graphene has been used Pixels from eBay. Because I can’t give money to Google in good conscience.
(y’all know this one https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa... )
So likely no existing Motorola phones are good enough and only new ones, developed in collaboration with GrapheneOS developers, will be suitable.
> We're collaborating on future devices
https://grapheneos.social/@GrapheneOS/116159602850585685
Samsung had something as ambitious years ago, but it went nowhere https://www.xda-developers.com/samsung-promised-make-old-pho...
Stay tuned
Having physical disconnect switches (Bluetooth/Wifi, Modem, Power, Microphone/Speaker), and integrated lens cover like Lenovo laptops (at least for the front camera whereas a case can cover the rear cameras).
On a side-note:
Triple active SIM would be amazing, but one can dream. I would love to have a phone that has an active AT&T, T-Mobile, and Verizon SIM at the same time.
However to avoid that, removal of the battery is required. A disconnect switch for power would do the same?
I think moving to micro-PCs is the answer, and then having an add-on to get a telco-signal. Why trust Motorola? Start at grass roots where possible. Everything needs to be open-source and based on open standards. No trojans, telemetry or remote overrides.
Maybe the product is an adapter case for a Pi that adds a screen, battery, antenna and whatever else is required to make it a smartphone alternative?
Also, looking forward to Mecha Comet.
Sorry, that's what I meant when I said Modem.
> A disconnect switch for power would do the same?
I would think so. I don't necessarily care about removable batteries because I use a portable power bank. Why carry an extra battery that only works for one device, when I can carry a "battery" that works for many devices?
https://www.aliexpress.com/item/1005005575993915.html
I'm not so fond of it because it has a fan. But if you could use it at home, and then had a "phone conversion housing" you could attach it to a belt and have a smartphone. Run wired earbuds out it. Have a trackpoint nub.
Here is a $15 screen. https://medium.com/@lee.harding/building-a-real-time-hn-disp...
There's something elegant about only requiring 1 computing device for everything. Even put it in the car!
It's what Steve Jobs would want.
Pine64 has targeted a very different market around extensibility and hacker/maker mindset. However while their phones have a lot of potential, security measures are half baked (microphone cutoff switch doesn't actually cut off the microphone), performance mediocre, and demand missing. While I love my pinephone pro, its not a dailiable device. A phone that cannot access common services like your bank account are non viable for 99% of users.
Their most advanced phone is based on a >10 year old SoC, that wasn't even that good when it was first released.
Motorola has effectively lost in the Android market and are on downward spiral into irrelevance (already there?), so they have to do something different.
The US invented it.
Is it possible that it's backdoored, have a secret opcode / management engine? Probably, but that goes to everyone, as it's not practical to analyze what's in the chip (unless you're decapping them and all)
I don't know what secure environments you're talking about, if it's an airgapped system then you should be secure even when what's inside 'tries to get out'.
From Wikipedia: https://en.wikipedia.org/wiki/Lenovo
[0] https://discuss.grapheneos.org/d/27068-grapheneos-security-p...
- https://news.ycombinator.com/item?id=47202808
I'm sure that Google will do something like that as soon as it faced the US's carrot and stick they signed-up for.
And as soon as you start showing these things to people they do start to care and ask how. So the fact that the mainstream is ignorant and doesn't care enough yet doesn't matter because it's very likely a much larger segment of users will care when the tech evangelists they trust stop using IOS and Google Android. That's how these things started and that's how they could very well play out in this scenario as well.
I've been running on several half-working recent android ports to my Xiaomi Mi 9t for many years now.
If I can get a modern phone, modern android, my privacy preserved and a hackable phone (to the extent an unlockable bootloader allows, which isn't a given nowadays, I especially hate how Xiaomi does it), I'm 100% sold.
We'll see when it comes out I guess!
The timing is super weird too, when all corporations are pushing for digital ID, are actively lobbying to deanonymize the users, cooperating with gov too to have a smooth pipeline for such process, and motorola the known company of having defense contracts, are suddenly caring about open source privacy?! Cmon
The conclusion here is if you are after anonymity then you should ditch your phone entirely, having a “secure OS” won’t provide such goal but it might bring more attention to you than using of-the-shelf average phone.
Motorola announces a partnership with GrapheneOS
https://news.ycombinator.com/item?id=47214645