Biggest challenge GOS has is that most hardware vendors do not meet their fairly restrictive hardware security requirements, and those few that do don’t typically allow bootloader unlocking. Pixel devices up until now have been unicorns in those regards.
But I don’t get why they insist on those requirements. Yes, Random Phone + Graphene is less secure than Pixel + Graphene, but still far more secure and private than Random Phone + Stock ROM. Insisting on having all features just makes it far less accessible. There are many regions and classes that can’t buy supported phones or a new phone at all. And I can’t even properly confirm that everything I want to use works on graphene, because I’d need to fully commit towards buying a phone first. Which, even used, costs a lot.
The goal of the project is not to slightly improve some aspects of insecure devices and supporting a broad set of devices would be directly counter to the values of the project.
The expectation is for people to buy a secure device meeting our requirements to run GrapheneOS. Broad device support would imply mainly supporting very badly secured devices unable to support our features. It would also take a substantial amount of resources away from our work on privacy and security, especially since a lot of it is closely tied to the hardware such as the USB-C port control and fixing or working around memory corruption bugs uncovered by our features.
It’s a limited development pool, and they focus on delivering the most secure mobile OS possible, within the constraints that their funding and resources allow.
There are other ROMS, such as CalyxOS that have expanded to a few other devices, and LineageOS which has even broader support.
Biggest challenge GOS has is that most hardware vendors do not meet their fairly restrictive hardware security requirements, and those few that do don’t typically allow bootloader unlocking. Pixel devices up until now have been unicorns in those regards.
But I don’t get why they insist on those requirements. Yes, Random Phone + Graphene is less secure than Pixel + Graphene, but still far more secure and private than Random Phone + Stock ROM. Insisting on having all features just makes it far less accessible. There are many regions and classes that can’t buy supported phones or a new phone at all. And I can’t even properly confirm that everything I want to use works on graphene, because I’d need to fully commit towards buying a phone first. Which, even used, costs a lot.
According to the FAQ (warning: very wordy):
It’s a limited development pool, and they focus on delivering the most secure mobile OS possible, within the constraints that their funding and resources allow.
There are other ROMS, such as CalyxOS that have expanded to a few other devices, and LineageOS which has even broader support.