I honestly feel like the goal with this delayed release and app signing control is to make custom roms less attractive and more vulnerable to law enforcement zero days.
They were always, and I mean always been law-enforcement friendly tho. What are you getting at?
Didn’t you see the leaked cellebrites slides. Pixels up until 9 were exploitable. Why do you think they hire engineers from places who sell these exploits to law enforcement?
It’s a circular economy where both have a plausible deniability. Google gets to claims they are unaware of the bugs, Government gets to claim they used an “exploit” from a middleman.
Well, yes, but that is not exclusive to Pixels, and in fact, most phones (other than the latest iPhones) are more vulnerable. Pixels, especially the latest devices, have the best hardware security features of any Android phone (unfortunately). You’re focused on Pixel, but that’s only because of the recent leaks which specifically focused on Pixel because of their breaching difficulty. Here’s the full matrix from last year (which hasn’t leaked as recently):
GrapheneOS, even now, is not vulnerable for several reasons, most of which tie into the hardware features of the Pixel. There’s a reason Graphene only works on Pixel.
All I’m saying is that it’s entirely misleading to imply that only Pixels are vulnerable. This is not the case, even for iPhones.
I’m also not sure why you seem to be trying to say I disagree on the fact that Google is happy to leave vulnerabilities wide open, when that is exactly what I said in my original comment. Their new release schedule allows them to leave these vulnerabilities open for an even longer time, making Cellebrite’s job easier.
I honestly feel like the goal with this delayed release and app signing control is to make custom roms less attractive and more vulnerable to law enforcement zero days.
The law enforcement angle is exactly the point, yep.
They were always, and I mean always been law-enforcement friendly tho. What are you getting at?
Didn’t you see the leaked cellebrites slides. Pixels up until 9 were exploitable. Why do you think they hire engineers from places who sell these exploits to law enforcement?
It’s a circular economy where both have a plausible deniability. Google gets to claims they are unaware of the bugs, Government gets to claim they used an “exploit” from a middleman.
https://arstechnica.com/gadgets/2025/10/leaker-reveals-which-pixels-are-vulnerable-to-cellebrite-phone-hacking/
Well, yes, but that is not exclusive to Pixels, and in fact, most phones (other than the latest iPhones) are more vulnerable. Pixels, especially the latest devices, have the best hardware security features of any Android phone (unfortunately). You’re focused on Pixel, but that’s only because of the recent leaks which specifically focused on Pixel because of their breaching difficulty. Here’s the full matrix from last year (which hasn’t leaked as recently):
https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation
GrapheneOS, even now, is not vulnerable for several reasons, most of which tie into the hardware features of the Pixel. There’s a reason Graphene only works on Pixel.
All I’m saying is that it’s entirely misleading to imply that only Pixels are vulnerable. This is not the case, even for iPhones.
I’m also not sure why you seem to be trying to say I disagree on the fact that Google is happy to leave vulnerabilities wide open, when that is exactly what I said in my original comment. Their new release schedule allows them to leave these vulnerabilities open for an even longer time, making Cellebrite’s job easier.