alt Hacker NewsI thought one of the issues for Fairphone is that their security update schedule / security practices are a bit lax? Their phones are regularly requested by users to be targeted by GrapheneOS, but GOS developers contend that the security practices for the Fairphone are problematic. They apparently get security updates late and don't properly implement verified boot and attestation.
I like the devices, but I've stuck with Pixel devices for the better security practices. Honestly, I'm a little surprised that a university wouldn't be concerned about late security updates and the like.
Replies
I was going to keep to myself on this one, but this is a good jump-in point.
The security capabilities of their hardware are what makes GrapheneOS incompatible to target the phone, Not any specific security practices of the developers of Fairphone.
Having said that: if there’s a way to MDM GrapheneOS, I’d be looking at that also!
The n+ patch interval on Lineage, /e/ and the rest of them, that’s plain and simply more days your administrators are at risk of giving up the keys to your castle - and that’s a tough pill to swallow!
These risks don't seem to materialize if you're not targeted by something like an intelligence agency. Not sure publicly funded research has such security requirements, at least by default (they can always buy custom equipment for a project, or just not put such data on devices you take home / out and about). Might be worth it compared to the very real benefits it has around the world by paying good salaries and fairer material sourcing
>They apparently get security updates late and don't properly implement verified boot and attestation.
It doesn't matter if their os gets security updates late, becase security updates depend on the rom maker this case grapheneos.