I’ll risk asking the first question. If it’s not a good fit for the community, then at least I can serve as a negative example.
Here’s the scenario. I’m going to be traveling over the next few months and expect to be in areas where I don’t have a right to my digital privacy. My device might be inspected, cloned, etc without my knowledge. I might even be required to give up the passcode. I’ll do my best to maintain physical control of my device at all times, but that might not always be possible. My intention is to responsibly recycle the device at the end of the summer once I return to a more secure environment. I’ll try to take reasonable precautions like powering down the device completely when unattended but the potential for uncontrolled physical access has me concerned.
My thoughts are that I want something used to reduce my environmental impact but that still has up to date security patches at a reasonably low cost. I would also like it to provide an acceptable user experience. A used Pixel 4a 5G looks like a great candidate for that.
Are you using this device? Does it provide a good user experience today? I’m looking for some opinions or perhaps suggestions for a device that might meet my requirements.
You can probably flash Graphene still on a 4a. Then you can setup remote Auditor. This may let you monitor if the device has been compromised in some way.
I’ve never experimented with Graphene, but I definitely heard that it is security-minded. One concern I have with custom ROM is that having an unlocked bootloader might make it easier for an adversary to flash anything they want on my device without my knowledge. In theory a locked bootloader would prevent that.
I understand that an adversary with physical access is very powerful. I don’t pretend that I can prevent compromise here, but maybe I can make that a little more difficult.
Graphene uses the pixels because it has hardware security locks. Bootloader is locked just like any OEM. The Auditor tool makes it possible to verify if the ROM has been tampered with. It is remotely checking that the software hashes correctly. There is no way to fake this type of check and verification.
This sounds like a really good option! I think I’m going to go with this. I have enough technical background that I shouldn’t have too much trouble getting it installed.