I hate that they don’t support them after a while, those with a locked bootloader wont even get a chance. It makes these phones junk from all the CVEs that are being found.
- What old model would you recommend?
- Is something like postmarketOS viable yet?
- What phones are/will be effected?
- Do existing phones planned for the program have the payload sitting there dormant or will the system updater (on googled android) need to download the payload?
I am aware that there are highly opinionated people in the graphineOS team. we had a scandal a while back that shook up the company (and I to the best of my understanding, kicked off/demoted some members, if its didn’t I’m getting another phone) a little while back. for being so important for my life and the lives of many others, the tightrope of maintaining trust that the OS is safe is unacceptably wobbly.
are you referring to the new “Privacy Sandbox” or the old “Privacy Sandbox”. because if there calling this new thing a “Privacy Sandbox” after the old one lost public attention after they kept promising it for years, I am going to laugh or maybe cry.
what they originally called “Privacy Sandbox”
it was a browser feature to remove the HTTP cookie and replace it with a cohort system. your browser would receve signals about your habbits. that you were buying domino’s pizza and announce to upcoming sites that you like pizza, but ya know… in a “safe” way.
I still see, “chrome is going to replace the cookie” and “RIP the humble cookie” every once in a while.
it looks like its going to be a hardware feature. if the main CPU is off, it implies the radio circuitry and its CPU (the BBM) are still powered. give google this at least, the special new Bluetooth API will be accessible to whatever OS is alive and awake to send commands (even if I don’t trust that “off” means “off”). the fact that its using encryption (that’s too complicated to be made out of Integrated Circut logic) means its likely another software feature added to the BBM co-processor (it handles all radio tasks on the phone). this all but confirms the BBM (at least going forward) will still get power, be awake and have access to the (transmit (TX) and reseave (RX) functions of the) radios even when everything else is properly off.
EDIT: or it could be an abuse of a generic BLE beacon mechanism that’s “just there for whatever the consumer would need it for”. but if they are doing proprietary encryption like they claim, that’s not really possible without updating the BBM’s software to add another feature.
So software is running on your car that desprately tries to extract and sent your peronal information to its command and control server.
I was going to say “be stingy with access to the OBD / CAN port” but if wireless is involved then avoid the beacon (its wireless and tucked away in a corner so you dont know if its there) or get your data stolen. I feel violated.