not directly, i mean as part of a chain, which is how these are more commonly used.

in a nutshell the process is maybe you have one way to bypass login for an https page of a small team service, which gives you way more surface area to try and look for vulnerabilities in a service or it’s underpinnings, then you may need something to move laterally or into root access which is where an old unpatched cpu vuln would come in clutch, because this might be the hardest part.

that’s if you are setting things up correctly in your server. usually out there it’s just a very old version of apache or wordpress or something, but i digress.

great advice. that’s exactly what i’d do in that case.

oh shit yeah, that too. i always forget their bad QC compared to their price.

i’m talking about services you might want to expose, which might have rce vulnerabilities. i edited my post for slight clarification but i think you replied before i had the chance, so i’m doing it here.

many people do end up hosting other services at home besides just the bare router when they get sufficient “tinker” hardware, which seem to be the case.

either way it’s indeed not something one should worry too much about in op’s case atm, if just to understand what one can expect from older hardware or the limits of what you can get away with.

that could still be a concern depending on what services you might be running and exposing. a known unpatched vuln on an old cpu could be the key on the exploit chain for a possible attacker.

regular joe kind of target and such so obviously talking about an unlikely scenario already.

i’d worry about unpatched cpu vulns depending on how old it is though.

iirc they only sell in the us canada and europe, but i might be mistaken.

they don’t sell here, so i rely on luck somewhat to find specific models in the used market from someone that paid the big price to import it. and usually people want to get their money’s worth so they are mostly all chewed up, very old and deprecated, or unaffordable.

i debate investing on an old pixel to get a more private phone every time i need a new one, but so far always decided it’s not worth the amount of money or hassle they want for them. i keep hoping for other manufacturers to adopt the more thorough pixel security, or for graphene to relax it’s requirements a bit.

i quickly looked it up and found used 9s, and it’s about 5k.

could probably find better prices for a working one, but there won’t be any miracles.

also found a 7 pro with a broken screen for 2k, kind of a steal for how much these go for tbh

but still, it’s a broken phone for 2k and i don’t think these screens are cheap either.

pixels cost as much as an actually good used car here.

180 euro is basically minimum wage here. none of the phones you mentioned are affordable at all.

edit: just noticed it says 130 not 180, but still.

i’m not sure what the problem is, but they are crazy expensive and hard to find in south america, and probably many other places.

i don’t live on sweden though.

the only bad thing about graphene is that it needs an expensive pixel. and how they are mostly unobtanium.

the way you put it is making it sound like a great thing, actually.

.

alternatively, you can use adaway to get the same blocklists directly on your phone.

its better with root but it works rootless.

.

.