Comment on Looking for some (re-)use cases for older Android smartphones
j4k3@lemmy.world 3 days ago
It is never secure or truly safe to use. The kernel cannot be updated and so all vulnerabilities are adding up. You’re giving out enough info to figure out what device you are using just in the fingerprinting with every online connection. It is relatively easy for someone to look for you and exploit a known vulnerability. They don’t need a zero day or any kind of exploit. You device likely has the last secure kernel on it and there will be many published critical vulnerabilities that can be scripted.
Even if you stay offline and do not use WiFi or use airplane mode, you’re not able to verify what the modem is doing in the real world. You never owned the thing in the first place and the reason why is the proprietary binary module that supports the system on chip and modem.
All that said, it is no different than something like an old computer running Windows XT or with CP/M.
Guenther_Amanita@slrpnk.net 3 days ago
Hmm… Thing is, GrapheneOS is already more secure than stock Android, and the hardened memory allocator, spoofed MAC address, unprivileged Play Services, and much more as example, strongly help to reduce attack surface.
I think just going online, like connecting to my home router and doing system updates, won’t strongly compromise security.