So after more research linage OS and calyx only allow Micro G apps to spoof and the verify via the app signature key the are signed with to verify this is the only way LinageOS would agree to adding micro G support so it is secure but still makes me feel unsafe at least to me just my opinion but yes it can be done securely I would use Linage OS with Micro G if the supported relocking the bootloader I know pixels support this but requires you to build your own version from source of linage and the sign your device with your own key that you also sign your build with as well I think I’ll stick with GrapheneOS.

I see it

Then buy a newer one with longer support this will always be a issue since the support window is the same as Google. Once a manufacturer stops updating drivers and device firmware the said device can no longer effectively be secure because any exploit in the drivers or firmware will forever go unfixed compromisimg the devices security. Doesn’t matter what devices you buy this will always be the case it just depends on what your personal threat model is.

Correct but GOS reverses alot of Google patches like always on voice requires kernel privalage it is disabled on GOS etc. But kernel level signature spoofing gives way for a malicious app to spoof as micro g and infect your device and you would never know because micro g requires the same thing to function it is making itself look like Google when it is not google. So using microg opens your device up to allot more ways for it to be compromised and also makes it harder to detect or notice once it is compromised. For me the security risk of kernel level spoofing is way to high to use on a production device used everyday. Also I trust neither Google or microg I only use Foss apps I don’t have Sandboxed play services installed at all I just don’t use Google anymore.

No because the data is encrypted especially on Graphene OS and even on stock pixel phones data at rest is fully encrypted and pixel phones also have a onboard security chip as well. So unless you can unlock the user data it would be useless. That is why a locked bootloader is so important it is needed to ensure at rest encryption its a requirement for it.

It could be included as both with a unlocked bootloader all user data could be easily retrived with physical access to device.

I use GOS and agree with you completely some of the things GOS has done and said in the past should have never happened and hurt GOS more than it helped it. Also on the micro G front You are correct still being debated but as long as Micro G is signature spoofing it is my opinion it is not secure as signature spoofing requires kernel changes that in fact weaken Android’s security model.

GOS Supports the pixel devices for the same amount of time as Google hard to keep a device secure once drivers are no longer being updated. But with Google extending support for pixel 6 and 7 series and the new 7 year guarantee on pixel 8 devices and newer this isn’t really a concern anymore. So pixel 7a and fold will be supported until 2028 and Pixel 6 and 6 pro until 2026 pixel 7, 7 pro, and 6a until 2027. Seems like plenty of time for support and that means as long as Google supports it so does GOS.

My last bank did that so I switched banks my new bank app works without any play services installed on GOS.

Once LinageOS is installed your bootloader is always unlocked so anyone who finds your phone if lost owns it. GrapheneOS and a few other ROMs I forget the names of allow the bootloader to be relocked keeping android security model intact allowing the device to still be secure.

Works on GrapheneOS

All apps work fine on GOS no tinkering needed if a app is broken its broken on linage as well because of play integrity

Hi how are you? 🤣🖖

Been using Linux for 15 years now since I turned 11 haven’t touched Windows and it was the best decision I ever made. I remember in 2009 I got world of Warcraft running under wine and that was hard. But the bottom cast bar was invisible and just had to remember your key bindings but it worked. (It was Ubuntu 9.10)

Could always search and see if there are any builds for it many open source router firmware out there. OpenWrt, DD-WRT is where I would start looking.

No there would be no blocking the would just shut it down but the could sanction any company that violates the ban that’s about it for enforcement. But a VPN to another country would bypass it but it would not be US version of tiktok.

The apps would be delisted from all App stores and then tiktok said the would have to shut down the US Servers.

You have to disable Play Protect it now blocks unknown apks on android 15 and higher most users will give up only tech inclined users will most likely pursue that cource.

Odd I used it to install GTA: SA definitive edition purchased on the play store website then installed and updated via Aurora still works just updated it recently too.

Is it the pro or the tube shield the tube is 32 bit only and most apps and games have moved to 64 bit only so the pro would be needed but I can still install paid apps on aurora on my phone just fine.