The problem is that (as far as i know) only pixels fulfill their security requirements, for example that the bootloader is not only unlockable but also lockable. But I also would like to have more devices supporting it
CalyxOS relocks the bootloader and they supported the FP5 right after launch.
CalyxOS is not a hardened OS, and GrapheneOS requires more than than just relocking the bootloader.
Fairphone’s devices do not meet basic security requirements for hardware, firmware and the software device support including drivers. Please look at the hardware requirements at https://grapheneos.org/faq#future-devices and check for yourself how many of those are provided by the Fairphone. Even the Fairphone 5 has a CPU core from 2021 without even PAC and BTI.
And they could discuss w/ GrapheneOS devs about upstreaming changes and collaborating on longer-term support. I highly doubt GOS project has the resources and desire to support another phone line.
Many other devices are supported by GrapheneOS at a source level, and it can be built for them without modifications to the existing GrapheneOS source tree. Device support repositories for the Android Open Source Project can simply be dropped into the source tree, with at most minor modifications within them to support GrapheneOS. In most cases, substantial work beyond that will be needed to bring the support up to the same standards. For most devices, the hardware and firmware will prevent providing a reasonably secure device, regardless of the work put into device support.
if fair phone wanted to, they could, but gos will not volunteer for the work.
And that’s completely fair IMO. If FairPhone did do the work and supported US customers as first-class on their platform, I’d probably buy my next phone from them.
The problem is that (as far as i know) only pixels fulfill their security requirements, for example that the bootloader is not only unlockable but also lockable. But I also would like to have more devices supporting it
Fairphones should be supported imo. CalyxOS relocks the bootloader and they supported the FP5 right after launch.
CalyxOS is not a hardened OS, and GrapheneOS requires more than than just relocking the bootloader.
Ref: https://discuss.grapheneos.org/d/7208-8y-security-updates-on-fairphone-5-will-the-devs-consider-porting-grapheneos
Thanks for the info!
gos is open source. If the fairphone people wanted to maintain a fork of GOS for their phones, they could.
And they could discuss w/ GrapheneOS devs about upstreaming changes and collaborating on longer-term support. I highly doubt GOS project has the resources and desire to support another phone line.
https://grapheneos.org/faq
if fair phone wanted to, they could, but gos will not volunteer for the work.
And that’s completely fair IMO. If FairPhone did do the work and supported US customers as first-class on their platform, I’d probably buy my next phone from them.
Fairphones aren’t even anywhere close to meeting the security requirements of GrapheneOS. Daniel Micay explained this many times, most notably in this Reddit thread (before they left Reddit and switched to their own, self-hosted forum) https://redlib.nohost.network/r/GrapheneOS/comments/10b5x4n/has_anyone_managed_to_install_grapheneos_on_a/j67pbny
I think some op phones also meet the requirements.
What does a lockable bootloader mean? Is it just encrypted so the kernel never gets loaded without the user?