Right now I have a carrier locked Samsung s24 Ultra I have ripped a lot of stuff out of including but not limited to google play,Google services and a ton of other stuff.
This ain’t going to get it from a privacy stand point. Back in the early days I use to root and rom phones and miss that.
My questions:
What are the “Gotchas” I need to look out for when buying a used pixel? I was aiming fpr the 9 series.
So for instance, if I get one someone bought from google directly and activated it on a major carrier, is it even still rootable once I get it?
Are there any concerns about what theymay have done with that device that their activity is tied to the IMEI?
With Google saying they are changing things, will this stop Graphene OS particulerly with the recent Android 16 update?
I am really leaning towards ditching laptops and desktops because I use the internet for media consumption and tutrials and learning new things. It makes me sick that I’m being profiled when it’s nobodies business what I like to prepare meals, fix a leaky toilet, or watch random pundits on youtube regarding political stuff and so on.
Any advice would be appreciated.
Will be posting a thread at somepoint with a full security checkup of what I’m doing, the threat model and put it up for honest critique.
How do you procure apps? What other stuff, did you use a guide?
Re: your first question, you must be careful not to buy a “variant” device, a modified Pixel that is carrier-locked or bootloader-locked. That would mean OEM unlocking in Developer options is disabled.
Re: IMEI, you should probably check the phone is not blacklisted, carrier-locked or financed/unpaid for.
Phones purchased from a carrier are typically bootloader locked. The best way to buy a Pixel is from Google. If you purchase 2nd hand make sure the seller proves the bootloader can be unlocked.
No. They are committed to supporting all current Pixel models until they are EOL. Future Pixels maybe not but, they should announce their new OEM partner before thats an issue.
You should not root your phone. It is also not possible if you use GOS.
No it is not. I don’t want to try and explain the exact differences as my knowledge of that is pretty limited. It may be worth waiting for someone else to reply or asking on the GOS forum what the differences are.
Rooting a phone is pretty much getting “admin privileges” of that device so that you can go and tinker with a few files/settings of the system itself.
It might damage it (if you don’t know what you’re doing) and is also lowering the security of the device because you are pretty much driving at high speed with no seat belt anymore.
It is cool for power user willing to have 200% of their Android and customize it even further.
Bootloader unlocking is what you want: it is what allows you to flash something else on your device. Differently said, replace the Stock Android from Google by GrapheneOS.
One issue I had buying used is that the phone ended up being stolen. I guess the guy bought the phone, stopped paying his plan and then sold it to a phone repair store.
I purchased the phone and after a few months my IMEI was blacklisted essentially turning the phone into a brick. I was super fortunate that the store allowed me to return and get the same phone that wasn’t blacklisted. It was a huge headache because I had no idea what happened. Spent hours on the phone with my carrier trying to figure it out.
Just keep that in mind when buying used that it’s a possibility.
I wanted to avoid getting a new one because I would not doubt my information for the purchase would be tied to the IMEI to be tracked by our good friends at google.
My threat model isn’t so high that I would attempt to hide from my carrier, I couldn’t anyways! Lol
I just want to avoid big tech, ads, profiling and stuff like that.
It’s not about making it noob-safe, it’s just a security matter: you can’t override the firmware of a device out of thin air, you need to unlock it beforehand. This is just how it works and not a GrapheneOS-specific thing.
Any kind of custom ROM or if you want to reinstall vanilla Stock Android go through that unlocking.
In addition to @kissu’s clarification, I want to add as a fellow beginner that they have made the flashing process very straightforward. You’re undoubtedly already familiar with GrapheneOS’ own installation guide, but otherwise, sideofburritos has a nice walkthrough video of it.
Exactly (great resource that I used to double-check myself before pulling the trigger!).
Honesty, Google is scaring people more with their dangerous-looking triangle than anything.
I hate when people try to scare some unusual use of their walled gardens…
I put the phone in wireless debug to use the app “Shizuku”.
Shizuku gives you access to most (But not all) system apps.
I replaced all the stock apps The user apps in the user interface) and keyboard with all open source stuff from f-droid. I did wind up having to leave the default file manager in place because trying to use an aftermarket file manager wouldn’t allow me to use Aegis athenticator properly.
Being that I wanyed nothing to do with Google play I had to start off by manually dragging and dropping Shizuku and F-droid apk’s in a folder like downloads and takingvit from there.
The apps I used to debloat it was Canta and DE1984. De1984 is is also a firewall.
Both apps require Shizuku.
Canta is a bit better at explaining what each app does, but it has no backup or logging like De1984 that I could find.
I’m kind winging it with little guidance. If I screw up, I can always reload the OS from the boot menu and start over.
I am hoping to get a text copy of what I disabled so I can share it. It is of course tailored to my wants and may not fit everybody.
unlocking the bootloader is like opening the car, then you can change the steerwheel. Once done, you lock down your car (lock the bootloader).
you can remove the speed limiter on it, that is the root part so that you can drive as fast as you can, knowing the dangers.
Both are quite unrelated but can be achieved at the same time, you can flash GrapheneOS on a Pixel and then root the device (even if you will lose some security by needing to disable some safety).
Shizuku does not exactly interface with the system, it is not root either. it’s a bridge between your phone, adb and apps. Shizuku does deny apps to use it unless you say allow them. Outside of debloating none recommends shizuku and you don’t need it in GrapheneOS. Switch to using a firewall to a content filter based DNS (android has a built in one) and perhaps a VPN, Mullvad offers both but there are different options. You really don’t need a firewall regardless when these exists.
I don’t have a pixel yet to run graphene. So I am working within the limits of what I have.
Unless I am missing something because I am new, and willing to learn what is wrong with my current method and setup I feel quite better dissabling a bunch of apps.
I am not yet technically skilled enough to setup a firewall outside of an app like De1984.
I don’t full know how to use the VPN service perks yet, I do have a VPN.
Unless there is a real danger, I think people who dont have access to a phone that can be unlocked should have these options if they choose which is why I am sharing.
If there is some inherent danger or false sense of security in what I am doing, till I can upgrade to a pixel, I am willing to learn as not to fall into a trap or spread false informaton.
Oh when can you afford a pixel to put GrapheneOS you think, no need to be specific just some ETA?
Then it is valid to use Canta + Shizuku or shameless plug but can’t share because it will still fall under promo regardless but can dm you to it
But yeah if it’s not long before you can, I would use that approach for now the follow the advice to just switch away from using Shizuku and start using as normal, Firewall again you don’t need it, use common sense, get a VPN and/or Private DNS on it, Private DMS is built into android and you just need a DoT DNS with content filtering
It is nice to know. I was contimplating the point of hopping from one locked down OS or phone to another if that is the case when I am quite happy with my current device (Other than lack of root and being locked down).
