I also see the disrepancy you bring up. The smartphone OS criteria is a lot more security-focused compared to the desktop/laptop OS criteria. Even though there are security-focused criteria for desktop/laptop OSes—(like “Receives regular software and kernel updates” and “Avoids X11, as its last major release was more than a decade ago”—it is outright admitted in the Linux overview article that there are security downsides. This implies that we give leeway to desktops/laptops OSes (e.g., in order to have people “[a]void telemetry that often comes with proprietary operating systems”[1]) yet no leeway for smartphone OSes.
However, my gripe with this post is that disrepancies are not a bad thing. I would not, for example, want an open source requirement for file sharing and sync on the basis that it should match with the open source requirement for pastebins. The open source requirement for these tools were chosen to be included in the criteria not for consistency, but because it was concluded to be a good criteria by those who were discussing it. Consequently, the point of this post should not be to resolve any disrepancy, but instead to recommend a change in the criteria and have it stand on its own. You should therefore not make any analogies to the desktop/laptop OS recommendations. That would only clog up discussion for you. The discussion should be technical.
Your goal should therefore be to explain how decreasing smartphone security in the criteria does not result in significantly decreasing smartphone privacy in the recommendations. Or how security downgrades to tools like debloaters or other custom OSes is allowed for XYZ threat models, that we should account for those XYZ threat models on the website, and that those XYZ threat models are not contradictory.
I personally disagree that we should expand the smartphone recommendations list to non-GrapheneOS. At the very least, however, I think it would be nice to centralize or at least synthesize the arguments each of given side to this thread, or some wiki post. That way we aren’t regurtitating the same thing over and over again across the internet. This topic has been discussed throughout the privacy sphere time and time again, so we can comb through some explicit and implicit arguments from these threads:
- Budget Android Phones (Discussion and 📊 Poll—Feedback Requested) - Discussions - Techlore Forum
- ~$150 Budget Android Hardware [Suggestions Needed]
- Stock OS vs GrapheneOS - Discussions - Techlore Forum
- De-bloated/De-Google’d Stock OS vs GrapheneOS - Get Advice - Techlore Forum
- Heavily torn on whether to buy a Fairphone with debloated Android or Pixel with GrapheneOS - The Products - Fairphone Community Forum
- Heavily torn on whether to buy a Fairphone with debloated Android or Pixel with GrapheneOS (maximum repairability vs maximum privacy)
- Heavily torn on whether to buy a Fairphone with debloated Android or Pixel - GrapheneOS Discussion Forum
- GrapheneOS/Privacy Roms VS Full Debloating using Canta? - GrapheneOS Discussion Forum
- Thinking about ditching GrapheneOS to get better hardware - Get Advice - Techlore Forum
- LineageOS (Android ROM)
- Is iodéOS the best alternative to DivestOS?
- Planning to get new phone, need recommendation - Get Advice - Techlore Forum
I’m sure there are plenty of other threads, I just can’t find them all.
I also agree with others…
… that this is probably best as a harm reduction guide rather than an outright recommendation. But this doesn’t mean I am not open to there being discussion on the matter.
There’s no need to generate tribalistic feuds. It fuels the fire.
Not really. Most of us would rather pick Linux even though it’s not very secure over macOS, which is so much better in terms of security. The thing with GrapheneOS is that it’s private and secure.
This is not the point of the website at all whatsoever. Even in OP’s disrepancy case, the point isn’t to recommend comfortable smartphones but rather private alternatives for moderate threat models that do not require extreme security.