I agree with your point that Pixels aren’t cheap (they’re horribly difficult to get here and cost quite a bit), but I don’t see how this is a good argument for Calyx? Calyx generally have the same support as Graphene (except adding Fairphone, which are arguably even harder to get)
I don’t know enough about Calyx to make a hard recommendation on it specifically.
What I am saying is two things: first, having all eggs in one basket (GrapheneOS) is a bad idea. Anyone here remember what happened with Copperhead OS? That was, bluntly, a complete disaster.
Second, many people simply cannot get Pixel devices. The world is much bigger than American concerns. The Pixel is often not sold, or if it is, it costs an absurd amount of money that makes no sense when compared to practically any other model of android phone.
Maybe Calyx isn’t the answer. But surely there isn’t only one answer; if there truly is, we are in big trouble because eventually Graphene will run into problems, one way or the other.
Generally, PG should only provide the best recommendations. However, don’t let perfect be the enemy of good. An example is Linux; even if a mainline distro isn’t Fedora or Qubes, it is still miles better than any Windows or OSX device.
8 Likes
That’s much better though not as cheap where I live, but stock is also very bad for privacy. Pixel 8a goes for around $800 here and is hard to find.
Western Europe and US. Minimum wage in some countries can be as low as $250 or even less, and It’s not just “slightly” more expensive (see above). The fact that Calyx supports some Moto G devices is very attractive, because these devices are considerably cheaper (actually* around $250 new)
EDIT to avoid doublepost: Does Calyx actually ship kernel updates for non-pixels? I remember one big gripe with Divest was the eol kernels. If so, I might actually buy a G52, seems pretty good value.
1 Like
Both of those are complete garbage. Pixel 6a, 7a, and 8a completely blows them out of the water even when ignoring the privacy and security.
There is no way, that someone could use these devices for 6 years, they’re hardly usable just after launch.
A phone with pretty bad hardware that was released in 2022 with 3 years of software support, so it has less than 1 year left. Definently a good deal.
1 Like
The hardware isn’t that bad for the price, 6 GB of RAM is still usable. It’s only useless if Calyx can’t provide kernel/os updates after official support is over, which unfortunately seems to be the case.
A25 is faster than iPhone 11 in every matrix, almost as fast as iPhone 12. I wouldn’t say that it’s slow or unusable. Also, a lot better camera, speakers, etc.
I could agree with A16. But if you’re not playing games, Facebook, messaging, and web browsing wouldn’t make it sweating.
For the money you paid, both are perfectly usable phone IMO, especially when Pixel is hard to find new, let alone the really old one like 6a or 7a, they’re the answer. If money is not the issue, go with Pixel.
This is the reason I went with Calyx. I reckoned they’d be more stable and longer-lived (and possibly not rely on a single or small number of devs?) than Graphene or Divest. Although I have seen recently that Proton has been giving funds to Graphene which is reassuring. Maybe I’ll give it a try in the new year.
1 Like
It seems they update the kernel for non-Pixel devices, since the kernel is open source. But all the firmware are left out. Moto G52 for example:
This device is possibly the best non-Pixel device that’s able to use with CalyxOS. But it’s rather old and more expensive than the current mid-range Galaxy, which has many years of support ahead of them.
Edit: It doesn’t seem like CalyxOS supports relocking the bootloader on non-Pixel devices (I don’t even know what SHIFT6mq phone is):
I would use a stock phone rather than any other ROMs without verity boot.
1 Like
Despite the millions of dollars Calxy earns, it translates to zero privacy/security work over AOSP. And then it becomes hard to explain how Calyx was worse than Divest which was run by one guy.
…having all eggs in one basket (GrapheneOS) is a bad idea.
CalyxOS has this same problem. Whatever OS you choose, it will be a basket for your eggs.
By this logic, drop your password manager.
An example is Linux; even if a mainline distro isn’t Fedora or Qubes, it is still miles better than any Windows or OSX device.
No its not. Especially MacOS. But that’s for another topic.
3 Likes
Apples and oranges. A (non-cloud) password manager doesn’t even need that much maintenance given that the crypto behind it is sound.
For privacy? Yes it is. 100%.
Fair enough, but it’s not like a device is immediately terribly insecure without verified boot. It may be a worthwhile tradeoff for better privacy given that the device still gets OS and kernel updates.
This is not offtopic.
2 Likes
Shiftphone is repair & environment friendly company similar to Fairphone. Their latest model 8 has same SoC as FP5, so I expect same support. Though they also pack de-googled version of their own ROM (ShiftOS Light).
I was recently thinking what could be my next phone if/when this one fails, and I realized I will never again buy a device (not just phone) that I can not fix or replace a part easily by myself. Which means GraphneOS (Pixel) will never be an option for me. And it’s OK, as my threat model is just to avoid FAANGM and surveillance capitalism. And CalyxOS looks like a good option if it works on some of those devices.
4 Likes
That’s understandable, my only real concern with pixels is repairability and environmental/ethical impact but if I was to use a Fairphone or Shiftphone I don’t see how CalyxOS would improve my privacy over stock OS, it doesn’t have many privacy features exclusive to itself, it can’t make these insecure devices secure in any meaningful way and afaik includes privileged google services even without microG, I would personally just try to harden and “degoogle” the stock OS.
1 Like
Most mainline Linux distros like Fedora, Debian, etc are much better than OSX for security and privacy. Even many spinoff distros are decent. Apple has repeatedly been shown to exaggerate their privacy claims
And this is one reason why there needs to be a ROM beyond GrapheneOS for privacy. PG should not let perfect be the enemy of good. Limiting recommended privacy to 1 ROM running on 1 model of phone, does run the risk of having nothing if something goes wrong with GrapheneOS or Pixel
3 Likes
Unfortunate as it is, this is privacyguides, not right-to-repairguides. If GOS manages to implode or Google does something particularly nasty with Pixels, that’s a bridge to cross at that point, not a reason to list an objectively worse option right now.
And besides, if I were to break the screen on a fancy pants pixel fold, I could get a genuine replacement part and get full functionality, even if it’s not as “easy” as on a FP or similar to do the repair.
2 Likes
This is incorrect, though as others have said, thoroughly off-topic. If you wish to continue this discussion, I encourage you to open a new topic.
Unfortunately, many aspects of this argument are fundamentally flawed. Firstly, the assumption that CalyxOS is ‘good’ and that Privacy Guides requires perfection in their recommendations. Neither is true, and both are incredibly subjective. It is my opinion, based on my knowledge of the shortcomings of CalyxOS, that it isn’t an acceptable alternative to GrapheneOS, even for harm reduction. Therefore, even if the “perfection is the enemy of good” argument was logically sound, it ultimately doesn’t further the discussion on whether CalyxOS should be recommended.
The reason the arguments that “perfection is the enemy of good” and “… risk having nothing” aren’t good arguments is because they encourage complacency and harmful compromise. The goal of Privacy Guides is not to recommend every privacy-focused product available; rather, they intentionally maintain extremely high standards for their recommendations, which is a point of pride for the project. It is far better to foster an attitude of quality over quantity among developers and manufacturers. Take CalyxOS for example, they certainly have the resources to compete with or even surpass GrapheneOS. Instead, they mislead users and fall behind with basic security practices, presumably to maximise profits. The only way an attitude like that will change is to hold them accountable for that sort of behaviour, not to endorse and encourage it.
GrapheneOS currently exists as the gold standard of secure and private mobile OSes, and even if Pixel hardware disappeared tomorrow, GrapheneOS would have 7 years to find new, acceptable hardware to develop for.
9 Likes
Captain, wake up, you’re spewing nonsense in your dreams.
GrapheneOS isn’t perfect, it’s the only recommendable option.
I can understand that. I just hope we aren’t caught with our pants down again, like we were with CopperheadOS. I’m not claiming calyx is better; I have little knowledge of calyx specifically. I’m advocating PG simply be future-oriented in planning. That is the substance of my argument.
And as for that, my stance on Linux is simply in line with what PG currently recommends, and what the IT space/news has been saying for years. It will take a lot of quality evidence to prove otherwise
Yup, I think that’s the main issue with calyx, it doesn’t seem to even provide benefit over a well configured stock OS. Both In privacy and specially security.
I’m using Calyx on a Fairphone 4 with a locked bootloader so it’s definitely supported. I know there are flaws with the fairphone security but that setup is one of the least sucky options I could find with this phone right now.
Is that worse than stock OS considering play services run in the background on stock 100% of the time? You also need a Google account if you want to use the Play store in an official manner. I nuked mine with all my purchased apps years ago when I switched to Proton and lineage/microg.
I am also pro right to repair after dealing with phones that use glue (I did repairs on them) so I would feel dirty buying a Pixel phone…I don’t have the money anyway. I guess a good change is the EU law forcing manufacturers to use removable batteries (2027).
2 Likes