Terminology like "private" and "trust" differ in meaning from computer land to human convention.
It's a concern to me, because humans often extend their trust to computer trust based upon misunderstanding of the identically spelled words and lack of recognition of differing context.
MacOS has had instances where their own apps could bypass always-on VPN. I'm not sure if there have been exploits or gaps where traffic could go to arbitrary destinations directly.
this is not an ocassional bug this is still the system design today. privacy gateways upstream of big tech are the way to go on this because privacy isn't their profit center
First motorola grapheneos phone i am buying to get fully off the google pain train. Grapheneos tides me over until a real linux smart phone shows up or i die of old age. Now if home assistant could get thread network join*ng working without an android phone with a google account i could ve fully ris of those eh holes.
Carrier-sold Pixels generally don't have "OEM-unlockable" bootloaders.
Your best bet for now is to buy a new Pixel direct from Google, or a used one from eBay that the seller advertises as already having GrapheneOS on it (or otherwise guarantees that the bootloader is unlockable). These ones are worth a lot more than the ones that can only run Google/carrier Android.
I own two GrapheneOS Pixel 7 units, which should get any Google blob security updates (which GrapeheneOS incorporates) through October 2027, and GrapheneOS may still support it with source updates after that. So in a year or so, I might get the GrapheneOS Motorola if it's available, or a later Pixel. (I never buy these new, since I don't want to carry a several hundred dollar phone when a 2 gen old one is still great, thanks to GrapheneOS.)
I finally left Verizon after nearly 20 years. I had it with their enshittification, couldn't stand it anymore. I switched to US Mobile and on the Darkstar (AT&T) network. I have no regrets. I caught it on a black friday deal, so I'm paying basically $20/mo for top tier service. You wouldn't have caught me dead with an AT&T service or MVNO years ago because I'd seen so many bad experiences second-hand, but these days it's been a breeze knock on wood
I also did the math and determined buying a new unlocked phone outright on this plan was far cheaper than paying Verizon monthly for one.
I don't see a problem with supporting their legitimate hardware or cloud business models. But of course I see a problem supporting their illegitimate adware and spyware business models.
At some point digital security turns into physical security, and there are national security interests that have fine-tuned their detection logic on these kinds of "buggy" behavior.
If you patch it, you'd need to find another way to de-anonymize those users.
I'm surprised they honored the embargo at that point, and delayed the fix until May. Why not just release immediately?
So a VPN isn't a VPN on Android? Regardless of this bug. Do other locked down operating systems act the same?
It's a concern to me, because humans often extend their trust to computer trust based upon misunderstanding of the identically spelled words and lack of recognition of differing context.
Mullvad and others reported on that one ages ago
What’s most glaringly missing, for you specifically, from the plethora of options available?
It seems like plenty of options are getting 7/10 things right.
There is already a way to do this. It's fiddly, but not by much. Once set up it's a much better experience, though.
https://www.matteralpha.com/how-to/how-to-use-home-assistant...
Google's Pixel hardware division likely operates at a loss - or breaks even.
and even if every active HN user bought $100-$400 used Pixels from Swappa, meaningless money to them.
Your best bet for now is to buy a new Pixel direct from Google, or a used one from eBay that the seller advertises as already having GrapheneOS on it (or otherwise guarantees that the bootloader is unlockable). These ones are worth a lot more than the ones that can only run Google/carrier Android.
https://grapheneos.org/install/web#prerequisites
I own two GrapheneOS Pixel 7 units, which should get any Google blob security updates (which GrapeheneOS incorporates) through October 2027, and GrapheneOS may still support it with source updates after that. So in a year or so, I might get the GrapheneOS Motorola if it's available, or a later Pixel. (I never buy these new, since I don't want to carry a several hundred dollar phone when a 2 gen old one is still great, thanks to GrapheneOS.)
https://support.google.com/pixelphone/answer/4457705
I also did the math and determined buying a new unlocked phone outright on this plan was far cheaper than paying Verizon monthly for one.
If you patch it, you'd need to find another way to de-anonymize those users.
I feel like this should be toward the top of the terms of service for the phone, even above the mandatory arbitration clause.
What planet are you from?