security123's Pixel 3a Config 2020

  • Thread starter ForgottenSeer 85179
  • Start date
Last updated
Dec 10, 2020
Phone brand
Google
Phone model
Pixel 3a
Phone OS
Phone OS updates
Automatic updates
Phone unlock
Biometric security
    • Fingerprint(s)
SIM card lock
Protected by a PIN code
Find my Phone
On
Security & Privacy Apps
Device integrity monitoring + Android internal Sandbox
Browser
Vanadium
File and Photo backup
(own) Nextcloud + GrapheneOS internal backup feature, using the same Cloud
Notable changes
4th March: First post
24th March: some Changes: SECURE: Complete - security123's Pixel 3a Config 2020
2th June: June security update, see GrapheneOS releases
5th June: Remove RedReader Reddit app: SECURE: Complete - security123's Pixel 3a Config 2020
8th July: update to July security: SECURE: Complete - security123's Pixel 3a Config 2020
6th August: update to August security
12th September: update to (1st - not 5th) September security update
27th September: update to fully September security update + Android 11
7th October: fully October security updates
4th November: fully November security updates
10th December: fully December security updates
F

ForgottenSeer 85179

Thread author
That's the combination of your screen lock password? Is it a complex 64 characters with symbols, or 4 words with digits?
6+ pin & fingerprint. Face unlock isn't sadly possible on my Pixel 3a.

But even a 4+ pin is secure enough for years as Titan M chip protects against brute forcing and fingerprint is completely sorted in Titan M so that's not hackable (bug bounty is 1+ million dollar!)
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
Performance is good, reboot is a lot faster then with 10.

Known bugs are only the strange new alarm app from AOSP team (it activate a notification sound 30 minutes before alarm should start) but the alarm app is in rebuilding. Don't know if this is related to Google Android user
I'm waiting for P4a in India release. Will let you know when I'm using GrapheneOS. Will GPay, MS Auth, LP Authneticator work on Graphene?
 
F

ForgottenSeer 85179

Thread author
Yes they use GMS. Damn....
But some work without so you need to try. This site can help: techlore-official/plexus

Also it exists alternatives. For example for 2FA you can use andOTP or Aegis from F-Droid or Google Store.
I guess Google Pay need GAPPS but you can't get privacy with it anyway. If you want using a privacy payment alternative to that, only Apple Pay is the solution.


Also:
Thanks to latest GrapheneOS update i use now fully October security updates
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
But some work without so you need to try. This site can help: techlore-official/plexus

Also it exists alternatives. For example for 2FA you can use andOTP or Aegis from F-Droid or Google Store.
I guess Google Pay need GAPPS but you can't get privacy with it anyway. If you want using a privacy payment alternative to that, only Apple Pay is the solution.


Also:
Thanks to latest GrapheneOS update i use now fully October security updates
I think I may need to use Stock OS for a year.
I don't think andOTP and Aegis are listed as compatible authenticator for Amazon, Mega, Gmail and outlook. I think this will take time and it might improve on Android 12+.
I really like custom ROM since they extend the longevity of old phones. I still use 1GB RAM Samsung which is used as backup phone for 2FA in case I don't get locked out of my account.
 
F

ForgottenSeer 85179

Thread author
I don't think andOTP and Aegis are listed as compatible authenticator for Amazon, Mega, Gmail and outlook. I think this will take time and it might improve on Android 12+.
andOTP and Aegis works with every OTP standard so it works with them. Only few (Blizzard, Steam for example) use own solutions but even these can be forced to work with both apps.
Their isn't anything which Android itself need change here as it's not Android fault.

I really like custom ROM since they extend the longevity of old phones.
GrapheneOS isn't a custom ROM ;)
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
andOTP and Aegis works with every OTP standard so it works with them. Only few (Blizzard, Steam for example) use own solutions but even these can be forced to work with both apps.
Their isn't anything which Android itself need change here as it's not Android fault.


GrapheneOS isn't a custom ROM ;)
I know GrapheneOS is close to Pixel experience w/o GMS and other hardened security measures.
I did intend to root Pixel and run LineageOS.
 
  • Like
Reactions: [correlate]

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
This is highly not recommend!
Root destroy a lot! important security features like verified boot.
LineageOS make it even worse!

Please read Android | Madaidan's Insecurities
Oh I didn't know that.
Can I trust Pixel Titan M in keeping my device and files secure when using GrapheneOS for Pixel imprint auth? Is it even valid when using GrapheneOS? I think Google Pay and other services will not work. Do you use Youtube vanced? I am using microG and youtube vanced. I still have GMS services installed on stock ROM.
 
  • Like
Reactions: [correlate]
F

ForgottenSeer 85179

Thread author
Can I trust Pixel Titan M in keeping my device and files secure when using GrapheneOS for Pixel imprint auth?
Yes. You can also check the source code: GrapheneOS source

Is it even valid when using GrapheneOS?
Yes. Here you can read about Titan M: Titan M makes Pixel 3 our most secure phone yet

I think Google Pay and other services will not work.
Apps which require Google Services will not work. Ever: GrapheneOS

Do you use Youtube vanced?
No. I just use their website.

I am using microG and youtube vanced.
microG doesn't increase your privacy in any way as it still use Google services. It only provide a false sense of privacy and increase the attack surface a lot.
 

Vasudev

Level 33
Verified
Nov 8, 2014
2,224
Yes. You can also check the source code: GrapheneOS source


Yes. Here you can read about Titan M: Titan M makes Pixel 3 our most secure phone yet


Apps which require Google Services will not work. Ever: GrapheneOS


No. I just use their website.


microG doesn't increase your privacy in any way as it still use Google services. It only provide a false sense of privacy and increase the attack surface a lot.
I did check my old rooted phone using Kernel tweaker app. It seems some build properties have debug enabled. Like you said, debug mode increases logging and decrease overall security to 0%.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top