Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

  • AnxiousDuck@feddit.it
    4·
    3 days ago

    Can someone explain to me under what circumstances would using an old phone be risky (under a common reasonable threat model)?

    • tty5@lemmy.world
      3·
      3 days ago

      No security fixes once the device reaches end of life. For pixel 4a end of security updates was 10 months ago. That mostly is a problem with malicious apps - there were some privilege escalation bugs in those 10 months - but sometimes you get a banger that can get exploited by simply loading a page or opening an image.

      • AnxiousDuck@feddit.it
        2·
        2 days ago

        I get it about malicious apps but what about just using mainstream apps and surfing the web with adblockers?

      • ReveredOxygen@sh.itjust.worksEnglish
        2·
        3 days ago

        Wouldn’t those be typically handled at an OS level? If you’re using an OS that actually gets updates, you’re only vulnerable to attacks at the kernel or driver level

        • tty5@lemmy.world
          21·
          2 days ago

          If you are on stock software on EOL device you are not getting os updates either.

          Also a bunch of recent vulns were in SoC specific stuff - outside os.