I don’t think Linux is inherently insecure. I just think it does have its own security issues which is especially true of LTS. It isn’t a golden nugget and it is problematic when people treat it as such.

But from a quantum perspective you can’t remember your own brain.

Raspberry Pis suck in general as they lack open firmware. You are stuck with the Raspberry Pi kernel and all of its blobs. “Security requirements” is something Microsoft says about Windows 11. If you are concerned about security your best bet is stock software as it is maintained by Google.

They encourage proprietary software and locked down systems. For instance, they use Google play services instead of microG and they promote the play store. I personally think that F-droid apps are much better from both an software freedom perspective and a privacy perspective. I’m not against people installing proprietary apps as I realize sometimes that is unavoidable but they could at least encourage the use of Foss. Graphene could simply have both F-droid and Aurora store by default and on setup explain the difference. They could even allow the install of Play services instead. However, they don’t even really try. They focus on security which at the end of the day is subjective.

This is a gigantic can of worms that will cause arguments.

Yeah you are right. It just annoys me when people call it a cheap knock off.

You are still missing my point. All phones actively supported by Lineage OS get Android security patches. Those aren’t vendor patches but they do patch the OS and sometimes the kernel.

For instance, the Pixel 5 was last updated June 28. https://wiki.lineageos.org/devices/panther/

Not to say that you should still buy it. However, if it cheap it might be worth it.

Also from the article you linked:

Although the incident forced LineageOS to take offline all its service, it did not impact the signing keys that authenticate distributions because they are stored on hosts separate from the main infrastructure.

I don’t care. They are really helpful for a many different tasks. It doesn’t pull that much power to run locally on my machine.

I find LLMs very useful

When you copy the outcome is almost always going to be worse than the original. Do your own thing and be the person or project you want to be. You don’t need to care outside of the project.

How is your Linux foo?

Custom ROMs will receive upstream Android security patches but not patches from proprietary components (firmware). For instance, my Moto g7 power has Android security patches from May but the latest vendor security patch level is 2021. (I’m running Lineage OS) I’m curious to know if the older firmware is a problem. I don’t think it is easily exploitable outside of government backdoors. Not that it matters much as I plan on keeping my phone until it dies.

Which can be done on Wayland but it needs to be dome from a Wayland native app

Can relate

Why not OpenWRT?

I would argue that Linux is not more secure than Windows. Linux is way more private and gives you way more control but from a purely security perspective Linux has its own weaknesses and is constantly getting CVEs.

It seems very fishy to me

I don’t think you are going to have any more luck if it is clicking. What is the file system?