this post was submitted on 11 Jul 2023
362 points (93.1% liked)

Asklemmy

43945 readers
624 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~

founded 5 years ago
MODERATORS
 

Other than your carrier give it for free or cheap, I don't really see the reason why should you buy new phone. I've been using Redmi Note 9 for past 3 years and recently got my had on Poco F5. I don't see the point of my 'upgrade'. I sold it and come back to my Note 9. Gaming? Most of them are p2w or microtransaction garbage or just gimped version of its PC/Console counterpart. I mean, $400 still get you PS4, TV and Switch if you don't mind buying used. At least here where I live. Storage? Dude, newer phone wont even let you have SD Card. Features? Well, all I see is newer phones take more features than it adds. Headphone jack, more ads, and repairability are to name a few. Battery? Just replace them. However, my Note 9 still get through day with one 80% charge in the dawn. Which takes 1 hour.

I am genuinely curious why newer phone always selling like hot cakes. Since there's virtually no difference between 4gb of RAM and 12gb of RAM, or 12mp camera and 100mp camera on phone.

you are viewing a single comment's thread
view the rest of the comments
[–] M_Reimer@lemmy.world 7 points 1 year ago (4 children)

The only real issue are updates. After just 3 years my previous phone didn't get any security updates and I had to get new hardware. I actually liked my previous phone more than my current one. But it is how it is.

[–] ulu_mulu@lemmy.world 2 points 1 year ago (4 children)

That's the reason why I switched to iPhone after many years of Android, security updates are vital nowadays with all the sensitive data and apps we use on our phones, Apple is the only one that guarantees al least 5 years, iPhones are not too expensive if you don't buy the latest models and I'd rather avoid supporting companies that don't understand the importance of security.

[–] pineapplelover@lemm.ee 8 points 1 year ago (3 children)

Pixel actually guarantees 5 years now and if you put GrapheneOS on it, then you'll have one of the most private and secure operating systems available

[–] dzervas@lemmy.world 3 points 1 year ago (1 children)

just a side note for graphene: i have the feeling that it’s not for everyone. “too much” security tends to get in the UX way

[–] pineapplelover@lemm.ee 3 points 1 year ago (1 children)

Chances are if you know how to use an Android, using Graphene isn't too much harder. You can still download from the play store and run apps like normal. If you're reading this post then you probably have the technical knowhow to plug your phone into the computer and press the start button.

Fair point with not being for everybody though, I wouldn't be comfortable giving it to my non-techy family and friends. You do have a fair point.

[–] rtevans@lemmy.world 1 points 1 year ago (1 children)

I've been running GrapheneOS on my Pixel 3 for three years and I have few complaints. I still cant figure out how to get automatic updates to work in Android 13 with the Neo or Droidify stores but atleast the stock GOS apps auto update. BTW, to clarify what you said, we have to use the Aurora app to download from Google Play Store.

You're right it's not for most people. Not having Google services installed might be a major blow for people who have become accustomed to the conveniences they provide. I just use a separate vanilla Pixel for Google services if I need them, but the phone with my SIM card is the one with GrapheneOS.

[–] pineapplelover@lemm.ee 1 points 1 year ago

You can turn Google Services on if you would like. I personally do have it turned on as some of my apps wouldn't get notifications without it. You could use it as a normal android downloading through the play store and nobody would notice that it's degoogled. All the apps are sandbox and you can change what permissions that have, I previously used CalyxOS and this is much more private and secure.

[–] zkfcfbzr@lemmy.world 1 points 1 year ago (2 children)

You can do even better than five years with Fairphone (...Speaking as a Pixel user)

[–] cyberic@discuss.tchncs.de 1 points 1 year ago (1 children)

But will Fairphone be around in 5 years?

[–] Ranessin@feddit.de 1 points 1 year ago* (last edited 1 year ago)

It has been around for 10 years and 4 phones by now, and only gaining in popularity and market share. No reason to predict an early demise yet. The Fairphone 1 controversially only received 3 years of updates, but since then it's 5 years.

[–] pineapplelover@lemm.ee 0 points 1 year ago (1 children)

Fairphone is also guaranteed only 5 years. If not, then they are probably using a custom ROM that is not directly supported by Google. I'll keep my eye out for this company though, the repairability is great and I love the repairability of the phone.

[–] zkfcfbzr@lemmy.world 1 points 1 year ago

The article I just linked says they're extending support to 7 years: Out to 2026 for their 2019 model, the Fairphone 3. The article also links to an older article talking about how the Fairphone 2 ended up with 7 years.

I'm in the US so the Fairphone was never really a consideration for me, but if it's available whenever I need my next phone I'll definitely look into it. It's pretty annoying to be using Google's own phone, and still only have access to 3 years of OS updates.

[–] ulu_mulu@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

Well, Google isn't famous for being reliable in the long run with their services, Apple is proven at this point, tho who knows, I'll wait a few years and see if Google is still at it with their Pixels.

[–] Metallibus@lemmy.world 1 points 1 year ago

Googles already been doing this for years.

[–] 001100010010@lemmy.dbzer0.com 2 points 1 year ago* (last edited 1 year ago) (1 children)

Apple isn't the only one that guarantees many years of updates. The fairphone (although currently only sold in the EU, they're coming soon to the USA) has 5 years of promised support, Google Pixel 6 and later also have 5 years of promised updates, Samsung Galaxy, has 4 years, while one year less than its competitors, still much better than the 1-2 years most phones used to have. Android phones these days aren't like the wild west back then, Android phones are on par with iPhones, the choice is merely personal preference.

[–] ulu_mulu@lemmy.world 1 points 1 year ago

Happy to hear companies are finally getting it.

[–] Hector_McG@programming.dev 1 points 1 year ago* (last edited 1 year ago)

I have just done the same.

Although Google are now promising 5 years of support for Pixel phones, Pixel phones are not a core business for Google, and as they have shown many times, Google will end projects at the drop of a hat with no regard for their customers.

There are secondary Android companies like Samsung that promise long term security updates, but are always behind the publishing curve compared to Google. This means that malicious actors have the opportunity to study Google’s published updates to reverse engineer cracks that they then exploit.

The current Android security update model is inherently insecure due to this issue. Until manufacturers are forced to update in a timely manner ( by which I mean simultaneously with Google) I won’t buy another Android phone.

[–] joelthelion@lemmy.world 1 points 1 year ago

This is why we need law to mandate security updates for 5+ years.

[–] programmer_belch@lemmy.dbzer0.com 0 points 1 year ago (3 children)

If you are using an android phone, you can change the ROM to one that still gets updates, it's like changing the os in a computer. The process will delete all of the user data inside the phone but you've got nothing to lose if it doesn't get any security updates.

I recommend lineageOS to anyone wanting to go down this route because of its compatibility with every phone, old or new.

[–] Latecoere@lemmy.dbzer0.com 1 points 1 year ago

Lineage isn't compatible with every phone. My shitty realme has no images there. It always depends on if there's someone willing to actually make images for specific phones.

Lesson here is to never buy a realme.

[–] dzervas@lemmy.world 0 points 1 year ago (1 children)

that “security update” quickly gets irrelevant as the exploits for lineage (or any non-standard rom) sells for pennies compared to a stock exploit. also no one’s paying security researchers to assess lineage - also it would be completely impossible with the amount of updates and devices they release

remember that (unfortunately) security is all about money

[–] 001100010010@lemmy.dbzer0.com -1 points 1 year ago (1 children)

But more people using stock roms could potentially mean any exploit is more easily found compared to custom roms. Not saying that's the case, but it's a factor to consider.

[–] dzervas@lemmy.world 1 points 1 year ago

as more people use a software it’s not easier to find exploits but much more profitable - and you see that propagate, as in:

  • More people start to use a software
  • Inevitably it gets hacked - by a kid most probably
  • The company starts panicking due to bad press
  • They start fixing the security bugs
  • (some years pass)
  • Now its quite difficult to find exploit as many security bugs have been fixed
  • Exploit prices skyrocket since it would affect many users and it’s difficult to develop
  • Bug bounty skyrockets since the exploits are so pricey

Now the last 2 steps tend to cycle since the security of the product fluctuates

Now the above have nothing to do with “residual” products - such as custom roms. And actually, you have so many deeply specialized people around the main product that finding a bug and developing an exploit on the residual is just a matter of “who the fuck cares”.

So you’re basing your security of your phone on “care”, also known as security through obscurity (some times at least).

Another example of “who cares” security is libreoffice. When I started as a security engineer the veteran (and boss) referred to it as training material to find security bugs. I found some, but who cares? Ain’t nobody gonna pay for them as “nobody” uses the software (keep in mind that we’re referring to millions of daily users rather than thousands per month)

Sorry for sheet! ❤️ Be safe and use a password manager

[–] ILikeMultis@lemmy.ml 0 points 1 year ago (1 children)

How difficult is it to change ROM?

[–] 001100010010@lemmy.dbzer0.com 0 points 1 year ago* (last edited 1 year ago) (1 children)

It depends. For Graphene OS, there is a web installer that the people who have used it said it was the easiest custom rom they've installed. Unfortunately, it only supports for Google Pixels.

For other custom roms... maybe not as easy...

Graphene OS Web Install: https://grapheneos.org/install/web

[–] Nezuh@lemmy.world 0 points 1 year ago

I hope I dont jinx myself with this but I dont think security updates at the OS level are that important nowadays.