this post was submitted on 18 Feb 2024
237 points (87.4% liked)
Technology
59174 readers
2161 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
If the device no longer supports updates, is it safe to still run Lineage on it?
Correct, lineage is actually a great way to extend the life of a device safely
It is safer than not updating at all. Unsupported devices have a lot of exploits and vulnerabilities.
Does that also go for devices that don’t receive Lineage updates anymore?
I mean, you might cover some vulnerabilities that were discovered after the manufacturer stopped updating your device, which is nice. But only time will tell what new vulnerabilies will be uncovered next; but be sure, they will.
Only a frequently updated device will have constant state-of-the-art vulnerability protection. That is, until the maintaner (someone with the know-how to make stable lineage-os builds and mess with the device's vendor tree doing all this work for free) decides to stop updating that device. Which sounds bad but that doesn't stop another maintainer from rising up to the task eventually.
Anyhow, with lineage and, generally, any custom OS aimed at phones that can't relock their bootloader safely you'll always lose device integrity (can be circumvented with things like magisk) and very likely IMS features (VoLTE and the like).
Another thing to consider is if your device ends up in the hands of a malicious party. If its bootloader is unlocked, you can be sure they'll have easy access to any personal data inside it.
If you wanna be safe for a looong time I'd consider a pixel phone from this list and flashing grapheneos and then relocking the bootloader.
In any case, good luck and all the best to you! :)
Sidenote: if you are on a Linux system and do intend to flash a custom recovery (necessary step before flashing a custom OS) on a samsung phone, take a look at the Heimdall tool. It's an open source alternative to Odin that runs natively on Linux.
Any source for unlocked bootloader meaning your data is just there for the taking? Afaik it's still encrypted and someone would have to pull off an evil maid style attack to get your password/PIN if they wanted to decrypt it. Which certainly is easier/possible with an unlocked bootloader but that's nowhere near "someone steals your device and bippity boppity boop they got ur data"
Yeah, if you use a relatively new device. Or you make sure your device is encrypted.
Big chunk of old android phones (pre 2016) came unencrypted by default. They could be encrypted if the user wished/knew how.
I remember having a motorola (moto g4 I think) that after flashing twrp it didn't ever asked for my pin. It was officially supported by LineageOS for a long time too. Still, damn fine phone lol
"Relatively new" is 8 years ago to you? If you have to make sure your phone is encrypted then it's either currently running or shipped with android 5.1.1 or lower (per your link) so yeah I don't think this is a real concern and I do not understand why people (apparently knowingly in your case) spread misinformation about BL unlocking.
Okay wutelgi, have a good day