j4k3 , 10 months ago

I don’t think anyone can really say, but I’m not an expert on security.

My biggest skepticism is that all phones have untrusted proprietary hardware. Apple does its own thing and usually seems to develop stuff like a full stack. However, I don’t think there has ever been a documented cellular modem. I don’t trust anything on a PC unless it is running libre boot. Like even UEFI has network access. You likely also have an entire Intel ME operating system or the AMD equivalent running with lower level permissions than root at all times. Maybe if you have an extensive SELinux ruleset you could mitigate any potential.

If your software is signed or has a hash key available, you can use that to verify file status.

I haven’t had any issues with AOSP and GrapheneOS, but I go as far as installing a fresh OS on an old laptop, setup a custom network, all just to install chrome and do the easy automated ROM swap to run GrapheneOS. Then I format the drive. It is the only way I care to run regular chrome or connect Google tainted hardware.