No, it's not "long supported" phone fallacy.
Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use.
Meanwhile, really well locked OS, hardened so well some of the improvements were later picked up upstream (both by Google and Apple), running _the_ latest AOSP version and releasing new security updates within hours is not considered safe and secure, despite assuring full chain of trust (including locked bootloader, verified boot, etc).
This is what Play Integrity does.
Of course Android supports better scheme, hardware attestation, but od course Google enforces their iron grip on the ecosystem, and instead uses the outdated, flaved system that certifies only the devices with preinstalled Google services running in the privileged mode. Snooping on everything you do and have.
Thats the reason.
When companies like Google talk about a device being "secure", they don't mean secure from malicious third parties, they mean secure from the user. The device is considered "secure" if the user cannot do anything with it that Google does not approve of.
That's it. It is a device secure for Google to:
* Enforce Hardware-DRM * Enforce PlayServices * Enforce apps which don't circumvent their business model e.g. YouTube-Downloaders ("Watch my ad again...") * Payment fees from PlayStore
Taking a look at the dangerous crap in the official Play Store confirms that. It is full of awful and dangerous apps. It was never about the security of the user.
This is my exact feeling. Louis Rossman talks so much about this (YouTube). I think the only secure device now is a dumb phone.
I am really learing to live life without the internet anymore. Between the lock in, the privacy risks, and just the hassle, it is easier to act like I am living back in the 1990's and just get used to the "inconvenience" of life without a smartphone. I can leave my smartphone in a faraday bag and just pull it out when I need it, or just wait to be in wifi. (I am homeless living in a minivan so this makes it much harder for me.)
I just do not know how much this will effect GrapheneOS or I would get a Pixel 9a. It seems like it will not, at least for the older phones.
At least we still have linux (for now).
But more and more computer technology is looking like a trap.
If anyone has any recommendations for a dumb phone that will work with AT&T please let me know.
It's been a minute but Nokia was selling dumb phones. I would also just check what at&t sells for very cheap prepaid phones in a physical store - they could tell you what kinda hardware still works?
Thanks, Ill check these options out!
Look at Sony phones and Sailfish OS
The irony is those are the same words Android users say about Apple & iOS.
> Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use.
Funnily enough that's actually a good thing in a twisted way. Long term, it will either force manufacturers to become much better with their update support, because apps will refuse to work on non-patched devices... or they won't and we'll all have one of those devices at home rooted through a long known CVE as a proxy for device attestation.