Yet another excuse to keep checking our phones.
It would be great if it wasn’t just in Play Services but in base Android so that every de-Googled system had it too. Still a good change.
These changes are a good thing.
Requiring a pin means no one can use your fingerprint or your face to unlock your device.
An NSA agent recommended restarting your phone every week. This can potentially clear out malware that doesn’t have permissions to start after a reboot.
It’s more than that. After restart your phone goes into a more-secure Before First Unlock (BFU) state so it’s much harder to penetrate.
Apple started doing this a few months ago and I guess Google is just catching up.
Thank you for the info.
I read up more on BFU and I didn’t realize that encryption was a requirement for Android 10 and higher.
Very interesting.
What I read: Dakota State University DigForCE Lab: BFU and AFU Lock States
Yeah I learned about it from reading up on the Israeli hacking software called Pegasus. There were several devices that they could hack in AFU state but not in BFU state.
Copying GrapheneOS security policy. It’s a good move.
Copying Apple’s security policy, perhaps?
GrapheneOS security policy > Apple security policy
This was a grapheneos feature before it was an iOS one.
Yet another excuse to keep checking our phones.
What? You think Google cares to wait 3 days to make you check your phone? No if that was their objective you’d be checking earlier.
The point here is to keep encryption keys out of memory on a device you haven’t used so that someone with physical access to your phone can’t pull the keys.
Should have made it customizable rather than hard-coded 3 days.
I wonder if there’s a technical argument to not doing this – it’s harder for attacks to potentially change the setting if it isn’t a setting.
Fuck Android.
I hope a consistent, user-friendly alternative that works on all Android phones arrives soon. I’ve tried so many with an old phone and they’re always a pain to install and then don’t work quite right. I also don’t want to spend $500USD for a phone designed specifically to sidestep Android.
It would help if Android/Google didn’t consistently try to block every single thing that would allow you to get rid of Android, but they’re never going to allow that.
I hope that something user-friendly and consistent arrives soon. I will ditch Android in a second when that happens.
While I agree with most of the things you said, automatic reboots is a good security feature. And it isn’t android that’s the problem. It’s Google Play Services.
Uh apple is already implementing this too.
It’s been in Apple devices since iOS 18 and it’s a good thing Android is adding it.
It would help if Android/Google didn’t consistently try to block every single thing that would allow you to get rid of Android
If you’re referring to bootloader unlock, that’s not really anything to do with Android, that’s to do with carriers and manufacturers. The first-party devices don’t have that.
I don’t think that Pixels (made by Google) are designed to sidestep Android ;). Unfortunately, what you’re asking can’t really be done because of the vast hardware incompatibilities between brands of Android phones and between generations of them.
The best privacy option ironically seems to be GrapheneOS, which runs on Pixels, as alluded to above. You can get older Pixels pretty cheap. They aren’t my favorite phones but I sometimes consider doing that.
