@GrapheneOS >Decent phones have far better security than laptop/desktop class hardware
No they do not. Demon rectangles are specifically designed to be spying devices and be vulnerable to outside hijacking and are designed to always spy.

Has GrapheneOS managed to find and fix any of the modem backdoors built into any of the supported devices?

There is ALWAYS a modem backdoor, as that is what demon rectangles are for.

Replicant devices have modem's without DMA, attached over USB, which has allowed fixing the modem SoC backdoor; https://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor

>which is also closed source hardware and firmware
On my GNUbooted computers, I run 100% free software.

All hardware is always 100% proprietary.

The question is if the hardware contains malicious circuits and if those circuits can be bypassed or made ineffective.

>Providing good security depends on hardware-based security features so those aren't separate things.
If all you run is free software that serves you, you do not need virtual machines - as the software serves you.

If you concern is that software getting exploited externally - maybe SELinux would be a good idea - as that tends to scream as soon as an attack is attempted (and on a real computer you can actually see the dmesg log and actually do something about it, as you have a proper screen and a proper keyboard and you can physically yank out the UTP cable).

>Pinephones have a huge amount of proprietary firmware running on the hardware.
Yes, you can run proprietary software on microprocessors - news at 11.

>They have proprietary firmware for Wi-Fi, Bluetooth
Yes, I pointed out that there's proprietary software for the Wi-Fi+Bluetooth card that is garbage and you're best of disabling with the hardware switch (which you actually can reliably disable).

Maybe that card would be useful with free peripheral software.

>cellular
Yes, all celluar modem's either contain a malicious circuit (some GSM ones and ealier), or malicious software - the modem used in the pinephone is no different - it just does not have DMA to the SoC.

There is free software available for the modem userspace as it seems the modem software isn't digitally handcuffed, which means it should be possible to write free software for the modem that isn't malware and you'll be good provided there isn't malicious circuits (but that doesn't solve the problem of location spying via the mobile network).

You can actually disable the modem via a hardware switch, unlike on modern demon rectangles when the modem never switches off (as far as I can tell, iphones actually reserve the bottom 10% of the battery or so when the device hits "0%" battery, so apple can keep spying on the location and listening no matter what).

>the SSD, the main SSD
Wrong - there is no SSD.

The A64 supports raw eMMC; https://files.pine64.org/doc/datasheet/pine64/A64_Datasheet_V1.1.pdf and it looks like there's a free driver in Linux for it, thus I don't see why they would add a eMCC controller; https://wiki.pine64.org/wiki/PinePhone_component_list#P.7_NAND/eMMC

Yes, microsd cards run proprietary software, but there is no reason why they can't run free software. Usual SDIO and bit-banging SPI doesn't have DMA either.


There is also a power management chip that could run software; https://wiki.pine64.org/wiki/PinePhone_component_list#P.6_POWER which should be free.

Other than that, it doesn't seem there's any other software and it seems possible to replace the propriety software in the device - but good luck doing that with google's device.

The pinephone's hardware seem to be a hell of a lot better documented than google's devices huh?