On buying a new phone

NOTE: this post was written at 5AM, reader discretion is advised.

If you’re watching me on social media (Mastodon, not anything else), you may have noticed I’m looking to replace my phone with something newer. I’d like to get to it before the end of the year, so I’ll be saving up for something nice.

My main concerns:

1) Security: I want my phone to be reinstallable, I want updates for at least a few years, after which I’ll reinstall some postmarket OS and carry on, or resell it/use it as a spare
2) Longer battery life: my N5X has a 2700mAh battery and that doesn’t seem to cut it
3) Newest OS: Official support
4) Possibility to delete Gapps if I choose to\

Long story short, iPhones are off the table. Sure, they will get updates and they seem to be fairly buttoned up, but still, planned obsolescence. This left Android on the table. Most phones don’t want you to reinstall the OS, and those that do come at a hefty premium. First shot: Want your phone to last more than 3 years? Pay extra.

Secondly, we have to think about the security features, which brings us to the biggest gripe I have with today’s phones on the market. If you want security features like, say, hardware-supported integrity checks, verified boot or the option to actually do what you want with your hardware, you need to go with a flagship model. Another tax you pay.

Security rant part

Why is it so? Is it that difficult to implement an integrity check into Android? I don’t see the reason why. For example, the Auditor app (attestation.app) uses a keystore to verify the system’s integrity. Android 7 onwards supports Keymaster 2 to verify versions (I know, because my phone always screams at me for having wrong fingerprints between the original version and the numerous updates LineageOS pushed). Any device can verify your boot, but only certain devices are supported to actually be verified.

In the future, these features might evolve, sure, we may give more thought to what our devices can do for our security, but until we do, what can my phone give me in terms of security? Is it any useful to have a phone? Undoubtedly, it may be the single greatest invention of our lives. However, is it good that it’s always there?

During my “holy shit everyone’s after me” phase, I didn’t even talk around my phone. I was painfully aware of where it is at all times (it’s sitting right next to my laptop now, so I know where it is, but I’m still quiet and I’m not sure I can trust it). You may think I’m insane. Yes, to an extent, I was losing my mind. Is it that crazy, however, based on all we have seen happen in the last few years? Based on what the intelligence agencies have been up to, I doubt it’s unreasonable to be wary of my little black servant, for his true allegiance is hidden to me.

Picking a phone

With all this knowledge, let us turn our attention to what phone I had and what phone I’m looking to get in the future.

Right now, I have a Nexus 5X. As I said, the battery power is less than adequate, but until a few months ago, I had lovely support for the CopperheadOS software (now GrapheneOS). This support ended, however, so I decided to install LineageOS. After tweaking all the bullshit features to eat as little energy as possible, using ForceDoze and all that good stuff, I still only get like 5 hours of screen-on time. That is less than I would have bargained for, considering it’s a flagship product, by Google, no less.

Well, I want my new phone to be newer than this one (2 years from launch day when I got it), so support was pretty slim even on Day 1.

Price? Given what I’ve said about the feature-tax, I know this won’t be cheap. The Nexus was like 400$ when I got it, so I’m expecting to pay double that. 900$, perhaps.

Features? Given that I want to reinstall my OS at some point in the future (near or far), I’m looking at a device with an unlocked bootloader. I can’t stress this enough: I need a company that lets you reinstall the OS. This means official company stance of “Do whatever you want, we don’t care”. Huawei or Xiaomi recently pulled out of letting the users reinstall their systems, not even letting new buyers unlock the bootloader when they buy the device used.

This left me with a couple of options: Google Pixels (shit battery life, but good feature-set) OR OnePlus.

If you’ve never heard of OnePlus, they’re a Chinese company that does all that I have mentioned. They unlock bootloaders from the get go, their phones get insane updates. Get this: Google didn’t update Nexus 5X to Pie, neither did it update the 6P. Android 3T still gets regular updates. The Nexus 6P came out in September 2015. The 3T came out 14 months later. But we’re talking about Google here, they made the phone. Shouldn’t they be the ones who get the most support?

So, the OnePlus it is. Now for the decision. I would like to extend my investment to serve as long as possible. This means the newer, the better. The newest phones out now are the OP7 and OP7Pro. At first, I was decided for the regular OP7, because why the fuck would I need to buy a Pro version that offers the same features, right?

Well, it’s for the sake of security, which brings me back to my original point. The OnePlus 7 is fine. 3700mAh, looks nice, unintrusive, good fingerprint scanner system, but here is the difference: The integrity check is only supported by the Pro version. Why? Fucked if I know.

Also, since my insane period, I developed a fear of camera lenses. I just can’t relax, my brain constantly calculates viewing angles and tells me “You’re in sight, smile, motherfucker!” This drives me up the wall. There are selfie cameras everywhere nowadays. I can’t find a phone without one. But fear not! Oneplus seems to have gotten the hint and while the regular version is notched, the Pro version has a sliding selfie camera that only slides out when you’re using it and is hidden inside the phone at all other times! This is optimal for me, as I won’t have to look at my phone and think “Who is on the other side?”

In all, I’ll gladly pay extra for these features, but there are two moves I could go with: Either I buy the phone in hopes that the company will understand these features are wanted, or I don’t buy the phone in hopes that they understand this pricetag is too much.

A simple choice: I’ll buy it and let the companies know that these are the features I want.

Conclusion

I highly doubt any of you will find this interesting enough to read all the way through, but the security rant may contain something to take away. I would say “my mom thinks it’s cool”, but she doesn’t speak English, so there’s that. Enjoy.

-m