I’m gonna sound like a shill, but your claim that “Calyx will literally save lives from ICE” is crazy.
After abandoning their users by pausing all updates, and given that a third of their supported devices are Google Pixels, any one with a Google Pixel is significantly better off on GrapheneOS.
ICE has shown their hand in what they’re willing to waste tax payer money on, so one must assume they have access to Graykey / Cellebrite, and Calyx does very little to prevent physical attacks. Even on the digital side, Calyx does nothing to increase app security and the device sandbox, and given ICE’s partnership with Paragon Solutions, it’s only a matter of time before malware comes into play.
Calyx is better than base AOSP (barely imo), but if you have a Pixel, there is a much better option that might actually save your life if it came to it.
In the event they abandon again, they’re leaving even more users vulnerable. The only thing CalyxOS has over AOSP is the removal of the Google Play Store… in exchange for microG, which runs with elevated permissions as well. Ignoring that, as I said in my comment above the one you’re replying to, a third of the supported devices are GrapheneOS compatible. The other two thirds are covered by LineageOS, which imo is just as secure as CalyxOS (probably even more secure than Calyx given they abandoned their community for about 10 months).
They just chuckle to themselves and think: “These idiots have forgotten about things like SS7 and mobile networks in general… or triangulation… and that methods like UXDT still exist.” The safe way to handle any Android device is to assume it’s compromised from the start and not trust it at all—everything else is just a smokescreen.
Why do you think cryptophones are being taken off the market, but pure software solutions are still allowed…
What about the hardware… undocumented instruction sets, etc., etc.
You can’t trust either the software or the hardware…
Oh yeah, the devs say everything’s fine… but users completely forget about possibilities like NDAs…
Calyx will literally save lives from ICE. Keep your phone private from Trump 2.0.
I’m gonna sound like a shill, but your claim that “Calyx will literally save lives from ICE” is crazy.
After abandoning their users by pausing all updates, and given that a third of their supported devices are Google Pixels, any one with a Google Pixel is significantly better off on GrapheneOS.
ICE has shown their hand in what they’re willing to waste tax payer money on, so one must assume they have access to Graykey / Cellebrite, and Calyx does very little to prevent physical attacks. Even on the digital side, Calyx does nothing to increase app security and the device sandbox, and given ICE’s partnership with Paragon Solutions, it’s only a matter of time before malware comes into play.
Calyx is better than base AOSP (barely imo), but if you have a Pixel, there is a much better option that might actually save your life if it came to it.
https://arstechnica.com/gadgets/2025/10/leaker-reveals-which-pixels-are-vulnerable-to-cellebrite-phone-hacking/
Literally proven that GrapheneOS is the best at preventing Cellebrite from accessing phones.
Not everyone is in a position to run Graphene.
Not everyone interacting with ICE (or other authoritarian government functionaries) has the same threat model.
CalyxOS coming back is an unmitigated Good Thing.
In the event they abandon again, they’re leaving even more users vulnerable. The only thing CalyxOS has over AOSP is the removal of the Google Play Store… in exchange for microG, which runs with elevated permissions as well. Ignoring that, as I said in my comment above the one you’re replying to, a third of the supported devices are GrapheneOS compatible. The other two thirds are covered by LineageOS, which imo is just as secure as CalyxOS (probably even more secure than Calyx given they abandoned their community for about 10 months).
They just chuckle to themselves and think: “These idiots have forgotten about things like SS7 and mobile networks in general… or triangulation… and that methods like UXDT still exist.” The safe way to handle any Android device is to assume it’s compromised from the start and not trust it at all—everything else is just a smokescreen. Why do you think cryptophones are being taken off the market, but pure software solutions are still allowed… What about the hardware… undocumented instruction sets, etc., etc. You can’t trust either the software or the hardware… Oh yeah, the devs say everything’s fine… but users completely forget about possibilities like NDAs…