pranqster

Yeah, updating every 3 years is not something that everyone can afford. Newer Pixels are up to 5 years of security updates, though. Hopefully they can keep pushing this limit.

Yeah, I totally hear that as well.

The reason that Graphene doesn’t do this is because the device is no longer receiving upstream security patches for firmware, bootloader, etc. If all you care about is privacy and simply having a deGoogled device, then by all means. But, security-wise, you are potentially running a vulnerable device. ROMs like Lineage and Calyx continue to roll the security patch counter, but aren’t actually able to apply patches to those components. Security-wise, microG is also not an implementation I would recommend. Thus, Graphene is probably the only one I would recommend.

Brave uses Chromium code, but it is not a Google product. And I believe you are conflating security and privacy. The Chromium codebase is in fact more secure than Firefox in many areas. There is only so much hardening you can do security-wise before you are limited by its codebase. From a privacy perspective, though, you can definitely make the argument against Google. Brave, however, removes/replaces most of the Google stuff.