I am still using my Pixel 3 (now without upgrades) without major issues. So, happy to see the new phones have longer promised update cycles. Hopefully Google doesn't clawback this promise in the future.
I've owned a few Pixels over the years, but after my Pixel 3 bricked itself (and my kid's did the same a few months later), Google did zilch to remedy it, and I have stuck with Samsung Galaxy phones since
Same here (well, a 3a)! This phone does everything I need, and then some. Granted, I'm relatively light user who mainly uses the browser, a chat app, and not much else aside from snapping a pic here or there.
I'm honestly confused about the lack of updates (I really only care about security updates). I run Xubuntu on a 13 year old computer, and I get updates. Is this just a cash grab from Google, or is there more to it?
Until recently, Qualcomm provided BSPs (binary support packages) including the kernel for Google phones. For whatever reason -- possibly that their one and only corporate purpose is to sell as many chips as possible -- Qualcomm only briefly updated their packages for chips they no longer sold.
Google updates as much of the Android ecosystem as it can. First-party Play Store apps, system webview... if you look at the normally hidden system apps on your phone you'll see that the Android team has "unbundled" many parts of the formerly monolithic system to allow updates to as much of it as possible even if the kernel is marooned at an older version.
Unfortunately, some bugs are in the kernel or drivers, so there's nothing any Android OEM (including Google) can do if their chipset vendor won't do the (admittedly non-revenue-generating) engineering to update that firmware. And eventually the system itself requires newer kernel features, so there's a limit to how far back Google or other OEMs can reasonably backport a newer version of Android.
This is part of why Google's recent phones are based on Google-designed, non-Qualcomm chipsets. It was a truly Herculean effort to scrub the Pixel line of Qualcomm, and especially of Qualcomm's incentives to abandon still-good phone hardware in order to sell more chipsets.
Your PC's OS distribution is nearly totally open-source, and the economic incentives for the Linux ecosystem are completely different from Qualcomm's. That contributes to any given general-purpose computer's longevity if it runs Linux.
Yeah I use this for very limited functionality like maps, whatsapp, uber eats. I am also mostly interacting with Google playstore for apps/apks etc. This does still leave the phone open for any day0s etc. but we will cross the bridge when we get there. I am not important enough for anyone to target me specifically and I also keep a low profile.
I was thinking about upgrading this year but I am now thinking of waiting another year since there are no immediate problems.
Which applications you use is almost irrelevant -- over the past several years, there has been a steady stream of "zero-click" exploits that allow an attacker to compromise phone with no user interaction. The remote code execution vulnerabilities discovered last year and this year in the modems used in Samsung devices require nothing more than knowing the victim's phone number.[1] And you don't need to be particularly important to be caught in a wide net, cast by criminals looking to build up a bot-net or harvest data from as many devices as possible.
All of this makes me think I should just switch to a flip phone. It's exhausting having to constantly drop hundreds of dollars every 3 years just to stay safe.
I have a Pixel 5 that does everything I want. Google will stop supporting it within the next year. It doesn't make sense to me that this device already needs to be recycled. Yes, I know about custom ROMs, but even those end support for perfectly OK phones (GrapheneOS for example no longer supports Pixel 3a).
I completely agree. My phone lost official LineageOS support last year but it still works fine and I cannot justify throwing it away to replace with a new expensive device full of features I don't give a damn about.
Probably I'm just stupid but I'm going to keep using it until it breaks.
My understanding might be limited but I don't see this being a big enough risk to warrant spending couple hundred dollars every few years for a new phone when the old one still works.
> My understanding might be limited but I don't see this being a big enough risk to warrant spending couple hundred dollars every few years for a new phone when the old one still works.
There are enough zero-day RCE exploits on both Android and iOS devices at this point that, if you're running phones that are that far out of date from security updates, you should basically just assume your device is fully compromised.
As stated above, many of the RCE exploits don't even involve any user interaction, so it's not like you can argue "well, I don't visit sketchy websites so I'm fine".
So basically, stop using smartphones, because it's fucking ridiculous to drop hundreds of dollars every 4 years on a device that is virtually the same thing as your old one. This is a huge joke, and Google and Apple need to do better or stop milking us. I was safer using a Nokia 3310 in 2007.
Could you link one at-the-time zero-day RCE that is really without user interaction and will hit any user with an old phone regardless of the user applications (like the browser) used?
For a Pixel 6a, Pixel 7, or Pixel 7 Pro purchase they will give a $30 trade-in credit for the same Pixel 3 (64GB) phone.