[josebama]

Using old devices that no longer receive security updates, like the Galaxy S9+ you mentioned, is unsecure. It makes sense that GrapheneOS, a security-oriented OS, only recommends devices that are still getting security updates both for the OS itself but also for hardware firmware, which only the manufacturer of the hardware can provide.

There are old versions of GrapheneOS for older devices, and some devices are still in extended support, like the Pixel 4a (although not for long I expect). So if you are OK with the compromised Galaxy S9+, you could also be OK with the compromised Pixel 3a, which received the June 2022 security patch in GrapheneOS[1], while the S9+ received the March 2022 security patch[2]

[1]: https://grapheneos.org/releases#2022081800 [2]: https://doc.samsungmobile.com/sm-g965f/dbt/doc.html

[realusername]

I think it would be nice for GrapheneOS to have two sorts of distributions, the normal one and another one which could be called "lite" or "legacy" and could support an extended range of devices even if the hardware guarantees aren't as good.

There's tons of value on the software side on GrapheneOS and those legacy devices could benefit from it.

[jwells89]

Even if older devices are less secure, it’s a shame that GrapheneOS doesn’t support them. I have a Pixel 3XL that runs great with the latest Android, but to run latest I’ve had to opt for Pixel Experience since most other Android distros leave the 3XL with only old versions.

[prmoustache]

Well, if you want to be whatanalboutist about security, GrapheneOS running pixels aren't either because the Graphene project do not write, audit and provide the firmwares either.