Linux News

NitroPhone – Google Pixel 4a meets GrapheneOS

Share on Facebook Share on Twitter Pinterest LinkedIn Tumblr

The Nitrokey company from near Berlin has greatly expanded its field of activity in recent years. The eponymous Nitrokeys were followed by NitroPad X230 and NitroPad T430 , NitroPC , the NetBox and the NitroShred service. As of today, the company is expanding its portfolio to include the NitroPhone .

According to the product description, the NitroPhone combines security, privacy and ease of use with modern hardware. The components for this are Google’s Pixel 4a smartphone and the hardened mobile operating system GrapheneOS , which is based on the Android Open Source Project (AOSP).

Google phone googled

GrapheneOS, which is recommended by Edward Snowden among others, is characterized, among other things, by a hardened kernel, toolchain and runtime environment and a strongly secured app sandbox, as well as the fact that Google services are not implemented in the operating system by third-party providers such as microG but are simply not available by default.

Verified boat

The Google Pixel 4a is also protected from advanced physical attacks by the Titan M security chip . Strong encryption and a verified boot process ensure that the operating system is unchanged. In addition, the NitroPhone offers protection against “over-the-air” exploits by isolating the baseband radio processor using IOMMU and offering an optional LTE-only mode in order to reduce the attack surface of mobile radio. In addition, as Snowden recommends, all microphones can be removed and a headset plugged in for voice communication.

Locked up Google services

If necessary, the original Google services can be installed in a sandbox without special privileges . However, there is a note on this that development is not yet complete here and some applications may not yet work. To prevent tracking, apps cannot access the device’s IMEI and serial numbers, SIM card serial numbers, participant ID, MAC address, etc. the Mac address is also randomized for each connection. The entire device is encrypted end-to-end, enabling automatic backups to a USB drive or to any cloud storage device such as Nextcloud.

Mobile Linux: Sxmo 1.5.0 improves networking

The source code is freely accessible, with the auditor app preinstalled on GrapheneOS , a hardware-based check of the authenticity and integrity of the telephone software can be carried out using a second device with the auditor app installed.

The hardware includes:

  • Google Pixel 4a, black, 128 GB storage
  • Working memory (RAM): 6 GB
  • 5.81 ″ (147.6 mm), 1080 x 2340 pixels, front camera
  • Rear camera: dual pixel technology with 12.2 MP
  • CPU: Qualcomm Snapdragon 730G, Octa-core
  • Titan M security chip
  • Connections: USB-C, 3.5 mm audio jack
  • WLAN 802.11 a / b / g / n / ac, Bluetooth, NFC
  • Fingerprint sensor
  • Dimensions: 144 x 69.4 x 8.2 mm
  • Weight: 143 g

The decision in favor of a GooglePhone, which ironically does not come with Google services, was made for several reasons. The already mentioned Titan M chip enables a verifiable boot process. In addition, security updates are distributed quickly. The decision for GrapheneOS was made, among other things, because Linux for smartphones is not yet mature enough for daily use. The NitroPhone can be ordered in the Nitrokey shop for 630 euros.


  1. Pingback: Links 2/9/2021: Genode 21.08 and FSF Hiring | Techrights

  2. Pingback: Mozilla VPN Client Audit Results Published -

Write A Comment