can you disable the motion permission in the OS settings?
Under AOSP and most customs OSes, no. It's not a standard, exposed permission. GrapheneOS does have a toggle for it, though, and I've found most apps don't need sensors.
Sensors permission toggle: disallow access to all other sensors not covered by existing Android permissions (Camera, Microphone, Body Sensors, Activity Recognition) including an accelerometer, gyroscope, compass, barometer, thermometer and any other sensors present on a given device.
Option to enable automatically rebooting the device when no profile has been unlocked for the configured time period to put the device fully at rest again, which is enabled by default at 18 hours. This can be configured at Settings > Security > Auto reboot.
But it's a security measure to get it to BFU, where data is at rest and secure, in case your phone is out of your possession for an extended period of time (someone steals it, police take it, etc) so it becomes harder to exploit. I've set mine to 12. Some do 4 or even less. Feel free to turn it off.
GrapheneOS didn't choose Pixels. They chose a set of requirements for current/future devices, which are standards met or exceeded by current Pixel devices. You want GrapheneOS on other phones? Those other phones have to meet the requirements. None currently do.
If that were true, threat modeling wouldn't exist.
I feel like we're talking about different things. I'm talking about static concepts, if X is more secure than Y, not individual setups where something is tweaked. Threat modeling is tailoring the security to your needs. It doesn't bend security of a static object or make the application of something less than what it is. It requires one's actions to do that by not utilizing it.
Take bullet proof glass, for example. Bullet proof glass is more secure than regular glass. Now, do you need (does your threat model require) bullet proof glass? No? Ok, that doesn't mean bullet proof is now less secure than regular glass, it's just unneeded.
Depends on the particulars, and on the needs of the individual.
That's not really how things like security works. It's either more secure or it's not. The security of a thing does not depend on needs. Now, does the application of it or does someone need it to be more secure? That's where risk acceptance and the needs of the individual come into play.
I'm not going around presuming to tell other people what's better for them, as one or two others in this thread are doing.
Same. I'm not saying "stop doing this." I'm just trying to educate people and make sure they're not operating with a misunderstanding. Needs of the individual and all that. I think some people just go crazy for something that's not big tech, and then quit looking at the particulars.
uses something called tellynet (aka telnet but I was playing dumb)
I wonder if he got the joke, or was a scriptkiddie who just relies on existing tools without understanding them, and thought you meant television or similar.
If I had to complain I wish they had used easy access bottom panel ports so you don't have unscrew all 12 screws to access things like RAM and m2 slots.
How often are you switching those out where you want quick access?
Some orgs are requiring Teams access to be from their network (so certain IPs...you need to VPN in), and then they also limit network/VPN access to their devices. So you'd need a company provided phone or laptop, and not everyone warrants one.
Under AOSP and most customs OSes, no. It's not a standard, exposed permission. GrapheneOS does have a toggle for it, though, and I've found most apps don't need sensors.
https://grapheneos.org/features#sensors-permission-toggle