> we are unfortunately not able to guarantee bootloader unlocking, as it is not feasible for us to search through thousands of devices in order to find one that is
Ohhhh, is that how it works? Maybe I should try that next time. Instead of selling broken hardware as "NOT TESTED, AS IS, PARTS MACHINE" I should sell them as "100% working!" and when someone asks, I'll tell them "sorry, it's not feasible to search through all devices and find the working ones"
If it's not a carrier locked device, what would be the reason for it not to be OEM unlockable once connected to the Internet? This is not about the device being logged into an existing user account, that would trigger FRP which is something different.
I wonder if the person you talked to actually knew what they were talking about. Swappa explains what an unlocked device means in their FAQ and a bootloader is not mentioned.
Swappa became a no-go for me when they started making exceptions to their rules for commercial sellers, justifying it by saying they were inherently more reliable. For example, using stock photos for multiple devices instead of the device you actually receive. All of three of these phones, based on the seller names, were those reliable sellers.
I've used eBay to buy several used Pixels for GrapheneOS, without problem.
The easy way is to search for ones for which the seller explicitly says "OEM" or "bootloader" unlockable/unlocked (or seller says it already has "grapheneos", "graphene", "calyxos", etc., installed).
For awhile, I came up with some tricks to try to get a better price by identifying ones that were bought directly from Google (rather than through a carrier, which are who has been disabling bootloader unlocking thus far), but decided it wasn't worth the effort.
Of course, you can also just buy a new one from Google.
Swappa is great for sellers and bad for buyers. They use a Paypal marketplace product and have no actual authority in a transaction, they just match buyers and sellers. If the phone is not as described, you'll have to pay return shipping yourself.
Bummer of an experience. About a month ago I bought an unlocked 8a from a seller on Swappa and had no issue getting GrapheneOS (which works well!) on it.
Well never needed an unlocked bootloader specifically, but have found Swappa to be solid place to buy used gear more generally - purchased 4 used iPhones and 1 Macbook Air so far.
I've gotten used pixels off of ebay more than once and never had a problem. I feel like if it was that simple swappa.com wouldn't exist though. Maybe I've been lucky?
Same here, I bought my current smartphone, a Pixel 6, two or three years ago for 200 dollars on eBay, and it arrived in pristine condition. Super small bump on one of the frame edges, not a single scratch on the display though now there are many, of course, I'm not that careful and the phone is cheap enough not to be too upset.
I generally trust private sellers a lot more than professional ones, if you vet them well enough (check their page, check their reviews, check their other listings), the chance that you'll get a good deal on a device in the condition described. The incentive to gain a profit is a whole lot lower, a commercial seller has to make sure they're the winner in some way during a transaction, they have bills, staff and assets. A private person is often happy to just get rid of the phone, as it would usually rot in the old phone drawer, until it eventually ends up in an e-waste bin a decade later when they clean out. Getting a little money back is already a win. Surprisingly, I've never had a bad experience. I presume there's also buyer protection, but I'm hoping I never have to use it.
I've also had good experiences on eBay. Buyers can leave bad reviews for anything so good reviews are a strong indicator. (That said, there are plenty of "genuine" laptop batteries for $15 from high-scoring sellers.)
I feel like eBay put a lot of work into creating a competitive marketplace where honesty was rewarded, and it basically works well but they got an unsavory reputation anyways. Then Amazon tried to hide that complexity from the end user and buyers just get burned. Maybe Swappa is trying to go the Amazon route? I do not think there are real shortcuts here. Either the marketplace needs to vet sellers manually, or offer a competitive, transparent reputation system like eBay.
I wonder why almost no one in these GrapheneOS praise topic mentions that you won't be able to pay with your phone, and often even bank apps refuse to install on it - it was a deal breaker for me personally, and now I'm back under Google umbrella :<
Limitations are on the website - https://grapheneos.org/articles/
I don't care about google pay/wallet or android auto. My credit union's app does work fine, but even if it didn't, I'd still use GOS. It's great.
and if you did you could use curve pay instead. Basically the same thing with more features, the only catch is that they charge FX fees after surpassing a limit (but that can be mitigated by paying with the same currency of your linked card, thus never executing a change in the first place)
Fair point, but how much extra effort is it to put a credit card between your phone? I'm still under the Google umbrella as well, but this would be my first issue solved.
I guess I'm so paranoid that not only do I run GrapheneOS, I've never had nor wanted banking nor payment apps on my phone. Having ALL my money be accessible from something so easily lost, stolen, or seized would be a constant source of stress for me. There's (hopefully) a lot of security around accessing it, but sometimes the only winning move is not to play.
There's some reasonable fear that at some point large portions of the web will require secure attestation that a device is not rooted; this may come in the form of automating age verification for convenience. When all it takes is a checkbox on Cloudflare to require 18+, a lot of site operators will just use it.
Paying with your phone just seems like one of those separation of concerns problem. I'm sure you have backup forms, and cash, etc, but there's something about not having to worry about the multinefarious capabilities of my phone if it's not in my posession.
Difference is a plastic card that is lighter and smaller than the phone is just as effective as the phone is for payments. When it comes to audio, a car stereo is going to be much more convenient and brtter quality than a boombox or bluetooth. That said, i did know someone with an older car who used a bluetooth speaker instead of their stereo, so they could connect their phone audio.
I don't know about where you live but here contactless card payments have lower limits than phone-based ones. Also the phone allows me to switch between multiple cards, including transit-specific cards.
Well, that's what we all did like 10-15 years ago with nice double-DIN decks that had nothing to do with the car besides taking power from it and perhaps some steering wheel controls. It was just a hard-wired boombox, 100%. Now, the stereo is in fact properly a part of the Infotainment System you cannot replace, so as it ages out in a perfectly good vehicle, the entire car deprecates faster than it would have in decades past.
Even my 2015 Mazda has enough vehicular settings in the infotainment menu that despite being replaceable with a double-din I haven't bothered because I'd lose all configurability there. I opted for a cheapo $100 carplay unit instead - the modern equivalent of the discman-to-tape adapters ;)
I'm pretty sure that the infotainment hack was completely orthogonal to whether it was Beethoven, Iron Maiden, or blissful silence.
Having said that, a successful car infotainment system attack on android auto or apple carplay could, of course, compromise your phone.
So it's up to you whether you decide to cope with that possibility by breaking the law and navigating with a handheld device, or simply declining to do banking on your phone, since successful car exploits mean the attack surface against your phone is much larger than you might presume.
sometimes the option to unlock the bootloader doesn't work until you connect the device
to internet. not sure if the original person who posted tried that. this might be a non issue.
I just bought an official Pixel 9 to install GrapheneOS, and the process couldn't be simpler. Their webusb installer is extremely polished. You just plug your phone in, click through a few steps, and you're done. There's absolutely no reason to bother looking for a phone with GrapheneOS already preinstalled.
As a side note, I've been using it for a few months now, and it works great. All the apps I use run on it just fine. Battery life is great, and you don't have a bunch of cruft from Google running on your device. Can highly recommend for anybody looking for a phone you actually own.
I'm trying to go through Swappa to help reduce waste and save a bit of money. Unfortunately, when I decided to go second-hand, I didn't expect issues like this.
> we are unfortunately not able to guarantee bootloader unlocking, as it is not feasible for us to search through thousands of devices in order to find one that is
Ohhhh, is that how it works? Maybe I should try that next time. Instead of selling broken hardware as "NOT TESTED, AS IS, PARTS MACHINE" I should sell them as "100% working!" and when someone asks, I'll tell them "sorry, it's not feasible to search through all devices and find the working ones"
Imagine a supermarket telling you "sorry, it's not feasible to check the expiration dates on all of our products".
That essentially is the case. Grocery stores make a best effort to remove expired foods but you can often find expired food on the shelf in the US.
Go make a stink about it at the customer service desk and they will probably say exactly that.
I feel like supermarkets more or less do tell you this--I get expired crap all the time if I don't check myself.
In the context of an online marketplace "Unlocked" means "Not carrier locked". This has _nothing_ to do with the bootloader.
If it's not a carrier locked device, what would be the reason for it not to be OEM unlockable once connected to the Internet? This is not about the device being logged into an existing user account, that would trigger FRP which is something different.
Maybe. But Swappa confirmed it meant bootloader unlock
I wonder if the person you talked to actually knew what they were talking about. Swappa explains what an unlocked device means in their FAQ and a bootloader is not mentioned.
https://swappa.com/faq/answer/unlocked-device
100% this.
Swappa became a no-go for me when they started making exceptions to their rules for commercial sellers, justifying it by saying they were inherently more reliable. For example, using stock photos for multiple devices instead of the device you actually receive. All of three of these phones, based on the seller names, were those reliable sellers.
I've used eBay to buy several used Pixels for GrapheneOS, without problem.
The easy way is to search for ones for which the seller explicitly says "OEM" or "bootloader" unlockable/unlocked (or seller says it already has "grapheneos", "graphene", "calyxos", etc., installed).
For awhile, I came up with some tricks to try to get a better price by identifying ones that were bought directly from Google (rather than through a carrier, which are who has been disabling bootloader unlocking thus far), but decided it wasn't worth the effort.
Of course, you can also just buy a new one from Google.
Swappa is great for sellers and bad for buyers. They use a Paypal marketplace product and have no actual authority in a transaction, they just match buyers and sellers. If the phone is not as described, you'll have to pay return shipping yourself.
Bummer of an experience. About a month ago I bought an unlocked 8a from a seller on Swappa and had no issue getting GrapheneOS (which works well!) on it.
Well never needed an unlocked bootloader specifically, but have found Swappa to be solid place to buy used gear more generally - purchased 4 used iPhones and 1 Macbook Air so far.
I went through this cycle myself a few months back. It seems like many sellers conflate bootloader unlocking with carrier unlocking.
I was just about to buy something from them, but maybe not now. I want a used pixel--where is the best marketplace for that?
I've gotten used pixels off of ebay more than once and never had a problem. I feel like if it was that simple swappa.com wouldn't exist though. Maybe I've been lucky?
Same here, I bought my current smartphone, a Pixel 6, two or three years ago for 200 dollars on eBay, and it arrived in pristine condition. Super small bump on one of the frame edges, not a single scratch on the display though now there are many, of course, I'm not that careful and the phone is cheap enough not to be too upset.
I generally trust private sellers a lot more than professional ones, if you vet them well enough (check their page, check their reviews, check their other listings), the chance that you'll get a good deal on a device in the condition described. The incentive to gain a profit is a whole lot lower, a commercial seller has to make sure they're the winner in some way during a transaction, they have bills, staff and assets. A private person is often happy to just get rid of the phone, as it would usually rot in the old phone drawer, until it eventually ends up in an e-waste bin a decade later when they clean out. Getting a little money back is already a win. Surprisingly, I've never had a bad experience. I presume there's also buyer protection, but I'm hoping I never have to use it.
I've also had good experiences on eBay. Buyers can leave bad reviews for anything so good reviews are a strong indicator. (That said, there are plenty of "genuine" laptop batteries for $15 from high-scoring sellers.)
I feel like eBay put a lot of work into creating a competitive marketplace where honesty was rewarded, and it basically works well but they got an unsavory reputation anyways. Then Amazon tried to hide that complexity from the end user and buyers just get burned. Maybe Swappa is trying to go the Amazon route? I do not think there are real shortcuts here. Either the marketplace needs to vet sellers manually, or offer a competitive, transparent reputation system like eBay.
I've had good experiences with gazelle.com for used devices but never tried to load GrapheneOS on anything from them.
Swappa has been "ok" in my experience
I had issues with receiving incompatible "variants" of compatible devices when shopping for used phone for custom roms
Did you try disputing through your payment method or is that not an option with how Swappa processes things?
I wonder why almost no one in these GrapheneOS praise topic mentions that you won't be able to pay with your phone, and often even bank apps refuse to install on it - it was a deal breaker for me personally, and now I'm back under Google umbrella :<
Limitations are on the website - https://grapheneos.org/articles/ I don't care about google pay/wallet or android auto. My credit union's app does work fine, but even if it didn't, I'd still use GOS. It's great.
>I don't care about google pay/wallet
and if you did you could use curve pay instead. Basically the same thing with more features, the only catch is that they charge FX fees after surpassing a limit (but that can be mitigated by paying with the same currency of your linked card, thus never executing a change in the first place)
FWIW I've tested Android Auto before with sandboxed Google Play, works fine.
Yup! You can even get Android Auto to work without Google Play:
- https://github.com/sn-00-x/aa4mg
Not every banking app is that way. Mine worked.
I also dont think everything needs to be an app.
I gets mentioned on every GrapheneOS thread I've read.
Fair point, but how much extra effort is it to put a credit card between your phone? I'm still under the Google umbrella as well, but this would be my first issue solved.
For many GrapheneOS users, this class of annoyances is an acceptable concession.
I guess I'm so paranoid that not only do I run GrapheneOS, I've never had nor wanted banking nor payment apps on my phone. Having ALL my money be accessible from something so easily lost, stolen, or seized would be a constant source of stress for me. There's (hopefully) a lot of security around accessing it, but sometimes the only winning move is not to play.
this is the main point of discussion under every grapheneos thread though...
also my bank apps install, but yes, no tap to pay
Yup, Chase Bank app will not load at all. I think its a "security" feature that it wont load on rooted phones lol
There's some reasonable fear that at some point large portions of the web will require secure attestation that a device is not rooted; this may come in the form of automating age verification for convenience. When all it takes is a checkbox on Cloudflare to require 18+, a lot of site operators will just use it.
GrapheneOS phones are not rooted.
Paying with your phone just seems like one of those separation of concerns problem. I'm sure you have backup forms, and cash, etc, but there's something about not having to worry about the multinefarious capabilities of my phone if it's not in my posession.
You could then separate the audio system from your car and drive around with a boombox
Difference is a plastic card that is lighter and smaller than the phone is just as effective as the phone is for payments. When it comes to audio, a car stereo is going to be much more convenient and brtter quality than a boombox or bluetooth. That said, i did know someone with an older car who used a bluetooth speaker instead of their stereo, so they could connect their phone audio.
I don't know about where you live but here contactless card payments have lower limits than phone-based ones. Also the phone allows me to switch between multiple cards, including transit-specific cards.
Well, that's what we all did like 10-15 years ago with nice double-DIN decks that had nothing to do with the car besides taking power from it and perhaps some steering wheel controls. It was just a hard-wired boombox, 100%. Now, the stereo is in fact properly a part of the Infotainment System you cannot replace, so as it ages out in a perfectly good vehicle, the entire car deprecates faster than it would have in decades past.
Even my 2015 Mazda has enough vehicular settings in the infotainment menu that despite being replaceable with a double-din I haven't bothered because I'd lose all configurability there. I opted for a cheapo $100 carplay unit instead - the modern equivalent of the discman-to-tape adapters ;)
I forget. What are the security implications of having your car play your music again?
Pretty sure Jeep was hacked via their infotainment system and remotely driven (by researcher Charlie Miller)
So it’s actually kind of a real thing
I'm pretty sure that the infotainment hack was completely orthogonal to whether it was Beethoven, Iron Maiden, or blissful silence.
Having said that, a successful car infotainment system attack on android auto or apple carplay could, of course, compromise your phone.
So it's up to you whether you decide to cope with that possibility by breaking the law and navigating with a handheld device, or simply declining to do banking on your phone, since successful car exploits mean the attack surface against your phone is much larger than you might presume.
Uh oh. I just brought a pixel 6a from Swappa, was hoping to use a different os. Not arrived yet though.
sometimes the option to unlock the bootloader doesn't work until you connect the device to internet. not sure if the original person who posted tried that. this might be a non issue.
OP here. I did try connecting to the internet on both devices I got my hands on, but the bootloader remained locked.
I just bought an official Pixel 9 to install GrapheneOS, and the process couldn't be simpler. Their webusb installer is extremely polished. You just plug your phone in, click through a few steps, and you're done. There's absolutely no reason to bother looking for a phone with GrapheneOS already preinstalled.
As a side note, I've been using it for a few months now, and it works great. All the apps I use run on it just fine. Battery life is great, and you don't have a bunch of cruft from Google running on your device. Can highly recommend for anybody looking for a phone you actually own.
This is not the related of preinstalled. Swappa is selling bootloader permanently locked forever phones as bootloader unlockable
I'm trying to go through Swappa to help reduce waste and save a bit of money. Unfortunately, when I decided to go second-hand, I didn't expect issues like this.
As a note, swappa isn't selling phones with grapheneos preinstalled. It is selling used phones, you would still have to install gos.