Documents have been leaked at the beginning of this year: https://osservatorionessuno.org/blog/2025/03/a-deep-dive-int... which do include the Pixel 9. They show GrapheneOS being pretty secure in comparison to other vendors at the very least, with GrapheneOS being marked as unsupported if patched beyond 2022. They also show GrapheneOS beating the stock Google firmware.

One reason GrapheneOS fights these threads is by doing what Google doesn't want to do out of user friendliness, like disabling USB in AFU mode. Unlike Google, Samsung, or Apple in non-lockdown mode, GrapheneOS doesn't need to deal with upset users when they need to unlock their phone before hooking it up to their car/display/flash drive/3.5mm jack converter/etc.

GrapheneOS also enables security features when compiling the OS that have a performance impact but mitigate security risks. They end up with a slower phone with less battery life that's protected better against extremely uncommon attack vectors.

GrapheneOS explained how these security features would've prevented at least one targeted attack from leading to exploitation: https://grapheneos.social/@GrapheneOS/114081909020398165

We don't know the current state of Celebrite's capabilities, but the fact they struggled for at least three years last time intel leaked out does paint a good picture for GrapheneOS. I'm sure the GRU and NSA have exploits that can hack even GrapheneOS, but at least they're not the type that makes it into commercially available exploit kits as of now.

> GrapheneOS also enables security features when compiling the OS that have a performance impact but mitigate security risks. They end up with a slower phone with less battery life that's protected better against extremely uncommon attack vectors.

Apps may take slightly longer to launch, which was more noticeable on older devices, but not so much on modern supported devices. I understand that some of the other exploit protections mean that apps and processes take up slightly more memory, but that's another thing that people don't seem to be affected by.

As for battery life, not really. Most people report having roughly the same battery life with GrapheneOS as with the stock OS. People who don't install Google Play report much better battery life. Sure, the exploit protections might use a small amount of extra power, but it's negligible as far as I can tell based on my own experiences and what other people report.

Some devices are listed with both "BFU Yes" and "BF No" under the "... BFU" column (for example, the newer Pixel devices table). What do these mean in combination?