These days the hammer is usually docker/podman/lxc containers instead of VMs though. Like, you don’t need a container to run a self-contained statically-compiled binary, yet people still do it for some reason.

in that case I would feel comfortable going with a refurb like theloweststone mentioned; pixels are the only(?) android devices which let you swap out the bootloader in a safe manner, so even a phone that’s been in shady hands should be fine if the boot hash matches. And if you know another person with graphene you can do the attestation just to be certain.

but since the future of GrapheneOS is slightly shaky at the moment, I’ve looking at alternatives for when my current device inevitably bites the dust – fairphone and pinephone both look like decent choices at first glance. It’s an unfortunate situation but just gotta roll with it!

what’s stopping you? was the very first thing I did, don’t regret it for a second – https://ocv.me/b/img/IMG_20230811_121845_049.1ssy.jpg “i’m about to finish setting up my pixel alright” :p

So for example if you updated the file and need to re-upload it, there is no way for you to delete the previous one.

if this is something you’d fancy then copyparty might be worth a look – it lets uploaders undo their own uploads within a configurable timeframe, even in folders where they only have write-only access (the ability to upload files without seeing existing files).

disclaimer: I’m the author – and also thrilled to see someone else suggesting it in the thread!