"[GNU/]Linux being secure is a common misconception in the security and privacy realm."
https://madaidans-insecurities.github.io/linux.html
"[GNU/]Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings".
Based on this, one should try to do as much as possible on a GrapheneOS device
That's why I buy secondhand Pixels. You can normally get near-new quality if someone orders one as a gift and it's the wrong colour, or they accidentally chose the wrong storage size, or something similar.
That way Google's not getting my money.
They're getting money from people willing to pay for new Pixels knowing they can recover some of the cost later by selling them to you. (The used market bolsters the new market.) That's what I meant by indirectly.