"[GNU/]Linux being secure is a common misconception in the security and privacy realm."
https://madaidans-insecurities.github.io/linux.html
"[GNU/]Linux is thought to be secure primarily because of its source model, popular usage in servers, small userbase and confusion about its security features. This article is intended to debunk these misunderstandings".
Based on this, one should try to do as much as possible on a GrapheneOS device
They're getting money from people willing to pay for new Pixels knowing they can recover some of the cost later by selling them to you. (The used market bolsters the new market.) That's what I meant by indirectly.