Don't use SAE (which is, indeed, an instantiation of Dragonfly). I have a strong suspicion that the way it is used, there will be a practical attack.
Basically, take the original password/secret, derive two secrets A and B, run SAE with A as the secret, get a session key K, then use hash(K|B) as the actual session key.
If they don't have anything like that, I wouldn't be surprised if real-world implementations end up being less secure than up-to-date WPA2.
They probably do want to be getting the latest security patches to the kernel and base OS.
Citation: https://twitter.com/DanielMicay/status/1058103333414522880
Yes, the drivers are ancient, and probably have a ton of security vulnerabilities. Has the general situation improved in recent years? To me it seems that hardware vendors generally don't care about these issues at all. Which phone would you say has secure drivers?
It's a tradeoff - new phones are more secure, but they're also secured against you, e.g. if I OEM unlock my Galaxy Note 9, a bit is set permemnantly that could be used to determine whether the phone gets a warranty repair.
To get back on track, you may want to have a look to see if the "board support package" is still supported. You're well out of vendor support and it looks like the last commit to https://github.com/LineageOS/android_kernel_samsung_smdk4210... was 2013.
The gold standard would be a phone that runs a very-close or actually mainline Linux kernel, but I don't think we're there yet.
Nexus devices were fantastic, but they're gone now. Pixel, I guess, but I was scared off after the 5X and 6P hardware issues.
