I am a long term GrapheneOS user and would like to talk about it. r/privacy on the redditland blocks custom OS discussions which I think is very bad for user privacy, and I hope this post will be useful to anyone who are in the hunt for better privacy.
Nowadays smartphones are a much bigger threats to our privacy and Desktop systems, and unfortunately manufacturers has designed them to be locked down devices with no user freedom. You can’t just “install Linux” on most smartphones and it is horrible. And most preloaded systems spy on us like crazy. That was why I specifically bought a pixel and loaded GOS onto it.
According to https://grapheneos.org/features , they start from base AOSP’s latest version, imptoves upon it’s security and significantly hardens it. There’s hardened_malloc to.prevent against exploitation, disabling lots of debugging features, disabling USB-c data, hardening the Linux kernel and system apps etc. They even block accessing the hardware identifiers of the phone so that apps cannot detect whqt phone you’re using. That means with Tor and zero permissions given, apps are anonymous.
Compatibility with apps are best in Custom ROMs but there are still that can’t work, especially if they enforce device integrity. Very few apps usually enforce that tho. Also their community isn’t the friendliest but you can get help. Just don’t try and engage too much or have too many debates.
Anyone else here use GrapheneOS, or any other privacy ROMs? What is your experience? Do you disagree on any point? Let’s have a discussion!
I post someone’s comment on a controversial topic about google and GOS. I saved it because that’s exactly how I feel.
Step 1 of installing GrapheneOS for de-googling your life: Buy a Google Pixel phone
Look - I know, I know. I get it. Google allows you to unlock the bootloader while maintaining the phone’s unique and excellent hardware security features. The argument makes sense. It is compelling. Other manufacturers do not give you this freedom. I am not arguing about that. I have a Pixel phone running GrapheneOS myself.
However… It is just so very obviously ironic that one needs to trust Google’s hardware and purchase a Google product to de-google their life through GrapheneOS. I think that it is a perfectly valid position for someone to raise their eyebrows, laugh, and remain skeptical of the concept either because they do not want to support Google at all, or because they simply will not trust Google’s hardware.
The reason why I think that this is “controversial” is because I have seen multiple instances of someone pointing out the irony, followed by someone getting defensive about it and making use of the technical security arguments in an attempt to patch up the irony.
With the lack of any other viable option, I struggle to see the point of the arguement.
I don’t have any answer for the point where you would not trust Google even for the hardware (even though I don’t think there is any risk on the current devices)
But concerning the “don’t want to support Google” an easier answer is to buy a second-hand Pixel
The point of not trusting Google hardware is that there is no way to know what hidden function is in there. De-lidding and reversing isn’t practical at current integration density. So, no, I don’t trust the hardware to not contain remoteable backdoors. But it’s a pretty high threat level.
I think buying a Pixel phone second hand solves this issue and reduces a little e-waste at the same time.
This. I never buy a Pixel new.
This is exactly why I don’t have graphene os, the irony of having to support google is too much for me call me paranoid but i also dont trust them with the hardware piece either lol. I’ve been running lineage os without gapps and its honestly great, updates and patches are every few weeks, super stable and awesome.
I assume you’re using it with bootloader unlocked. The issue is somehow some malware injects your phone and roots it, it can just install itself as a system service and just live there and you’ll never know. The security feature that protects against it is disabled once bootloader is unlocked.
Also I’ve heard that LineageOS has not all security updates present since some firmware updates needs to be provided by the specific manufacturer. For Pixel, Google provides it and GOS uses it.
Yes, a lot of people in this thread should look up the difference between a hardware based secure element and a salted hash.
If your objective is to punish Google, or to have nothing to do with Google. I completely agree with you using a pixel phone just doesn’t make any sense. You shouldn’t do it
If your objective is to have the most security possible… Then you should install graphene on a Pixel phone.
Yeah it’s ironic but what is the alternative? At least we CAN remove Google’s known spyware from the device, and there’s no evidence of firmware level spying. If you get Samsung, or some chinese crap, you can’t remove Google period, and you might get spied by the manufacturer as a cherry on top. There is no way to have a perfect solution, well unless Samsung starts to provide Custom ROM support or something.
I’m using a Fairphone with /e/os. No Google at all.
Not hardened though. I was heavily considering fairphone but over the back and forth between them discussing with Graphene developers, their hardware is not secure enough yet for graphene to be made for the fairphones. If and when fairphones are on graphene then I will definitely buy them.
Also, even though I commend their phone, the accessories for earbuds and headphones certainly bring up some questions as to their intentions.
It’s because Graphene is not a custom ROM. /e/os is. Graphene is just an OS on top of the ROM, and Fairphone doesn’t update their ROM often enough.
This is a complete non-issue though if you use a custom ROM like LineageOS or /e/os.
No. The issue is with hardware secure elements in how cryptographically intensive workloads are done
https://www.androidauthority.com/titan-m2-google-3261547/
Unfortunately the fairphone falls quite behind in this and relies on software salt and hash that can be exploited.
Buying a used pixel and installing Graphene OS is absolutely a more secure platform than any AOSP based open source bootloader unlocked ROM.
This was not given as reason by the devs why graphene is not on Fairphone. The delayed security updates were.
GrapheneOS is for not only privacy but also security. Ironic or sad, google chips are safer. https://grapheneos.org/faq#future-devices
I was a long time lineageOS user and love the freedom of changing anything. I switched to grapheneOS and like it, but miss some features, that are just pointless and not relatable: no full AMOLED dark mode - the devs said the battery savings between dark and pure dark isn’t relevant. and the other thing is: why is the white bar on the bottom not removable?
Because of these things I switched back to lineageOS and realised how dumb it is because of two optical features. GOS is definitely worth to look over two missing features and I switched back to GOS.
Anyway the most interesting transition from an lineage user to an grapheneOS user is, you realise that root isn’t useful and more risk than fun.
Tbh i used OLED dark mode on my LG v50, and I got serious screen burn in as a consequence. OLED isn’t worth using for a smartphone IMO.
Yeah GrapheneOS rarely does eye-candy features. They have a very small team so they exclusively work on security features.
I’ve been using it for a few months. Very happy with it. Minimalistic initial setup, gives you the feeling of control as well as privacy, bank apps work splendidly… an effortless transition, I say as somebody who previously used iPhone but wasn’t tied into the ecosystem.
How do you find it as a daily driver in terms of QoL features such as banking apps and payments etc?
Not a problem. Google Play is still available, with all apps you have today. If you want to run that, then it works allmost like stock but with more control over everything. Only thing missing is Google Pay and I strugle with RCS messages. I never use SMS so I don’t care about that one and it could be just me.
Alternatively you can run Google Play Services in a different, sandboxed profile if you’re going for privacy.
Thanks, that’s useful, I think it’s convinced me to finally switch
I would absolutely buy a Pixel, if only they supported sd-cards. I get that Google is pushing cloud-storage. If I smash my phone on the sidewalk, I still want to have a local storage, I can take out and thus make live backups to. There are just some features Pixels lack and privacy shouldn’t lock you out of them.
My recommendation is GOS if you care about out of box experience and using gapps, DivestOS if you care about degoogling and removal of proprietary code. Both are hardened.
I’ve been wanting to try it for a while now, but I’m too cheap to buy a phone that can run it.
I would but my Pixel 6’s USB connection is entirely useless. It hasn’t successfully connected to a cable in over a year.
I was considering it for my next one, though, whenever that is. Don’t really feel the need for an upgrade atm.
I had daily drove it for years, but recently started testing the water with iOS. Still have GOS on my secondary devices though.
It’s great, but it drains my battery like hell, (with three profiles: default, google-ser-ices and owner… don’t know if that’s still recommended)
I am. It’s good. Don’t have any issues just huge compliments to the team.
Yea I did the same thing as you about 2 years ago. Gonna maintain and use this phone for as long as I possibly can before either betting another one or find a equally good or better solution that doesn’t give money to google(and hopefully one with a replaceable battery)
I’m pretty sure that every Android Lemmy user has a Custom ROM installed on their device. Currently daily driving GrapheneOS on my Pixel 7 Pro.
Not me unfortunately … I used to have a Samsung Galaxy S9+ with an unofficial port of LineageOS. Nowadays I’m using a Samsung Galaxy S21 Ultra with the stock OS.
Maybe a Pixel should be my next phone, so that I get proper support for most custom ROMs.
I have 1 Pixel 7a running Graphene, 2 Pixel 6a running Graph, 1 Pixel Tablet too, and Pixel 4a using DivestOS.
Top tier.
I use GrapheneOS but I don’t like how Google Play-centric it is. It is geared towards people installing their “normal” apps with the GrapheneOS special sauce sandboxing. No F-Droid by default where all of the FOSS apps are.
They are very security fovused and is against f-droid’s poor security practices. They do push accrescent through their stores tho
By default there is nothing, it’s a blank slate. It’s up to you to decide what apps to use.
Screenshot for you. Google is explicitly linked to for easy setup. F-Droid is not. “There is nothing” is simply disingenuous.
It’s not installed.
But it is Google Play-centric. There is an option to install Google Play. There is not an option to install other app stores like F-Droid, unlike some of the other AOSP clones.
Which I think is good. Make it easy for people wanting to test FOSS to do so.
Anyone who knows what they are doing will figure out how to install F-droid soon enough.
I find it hard to critisize it for something that makes it so much easier to start with for anyone.
Thanks for the downvote! Really helps lemmy become a more welcoming place when we are just having a civil discussion.
Having google play, and the auora store in the GOS apps system does reduce friction to install them vs f-droid, agreed, but it is a blank slate and its totally up to you.
My original reply to the OP’s question, thoughts and experiences with GrapheneOS, was along the lines of “I think GrapheneOS is Google-centric” and you disagreed saying that GrapheneOS was a “blank slate”. Honestly I think you’re being a bit defensive and maybe a little gaslighty which is why I downvoted.
GrapheneOS provides fairly prominent links to a Google Play installer or the relatively obscure Aurora Store. The Aurora Store client app is FOSS but the store is quite literally a proxy for the Google Play Store. The apps in the screenshots on Ausora Store’s homepage are mostly apps that use or require Google Play Services. This is all very Google-centric.
If Google Play wasn’t an important part of GrapheneOS, it could just not contain a prominent link to the Google Play installer. Or it could contain a link to install a fairly prominent app store that offers an ecosystem outside of Google Play. But it exclusively steers users to the Google Play ecosystem as a part of the default, packaged experience, hence my original reply to the OP.
I think google play is a necessary thing for them to distribute in the sandboxed google play harm reduction feature they advertise.
Ascrescent is the open source self-signed app store they promote, that is fully open, and its in their app store as well - but has very limited apps (organic maps, molly, but not fdroid inside)… but Ascrescent does not require the apps distributed to be open source… so just like google play
The reason they don’t include F-Droid is they have a weird cultural bias against fdroid signing apps… they don’t really speak to the relatively new fdroid reproducible build chain where the apps are signed by developers, but built by fdroid… which is the far superior security solution (verify the developers built it, and verify the source used in the binary is the published source) that no other app store offers.
I agree it would make sense for the GOS app installer to include fdroid, its weird that they don’t, but their line is only developer signed builds… which, google play actually does do… google play apps are developer signed.
Agreed. The Google implementations are there for folks who absolutely cannot go without certain apps only available from the Play Store. Upon installation, all that’s there is the OS with the necessary apps (camera, phone, browser, etc) with the security on these individual apps additionally patched.
With the sandboxing of Google Play and Services AND the option to further house these apps from the Play Store in a separate profile, you have a perfectly working device that the individual user can customise to their needs.
Its a great project and a real asset to the FOSS, privacy and security community against big tech/govt surveillance.
The phone is only as good as how you choose to set it up and use it.
