Why YSK GrapheneOS is a step above the rest. I understand it’s ironic de-google phone/tablet with google hardware, but it just works better then anything else. Permission toggles, pin scrambling, auto-reboot, scopes, MAC randomization, isolated user profiles, longer passwords, sandboxed apps, open source firmware, no bloat & the battery life is incredible now.
I hope people understand how easy it is to move to Linux & GrapheneOS full time & remove Apple, Google, Microsoft etc. It exceeded expectations so much so that I want to share it with other people. I cannot recommend this enough to improve your life. #FOSS
I can’t recommend this enough. Been using GrapheneOS for the past 3 years and been happy with it ever since. No issues whatsoever and works just as well as the stock OS. Granted, it has less features but I like the minimalist approach.
Agreed. I have actually spent a lot of time reading through their code and I find what they do amazing. It’s a solid OS and is actually secure where the phone owner actually has control over their own phone.
Sounds great, especially since it’s Android-compatible. I’d have to jailbreak my phone, though, right? Always been worried to do that, myself, because I don’t want to break my phone or get cut off by my service provider.
I might look into it on my Retroid Pocket 2+, though!
Not sure what you mean by “jailbreak” as that’s rarely a term applied to Androids. On the phone side, you have to have a Pixel (6 and up are recommended due to increase security and longer support) and enable OEM unlocking, which requires no hacking/jailbreaking/rooting. It’s super easy to install.
The main reason I keep a “real” smartphone around is for banking app, that requires Google Play Protect (or whatever it is called, the thing that supposedly check around if you’re on a rooted phone). Support for this doesn’t seem there yet, which defeat the purpose.
banking should not be done on a phone
Why not?
very insecure. especially if your 2fa method is on your phone as well (unfortunately many banks enforce this)
I’d bet that a GrapheneOS phone is more secure than your average PC.
not if u have linux and a hardened browser
I said “average PC,” and you throw out Linux with a hardened browser. That’s not average. But how many people have Linux with a hardened browser? More importantly, how easy is that to set up compared to setting up GOS (I promise GOS is much, much easier to set up and use)?
But if we’re going with extremes like this: no one should use banks on Linux with hardened browsers. Just go in person.
installing a just-works distro (say linux mint) is just/almost as easy as grapheneos. assuming not doing dual booting (the phone is dual booting is it).
librewolf (hardened fork of firefox) is like 2 commands on linux, or an installer wizard on windows.
unironically the last statement is based. less technology is always more secure. we managed without it back in the day didnt we.
im not going to say privacy and digital security is easy or one-size-fits-all or anything, we each have to make comprimises on convenience.
It’s harder for the average person. You have to know how to change device boot order in BIOS/UEFI, average person barely knows what an operating system is, let alone how to find their PC UEFI/BIOS setting menu to configure boot order. Grapheneos explains it clearly, how to install. You simply tap a few buttons on the browser and on the phone, when prompted.
its like 10 key presses total. there are many tutorials (although none as good and official as grapheneos i assume). people can learn things, and digital literacy is very important
Linux is the least secure desktop os 😂
what r u smoking ? linux is the only widely used open source desktop operating system. it has heaps less viruses made for it. its unix-like permission system (like mac) is always better than uac of windows. you can say a lot of bad things about linux, sure, but security is most certainly not one of them. unless you compare it to a locked-down os like android, it is the most secure.
source model is not indicative of security. besides that, though, Linux is much easier to gain privilege escalation and perform a data exfiltration.
in order of least to most secure is; ChromeOS, MacOS, Windows, Linux. (BSD derivatives arguably below Linux but that is a more complicated topic that I’m not educated enough on).
do you have a source for this claim by any chance ? windows is main target for viruses
Calyxos is better for compatibility because of its inclusion of microg
That’s factually incorrect ever since GrapheneOS started offering sandboxed play services. This makes it more secure on top of that. Both Calyx and MicroG have security issues that aren’t present in GrapheneOS.
Does Graphene work with Android Auto?
This, and Google Pay/Wallet would be the deciding factor for me
The two main features that aren’t biggies and GrapheneOS doesn’t support and they’re the deal breakers? Yeah, right…
Before switching OS’s I need to know if it’s compatible with the features that I value. It’s okay if you don’t value the same features as I do, but there’s no reason to be both rude and provide no useful information at the same time.
GrapheneOS, Signal (or, I suppose, Telegram, just something E2E encrypted) and a raspberry pi running PiHole are 3 of the best investments I ever made in my day to day experience.
I could never get my pihole to remain stable over long periods of time. Multiple reinstalls, two different pis, always issues with the network dropping or requiring both the pi and connected devices to be rebooted. A pain in the neck for a reason I’m not immediately able to figure out.
Interesting, I basically set it and forget it and the only time I’ve ever had to interact with it again was to tweak the blacklist to block something new or allow something through
It might be an issue with your particular cocktail of router/modem/isp/what have you - which is way harder to diagnose
deleted by creator
Yeah doesn’t he have some kinda meltdown? Seems like a control freak.
deleted by creator
I have already saw the video about Louis and I’m totally with him totally, the only threat I just saw in that chat was threating banning Louis because he commented on a video of a youtuber with a community that swatted him and always go against him.
Yes, not the best way to get someone do what you want to do, but not as worse as leaking a private chat with someone without the other part agreement, and falsely accusing someone of possibly injecting malware inside a project only to go against you.
this is informative, and unfortunate
That’s a single person on a project with multiple contributors. He’s also since stepped down. You’re acting like he’s the sole guy.
https://discuss.grapheneos.org/d/5235-stepping-down-as-project-leader-of-grapheneos
Are there any major daily driver features from Android missing here? Also are the updates usually stable?
It seems quite stable from my experience, and from online reviews. Some might say it us more stable than stock pixel. For example pixel 6 used to suffer from network issue due to google’s software: https://www.androidcentral.com/pixel-6-possible-network-connection-fix , which I haven’t found any discussion about the same problem on grapheneos.
However graphenos has its problems:
- App installation is very slow, this it further worsened by crapy apps on google play, for example Mcdonald app took me around 5mins to install app for the first time. But it will only be annoying when you install, since update is done in the background, so you will hardly notice it.
- No support for android auto.
- No now playing, call screning, face unlock (camera and photo, on the other hand, works fantastically, even without network premission).
- fingerprint will not trigger at least 30% of the time in low light. (I have a 7a, so it is probably because the software is not yet optimized)
Why would the app installation be slow? Do they create sandbox for each app?
“Android Runtime Just-In-Time (JIT) compilation/profiling is fully disabled and replaced with full ahead-of-time (AOT) compilation. The only JIT compilation in the base OS is the v8 JavaScript JIT which is disabled by default for the Vanadium browser with per-site exception support.”
Depends on how you use your phone. Main thing I miss is Google Pay’s tap to pay (disabled by Google unless you run a Google certified OS…which Google could easily certify Graphene but won’t), but most banking apps NFC tap to pay work.
Android Auto also doesn’t work, but I never used it. Some people might, though.
which Google could easily certify Graphene but won’t
I’m not on the Google fan bus and would be the first one here to drop Android at the drop of a hat, however, you are being deliberately deceptive here and I hate people like that: the reason it’s not certified is because Graphene devs don’t want to pay to get it certified, it’s not because Google refused to, like you are saying.
I’m not being deliberately deceptive. Google absolutely could whitelist GrapheneOS if Google chose to, just like any app developer can as well by checking for the verifiedBootState with proper verifiedBootKey (GrapheneOS attestation link below).
Now, I don’t see Google doing that as GrapheneOS doesn’t and won’t ship with Play Store, Play services, or Service Framework. GrapehenOS actually has a compatibility layer so those don’t get special and device wide privileges like they do on devices that ship with them (sandboxed link below)…which Google probably requires. And I don’t see GrapheneOS budging on this as that’s one of their main selling points for security and privacy.
But I’m always down to learn and I’m not a developer. I don’t suppose you have a link that says the main thing that Graphene is missing is handing over money to Google to get certified, and ideally how much? If that was it, I’d be willing to bet money Graphene would’ve forked over the cash by now.
https://grapheneos.org/articles/attestation-compatibility-guide
Hi google, can you approve our phone that basically cuts your apps out and offers privacy from your mass spying operation please? Such a weird point.
I did acknowledge what you said by saying Google doesn’t want Graphene not including GMS stuff and won’t whitelist GrapheneOS, despite Graphene’s extra security measures. But this doesn’t change the fact that Google could…but won’t.
I heard bad things about the maintainer. Not sure if I trust the project now.
I was going to install this - what did you hear ?
He heard outdated info. Daniel was a jerk, sure, and probably needs therapy, yes, but he also wasn’t the only one working on it and he has since stepped down anyway, and despite his personality faults he was/is a great programmer.
That’s a single person on a project with multiple contributors. He’s also since stepped down. You’re acting like he’s the sole guy.
https://discuss.grapheneos.org/d/5235-stepping-down-as-project-leader-of-grapheneos
now that Fairphone is available in US they might give a shot at making GrapheneOS running on it
Per GrapheneOS, they do not and will not support Fairphone 4. No clue if Fairphone 5 has fixed these issues.
https://www.reddit.com/r/GrapheneOS/comments/10b5x4n/comment/j67pbny/
I really like their full disclosure. It’s really helpful to see how decisions are made. Especially to establish trust.
Now we just need to get them on Lemmy