I am a long term GrapheneOS user and would like to talk about it. r/privacy on the redditland blocks custom OS discussions which I think is very bad for user privacy, and I hope this post will be useful to anyone who are in the hunt for better privacy.

Nowadays smartphones are a much bigger threats to our privacy and Desktop systems, and unfortunately manufacturers has designed them to be locked down devices with no user freedom. You can’t just “install Linux” on most smartphones and it is horrible. And most preloaded systems spy on us like crazy. That was why I specifically bought a pixel and loaded GOS onto it.

According to https://grapheneos.org/features , they start from base AOSP’s latest version, imptoves upon it’s security and significantly hardens it. There’s hardened_malloc to.prevent against exploitation, disabling lots of debugging features, disabling USB-c data, hardening the Linux kernel and system apps etc. They even block accessing the hardware identifiers of the phone so that apps cannot detect whqt phone you’re using. That means with Tor and zero permissions given, apps are anonymous.

Compatibility with apps are best in Custom ROMs but there are still that can’t work, especially if they enforce device integrity. Very few apps usually enforce that tho. Also their community isn’t the friendliest but you can get help. Just don’t try and engage too much or have too many debates.

Anyone else here use GrapheneOS, or any other privacy ROMs? What is your experience? Do you disagree on any point? Let’s have a discussion!

  • N0x0n@lemmy.ml
    link
    fedilink
    arrow-up
    50
    arrow-down
    4
    ·
    1 month ago

    I post someone’s comment on a controversial topic about google and GOS. I saved it because that’s exactly how I feel.


    Step 1 of installing GrapheneOS for de-googling your life: Buy a Google Pixel phone

    Look - I know, I know. I get it. Google allows you to unlock the bootloader while maintaining the phone’s unique and excellent hardware security features. The argument makes sense. It is compelling. Other manufacturers do not give you this freedom. I am not arguing about that. I have a Pixel phone running GrapheneOS myself.

    However… It is just so very obviously ironic that one needs to trust Google’s hardware and purchase a Google product to de-google their life through GrapheneOS. I think that it is a perfectly valid position for someone to raise their eyebrows, laugh, and remain skeptical of the concept either because they do not want to support Google at all, or because they simply will not trust Google’s hardware.

    The reason why I think that this is “controversial” is because I have seen multiple instances of someone pointing out the irony, followed by someone getting defensive about it and making use of the technical security arguments in an attempt to patch up the irony.

    https://mander.xyz/comment/15084264

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      23
      ·
      1 month ago

      If your objective is to punish Google, or to have nothing to do with Google. I completely agree with you using a pixel phone just doesn’t make any sense. You shouldn’t do it

      If your objective is to have the most security possible… Then you should install graphene on a Pixel phone.

    • Darth_Vader__@lemmy.worldOP
      link
      fedilink
      arrow-up
      22
      ·
      1 month ago

      Yeah it’s ironic but what is the alternative? At least we CAN remove Google’s known spyware from the device, and there’s no evidence of firmware level spying. If you get Samsung, or some chinese crap, you can’t remove Google period, and you might get spied by the manufacturer as a cherry on top. There is no way to have a perfect solution, well unless Samsung starts to provide Custom ROM support or something.

      • Azzu@lemm.ee
        link
        fedilink
        arrow-up
        3
        arrow-down
        3
        ·
        1 month ago

        I’m using a Fairphone with /e/os. No Google at all.

        • /home/pineapplelover@lemm.ee
          link
          fedilink
          arrow-up
          11
          ·
          1 month ago

          Not hardened though. I was heavily considering fairphone but over the back and forth between them discussing with Graphene developers, their hardware is not secure enough yet for graphene to be made for the fairphones. If and when fairphones are on graphene then I will definitely buy them.

          Also, even though I commend their phone, the accessories for earbuds and headphones certainly bring up some questions as to their intentions.

          • Azzu@lemm.ee
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 month ago

            It’s because Graphene is not a custom ROM. /e/os is. Graphene is just an OS on top of the ROM, and Fairphone doesn’t update their ROM often enough.

            This is a complete non-issue though if you use a custom ROM like LineageOS or /e/os.

    • Tinkerer@lemmy.ca
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      1 month ago

      This is exactly why I don’t have graphene os, the irony of having to support google is too much for me call me paranoid but i also dont trust them with the hardware piece either lol. I’ve been running lineage os without gapps and its honestly great, updates and patches are every few weeks, super stable and awesome.

      • Darth_Vader__@lemmy.worldOP
        link
        fedilink
        arrow-up
        9
        ·
        1 month ago

        I assume you’re using it with bootloader unlocked. The issue is somehow some malware injects your phone and roots it, it can just install itself as a system service and just live there and you’ll never know. The security feature that protects against it is disabled once bootloader is unlocked.

        Also I’ve heard that LineageOS has not all security updates present since some firmware updates needs to be provided by the specific manufacturer. For Pixel, Google provides it and GOS uses it.

    • bloubz@lemmygrad.ml
      link
      fedilink
      arrow-up
      6
      ·
      1 month ago

      I don’t have any answer for the point where you would not trust Google even for the hardware (even though I don’t think there is any risk on the current devices)

      But concerning the “don’t want to support Google” an easier answer is to buy a second-hand Pixel

      • eleitl@lemm.ee
        link
        fedilink
        arrow-up
        3
        ·
        1 month ago

        The point of not trusting Google hardware is that there is no way to know what hidden function is in there. De-lidding and reversing isn’t practical at current integration density. So, no, I don’t trust the hardware to not contain remoteable backdoors. But it’s a pretty high threat level.

    • brzrd@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 month ago

      With the lack of any other viable option, I struggle to see the point of the arguement.

  • Yep. Been using it for about 2 years now. So far no issues except amazon prime but they gave me adds sufficiently annoying that i finally got around to setting up jellyfin. Been able to solve pretty much all my issues with dr gpt.

    Every time i see someone posting about a new mobile phone exploit i get immense joy scrolling down through comments and finding someone posting the fact that graphene patched it 3 years ago and recommended a patch to google who have yet to implement it into base android.

  • kyub@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    22
    ·
    edit-2
    1 month ago

    Using it since many years on many Pixels and loving it.

    Main pros: zero bloat, efficient, highly secure and highly private (about as private and secure as it can get on any smartphone), and it’s an Android without any of Android’s typical weaknesses (privacy issues, bloat, etc.). You get to utilize the advantages of Google (its security) and completely avoid the disadvantages (its many privacy issues). You get to use all the advantages of an Android mobile OS while completely avoiding all of its disadvantages. It’s like getting your cake and eating it too. You’re much better off in terms of security and privacy than almost(?) all other smartphone users. According to leaked documents, Cellebrite for example can’t crack GrapheneOS on Pixels at all. They can crack almost any other smartphone if they have physical access to it. Most smartphones are really easy for them to crack. iPhones may pose some trouble depending on model/OS. And Graphene on Pixel is the literal brick wall. And even on top of that it has tons of great security features, like auto-reboot after X hours of inactivity, charge-only-mode for USB-C when locked, distress/duress PIN entry to immediately wipe the phone, many things like that. On the privacy side it’s looking great as well: Some folks have analyzed Graphene’s network traffic and there’s zero privacy issues from the OS or its built-in apps. And the few connections it does make (for updates and so on) are all documented and work exactly like they documented them, and they only transmit the exact least amount of necessary data without anything beyond that (guess what - that’s super rare). And on top of that there’s even more great privacy features, some of which are invisible but well thought-out, for example any SUPL request goes through a Graphene proxy server first (configurable) which strips all personally-identifiable data from the request and then redirects it to your provider’s SUPL server (which is most likely Google’s SUPL server in the end). I’m seriously impressed by the quality of the GrapheneOS project. Maybe you don’t realize how good and rare such things are nowadays. Also the documentation is very good and actually answers most of your questions and doesn’t contain any marketing blurb. The social media feeds and forums are a great source of info as well. On top of all that it’s even easy to install GrapheneOS.

    Main cons: it’s only available on Google Pixel phones, so if you truly despise Google and don’t want to buy or use anything from them, it’s not the right device/OS for you (or maybe buy it used?). However, the reason GrapheneOS is on Pixel is purely a technical one: Pixels do offer very high hardware based security already (probably the most, although iPhones have good hardware-based security as well. As is known, Apple tends to be produce good quality hardware, not quite so good software) as well as a very high degree of “platform neutrality”, i.e. it’s supported by Google to flash a different OS on it or use more advanced tools like adb without any sort of tinkering or unnecessary danger involved. Also you don’t have to register to unlock your phone or anything, you only need to be online once to enable the OEM unlocking feature (I think this is because Google needs your IMEI to check whether the phone is carrier-locked (cannot ever be OEM unlocked) or can be unlocked, and they will immediately receive some device data including the IMEI as soon as you go online with the preinstalled Android OS once [of course they will receive some more device data than just the IMEI]), so it’s best to not insert your SIM yet (and not do anything with the preinstalled OS) before you’ve installed GrapheneOS on your new Pixel. Do the OEM unlocking step on WiFi only, best on a public WiFi so Google has much less of a chance to identify you based on your IP or related data. Then install Graphene, then insert your SIM and start using your new phone. Other cons exist but they’re rare or pretty much irrelevant in daily use. If you have to hear them, read an older post by me about some potential downsides: https://discuss.tchncs.de/post/19867254/12069767

      • Forbo@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        1 month ago

        You can always give it a run and add a report. Also, if it doesn’t work, give the app devs feedback that it is preventing you from using it. It might not be much but we can at least try to make our voices heard.

        • mayhair@discuss.tchncs.de
          link
          fedilink
          arrow-up
          1
          ·
          30 days ago

          Well, I’m saying this because I’m interested in running GrapheneOS on my next phone. (It doesn’t support my current one)

      • theskyisfalling@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        2
        ·
        28 days ago

        I personally don’t even find it that annoying as it takes around 30 seconds more to log in via a browser for me and I barely ever use it anyway. I’m more annoyed that my bank has the audacity to think they can dictate what I use on my phone citing “login blocked due to custom ROM” or something similar when I last tried to use the app.

        Fuck banks.

  • SpiceDealer@lemmy.world
    link
    fedilink
    arrow-up
    19
    arrow-down
    2
    ·
    1 month ago

    I’m pretty sure that every Android Lemmy user has a Custom ROM installed on their device. Currently daily driving GrapheneOS on my Pixel 7 Pro.

  • Object@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    15
    ·
    edit-2
    1 month ago

    Other than Starbucks app and VoLTE stuff, I haven’t encountered an issue yet. Somehow all my banking apps work. The profile feature alone makes it worth it. They also recently increased the number of profiles that can be run in parallel, too.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 month ago

      How do you like the cross profile notifications? What’s your workflow? Do you have multiple profiles active at the same time?

      • Object@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        edit-2
        1 month ago

        I have one “Daily” profile where I keep thing I don’t mind showing others, and many other private profiles. Each private profile has a unique environment I find myself using every now and then, so it’s a bit like VMs. For example, one profile has VPN on 24/7, another with Orbot, and another with a non-functional VPN (which is basically no network). It enforces the rule so that I don’t fuck things up by accident. Primary profile is just a package manager for me.

        I have multiple profile active, but it’s usually just for long downloads. It was annoying whenever I go back to a profile expecting some long job to be done, only to find out it got killed 10 seconds after starting it. Or worse, finding out my Daily profile got killed.

        I don’t get many cross profile notifications because I almost never receive one outside of the Daily profile.

        • acockworkorange@mander.xyz
          link
          fedilink
          arrow-up
          2
          ·
          1 month ago

          That’s a dealbreaker for me. I do use my phone as a phone rather frequently. What’s the deal? Is VoLTE not supported by default on GOS? Is ou it a specific device incompatibility?

          • Metz@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 month ago

            Is VoLTE not supported by default on GOS?

            Yes and no. e.g. see https://grapheneos.org/usage#carrier-functionality

            Wi-Fi Calling, VoLTE, Visual Voicemail, MMS, SMS, Calling and 5G (SA and NSA) all are supported, however some functionality may not be usable due to Google not supporting carriers on the stock OS officially or due to GrapheneOS not shipping proprietary apps required in order for this functionality to work on some carriers.

            Generally 5G, SMS, MMS, Calls and VoLTE will work fine on GrapheneOS with officially supported carriers by Google.

            Some carriers may restrict functionality, such as VoLTE, on imported Pixel devices as they only whitelist the IMEI ranges of Pixel device SKUs which were sold locally.

            And https://grapheneos.org/usage#lte-only-mode

            VoLTE / VoWi-Fi works on GrapheneOS for most carriers unless they restrict it to carrier phones.

            So… it depends

            If your carrier is official supported by google, your carrier itself supports it and your device is not imported, it is likely to work.

          • Object@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 month ago

            Honestly, not quite sure why it happens, but I know it’s something to do with using it in Korea, where Pixel phones are not natively supported. In other words, it happens with Pixel phones, regardless of the OS.

            As to how I knew it would work with the fix, it was a gamble. I rooted my phone and enabled VoLTE prior to that app.

          • Object@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 month ago

            Unless the phone is rooted, I don’t think so; I need to enable wireless debugging first, then run Shizuku, then enable a bunch of options in the Pixel IME app. But then again, this can be done permanently with root.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    14
    ·
    edit-2
    1 month ago

    https://www.privacyguides.org/en/android/distributions/#aosp-derivatives

    https://eylenburg.github.io/android_comparison.htm

    I am a GOS user, it just works, so I don’t really think about it. It’s very nice to have storage and contact scopes.

    My only complaint is I can’t share a VPN over hotspot or tethering, which is very useful for a travel router device (to make all traffic look like it’s coming from the phone). (Lineage and calyxos have this)

  • agile_squirrel@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    1 month ago

    I’ve been using it for just over 2 years now and am very happy with it. I am curious about CalyxOS though. While I don’t think I’d switch I’d be interested in a technical deep dive comparison between the 2.

  • The 8232 Project@lemmy.ml
    link
    fedilink
    arrow-up
    8
    ·
    1 month ago

    I have the pleasure of using GrapheneOS. I can’t imagine using anything else. It was also the first (widely used) custom Android distribution to adopt Android 15. As far as I can tell, almost no others support Android 15 yet.

  • communism@lemmy.ml
    link
    fedilink
    arrow-up
    8
    ·
    1 month ago

    Last 4 or so phones have all been GrapheneOS (I’m not buying new phones all the time to be clear; I use phones till they break; I’m just a long-time user) and yeah I’ve really had no problems to speak of. I currently have a separate profile with Play services for certain apps, and also just to isolate non-privacy-respecting apps that I have to have installed for whatever reason.

    Almost all the apps I use are FOSS apps who are aware that a significant amount of their userbase will be using various AOSP forks so I’ve not run into any app compatibility issues. Even back when I used banking apps, I’d used 4 different banks’ apps on GrapheneOS and all of them worked completely fine. Now I don’t have a banking app because I won’t install proprietary software unless I actually have to for some reason, and I can bank on the web just fine.

  • [R3D4CT3D]@midwest.social
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 month ago

    i really want to make the switch but need to figure out how to steal a pixel phone bc i sure as hell ain’t paying for one

  • Cris16228@lemmy.today
    link
    fedilink
    arrow-up
    8
    ·
    1 month ago

    I would love to buy a pixel to install GrapheneOS but ain’t no way I’m giving google money and I don’t know where I can buy a brand new pixel. There are currently 3 apps that scare me and not sure if they’re even working on GOS and one is my bank app

    • Nednarb44@lemmy.world
      link
      fedilink
      arrow-up
      18
      ·
      1 month ago

      Getting a used/refurbished one doesn’t really give them anything, and actually prevents them from getting data on the next person who would have gotten the used phone and used the stock OS

        • Nednarb44@lemmy.world
          link
          fedilink
          arrow-up
          3
          ·
          1 month ago

          I got a 6 a few months ago and it’s solid. I only got it as a test but ended up using it full time. I do wish j had gotten a newer one only to future proof more

          • Cris16228@lemmy.today
            link
            fedilink
            arrow-up
            2
            ·
            1 month ago

            I’ve found the 7 8/128 for ~270€ and it’s great! Good conditions too, it scares me the green screen problem which is a pixel thing

      • Cris16228@lemmy.today
        link
        fedilink
        arrow-up
        3
        ·
        1 month ago

        It’s a refurbished website for the US? I’m in Europe and I can check something similar Thank you!

    • Darth_Vader__@lemmy.worldOP
      link
      fedilink
      arrow-up
      5
      ·
      1 month ago

      Regarding banking app, check privsec.dev 's list.

      Regarding Pixel, don’t see it as giving money to Google, see it as payingnfor good hardware.

      • Cris16228@lemmy.today
        link
        fedilink
        arrow-up
        4
        ·
        1 month ago

        I’m still paying a shitty company for good hardware. I will see if I can find a good refurbished, otherwise I’ll pay the hardware with money and not my data. Fuck google

        • RvTV95XBeo@sh.itjust.works
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          1 month ago

          Does yours have a website you can use through a mobile browser? With the exception of mobile depositing checks, which I do once every 15 years or so, I can do all of my banking in the browser

          • Cris16228@lemmy.today
            link
            fedilink
            arrow-up
            1
            ·
            1 month ago

            It does but the mobile app is a lot better in terms of UI. For example, on the app I can transfer money in a few clicks while on the website I have to login every time (app is fingerprint), navigate in desktop more and find the way to transfer money to the other card. Maybe it works, maybe no one reported it as working (I hope that’s why!)

    • shortwavesurfer@lemmy.zip
      link
      fedilink
      arrow-up
      4
      ·
      1 month ago

      My bank app worked fine on lineage OS without Google Play Services, but I ended up leaving them anyway because I wanted to have a bank that would let me use a mobile website and that bank required the use of their app.

    • EngineerGaming@feddit.nl
      link
      fedilink
      arrow-up
      3
      ·
      1 month ago

      Here they aren’t officially available yet there are still plenty of resellers - I guess you can find some in your area. I was really scared that the bootloader wouldn’t unlock due to the origin country’s carrier shenanigans, but it went through just fine (still checked every bit of info I could before buying).

      • Cris16228@lemmy.today
        link
        fedilink
        arrow-up
        2
        ·
        1 month ago

        Last time I bought a phone it was sold as phone of my country then realized when started that was from another country in Europe so I’m scared of getting that again

        • EngineerGaming@feddit.nl
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          1 month ago

          At least the listings I have seen explicitly listed the origin country. Mine is Japanese, and it cost less than an American counterpart, for example.

          • Cris16228@lemmy.today
            link
            fedilink
            arrow-up
            2
            ·
            1 month ago

            It’s not a big deal but the thing I wanted to use was not available on that region🥲 then I learned how shitty the company was

  • youmaynotknow@lemmy.ml
    link
    fedilink
    arrow-up
    7
    ·
    1 month ago

    I’ve been on GrapheneOS for 4 years or so. I’ve tried CalyxOS every now and then, but always end up coming back to GrapheneOS. I find it simple, private, secure and free of BS. CalyxOS does come with some stuff preinstalled, which doesn’t really appeal to me, and I trust the sandboxes Google Play model much more that MicroG.

    About the devs, I really haven’t had any issues that I have not been able to resolve myself, so my interaction with the is non-existing. I have read some posts with interactions with them, and they do seem to be hostile towards anything that is not 100% aligned with their train of thought, which I find stupid, to say the least. But regardless of how rude they may be, I feel GOS literally has no competition in the Android landscape in terms of privacy and security.