3 mo. ago • 95%

Switched to GrapheneOS today

grapheneos.org GrapheneOS: the private and secure mobile OS

GrapheneOS is a security and privacy focused mobile OS with Android app compatibility.

After using LineageOS for long time, I have finally moved to GrapheneOS. I use a lot of banking and financial apps which I never felt comfortable using on LineageOS due to lack of proper sandboxing, unlocked bootloader etc.

GrapheneOS works flawlessly just like Android. You don't even notice there's hardening underneath. Also it protects from Google's evil location tracking using WiFi/Bluetooth or even when the Location is turned off. I don't understand how people in general are comfortable with Google tracking all the time. You can use Google Play and Play Services in a sandbox that works just like regular installation, but without deep tracking.

If you haven't tried GrapheneOS, try it. You won't go back to regular Android.

105

DeGoogle Yourself @lemmy.ml Use GrapheneOS :)

105 comments

For people looking to change and are worried about banks bullshit here is a link to a list of currently supported bank apps.

104
If they can get it to work on non-Google devices, I will consider it. Right now Graphene compatibility is extremely limited. Besides, I basically have to give Google money to avoid Google.

🤪

69
I would like to switch, but there are a couple of points that are still holding me back right now:

Charge limits, on LOS I can root the phone, install ACC and still use the OTA updates, if I apply the patch afterwards. (Will be resolved in A15)

Option for sandboxed MicroG, IMO privacy is also very important for security, and people should be able to decide if they like more privacy or more security.

Option for rooting sandboxed apps from outside. IMO I, and a person, like to have full control over my phone. Trust often comes with control. If I choose to trust one app to have root access to another app in order to inspect it, then this should be possible. Sandboxing could allow one app to have root access to individually chosen other apps, thus limiting the impact compared to system-wide root access. Maybe offer rooting gated behind a separate hardware token authentication. (sudo like) A lot there can be improved IMO, while still providing it and making it more secure in general.

I know that my understanding of security and privacy might be different from what GrapheneOS understands, but as a long time Linux Admin, I don't like black boxes, I like to peek into them, modify or patch them, when they do something I don't want them to do, etc. So that when I enter personal information into them, I am still in control what happens to them, at least that is my desire.

Taking control away from the user in order to "improve security" might be a valid approach to some, but it is not something I have much trust in.
27
Woot! Welcome to the club! Fuck Google!

14
I just looked it up and GrapheneOS only works on google hardware? So you had to give google some money first or did you get it to work on something else?

10
I don't mind giving graphene a try but I'll be honest, I have the following issues:

Need to buy a pixel phone for this.

I use a memory card so pixel phones might not be an option.

fear of bricking a phone that I just got.
9
My next phone is definitely going to be a Pixel for this reason. But my current one is not even 6 years old so I'll wait a bit.

8
People contemplating moving to graphene, do be aware that banking etc. absolutely can be a major PITA on graphene as well. Several official apps used where i live cannot work in graphene, even with sandboxed play services installed, making day-to-day life functionally impossible with graphene. Luckily reverting to stock android is easy, although I probably wouldn't have bought a pixel phone if I was planning on using stock OS.

8
There's also CalyxOS if you don't want to run anything Google on your phone at all, but still have functional apps and such.

7
honestly the only thing that is stopping me moving rn is Google Pay contactless for my bank cards and my bank app having ridiculous requirements with safetycheck.

4
Does RCS work reliably on Graphene? I thought Google was fucking with RCS quietly for those on custom ROMs or other things.

4
Great!

I go back to regular degoogled Android btw. Not a fan of the new pixel design. May come back later

3
I've been running it a couple of months now. All my banking apps work but 1 and I use one of my other phones for that.

2
@PullPantsUnsworn
I'm honestly only afraid of bricking my primary phone. That's the only reason I'm still on stock android. It's the inconvenience of having to buy my way out of a brick.

2
I wish there was a way to keep Grapheneos installed and locked down without root, but with a way to adjust screen color. The only way I can tolerate pixel screen color reproduction is to root it and use an app to adjust it.

2
Just beware that their community is a bit... unfriendly. So if you'd like to hang out maybe ask anywhere except their community.. like here 😁

1
GraphmemeOS

1
Provide GrapheneOS for non Google devices today

0
Graphene uses the same sandboxing as AOSP. If you are talking about Google services framework then that makes a little sense but by itself the apps are about the same in terms of security.

-10

You've viewed 105 comments.