I have not any prior experience with installing custom ROMs, but after trying it out (and getting stuck, and googling and finding answers) I successfully did it. Below is my home screen if anybody is curious:

I use OpenBoard for my keyboard. Unfortunately I am still dependent on Play Store since some of the apps I need can only be found there. Sometimes it feels meaningless committing to this whole thing because I’m not perfectly private; then I think this is better than using a regular iPhone or Android phone.

So far I’m liking it. I am naturally inclined to feel hesitant about using this as my main phone and plugging in a SIM since it’s custom, but I’m slowly making the transition.

Feel free to share any beginners advice or your own experience using GOS for the first time. Cheers!

Futo keyboard. Its the best.

You can set up multiple user profile and install the play services in only 1 profile if you want to jeep other profile more private

@jawsua@lemmy.one
link
fedilink
18
edit-2
5M

Check out Heliboard (also on F-Droid) and follow the instructions to enable gesture typing. I also suggest Futo for on-device voice to text.

What specific apps are you using that you can’t deal going away from? Other than some social media or gamr or something. Even then it seems like there are replacements a lot of the time

Sometimes it feels meaningless committing to this whole thing because I’m not perfectly private

every small change matters

The Cuuuuube
link
fedilink
25M

Exactly. I don’t even think of myself as having escaped surveillance capitalism. I’ve made it less lucrative though. All that data they’re mining? I’ve done a little bit of work to make sure the mines are tapped out. I’m gonna keep working to convince others that there’s value in doing the same. Its all part of telling these greedy shitheads we won’t accept their global destruction anymore

T (they/she)
link
fedilink
95M

I’m curious why no one recommending FlorisBoard.

I’ve been using GraoheneOS as my daily driver for months now. I still have issues with things that need Google Localization (car sharing program in my city for example) and I’ve had a few banking apps complaining when being installed from the Aurora Store.

I miss having my cards on my phone quite a lot.

FUTO Keyboard is really nice imo

The Cuuuuube
link
fedilink
15M

I tried Floris board. Its particular rough patches are deal breakers for me, but I’m sure my keyboard of choice has rough patches that would be deal breakers for potential Floris board users. I hope some people see your comment and give it a try. It seems like a promising project

+1 for this, but i will mention that suggestions/autocorrect is not stable yet if that matters for people.

@sparkle@lemm.ee
link
fedilink
3
edit-2
5M

Suggestions/autocorrect will likely come within the next 2 months when 0.5 releases

It’s also easily customizable and will likely have an in-app layout editor by 0.6

hopefully i can move clipboard buttons too.

I recommend you use GrapheneOS as your daily driver. There’s not really any reason not to. I have been for years and never had trouble.

I just keep Play store installed with all permissions disabled, including network, and use Aurora store instead.

Wild Bill
creator
link
fedilink
95M

What is the main difference between using Play Store and Aurora store (logged in with your Google account)?

@communism@lemmy.ml
link
fedilink
10
edit-2
5M

Aurora is a foss wrapper with fewer anti-features like ads. You could trust the client more ig if you’re using Aurora. I use F-Droid for most things and then Aurora for like 3 apps I’m not willing to give up and have no foss alternatives. I mostly just use Aurora out of principle for the apps I can’t get from F-Droid, but also I guess out of a lack of trust for Google (which I suppose is related to the principle of not using proprietary software anyway)

Aurora store has a cleaner interface with no ads and can be used without a google account.

Wild Bill
creator
link
fedilink
65M

I’m more curious about the privacy aspect of using Aurora over Play, especially considering since I will be logged into my G account.

Just dont use your personal g acc (obviously), and its fine.

Wild Bill
creator
link
fedilink
25M

Excuse my ignorance, but why not use your own G account?

@shekau@lemmy.today
link
fedilink
2
edit-2
5M

By not using your own g account I meant not using account that is assigned to your identity or account that you use for official things.

Unless you have some purchases on there and you want to use these, but you shouldnt use your own account for that in the first place.

When starting Aurora, you can choose between an anonymous account or your own. You can still use the anonymous option even if you are logged in to other services with google. If you go logged on anyways, I guess Google will not know your every tap with Aurora? I would think logged in, google play store and aurora would be comparable (not private).

Wild Bill
creator
link
fedilink
45M

Do you know if it’s safe to download banking apps from third party stores (in this case Aurora)?

It does download from google (servers), so it is safe enough

Wild Bill
creator
link
fedilink
45M

I have heard Aurora is more insecure and you can risk getting your Google account blacklisted or banned using it. Do you have any experience with this or know how common it is?

I do not know on a technical level.

Matt
link
fedilink
35M

I’m still waiting on LineageOS being ported on my phone (SM-A536B).

You are welcome to work on it. However, Samsung devices are a absolute pain to work with.

Matt
link
fedilink
2
edit-2
5M

Yes, I know that, and I tried porting it to PostmarketOS, but the build failed miserably.

You need to mainline the kernel for Linux systems. That is a very difficult job

Welcome! My experience has been seamless, I think most of the idiosyncrasies have been covered in other comments already but Ive had zero issues with base functionality “out the box”

Even if apps you use depend on play store one of the things you can do on GrapheneOS is temporarily disable it and only turn it back on when apps refuse to run, another option is just keeping those apps in a separate work profile.

all android phones can temporarily disable an app until you turn it back on.

No, that only applies to (some, not all) system apps. GrapheneOS allows this for all (including user-installed apps): https://grapheneos.org/features#user-installed-apps-can-be-disabled

yes also including uaer apps: for example I can disable whatsapp by putting it in deep sleep and disabling its allowed network for extra measures, then it wont ring, wont update store version, wont recive calls, nor messages all while I’m online watching youtube for 2 hrs, then I can enable allow mock location and once online I’ll appear in brussel. btw I all non-rooted Androids can but Apple Users cant do any of that with their phones

adb shell pm disable-user PACKAGE_NAME

worked for me with Signal on a stock pixel

Sure you can do it through adb, but Graphene exposes this option in the settings. They also recommend against enabling developer settings and using adb for security reasons.

But you said “no” before… I was just showing that it is indeed possible with non-system apps.

Yeah you’re right, I didn’t think of adb while writing that comment. It’s not possible through the settings is what I meant.

Not all of them can disable google play service apps

I would argue you shouldn’t be using those apps in the first place since they all contain proprietary blobs (yes that includes Signal, see Molly-FOSS for a non-blobbed fork).

Absolutely, my suggestion was just for folks who have apps that still require play services, not everyone can avoid it, but you can minimize usage if you do need them.

Molly also includes other useful features like database encryption and UnifiedPush support.

Yes but for me it is a non-starter for legal reasons because screenshots do not work with fingerprint lock turned on. I don’t understand why the user cannot choose to enable this or not like other apps can (including Signal).

Not google services

Aurora store is also pretty cool. You can download from there without a google account.

Don’t forget to change your DNS provider to something such as NextDNS for added benefits

Does it have any benefits over just running pihole, other than reliability?

It also works when using cellular data or connecting to a different Wi-Fi network. Your Pi-Hole only works when you’re at home or when you VPN into your home network

Fair. I always assumed I could just point to it while I’m out, but i also haven’t put a lot of thought into it yet lol

I mean you technically could expose the Pi-Hole from your home network on the internet, but I don’t recommend it. A VPN (either a simple WireGuard setup or something more fancy like NetBird, ZeroTier or Tailscale) could work, but I think NextDNS is the easier solution. Alternatively you could look into running your Pi-Hole on a VPS with WireHole.

0^2
link
fedilink
85M

You aren’t always home, therefore when you aren’t home it’s useful.

You can still use PiHole as your DNS when not home if you setup a VPN. For me that was the route I went.

voxel
link
fedilink
2
edit-2
5M

or you can allow public authenticated access to dns over https… (just don’t expose the raw udp dns server, it’s a really bad idea)
(not sure if DoT can also support auth, but if it does that’s great because android supports dot natively)

Hellmo_luciferrari
link
fedilink
1
edit-2
5M

I know I don’t want to open up any more ports than I have to, but you’re right, that does sound like another alternative to setting up VPN.

Since I access more than just my pihole when connected to my home network. And because I want access to my home services, and don’t want to open up access to the public, opening one port and connecting to VPN is the way to do it. I have one port opened up for my VPN, and in order to connect you have to have my IP or my domain pointed at the IP, and you have to have a Wireguard profile setup, and know what port is open. So that does help a tad bit with my security concerns.

Edit: how would I go about that if I felt so inclined? Any tips?

You might be underestimating the OP

I have not yet looked into the DNS topic. What are the risks if I use the provider’s default DNS? Or what are the advantages of using a different DNS?

@ivn@jlai.lu
link
fedilink
35M

ISP DNS servers often lies, depending on your country, a lot do DNS blocking so it’s a way to evade basic censorship. Also some alternative DNS can lie in useful ways, for adblocking or malware protection. You can also check mullvad DNS.

NextDNS even let’s you customize your DNS filter. You can choose which blocklists you want to use, and you can manually whitelist/blacklist individual domains. It also has other cool features like parental controls and malware protection.

@TheSun@slrpnk.net
link
fedilink
7
edit-2
5M

Look into the user profiles feature to further isolate any play store apps you still use. I have one profile called gshit and thats the only one I install anything non-opensource on from the Aurora store.

This prevents any playstore apps from accessing say photos, contacts, messages, etc on your main profile.

PS. If you don’t like the stock launcher either you should check out KISS launcher (minimal mode)

Didn’t the Aurora store get their anonymous profiles killed? You still need to login right?

No issues here.

No, anonymous logins work fine.

Logging in via Aurora can get your Google account banned.

Only read about it once or twice, so take that warning with a grain of salt.

I’m glad if they take my account down for me, actually

Hmmm nope I just updated some apps yesterday. I had to uninstall and reinstall Aurora store cause it wasnt showing the anonymous option anymore, but after that it popped up and worked like normal, no sign in.

deleted by creator

Sorry for the noob question, but are you able to access your banking apps with GrapheneOS? If so, how?

I’ve used four different banking apps (admittedly banks which may not operate in your country, but they’re popular enough in my country) on GrapheneOS no problems. I currently don’t have a banking app installed because I don’t need one and it’s probably spyware. I just do my digital banking in my web browser. But if you want to install a banking app, it should work completely fine, save for notifications—a lot of proprietary apps seem to rely on Play services for notifications 🤷‍♀️

Most apps should work with no issues. There’s a compatibility list at https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/

Random Dent
link
fedilink
115M

For me, going into the app info and enabling “Exploit protection compatibility mode” worked for banking.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.13K Posts
  • 78.3K Comments
  • Modlog