I’m considering the switch to GrapheneOS, so I watched this interview with one of the members of the GrapheneOS team, and honestly, I feel it was a great general introduction to it and touched on common features and misconceptions.
For those who don’t know, it’s one of the most secure and private mobile operating systems out there. Some things that I took away:
-
They touched upon MAC randomization. I researched a bit on my own about what the need for it is. Apparently, it’s standard practice to randomize MAC addresses when scanning WiFi connections. However, GrapheneOS (and Pixel firmware) are even better at this, as they make sure they don’t leak any other identifiers when doing so. They also allow you to get a new random MAC for every connection that you make (not sure whether this is very useful, as this can cause problems). On a related note, even when WiFi/Bluetooth are “off,” stock Android can still scan in the background to improve location accuracy (by matching visible networks/devices against Google’s database). So basically, even with WiFi/Bluetooth off, Google still knows where you are. In GrapheneOS, this option is off by default.
-
They have their own reverse proxies that they use to talk to Google on your behalf when needed.
-
Apparently, in the USA you can be compelled to provide a fingerprint or Face ID. Courts have ruled this doesn’t violate the 5th Amendment because it’s physical, not testimonial. BUT you cannot be compelled to provide a password/PIN. That’s considered testimonial evidence, protected by the 5th Amendment. GrapheneOS has a two-factor system where, after using your fingerprint, you still need to enter a PIN, so it helps with this. They also have a BFU state after reboot, which is the safest and requires you to enter your full passphrase.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 108 users / day
- 435 users / week
- 1.32K users / month
- 4.54K users / 6 months
- 1 subscriber
- 4.64K Posts
- 117K Comments
- Modlog
grapheneOS is a great system, it’s a shame about the absurd accusations made against eOS and iodé. On the other hand, the biggest problem with grapheneOS is its exclusivity: it only works on certain Pixel models, which are very difficult to find and expensive. Here in South America, it’s very difficult to find a Pixel, not to mention that they’re prohibitively expensive. But I suppose if you need that level of security, you’ll pay whatever it takes.
They also have a duress PIN.
I believe if you are compelled by police to unlock your device, and you wipe it instead, you may be charged with destruction of evidence, or at least obstruction of justice
My only problem with GrapheneOS is the lead developer.
What’s wrong with the lead developer?
Paranoid and has some outburst from time to time. Dude does some amazing work though.
Being paranoid is quite helpful when hardening a system.
For point 1, you can choose the MAC privacy settings on a per-connection basis. For example, my MAC is randomized periodically on all connections except my home network, where I use my device MAC.
I mean that is standard on all mobile OS. IOS has it standard android has it.
deleted by creator
2 months GOS user here on Pixel 9. So far so good. You do have a lot more controls over the traditional Android phones. In fact, you have too much that for average user, i think it can be a bit overwhelmed.
PROFILES
For eg, you can easily install Google apps and use them like a normal phone. Problem is on Graphene, you have many ways to set this up. You can:
a) install in your main profile and be done
b) install Gapps in main the private space within main profile
c) some crazy stuff like install Gapps in the private space of a secondary profile, which you lock using a completely different password.
I spent too much time in this loop lol. Finally i settle on: all daily apps in main profile and sensitive apps live in a separate profile (banks, important docs).
SECURITY
Next the security features in GOS are amazing. You can control every single permissions that an app can do. I mean every thing including the system Phone app. I can go 100% paranoid and prevent the Phone app from Phone logs, microphone and Phone. Essentially making the Phone app useless… Very very nice but you need to experiment with your apps and see which permisions you can deny and which you cant. On normal Android? You can deny some apps but the system ones, you cant.
I especially like the USB c feature. I leave mine on Charge only. So the port only functions to charge my phone. This cuts off every other connections: plug into PC, plug into car for Android Auto…etc. I like it that way. .
Btw, Android auto works great too if you need it. .
OS is so minimal that you will need to install essential apps on your own. For eg, i use Florisboard for keyboard, MiX for file manager.
a) your usual password, pin, fingerprint
AND
b) a secondary pin that can be scrambled at random. So you unlock with your fingerprint then you need to enter that 2nd pin or password to enter the phone. EVERY single time. And it is scrambled too so you dont have to worry about people tracing your fingers.
AND
c) the Duress pin. This is like the nuke PIN. You set this up and hypothetically you are in a dangerous situations (thieves want you to unlock, local police abuse your phones…etc), you can enter this instead of your normal screen lock pin/password and every data is nuked. I havent tried it yet because i spent too much time set my phone rhe way I like it lol. If somebody tries it out, pls let me know.
INSTALLATIONS
Stupidly easy. On the OG Pixel, if you want to install LineageOS, you have to be very careful. Beside downloading the ROM, you need to flash a custom recovery like TWRP. Then becaude it is a Pixel, you nees to be careful which slot to flash the ROM. Flashing to the wrong one will brick the phone.
On Graphene? It is literally plug your phone in and open the browser where the install notes are. The ONLy technical thing I need to do during the process waa enable bootloader unlock. Everything else was like “GOS finishes this, GOS finishes that, can you press this button, GOS is rebooting…”. .Very very simple.
**SOME HELPFUL POINTS (i hope) **
dont treat this as a Degoogle phone. .You can but the strong point of GOS is security.
some features are not available compare to like.Samsung’s ONE UI . For eg, only allows an app to connect to 5G and not wifi.
dont create a super complicate setup. The backup process will a pain.
Thanks for taking the time to share
Even the iPhone can handle the bully tactics with cops. Simply attempt to shut down the phone. You don’t have to follow through, pulling up the shutdown slider is enough. It will require a password to unlock after that.
Also, if you press the power button 5 times on iPhone it does a hard lock requiring the passcode to unlock.
That’s cool and all. But I just want a working Linux phone to use as a daily driver. That doesn’t require constant fiddling and is made with modern, powerful, hardware.
2027 will be the year of the linux phone for sure!
Keep an eye out for what people say about Jolla’s next phone, when it’s out sometime next year.
I’ve been using Grapheme on a Pixel 8 Pro for about 6 months it’s been an adventure. There are so many options to lock stuff down but when you try full lock down some apps don’t work and the error messages they throw don’t say much so you in harden one thing at a time to make them work. This is not a phone you can just throw your SIM in and expect it to be just like your old phone.
I do feel pretty confident with this phone on a Cabe SIM but you do need to commit.
What is a Cabe SIM?
I apologize its Cape
https://www.cape.co/
My only defense is that post was before coffee and food
I told you I will switch to Graphene OS, you don’t have to sell it to me.
They definitely use your data to market to you on their platform. They might not be selling your data outside their network, but does that suddenly make it okay? They are still using your data to their enrich themselves.
deleted by creator
Does iOS also provide:
Honest questions. I don’t use anything Apple, but have used GrapheneOS for years.
mostly the answer is no. it has the same permission controls for apple’s own apps as third-party apps, but ofc graphene has a couple more options there too. filesystem access is limited to the file picker and the app’s own data directory, which i assume is a tiny bit more restrictive to the user than storage scopes. the scope concept also exists for contacts, pictures, health, and maybe a few other things. user profiles don’t exist on iphones; i think they might on ipads but i don’t have one. sandboxes are pretty locked down but not controllable by the user. then there’s “lockdown mode” which disables a whole bunch of shit and is supposed to harden your phone to highly-motivated attackers
Yeah, thanks. The more I research and ask knowledgeable Apple users, the more I’m convinced that if GOS did not exist I would either move to iPhone or just get a dumb phone for calls and rely on Linux computers for everything else. In Android, everything outside GOS is worse than stock android, let that sink in 😕
actually i’m thinking of switching to graphene eventually myself. is there anything you can tell me about that?
Compared to iOS? There’s nothing I can say other than what I’ve researched and asked around, which makes it an acceptable second after GOS. Now, about any other bloat-ridden mobile OS out there, including some claiming to be private, secure or both (yes, I’m talking about e/OS, Iodè, brax and others), it’s incredibly customizable from any standpoint (taste, security, privacy), super fast, ridiculously minimalist, however you can run over 99%of all android apps out there (some may require tweaking, for example, Exploit Protection Compatibility mode, which is how I actually got the Chase app to work, which was the one android app that didn’t).
You could say that, it’s not just the most secure mobile OS out there, but also the one that allows for more convenience as well (knowing convenience tends to sometimes drop security levels as well as privacy levels). The best part is how you get to choose how you segregate what you allow apps and services across profiles, or even in the same profile.
Honestly, I tried going back tk stock to see if I was missing out on something, and after less than 24 hours I couldn’t take it anymore, the control I lost by trying was making me anxious.
that makes sense, thanks. is it still difficult to get tap-to-pay to work on graphene? i try to use cash and i assume most grapheneos users do too so there’s not a whole lot of information on it
Tap-to-pay directly from my bank apps work, as well as from my Garmin watch. As far as I’m aware, Google pay does not work, but I haven’t really tried since the Pixel 8 Pro came out. One place to ask would be in the Matrix GOS channels. Maybe in General https://matrix.to/#/#general:grapheneos.org
How’s Graphene OS as a daily driver?
As I said, I’ve been on GOS for a few years now, after having tried CalyxOS before ever hearing about GOS. Having said that, I have absolutely no complaints. My main Profile runs nothing but FOSS apps, and then I have a secondary profile for anything that requires Google Play to work (banks, maps, IoT platforms, etc.) I don’t use ‘normie’ social networks or chat apps at all (WhatsApp, Instagram, discord, etc.) so I can’t speak to those.
Not only does my battery last ridiculously longer than it did on stock Pixel, but every interaction seems to be way faster as well (admittedly, I didn’t really last long on stock Pixel, so I might be biased by that).
The only app that doesn’t want to work for me is the Chase bank app, but that’s fine, I just bank via browser.
I cannot compare experience with iOS, since I haven’t touched any Apple device in years, but from what I read and research, failing to get a pixel phone to make it a GOS device, phones seem to be the second best option to be somewhat secure and private.
Every other self-denominated “privacy mobile OS” out there is just smoke and mirrors, as I’ve tested against my network and they all send information to Google and other big tech third parties in one way or another. GOS is the only one that seems to keep everything in my control 100%.
Is switching to GrapheneOS reversible?
I was wondering whether it affects warranty or hinders seeking service if there’s any problem in the phone.
it is 100% reversibile on pixels made so far and since it’s only available for pixels…
Edit: Afaik there are no warranty issues if you flash stock rom before, which might make it harder if your hardware fails.
The only thing I missed when switching to GrapheneOS from Android was Google Pay, and that wasn’t that big of a loss.
I just got a phone case that holds my debit card in the back and turned off NFC.
Yeah, as they said most banking apps now work, however, Google Pay doesn’t.
There are alternatives to it like curve pay but I haven’t done the research whether they’re trustworthy enough. EU company I think.
I tried to set up Curve on my pixel 7 with graphene os and it wouldnt let me create an account. After filling in my contact details the app just said “We are unable to verify your identity” even though it never even asked me to show ID (I never reached that screen).
When i emailed Curve customer support (which is terrible btw, theres about 2 months between replies) they just said things like “We cannot offer you an account at this time” and “We were unable to verify your identity” and “We are unable to disclose the reason for denial for security reasons”.
I’m not sure if graphene os had something to do with it.
So just in case if you want to set up Curve maybe create the account first on a non-graphene phone, then log into the app on graphene after the account is already created.
You have to install GrapheneOS’ Google Play (sandboxed) and services for banking and government apps. And you can install Google Play with stock Graphene, it is very easy.
In my country everything is built around this 2FA app that requires Google Play Services. But a phone with GrapheneOS and sandboxed google play should be better in total than just running stock android I guess? I wish I didn’t need google play services, but currently I do.
Yes. The top comment says Google Pay, not Google Play. The sandboxed play API has worked well for me personally.
The threat level for google play services is different in graphene as it runs in what they call an “appbox,” which basically means Google Play is just another app that’s sandboxed like everything else.
Would there be any benefit in running google play services in a private space, or does the sandboxing already provide that separation?
I don’t think so. From what I gathered, the only thing Play Services can see on GrapheneOS is the list of other apps you have installed. That’s it. They can’t see anything else unless you grant access to it. You’re not giving Google root access to your phone, you’re just installing an app that happens to be made by Google, and it’s locked down like everything else.Edit: https://youtu.be/YB01HHFitFA?t=625 I just saw this video apparently apps can still communicate with each other so you might want to isolate if that’s something you’re worried about.
Edit 2 : Another relevant link https://discuss.grapheneos.org/d/28558-google-can-still-see-my-app-activity-on-grapheneos/2
deleted by creator
That has been my major issue with Pixel along with their poor quality control. I hope the new OEM they are targeting will be more widely available worldwide and affordable enough for the average person
deleted by creator
Wait? They are unobtainable now? What happened?
deleted by creator
I got a pixel 9a for 370 euro in Sweden, which isn’t too bad. You can get a good refurbished 7 for less and it will have support for years to come.
deleted by creator
How much is a refurbished pixel 8a in your country?
deleted by creator
The pro versions will be much more expensive than the “a” models (like 9a, 8a, 7a, etc), if you can find an “a”-phone, it will be cheaper. I would get at least an 8a, since they have support until 2030 or something like that, the 7a has support until 2027. The 6a is the oldest one which still has support, but only for a year or so more iirc.
deleted by creator
Ah! I didn’t know they didn’t sell there, that changes things.
Just doing some TP math for you.
A xiamoi Redmi something something is about 130€. A pixel 8a is 370€ or a 9a 500€.
With the xiaomi, you are getting no security updates for more than a year. For a pixel 8a, you get 6 years and 7 with the 9a. Therefore, if you want to keep your phone up to date because your Banking app needs those to work, you are looking at about 65/71€ per year. Also, if you want to keep it longer, you can use it for longer, with the build quality and a battery change up to 10 years or so.
Also, anecdotally, those cheap phones are built like shit, run like shit, and you are genuinely better off buying a Samsung galaxy S7 and daily driving that. (Which I got when the S10 first came out, and BTW is still holding strong when I need a second phone in case I loose my pixel 7, after 6 years, unlike my huawei P30 which didn’t last a year until it started getting to 100°C when being on, and lagging to the point of being unusable.)
deleted by creator
Invidious: https://redirect.invidious.io/watch?v=eUEtc6gblK0