I'm not sure why the author counts microG as "appeasing google". microG is a full, open source reimplementation and won't send any data to google (or anyone else) unless you specifically enable the parts of the API that do that (notably, push notifications) - and even then, the amount is reduced.
Furthermore, microG can be installed on LineageOS, as can the official play services. Either of these choices gives you compatibility with anything that doesn't require play integrity - just like with GrapheneOS.
There is a security question I have been having regarding /e/OS (and I guess Lineage as well). For at least some devices, /e/OS (and again, probably Lineage) use the Google test keys instead of their own signing keys.
Doesn't that mean that I could write an app, sign it with those keys (they are public, since they are for testing), and then have it behave like a "system" app on those devices? Isn't that how a system app proves to the system that it is, in fact, a system app?
I can understand the "I am not paranoid and I don't really mind about an evil maid attack, so I don't need to relock my bootloader". But isn't it risky to use the Google test keys to sign the whole system?
Not trying to criticise Lineage and /e/OS here: I'm hoping that someone knowledgeable about this will be able to help me understand the actual risks.
> Isn't that how a system app proves to the system that it is, in fact, a system app?
No.
In a way it does not matter if the app is system or not. Even user apps (signed with some other key) can be powerful to do damage.
System partitions cannot be edited due to SELinux and also thesedays the partition ext4 is created with certain blocks - cant be changed.
Yes one can use magisk to do some gimmick - but that is kinda telling OS - Allow me to do anything.
The notion of locked bootloader as a holy grail against anything is stupidity. Apps inherently have too much power - assuming user somehow granted permissions. (or you are from a 3-letter organisation - incl. NSO)
>In a way it does not matter if the app is system or not. Even user apps (signed with some other key) can be powerful to do damage.
That might be true, but at the same time you shouldn't run random scripts off the internet as root, even though there are plenty of EoP or RCE exploits. The same applies to letting random apps get privileged permissions, even if sophisticated attackers can bypass those permissions with 0days.
>System partitions cannot be edited due to SELinux and also thesedays the partition ext4 is created with certain blocks - cant be changed.
That's irrelevant on Android because system apps can be updated without touching the /system partition, if the .apk is signed with the same key. The system will store the updated .apk file in /data/app, but otherwise grant it privileged permissions that only system apps can get. That's how google play services can update itself and still keep its privileged status, even though the phone OS hasn't been updated in years.
This does not sound very informed, to be honest. I can also throw random words like SELinux and NSO, but that's not bringing anything to the discussion.
Lineage is better and Graphene is obviously the gold standard which provides better privacy and security for normal people. The author is wrong in thinking you gotta be some journalist to use it. GrapheneOS is for everyone
i don't see how you can conclude from that article that lineage is better. do you have some reference to that? /e/OS is built on top of lineage. i can't imagine that they would make things worse.
grapheneOS only runs on expensive pixel phones. until i can buy a phone that runs grapheneOS for $100 or less, it is not for everyone.
Surprised that Sailfish OS is not there. I assume the only reason it says "Android-based" is to run Android apps. Sailfish is not android based but it can android apps. Seems like the perfect balance, live on a parallel reality and just dip into Androidland when you need it to. Only con is that like Graphene, it only works on specific devices. It's not free though but it is an alternative worth considering.
The main reason I stopped using Lineage is because I got a Pixel and wanted to keep maximum picture quality with it. Open-source photo applications, from what I understood, cannot access all of the hardware features to get photos as good as Google's app.
Is it enough to get the Google Camera APK somewhere else and use it? Or do I really need to keep the OS as Google intended, in order to get best picture quality? I don't have the time lately to do much tinkering and compare it by myself.
> The main reason I stopped using Lineage is because I got a Pixel and wanted to keep maximum picture quality with it.
I think if you get a Pixel, then you should use either Stock Android or GrapheneOS. I don't see the point in using something else.
> Is it enough to get the Google Camera APK somewhere else and use it?
With GrapheneOS, you can install the Play Services, the Play Store and then the Google Camera. I would be surprised if that wasn't enough. In fact I would be surprised if you needed more than the Camera APK. But like you, I haven't made the comparison. Would be interesting!
>With GrapheneOS, you can install the Play Services, the Play Store
Why use GrapheneOS if you are going to install Google Services anyway? The whole point of Graphene is to have a fully locked down OS that still works as it should. A mobile fortress basically. Installing Google Services defeats the point imo as it opens multiple security holes in the fortress.
May as well just install the stock os. At the end of the day, once Google stops shipping sec updates for your phone, firmware updates stop so that's it really. Graphene cannot give you the firmware updates anyway. And at that point, you have a vulnerable phone. I think graphene os makes more sense if you go all in. Otherwise there is no much point really.
That absolutely is not the point of the project and completely misses out on the many general privacy improvements that GrapheneOS makes, as well as the huge privacy improvement offered by running Play Services in the untrusted and unprivileged user-app sandbox.
It doesn't open up any holes since google play services are not allowed any special access on grapheneOS and run as a regular sandboxed app. You can make a separate user profile just for google apps.
It does if you want to fully use google play services. If you run google play services as a regular app, you cannot use banking apps, whatsapp (app works but no backups to gdrive) or uber for drivers. And you also cannot do purchases in the app store sadly. If you can live with this then fine.
It just seems odd to me, may as well install LineageOs if you just want an alternative android os really. You get more privacy controls than stock android. I just feel that the whole point of graphene is to be able to have a private phone and live outside big tech and you pay a price for that.
If you don't really care that much about privacy and are happy to let google apps run in the background then data about you can still reach the mothership but your smartphone experience is quite degraded imo
> If you run google play services as a regular app, you cannot use banking apps, whatsapp (app works but no backups to gdrive) or uber for drivers. And you also cannot do purchases in the app store sadly. If you can live with this then fine.
I do at least some of those, so I can say you are making wrong claims. I won't test all of them, it would be your job to test them before claiming that they don't work.
> It just seems odd to me, may as well install LineageOs if you just want an alternative android os really.
GrapheneOS is a lot more secure, and in my experience I get better support than I did with /e/OS.
> You get more privacy controls than stock android.
I do on GrapheneOS, even though I installed the Play Services and Play Store. I love being able to run them in the sandbox!
> I just feel that the whole point of graphene is to be able to have a private phone and live outside big tech and you pay a price for that.
Well you are not forced to install the Play Services. But if you own a phone that is supported by GrapheneOS, I would say it's a better choice than anything else out there.
I am currently using 4 banking apps from 3 different banks on GrapheneOS, they all work just fine. I'm also using WhatsApp and would not use the backup feature to Google Drive even on PixelOS. Uber (haven't tried the for drivers app), and other ride hauling apps also work fine.
Why would I choose LineageOS instead of GrapheneOS? I can't see any benefits in using LineageOS, I only see major drawbacks.
Why is it always 0 or 1 with privacy? Why can't I use GrapheneOS with sandboxed Google Play Services? Seems like the best option. I can still use all the apps I want and also get privacy and security benefits. I only give Google what I want and still get to live like a normal person, without making huge compromises on security, privacy, usability and GrapheneOS has been the most stable OS I've used. More stable than the stock PixelOS.
> It does if you want to fully use google play services. If you run google play services as a regular app, you cannot use banking apps, whatsapp (app works but no backups to gdrive) or uber for drivers. And you also cannot do purchases in the app store sadly. If you can live with this then fine.
This has nothing to do with it being sandboxed. You are talking about the SafetyNet api, which makes sure the device is using the "official" android version.
> Why use GrapheneOS if you are going to install Google Services anyway? ...
> May as well just install the stock os ...
> I think graphene os makes more sense if you go all in. Otherwise there is no much point really.
No, Grapheneos is quite more secure than stock os when comes to handling google play service if you need to use it.
The security you get is not free. The price you pay is functionality. Can't buy subs or buy apps on the app store. Forget about using banking apps on your phone and resign yourself to use Whatsapp with no cloud backups.
Imo, installing a Google app on your phone is living under the influence of Google. The apps can still run in the background and collect and ship info about you. Less influence sure, but still a ton if they get to run background services.
Everything I want to do works on GrapheneOS. Actually better than it did on /e/OS.
> Can't buy subs or buy apps on the app store. Forget about using banking apps on your phone and resign yourself to use Whatsapp with no cloud backups.
I use at least some of those, so... you make wrong claims :-).
> Imo, installing a Google app on your phone is living under the influence of Google.
You're entitled to your opinion. IMO, if you use microg you still allow your non-Google apps to contact Google. If you use Android apps, or if you use the web, you're under the influence of Google. That sucks, but that's how it is.
I think the same issue was had if you used an Xperia phone long ago (I think mine was an XZ1c). It was really disappointing that the camera was worse if not using official software due to DRM keys or what not.
The Pixel Camera app is on the Play Store, and I was able to install it just fine on my Pixel 8 running GrapheneOS (inside a separate profile running Google Play Services, not my main profile)
The google camera app should be enough. It's commonly done on GrapheneOS. But the GrapheneOS camera app uses some of the same hooks so it's not as far from Google Camera as some others.
I would never recommend this article for anyone looking for comparison. It's wrong in so many ways. Your opinions are highly biased and it's an extremely poor attempt to make GrapheneOS look bad. For a factual and technical comparison, I would suggest this blog post series: https://www.kuketz-blog.de/android-grapheneos-calyxos-und-co...
It's well written and focuses on facts rather than poorly made assumptions
The article misses the substantial privacy improvements made by GrapheneOS and heavily downplays the importance of security. There are widespread use of exploits, not only in targeted attacks. It also omits the fact that the other operating systems which are brought up have years of delays for important privacy and security patches while not providing all the standard Android Open Source Project privacy and security protections. Not having kernel and browser updates for months, not shipping current driver and firmware updates and not keeping up with the bare minimum partial backports of AOSP patches to older releases is quite problematic. Beyond that, providing full Android privacy and security patches requires being on the latest releases. It's also strange to talk about the hardware requirements listed at https://grapheneos.org/faq#future-devices as if those are unknown and not well documented. A device not receiving privacy/security patches for drivers and firmware is major a problem regardless of the OS choice. Not having secure disk encryption for the majority of users not setting a strong passphrase due to lack of a good secure element is another major issue. These requirements don't exist for no reason and GrapheneOS is working with a major OEM on making a device that's at least a sidegrade from a Pixel and then later a security upgrade over it. No devices other than Pixels are providing a reasonable level of security combined with allowing another OS. Lagging very far behind on patches and lacking working disk encryption for most users isn't doing the bare minimum.
GrapheneOS doesn't do anything which reduces USB-C functionality beyond having a setting which blocks new USB-C connections and then disables USB-C when locked by default which can be turned off.
Furthermore, microG can be installed on LineageOS, as can the official play services. Either of these choices gives you compatibility with anything that doesn't require play integrity - just like with GrapheneOS.
reply