I've been running GrapheneOS for 7 months now and I'm not going back. When I bought my Pixel 10 last year, I wasn't actually planning on trying Graphene for a while....until I noticed Google had force bundled a 'Wicked For Good' movie promo theme with the latest security update.
Ha! Me too! Exact same. Bought a Pixel 10. Intended to do the default Android for a while. But it was filled with ads for “Wicked” which had me looking at my phone with a sneer on my face I couldn't erase - as if someone had smeared feces all over it and threw it on my bed.
So I jumped straight to GrapheneOS, which was way easier and less extreme than I had been warned. So beautifully minimal, with no crap. Now my phone feels like a simple Linux (Void/Arch) PC. So wonderful.
That sounds like the answer is actually yes: we're not talking about the lack of a camera app, but the lack of a camera app that knows the details of the usually-proprietary camera firmware
Problem with stock Google camera app is that it made horrible HDRlike images even with HDR turned off. You cannot adjust amount of reduced highlights and increased shadows which makes images unrealistic with lack of depth.
When I got a new phone last year, I purposely got a Pixel (open box 9a) to put GrapheneOS on it immediately. Been happy living the de-Googled Android life since.
I was sad that I had to go through the OOBE setup on the stock image to unlock the bootloader. At least it doesn't force an internet connection and login, unlike Windows.
If it's any consolation, the wipe* requirement before unlocking the bootloader is generally a good thing, even if it's inconvenient. Someone who is targeting your personal data gets access to your encrypted phone, either by stealing it or in an evil maid situation. They unlock the bootloader and install privileged code that helps them recover the symmetric encryption key or intercept your PIN. Then they either have your data or wait for you to enter the PIN. In theory recovery shouldn't be possible (access to the key depends on a secure element that rate limits brute-force attacks), but security bugs do happen. Wiping* your data before removing the bootloader's signing requirement is an extra layer of protection.
*It doesn't actually wipe your data; it just destroys the symmetric key, making the data permanently unreadable.
While the OOBE of the stock image doesn't force an Internet connection, the ability to unlock the bootloader does - whether you can do it or not depends on the phone manufacturer's desire, and Android for some reason uses an Internet connection to check that.
My understanding is that it is impossible to unlock the bootloader on a new recent (Android 7+ at least; possiblt earlier) Android phone until it has connected to the Internet. After that, the ability to unlock the bootloader is permanent.
Yep, on older phones it was certainly possible without an Internet connection.
On the Nexus 5, you could just `fastboot oem unlock` right out of the box, install TWRP (custom "recovery") and install CyanogenMod/LienageOS, without ever booting the stock ROM.
On my Moto G4 Play and Moto X4, you had to get an unlock code from the Motorola website (based on the phone serial number I think) and waive some warranty terms, but once retrieved at least the phone didn't need to be online to unlock the bootloader.
The process on the newer Pixels is disappointingly intrusive, like basically everything Google has done for the last decade.
it should be possible on Sony and OnePlus phones and maybe other brands, though it can require obtaining code from internet on other device, but the device being unlocked itself doesn't need to have internet connection
I run a litany of Google (and other corporate/business apps) apps in Private Space under the owner's profile, which is only unlocked when I need it for something. That space's connection can go out over a WireGuard tunnel if I need those apps to be on any specific networks, while the rest of the phone's traffic is unaffected. The file systems stay functionally separate (although that's not a major concern given how file encryption is handled, plus the dream that is Storage Scopes), and that space has its own camera app and such.
The Owner profile itself doesn't run Google Play Services, so when that Private Space is locked and dormant it's effectively a degoogled stack.
Some will invariably argue that an old pocket-sized Linux PC with a cellular modem is a superior experience, and for some specific things it may well be, but GrapheneOS is the only viable option for someone looking for a user-respecting modern phone with very few limitations.
> I'm not looking to fully de-Google but I want Google as apps and not my OS.
This is entirely possible as other posters have explained. But I think it kind of defeats the point of Graphene, at least somewhat. Google is already profiling every aspect of your life by reading your emails, files, calendar, location, etc? In that case, OS access becomes moot.
I think that GrapheneOS makes most sense as part of a broader move towards privacy-respecting alternatives. I see the sandboxed Play Services as something useful perhaps in a secondary user profile, for the odd commercial app required and only available from the Play Store.
1. A non-Google OS can shut off background running access to Google apps, as well as supply Google apps with mock location data and other data
2. Google does other things to the OS that drive me nuts. Like allowing apps to restrict screenshots. I own the phone. If I want a screenshot, it should screenshot. This is not something for apps or Google to determine, and if the OS listens to me (not the app) it should allow screenshotting the display 100% of the time regardless of what the app cries about.
I agree and have moved mostly away from everything Google. But it's hard to replace maps. I know open street maps exists but it's hard to beat Google's data gathering.
I think OSM is way way better. It has every little path in the hills I walk. On Google Maps I'm just walking in a featureless green blob. OSM even has unofficial trails that are no more than a worn-down line in the brush.
Maybe for cars Google is better but I don't use those. But even there I see really detailed stats.
OSMAnd is a really great full featured mapping app. A real tool that you can configure in detail. And Organic maps is more simple and quick like Google maps.
There's just two things I still need Google for: most businesses don't bother keeping their opening hours etc updated on other mapping services, and in my city they have live data on the public transport network. This should really be mandated to be offered to open street map too.
There are players in the OpenStreetMap ecosystem attempting to change that. I know the team behind Organic Maps are actively working to make their app as viable as possible by sourcing appropriate data for example.
I actually find that it blows Google Maps out of the water for cycling (which is why/how I discovered it). I haven't really used it for driving much because my own car has a builtin nav, so can't really comment on that.
I use Google Maps on Graphene. It works perfectly. You still get the benefits of the rest of the phone being degoogled. Just allow it to access your location only when you're actively using the app. When it's closed, it's closed.
I've been using HERE WeGo for almost a year. I had to install a text to speech engine in order to get voice directions. (I installed the GlaDOS one, now the evil computer tells me where to go.)
I believe one of Graphene OS's main features is that they allow you to run google play services in a sandboxed environment, so you can run your standard google apps but without the standard android deal where google play services has unfetteted access to all your phone's location/data/etc info
Yes, you install the Google Play store via the GrapheneOS App Store. The OS comes with like 5 apps out of the box. The rest is up to you.
Biggest caveats that I've encountered: tap to pay via Google Wallet is a no go, Android Auto can be flaky, MDM managed work profiles don't work at the moment, and some apps that use the Google Play integrity API fail to validate and refuse to work (I've only encountered one app that fails, and plenty others that work.)
In general, I'm moving towards a de-Googled life and GrapheneOS is a great entrypoint towards that.
My end-run around Google's absurd unwillingness to certify GOS for Google Pay has been Garmin Pay, which has worked virtually everywhere I've ever tried it.
I'm hopeful that an OEM Motorola device will get certified for Google Pay.
Depends as bit on the country and bank. I also use Garmin Pay, but my bank only supports adding their credit card (not debit card) and a substantial portion of shops here only supports contactless payment through debit cards (credit cards have historically not been popular here).
So I get to use contactless payment at maybe 50% of the stores, which is annoying, because it's sometimes hard tot tell ahead of time.
How's the P10 camera on graphene? Literally 90% of the reason I'm on a pixel is because I love the low-light smarts that the camera software has, but I don't know if I'll lose that with Graphene.
Yeah, I'm hanging on with GrapheneOS (on a Pixel) until their native-hardware (Motorola) phones come out, which hopefully will solve this. As I understand it, third-party (banks and so forth) app vendors have to accept their security attestation, which they don't right now, but (I hope) will with Motorola behind them.
Graphene is NOT a jailbroken/rooted OS, its a real secure unrooted, bootloader locked OS, and MS Authenticotor works just fine.
If anything does not work its related to dependency of the App maker on a certain attestation google play services grapheneos.org/articles/attestation-compatibility-guide
Root =/= insecure. You probably have administrator access on your home computer operating system, and can very likely do online banking via the web browser with no issues. A secure API is possible regardless of the host metal, operating system, or user permissions.
I hate how common it's become for companies to force you to install things on your personal phone. Even worse is some of them demand you install a MDM profile on your personal phone which feels 1000% over the line of reasonable.
I've just refused to install such things on my phone.
You want me to have email and teams/slack on my phone? Sorry, I won't install the spyware. Want to pay for me to have a second phone with it? Okay. No? Well then, I just won't have email on my phone.
Sure if you are in a strong stable position in life you can do that. The average person doesn’t want to rock the boat and cause troubles in their life so they install the invasive mdm profile.
It needs to be made illegal imo. The company should provide you a device if you need one for the job.
I think Google authenticator implements the standard OTP which lots of apps (including keepass) should support.
Microsoft uses their own propietary crap
You can try to add the standard OTP even for Microsoft crap. If it asks you to register for mfa and opens the screen that says something about downloading the Microsoft authenticator app there is a small link at the bottom, letting you use another app. Then you get a qr code that you can scan with any other auth app.
I use a basic OTP password instead of Microsoft's ironically less secure (see SMS as 2FA) with my work MS account. Perhaps your org disabled it but it is definitely something a Microsoft account can do.
Seedvault is still woefully insufficient, but it sounds like there's work being done to replace it. I can't imagine the enterprise crowd will overlook that and I'm hoping the Motorola partnership enables faster development.
I want to run graphene but I make android apps and need to test on device with a somewhat standard setup… login with google, etc. is this reasonable to do with graphene?
Same, I've got a Pixel 9 and GrapheneOS works perfectly on it. I really love having full control over the OS on my phone and being able to decide what actually runs on it.
That Motorola phone that lets you install Graphene can not come soon enough. Pixel phones are not sold worldwide so it feels like they're gatekeeping security. I know that's not the case really, but there's very few ways to successfully degoogle otherwise.
Not only obtaining but if you ever need warranty you're done. Just last week I went to a Samsung center and had my fold 6 fixed in 30 minutes, and these centers are everywhere around the world. Same thing with Apple, yet a 4.5 trillion dollar company can't ship and maintain a phone globally. It's so unserious.
Yeah. Could be difficult even if one is willing to forgo the warranty. My city has local repair services, they easily repaired my old Samsung phone. Servicing Pixels could be difficult even for them.
Phone hardware is a hellscape it doesn’t surprise me at all that they need to keep the number of supported devices small in order to deliver a decent product.
Despite Google's other failings, it was the OG supporter of data portability, and that spirit extends to its phones. No other phone manufacturer with wide distribution comes close. It's unfortunate that the people who design the hardware do such a poor job with the resources at their disposal.
Is it still the case that Android backups leave much to be desired when compared to iphone? Pretty much the only reason I use Apple is that I can switch to a replacement phone and it’s exactly the same state as the last backup.
I just moved away from GrapheneOS to Motorola because I decided I needed an audio jack again. There's definitely some annoying things about leaving, but at least now I can use again the three apps that didn't work for me on GrapheneOS...
Which phone and is it android then? Maybe I'm out of the loop on Motorola. I just bought a pixel, thinking of trying graphene. I was a bit miffed about the lack of jack until my partner pointed out I hadn't used the one on my old phone for over a year. I'd like to in the future though.
I don't see anything they offer for security that's not also in AOSP/LineageOS/eOS/stock/etc.
Which is not to say that's not enough for most people, but why highlight them? It doesn't seem comparable to the laser-focus GrapheneOS has on security
Not GP, but Volla phones are cool in that they officially support running proper Linux[1], so you could just use Linux instead of Android if that's enough for your needs. And you can still boot into their de-Googled Android if you need to run Android apps.
1) What's a reasonable Pixel phone to buy to try out GrapheneOS? Is a 128GB Pixel 7 "good enough" or will I get a significantly better experience with a newer phone and/or more storage?
2) Is there a Graphene alternative that would let me de-google an Samsung A12? Back in the day I had some Galaxy S3 and S4 phones that I installed Lineage on, I have no idea if that's compatible to Graphene and/or still a going thing?
1) I'm typing this in a pixel 7 pro running grapheneos. I'd say these are plenty good enough. Device support is pretty solid compared to cyanogenmod of previous times. App installation is a bit slow using sandboxed play store. Not sure why that is.
I've been using Graphene on my Pixel 7a for about a year and I'm happy I made the switch. For sure it is a bit rougher than using Google's OS, but not enough to make me regret it.
The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right, and (2) the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Anyway, I looked at Google's Android 17 blog and yikes:
"With deep integration between hardware, software and AI, we’re transforming Android from an operating system to an intelligence system. It's about delivering new helpful experiences that anticipate user needs, and it brings more opportunities for engagement with your apps."
> The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right,
GrapheneOS is compatible with the vast, vast majority of Android apps, so you can use GBoard or FUTO keyboard (which I recently switched to from GBoard), to get the ideal experience.
FUTO recently revamped their swipe to type model and it's now more accurate than GBoard in their testing. I am a huge swipe type person, so this is what held me in GBoard's clutches, but now I'm free.
The dataset is open source and anyone can add to it if you're on a mobile device here: https://swipe.futo.org
> the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Google messages, the experience you get on PixelOS, is also compatible with GrapheneOS, but you will have to afford network access to sandboxed google play, among other things. I couldn't tell you specifically, but it will work out of the box before you restrict anything. Many people choose to use this setup because it opportunistically adds e2ee for chats between iPhones and other Androids using Google messages.
There's also other SMS apps, but I focused on switching people to Signal so I barely ever use SMS.
Once I replaced the default apps, GrapheneOS became a premium phone experience.
Yes! FUTO keyboard, then go into VOICE INPUT → MODELS → Explore Voice Input Models → English-244: “Best for the most accurate results, but more demanding.”
The voice recognition is built on Whisper, and is amazing. You can speak conversationally for a long time and it gets everything right, with smart decisions based on context.
I just did. I had been using FUTO voice, but I see that FUTO keyboard also supports voice input, so I'm not sure if I should delete FUTO voice as being redundant now.
I don't believe it's necessary, it's move of an "if you want a dedicated voice keyboard, the UX is a little better" option. I don't have both installed though, as anecdotal evidence.
Thanks for your thoughts. I use FUTO voice usually, but there are situations where typing out a short message is better -- eg, in a restaurant or doctor's office or someplace where voice input might bother other people.
I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
The feature I'm missing is simply that rubbing my finger left or right on the spacebar in text mode causes the cursor insertion point to move left or right on in the text I'm entering. It makes it sooo much easier to correct typos.
> I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
Graphene's keyboard is the stock AOSP keyboard. Most Android systems ship with their own one instead of it, but that's the one that is built into the system by default.
FUTO and GBoard has the feature you're describing and I use it all the time. Pretty much anything you miss from Pixel UI can be attained by simply installing Google's app from the playstore.
The problem I still have with the futo one is that it can't swipe type in multiple languages without switching every time. Gboard can do that. I use 3 languages intertwined constantly so I need that.
So I still use gboard but block its internet access.
Problem (1) is a keyboard problem, not a GrapheneOS problem. Graphene comes with the stock AOSP keyboard which is very basic, but you can absolutely replace it. Personally I'm using the FUTO Keyboard and it does have that feature, as well as swiping, speech to text and much more.
Maybe you can try installing another SMS app for problem (2)? Much like the stock keyboard, the stock Messaging app is just the AOSP app. Honestly it works fine for me so I don't have a recommendation.
Regarding 2: that is literally how SMS reactions work. Apps that recognize it just interpret it as "put that emoji on that message". It is unfortunate that it doesn't do that tho.
RCS is different, which you can sometimes get working by installing Google Messages¹, which is essentially the only app that supports RCS any more. Google runs essentially all the servers too.
---
1: There are no third-party RCS apps² because, unlike SMS which has an API and a shared database on the device, RCS is extremely locked down and it's literally impossible to create one in stock Android. This is also why it's only "sometimes" on GOS, the details are very complicated and rather enraging.
2: Samsung had one, but they're shutting it down in favor of Google Messages. A tiny number of other devices / telecoms have their own too, but they're rapidly shutting down as well. RCS is very nearly fully controlled and implemented by Google now, except for iMessage as a client only, for now, and there's no encryption between iMessage<->Google Messages last I checked (but there apparently is between Google Messages... but no normal person can really verify that because it's Just Google Everywhere).
I agree with this post and add one anecdotal data point.
I had installed graphene os on a pixel but after a couple months and a couple loops between lineage, stock, and graphene, I eventually settled on stock android. I have group messages with family and some of the family are on apple, some on android, and RCS only works with google messages and google services installed.
It's infuriating that I can't send RCS messages unless google allows me to. I want to go back to email or MMS. Supposedly after a month (!!) RCS group chats will fall back to MMS, but that was not my experience. Also, if you turn RCS on/off you may get kicked out of group messages [0].
Yeah, it's pretty awful tbh. I generally recommend disabling RCS, after learning a lot more about it - it feels like a hostile grab at global messaging at this point, heavily entrenched by telecom agreements. Use Signal or something instead.
Initially there were some promising details planned, but much of it hasn't panned out, and plus now it's Just Google™. Like, roughly everyone has heard that RCS brings E2EE privacy, right? Would it surprise you to learn that it was only added to the spec around a year ago, and nobody has it implemented yet? Google has their own thing between Google users, Apple has their own iMessage-only thing, and they both drop crypto when you cross the streams because it isn't in the spec. And neither is practically auditable (allowing auditing is part of the spec btw - have you seen that UI?).
Yeah RCS always has been an embrace extend extinguish thing. The carriers were super pissed to lose their SMS revenue to WhatsApp and iMessage so they came up with this shit to be an active partner in the loop again, and they can bill for it again. Consumers didn't fall for that and it died off.
Unfortunately Google revived it but it's a very poor standard for interoperability. Not only because the lack of true E2EE in the open spec but also because you need to be a blessed party to run an RCS server and communicate with others. You can't run your own or choose a party you trust. It's either your carrier if they bother to run one, or Google.
It's just another power grab. Don't fall for its 'open' guise. They want you to use it so they can make you dependent and lock you in again. There's nothing open about it. If you want privacy, use signal. If you also want an open and federated network, use matrix or xmpp with OMEMO.
Other people have noted that you can switch out the keyboard and SMS app (which I did).
My single (minor) issue with GrapheneOS is the adaptive screen brightness. On the stock Android OS on a Pixel I'd mess around with the sliders for a week or two on a new phone and then it learned what I liked. Now it has a few set values, one of which is always too dim for me in darker conditions so I have to mess with the slider each and every time. I don't believe there's a way of fixing that.
Other than that I'm glad I switched, especially when I read about new "features" they add that I know I'd hate.
I used to do this but I found it downloads needed language files in the background. So every time it updated, I would clear all the app data, open it again on something innocuous, like a text file, toggle each language I used. Not knowing how long it would take, I'd wait until each seemed to be behaving, then disable network permission. I still don't trust that it doesn't send data off via Play Services.
Now I use Heliboard with the swiping library added. It's not perfect, but has improved, and at least it can give more than three correction options (long–press centre suggestion with ellipsis below).
I really miss Keymonk — two–finger swiping, accurate, and no crap.
I do usually this, but recently on older phone (using it temporarily while I buy new) I had to reinstall it and found out, it didn't provide any word suggestions for ant language other than English and even gesture input for other languages didn't work, so at least during initial setup it must have (now?) internet connection most likely to download dictionaries (I thought they used to be included in past, never noticed this before), after allowing the connection, setting up and then disabling the connection, it works fine
I used to dread the promised deep system integration of AI, but honestly after setting Claude up on a server box and having it do sysadmin stuff for me that I've been putting off for ages I see the vision. I don't really want to mess with the details of working through system orchestration tasks, I want to say "spin up this service" and start using it, "change my config so X happens" and it does, and knows what needs restarting to pick up changes and all the fiddly knobs and configs that need syncing and their bespoke formats. I think Nix tried to unify this for people, but it arrived too close to LLMs so a lot of value (in this dimension) has been delivered by other means.
The point is, I'd like to be able to set up services, configuration, and run tasks on my phone this way too, ideally offline. If this system integration is what gives me programmatic control of my most personal computer and the ability to finally set up decent automated tasks and workflows then so be it.
The vendors are never going to give you control over your computer no matter what vision they try to sell you on. The whole point, from their perspective, is to use their control of your computer to gain more control over you, which they hope to then exploit for profit.
The thing is they don't setup their "intelligence system" for the type of task you wanna do. They are integrating it for tasks like "buy me a plane ticket for my next holidays", "order diner for me, the usual"...
I have tried ubuntu on mobile only once and never come back, because it had very bad and poor experience compared to native experience of that mobile. On which models this system works the best?
I took the plunge into GrapheneOS a week ago. I picked up a new Pixel10 Pro and never even tried the stock OS (except to unlock the boot loader).
I've got almost everything working the way I want. There were a few non-essential banking apps that won't install. The most annoying problem I had is when I tried to install Strava, which I cannot get working. The app installs, but it will not let me sign in. I guess I need a replacement, because I use that app a lot.
What are North American people doing for replacing contactless payment? Last time I checked, the solution was to use Curve but it only works for Europe.
It's infuriating that they won't do this for non Google Android. It's in the best interest of both the bank and the card owner. Credential theft risk goes down to basically zero when backed by a fingerprint authenticated virtual card.
I'm sure contrats between Google and banks provide the financial guarantees that not open-source project would be able to. Unless governments mandate there's zero interest from banks to put extra effort into building for unpopular solutions
Banks don't want the headache of supporting multiple weird phone OSes and it's understandable. As long as they don't require running an apple/google-certified device and OS I don't care.
> Banks don't want the headache of supporting multiple weird phone OSes and it's understandable.
Commercially, this makes sense.
I am surprised that most nations of the whole world are fine with every citizen relying on one of two american companies for their lifestyle interactions though. I would have thought more nations would legislate their banks must support other options for sheer sovereign resilience.
Does it though? The people in this thread are like "just use a card". Well I've done that for years and had my card skimmed, lost, and stolen over the years. The cost wasn't trivial either. The credit card company knocked it off my balance but also lost on sales when I didn't have my card while they issued me a new one. It cost the credit card company actual money in both lost sales and in dealing with the fraudulent transactions.
Now if I was allowed to use my rooted Android phone during those years? It would have been locked down tighter than the vast majority of Windows boxes.
People forget that one of the value-adds of credit cards in the first place is that suddenly you didn't have to walk around with a big wad of cash. Credit cards gave you that extra level of security. Even if someone stole it, it's useless to them as soon as you make a phone call to the CC company. We can verify a transaction with a yubikey-like secret store on your device that never shares the private key with the operating system and which generates a virtual credit card on the fly. That's literally how Apple Pay and Google Pay already work. So whether a device is rooted or whatever literally doesn't matter.
Does skimming still happen a lot? At least in Europe we have switched from magnetic strip to chip-based cards, which are protected against replay attacks.
It's even available in my country! Never heard of it, would have assumed it's not being sold here. Let's see what that costs when I click the "shop now" button that's front and center
> Attention required!
> Sorry, you have been blocked
> The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
Thanks cloudflare *handshake* garmin. I suppose I'll stay with chip and pin for now
Use a solvent to dissolve the plastic from the card then epoxy the extracted antenna and chip innards to the back of your phone case. Problem solved. (I'm only 50% joking, you can actually do this but maybe epoxy isn't the best option.)
I have these cards I keep in my (RFID-blocking) wallet, one for each credit account. Then I just pull them out and tap to pay. It's super convenient - no app required!
People can't steal your card info via proximity to your wallet over NFC even without an RF blocking wallet. This is tinfoil hat security cargo culting, like putting tape over your webcam while leaving the laptop's microphone connected (audio from your room is much more useful than 2834823428 frames of your greasy face).
No but they can steal up to the pin-free amount of money your card allows. They can just hold a sumup to your pocket. Here in Europe most people use debit cards with non-reversible transactions and that limit is often 70-100€ which is quite a lot of money where I live. And they can steal a lot more if they follow you and shouldersurf your pincode.
I definitely use one of those wallets. They're quite convenient too.
The post doesn't say - what's new? Anything to look forward to besides the security patches for A17 being available for longer than they will be for A16?
Asking as an A11 user who will probably soon need to switch to a new device. I haven't noticed anything on other people's phones that isn't available on mine, including on my work phone that runs an up-to-date GrapheneOS (but I don't need to do much more than calling and 2FA, so I might just not be seeing it). Anything you guys are excited for, or any protips of things to check out that were released recently?
Ah, right I forgot they are discontinuing ChromeOS. Makes sense that current Android releases are focused on getting the Android laptop experience on par
Does GrapheneOS run on tablets? I don't see a whole chat app (shown in the example) fitting on my phone screen alongside something like a web browser, and the screenshot is from a square screen
GrapheneOS runs on an extremely limited set of hardware, mostly Google's own Pixel phones.
There's a shot of GrapheneOS on a tablet just past the three-minute mark in this video. I suspect that's a Pixel tablet (of which thee are several), though I'm not certain and the video doesn't specify:
It's complicated. The Tensor G2 Pixel tablet was a solid device, and you can still buy it new from Google (with no choice on color or size in my country), but production has been discontinued and the two direct generational successors were canceled, in sequence. First it was skipping a generation, then it was canceling it entirely. The rumored "Pro" version also appears to have been axed.
I've used mine daily since it came out, and it's a great experience. I'd recommend picking it up for anyone who wants GOS on a larger screen. An iPad it isn't, but my iPad Pros have sat almost totally dormant since I got it years ago.
It lacks horsepower compared to the latest Pixel Pros, but that hasn't been a practical concern in anything I've done with it so far.
>Those are just the devices we initially tested it on which mainly has to do with which devices were available to the people working on the port.
>To clarify the 2nd paragraph, we've ported GrapheneOS to Android 17 for all of the supported devices. That's a list of the devices we already built and tested it. Our initial public release will be available for all the supported devices and we'll have tested it on each by then.
I've been thinking it might be worthwhile to showcase that you can make GrapheneOS look beautiful or the same as stock Pixel UI. When I was considering switching from iPhone I had this misconception that it would look ugly or wouldn't look the same as Pixel UI, which is not the case at all. When I asked about it I wasn't given this clearcut answer that you can make GrapheneOS UI look the same or better than Pixel UI.
Wow that looks nice. I don't think you can get that.
You can change any apps to different apps meaning the keyboard, homescreen/launcher, messaging app. The launcher is a primary UI thing which is different from iOS and is totally customizable by just installing a new app.
So you can change the look of anything that depends on an app, but stuff like the control center, lock screen, volume sliders, connectivity icons, notifications afaict can't be changed.
It's a little confusing but I'll say there's nothing ugly like the stock GOS apps that can't be changed and tha unchangeably UI elements match the Pixel UI.
Here's a comparison which will show both the unchangable stuff like control center, but also the Pixel launcher, which you can swap out.
Greatly improved privacy and security and end-user control of your phone and its data. In those areas, possibly the best option, though iPhones might be better in security (not necessarily the other two areas) - Apple has a slightly bigger budget and a few more engineers, and directly controls the hardware.
It means they rebased all their changes on top of the new version. This is usually time-consuming because AOSP is not developed in the open, so you can't do this incrementally as things change -- you just get a massive drop sometime after release.
Android makes yearly releases. It is developed in cathedral-style. Google releases the source as a single big update. GrapheneOS is a fork. They need to port their customizations and extra software on top of the new release.
Every six months, not yearly. Google releases the major version and QPR2 as part of AOSP. QPR1 and QPR3 are Pixel-only.
Since they switched to QPRs and Pixel drops, major releases have become less important because feature roll out throughout the year.
It's just that nobody outside GrapheneOS and Samsung (to my knowledge) rolls out QPR2, so for non-Pixel/Samsung, the major releases are... major.
I think another major source of work for GrapheneOS is when Google releases QPR1 and QPR3, because GrapheneOS had to rebase the driver/firmware changes on top of QPR0/QPR2.
I've been running GrapheneOS for over an year now. Bought a Pixel 6a last year as a cheap way to test waters, but pretty soon I upgraded to discounted Pixel 9. It took a while to set the basics (coming from iPhone), and I'm still have a couple of stuff missing, but at this point don't intend to use anything else (for as long as possible).
The biggest hurdles for me were - should I use separate profiles and how to get apps. Initially, I started with a separate profile for google stuff (like play store/services and apps downloaded from there, like Viber), but eventually I moved everything to the owner profile (and took a bit of a privacy and battery hit in the matter of convenience). Still, being able to control many app permissions, gives me a good state of mind that apps are not doing more then I expect.
Just looked at what android 17 brings to the table and I'm mildly excited - especially improving performance and adding more permissions (like ACCESS_LOCAL_NETWORK)
I made the same mistake after being burned by the PinePhone, buying a heavily discounted Pixel 6 to test various Android forks, which eventually included GrapheneOS. I quickly knew I'd found home upgraded to a 9 Pro XL.
> ... Android 17 expands the capabilities of AppFunctions, a platform API with a corresponding Jetpack library. It allows you to contribute your app's unique capabilities as orchestratable "tools" for Android MCP, the on-device equivalent of the Model Context Protocol. AI agents and assistants (like Google Gemini) can discover and execute AppFunctions to perform workflows on behalf of the user with direct access to the app's local state.
Is that implemented in GOS? How is that done securely - giving LLMs power to control some apps?
GrapheneOS would be so much more interesting if there was an official supported way for rooting it. That's the only reason I haven't switched to it on my several devices (all rooted)
That completely goes against what they're working towards. I understand why you would want to root your own phone, but GOS is targeting highest security standards and root ain't one of them (for good reason).
With Google making side loading extremely difficult soon, there's never been a better time to switch to a more secure OS for your phone.
There are some apps I can't do without like ReThink DNS, NewPipe and other open source apps which I use regularly. All would get blocked under Googles new regime.
If I try Graphene what do I lose? Similar to how if you use something like icefox or icewolf one of those very secure browser, lots of normie websites like banking just straight up don't work. What would I lose by moving away from samsung's default to this more private OS?
permanent reminder that graphene and all other "alternatives to android" depend on extracted binary blobs. tons of them. which is the reason new (kernel) versions are such a chore/achievement.
I had been using LineageOS + microG for many years on my Pixel 3. I upgraded to a Pixel 8 and tried out GrapheneOS and the install experience was good, but I found some odd performance quirks - apps would be slow to install and run, downloads were slow, etc. Has anyone had similar issues?
Many apps that work on microG don't work in GrapheneOS without installing Google services anyway. I'm by no means across the full privacy implications, but my feeling is microG balances privacy and usability better for me.
I've since switched back to LineageOS+microG and am happy with it. Just my experience.
A lot of developers are lured into building in a dependency on Google services, so yes you'll need microG or, as GrapheneOS prefers, the original Google code running on your device for those apps to function. Or patch the app, like Langis does for Signal (not necessary for it to function without Google in this case, but it removes its calling out to Google's apps and services for those who don't want that). If you're happy with that setup and don't need protect-from-the-government levels of security (street thugs aren't going to ransomware your device by abusing an unlocked bootloader or send exploit chains that work on anything but the hardened allocator), LineageOS is probably the better choice for you. GrapheneOS has some nice things like easily denying the network permission for an app (even if they could theoretically work around it with intents) and having a custom A-GNSS server, but you can do the same on LineageOS by using root and something like AFWall+ for the network and configuring Graphene's A-GNSS (SUPL) proxy in the system settings (don't forget to donate if you use it and are able)
>but I found some odd performance quirks - apps would be slow to install and run, downloads were slow, etc. Has anyone had similar issues?
not sure about downloads specifically, but app installs are slow because grapheneos forces AOT compilation (JIT is disabled), presumably for security reasons.
Since grapheneOS only supports latest Google pixel phones, I tried installing LineageOS on my Mi11. Sadly, if you own a Xiaomi, you can’t just install another os. You need to unlock the bootloader and Xiomi limits you with a global quota of daily unlocked phones, you basically need to enter at midnight and hope. This is a complete nonsense, we have zero governance on our devices after paying them so much.
To get a sense of the project and its goals I recommend reading this post[1].
Buying a used Pixel is economical, environmental, and likely doesn't support Google. Pixels are the only secure and open android devices that could work for the project and meet the extensive requirements[2]. This is because GrapheneOS takes real steps to protect user privacy and security, not features that degrade security and don't increase privacy. You are going to be doing much more against Google by using GrapheneOS because it comes with 0 google services by default and takes advanced steps to protect you from all apps and services you install.
If you are still not willing or able to purchase a Pixel, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[3].
It makes sense that an open source project would focus on one series of phones since their time and resources are limited.
That said, Google's hardware is behind their competitors and they've had a lot of problems in the past few years. The Pixel 8 Pro has hardware WiFi problems, the 9 and 10 are both minor updates with prices that are far too high, the 10 is eSIM only, etc.
> The Pixel 8 Pro has hardware WiFi problems, the 9 and 10 are both minor updates
The prime difference between P8 pro and P9 pro is that the newer one is nearly a usable size (just about fits in a pocket now). The battery also got substantially better in two ways: on mobile data (when you're on someone's WiFi, odds are you're also near a charger) you get 33% longer use time on all variants of the P9 and 55% on the P10 and P10p (9 to 12 and 14 hours, respectively), and hours of use per 30 minutes of charging went up from 4.6 for the P8 to 6.3 for the P9(p) and 6.2 or 7 for the P10 and P10p, respectively
The rest is indeed relatively minor but it's not an unwelcome upgrade. Prices didn't change much when buying second-hand 1.5 years after release, when the newest devices are out and nobody cares about the generation-before-last despite >5 years of updates remaining (plus however long you think it's fine without updates)
> Buying a used Pixel is economical, environmental, and likely doesn't support Google
Interesting. What do you think are reasons for google to run Pixel then?
Not being sarcastic here, but what links you shared (thank you) say imply there are almost no benefits for Google to run Pixels and as we all know, Google is not a company doing charities.
> What do you think are reasons for google to run Pixel then?
Get millions of users using their services. The average person who buys a Pixel will likely go all in with the Google ecosystem giving Google every word they type, every message to a loved one, every search. It's a data gold mine.
I doubt they sell Pixels at a loss, but even if they did they could make up for it like how Amazon does with kindles.
The Pixel was never sold in my country so it's much more difficult that you think. Even if it was I wouldn't buy it because I don't buy Google products.
> If you are still not willing to purchase a Pixel for whatever reason, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[2].
I don't see how it's relevant. I couldn't possibly have made it any more clear I would not buy a Google device, new or used, because I don't like Google.
Because AOSP is open source and can be built without Google Play running at the background unlike the other alternative: giving up privacy to yet another big tech Apple.
Graphene adds many privacy features on top of regular AOSP. But it only works on phones that has good security features that are not woefully outdated or completely closed-off. Google has complete control over Pixel supply chain and they can make their phones with all bells and whistles for their ends and they behave a bit benevolently and expose the interfaces to the user too.
Most Android phones use Qualcomm which doesn't give a flying fuck about giving control or privacy to the users.
That's a value judgement, and it's a fair one. It does throw an additional constraint in the works though.
FWIW, I've been looking at the mobile / portable computing space fairly intensively for a month or so. I share your quite dim view of Google.
GrapheneOS does seem to be one of the most attractive Android alternatives.
There are also Lineage (based on CyanogenMod), AOSP, KaiOS (based on AOSP, via Firefox OS), LightOS (by Lightphone, AOSP), AphyOS (used by Punkt. mp03, also based on AOSP). These tend to be minimal, used on feature phones / dumbphones / minimalist phones. And there are /e/OS and iodéOS.
Among Linux-based non-Android options are Sailfish OS (Jolla), Ubuntu Touch (Ubuntu), PineOS (Pinephone), and PureOS (Purism), Tizen, Mobian (based on Debian), postMarketOS (based on Alpine Linux). These tend to be maximalist, offering a fuller experience than Android, with support for native Linux applications and configurations.
There are some non-Linux OSes, of which I'm aware of System 30+ (a/k/a S30+, Nokia), OpenHarmony (by Huawei), and ... something described as "realtime OS" or "RTOS" which actually had a name, for a Japanese flip phone, but which has slipped my mind (probably something reviewed by Jose Briones on his YouTube channel).
And of course there's iOS.
Briones by the way is an absolutely excellent resource: <https://josebriones.org/>. He's also one of the mods of /r/dumbphones at Reddit.
There are trade-offs, and what you choose depends on what you value, in the marketplace, in capabilities, in your own peace of mind.
If you want a full-featured device with wide acceptance, few limitations, and want nothing to do with Google, look at iOS devices.
If you want (nearly) full Android capabilities, but without Google's prying eyes and ears, GrapheneOS or LineageOS are probably your best bets. Whilst Graphene currently only works on Google Pixel devices, there's been a partnership announced with Motorola, there may be others in future (my speculation, with no other basis). And ironic as it seems, Graphene + Pixel actually does get you further from Google in many ways, though I still understand your position.
If you want full freedom / maximal privacy, and are prepared to make compromises on capabilities and battery life, look at one of the Linux-based, non-Android options. I've heard of quite a few bugs with these.
If you're looking for specific hardware capabilities (e-ink, folding / candybar, keyboard (T-9, qwerty, ...), small, large, tablet, headphone jack, etc., etc., or specific software capabilities, you're going to further refine your search. (Briones has a Dumbphone Finder at his website which does this pretty well.)
If you want modularity or repairability, there are devices such as Fairphone or Keyphone with (some) replaceable components.
If you want minimalism, look at an AOSP-based device, or perhaps S30+. These will give you feature phones capable of calls, texts, and a few apps, but not much else. For more complete computing you'll need either a desktop or a laptop.
There are more extreme options. I'm considering, for example, whether or not a roving SIP WiFi-only phone might be an option, and if so, what would be necessary to make that work. It would rely on a WiFi network provider (public or non-public network, or a cellular modem), and wouldn't function everywhere but should function in many locations sufficiently to be useful.
Most non-smartphone options I've looked at, and in particular the usual "dumbphone" suspects (Light Phone, Punkt.) tend to run an AOSP-based OS, with Nokia being the principle exception.
Briones FWIW uses the Light Phone III as his daily driver. That's somewhat spendy, and quite minimal, but he has his reasons, discussed at length at his blog and YT channel.
I'm leaning fairly strongly toward an option now, though my main hesitation is that KaiOS devices have very limited phone/SMS spam and/or traffic management. I'd prefer known-contacts-only could reach the device, that doesn't seem to be possible (KaiOS has only specific-caller blocking, and apparently a limited API for enabling more robust phone blocking). On the flipside, the device can be powered off, and/or battery removed.... I'm also looking at some VOIP/SIP options.
Only silver lining to this is they run a lot of discounts and promotions on them, and it's possible to buy them at a significant discount. Got my first Pixel 10 on a very cheap contract with trade-in promos on top, and got a second Pixel 10 at a 70% discount from the RRP.
It's not possible to buy them at all where I live, even if I wanted to funnel money to Google - which I do not. I have gone to great lengths to de-Google my life.
Absolutely, and it is irrational to refuse to buy hardware from Google (which, with Graphene, is under your control) when the alternative is to either run a Google OS on a third party phone (and give up control of the software), or Apple (equally bad), or some impractical and less secure alternative like a Linux phone incompatible with Android apps.
I've been running GrapheneOS for 7 months now and I'm not going back. When I bought my Pixel 10 last year, I wasn't actually planning on trying Graphene for a while....until I noticed Google had force bundled a 'Wicked For Good' movie promo theme with the latest security update.
Ha! Me too! Exact same. Bought a Pixel 10. Intended to do the default Android for a while. But it was filled with ads for “Wicked” which had me looking at my phone with a sneer on my face I couldn't erase - as if someone had smeared feces all over it and threw it on my bed.
So I jumped straight to GrapheneOS, which was way easier and less extreme than I had been warned. So beautifully minimal, with no crap. Now my phone feels like a simple Linux (Void/Arch) PC. So wonderful.
Does it affect the photo quality? It used to require letting go of the default photo app and thus a downgrade in photo processing.
No, if you install the Google camera there is no difference in quality and by revoking network you don't lose privacy.
Install a 3rd party GCam and then the answer is no https://www.celsoazevedo.com/files/android/google-camera/
That sounds like the answer is actually yes: we're not talking about the lack of a camera app, but the lack of a camera app that knows the details of the usually-proprietary camera firmware
You can install both the regular GCam as well as third party mods. Actual GCam feels worse to me.
Problem with stock Google camera app is that it made horrible HDRlike images even with HDR turned off. You cannot adjust amount of reduced highlights and increased shadows which makes images unrealistic with lack of depth.
> it was filled with ads
You bought a phone from an advertising company?
for some reason i read that in archer(animated) voice.
We took control, we're keeping control
What about banking Apps? No problem there?
Some of them have ridiculous secur... compliance rules.
There is a list of compatible banking apps: https://privsec.dev/posts/android/banking-applications-compa...
The vast majority work, check this list for details: https://privsec.dev/posts/android/banking-applications-compa...
Memories of Apple force pushing a U2 album to everyone's iPod (or maybe iPhone) back in the day.
When I got a new phone last year, I purposely got a Pixel (open box 9a) to put GrapheneOS on it immediately. Been happy living the de-Googled Android life since.
I was sad that I had to go through the OOBE setup on the stock image to unlock the bootloader. At least it doesn't force an internet connection and login, unlike Windows.
If it's any consolation, the wipe* requirement before unlocking the bootloader is generally a good thing, even if it's inconvenient. Someone who is targeting your personal data gets access to your encrypted phone, either by stealing it or in an evil maid situation. They unlock the bootloader and install privileged code that helps them recover the symmetric encryption key or intercept your PIN. Then they either have your data or wait for you to enter the PIN. In theory recovery shouldn't be possible (access to the key depends on a secure element that rate limits brute-force attacks), but security bugs do happen. Wiping* your data before removing the bootloader's signing requirement is an extra layer of protection.
*It doesn't actually wipe your data; it just destroys the symmetric key, making the data permanently unreadable.
AFAIK you can't unlock bootloader without wiping the data, that's my experience from last 15 years unlocking bootloaders on various phones
so it's kinda pointless to wipe data prior wiping them again during the bootloader unlocking process
We're saying the same thing. The bootloader unlocking process includes a step that destroys the FDE key.
While the OOBE of the stock image doesn't force an Internet connection, the ability to unlock the bootloader does - whether you can do it or not depends on the phone manufacturer's desire, and Android for some reason uses an Internet connection to check that.
My understanding is that it is impossible to unlock the bootloader on a new recent (Android 7+ at least; possiblt earlier) Android phone until it has connected to the Internet. After that, the ability to unlock the bootloader is permanent.
Yep, on older phones it was certainly possible without an Internet connection.
On the Nexus 5, you could just `fastboot oem unlock` right out of the box, install TWRP (custom "recovery") and install CyanogenMod/LienageOS, without ever booting the stock ROM.
On my Moto G4 Play and Moto X4, you had to get an unlock code from the Motorola website (based on the phone serial number I think) and waive some warranty terms, but once retrieved at least the phone didn't need to be online to unlock the bootloader.
The process on the newer Pixels is disappointingly intrusive, like basically everything Google has done for the last decade.
it should be possible on Sony and OnePlus phones and maybe other brands, though it can require obtaining code from internet on other device, but the device being unlocked itself doesn't need to have internet connection
Is it possible to install basic Google apps like Gmail, Calendar, Maps, Drive without googlifying the whole phone?
I'm not looking to fully de-Google but I want Google as apps and not my OS.
I run a litany of Google (and other corporate/business apps) apps in Private Space under the owner's profile, which is only unlocked when I need it for something. That space's connection can go out over a WireGuard tunnel if I need those apps to be on any specific networks, while the rest of the phone's traffic is unaffected. The file systems stay functionally separate (although that's not a major concern given how file encryption is handled, plus the dream that is Storage Scopes), and that space has its own camera app and such.
The Owner profile itself doesn't run Google Play Services, so when that Private Space is locked and dormant it's effectively a degoogled stack.
Some will invariably argue that an old pocket-sized Linux PC with a cellular modem is a superior experience, and for some specific things it may well be, but GrapheneOS is the only viable option for someone looking for a user-respecting modern phone with very few limitations.
> I'm not looking to fully de-Google but I want Google as apps and not my OS.
This is entirely possible as other posters have explained. But I think it kind of defeats the point of Graphene, at least somewhat. Google is already profiling every aspect of your life by reading your emails, files, calendar, location, etc? In that case, OS access becomes moot.
I think that GrapheneOS makes most sense as part of a broader move towards privacy-respecting alternatives. I see the sandboxed Play Services as something useful perhaps in a secondary user profile, for the odd commercial app required and only available from the Play Store.
> In that case, OS access becomes moot.
Not really.
1. A non-Google OS can shut off background running access to Google apps, as well as supply Google apps with mock location data and other data
2. Google does other things to the OS that drive me nuts. Like allowing apps to restrict screenshots. I own the phone. If I want a screenshot, it should screenshot. This is not something for apps or Google to determine, and if the OS listens to me (not the app) it should allow screenshotting the display 100% of the time regardless of what the app cries about.
I agree and have moved mostly away from everything Google. But it's hard to replace maps. I know open street maps exists but it's hard to beat Google's data gathering.
I think OSM is way way better. It has every little path in the hills I walk. On Google Maps I'm just walking in a featureless green blob. OSM even has unofficial trails that are no more than a worn-down line in the brush.
Maybe for cars Google is better but I don't use those. But even there I see really detailed stats.
OSMAnd is a really great full featured mapping app. A real tool that you can configure in detail. And Organic maps is more simple and quick like Google maps.
There's just two things I still need Google for: most businesses don't bother keeping their opening hours etc updated on other mapping services, and in my city they have live data on the public transport network. This should really be mandated to be offered to open street map too.
There are players in the OpenStreetMap ecosystem attempting to change that. I know the team behind Organic Maps are actively working to make their app as viable as possible by sourcing appropriate data for example.
Organic Maps is amazing.
I actually find that it blows Google Maps out of the water for cycling (which is why/how I discovered it). I haven't really used it for driving much because my own car has a builtin nav, so can't really comment on that.
YMMV of course.
I use Google Maps on Graphene. It works perfectly. You still get the benefits of the rest of the phone being degoogled. Just allow it to access your location only when you're actively using the app. When it's closed, it's closed.
I've been using HERE WeGo for almost a year. I had to install a text to speech engine in order to get voice directions. (I installed the GlaDOS one, now the evil computer tells me where to go.)
https://www.here.com/products/wego
https://here-wego.en.aptoide.com/app
https://k2-fsa.github.io/sherpa/onnx/tts/all/index.html
I've settled on running CoMaps in the Owner profile, with Google Maps/Waze/etc. in the Owner profile's Private Space for when they're necessary.
Can that setup work with android auto? If so, I'll need to try that.
What are some good alternatives
I believe one of Graphene OS's main features is that they allow you to run google play services in a sandboxed environment, so you can run your standard google apps but without the standard android deal where google play services has unfetteted access to all your phone's location/data/etc info
Yes, you install the Google Play store via the GrapheneOS App Store. The OS comes with like 5 apps out of the box. The rest is up to you.
Biggest caveats that I've encountered: tap to pay via Google Wallet is a no go, Android Auto can be flaky, MDM managed work profiles don't work at the moment, and some apps that use the Google Play integrity API fail to validate and refuse to work (I've only encountered one app that fails, and plenty others that work.)
In general, I'm moving towards a de-Googled life and GrapheneOS is a great entrypoint towards that.
> MDM managed work profiles
Do you mean actual employer-spyware MDM work profiles? I suppose I never expected those to work.
Or do you mean things like Shelter, which uses work profiles and which I use to quarantine certain less-trusted apps?
My end-run around Google's absurd unwillingness to certify GOS for Google Pay has been Garmin Pay, which has worked virtually everywhere I've ever tried it.
I'm hopeful that an OEM Motorola device will get certified for Google Pay.
Depends as bit on the country and bank. I also use Garmin Pay, but my bank only supports adding their credit card (not debit card) and a substantial portion of shops here only supports contactless payment through debit cards (credit cards have historically not been popular here).
So I get to use contactless payment at maybe 50% of the stores, which is annoying, because it's sometimes hard tot tell ahead of time.
Tap to pay is mostly NFC? So is there an alternative app?
I extracted a chip (by dissolving the plastic in acetone) from my card and glued it to the wriststrap of my Pebble watch :)
Curve Pay has worked well for me. Only good alternative as it doesn't depend on Google Play Services too
Yes you can use Curve pay.
Edit: Apparently that's Europe only? I'm in Europe so yeah. I didn't know that.
There's Curve Pay in Europe. In the US, I'm not sure.
Yes absolutely.
You can install nonprivileged google stuff on the main account.
Alternatively you can setup a private space (accessible to the main user but mostly separate from the main system) with a few clicks in the settings.
If you prefer more friction / isolation you can setup a separate user where you can install the google stuff.
Yes, you can have sandboxed Google apps: https://grapheneos.org/usage#sandboxed-google-play
How's the P10 camera on graphene? Literally 90% of the reason I'm on a pixel is because I love the low-light smarts that the camera software has, but I don't know if I'll lose that with Graphene.
You can install the Google Camera, if you use sandboxed Google Play. It has all the same features AFAIK.
I too, liked it.
However, some apps that I need for work, like Microsoft Authenticator, no longer work under GrapheneOS.
https://www.theregister.com/on-prem/2026/03/10/microsoft-tig...
Yeah, I'm hanging on with GrapheneOS (on a Pixel) until their native-hardware (Motorola) phones come out, which hopefully will solve this. As I understand it, third-party (banks and so forth) app vendors have to accept their security attestation, which they don't right now, but (I hope) will with Motorola behind them.
Graphene is NOT a jailbroken/rooted OS, its a real secure unrooted, bootloader locked OS, and MS Authenticotor works just fine. If anything does not work its related to dependency of the App maker on a certain attestation google play services grapheneos.org/articles/attestation-compatibility-guide
Root =/= insecure. You probably have administrator access on your home computer operating system, and can very likely do online banking via the web browser with no issues. A secure API is possible regardless of the host metal, operating system, or user permissions.
Bingo!
Compliance =!= Security
I hate how common it's become for companies to force you to install things on your personal phone. Even worse is some of them demand you install a MDM profile on your personal phone which feels 1000% over the line of reasonable.
I've just refused to install such things on my phone.
You want me to have email and teams/slack on my phone? Sorry, I won't install the spyware. Want to pay for me to have a second phone with it? Okay. No? Well then, I just won't have email on my phone.
Sure if you are in a strong stable position in life you can do that. The average person doesn’t want to rock the boat and cause troubles in their life so they install the invasive mdm profile.
It needs to be made illegal imo. The company should provide you a device if you need one for the job.
Sounds like your work has been using your personal phone for free
Microsoft Authenticator works on my GrapheneOS (not rooted).
From the linked article it seems this is related to Entra accounts which are Azure cloud related.
Google Authenticator works?
I think Google authenticator implements the standard OTP which lots of apps (including keepass) should support. Microsoft uses their own propietary crap
You can try to add the standard OTP even for Microsoft crap. If it asks you to register for mfa and opens the screen that says something about downloading the Microsoft authenticator app there is a small link at the bottom, letting you use another app. Then you get a qr code that you can scan with any other auth app.
I use a basic OTP password instead of Microsoft's ironically less secure (see SMS as 2FA) with my work MS account. Perhaps your org disabled it but it is definitely something a Microsoft account can do.
> Wicked For Good
Is this an antithesis to Don't Be Evil?
Any issues with banking insurance or healthcare applications?
Why would you use app for actual insuranceb or even healthcare?
What's the app data backup/restore story on GrapheneOS?
My understanding is that even with pseudo-D2D (device-to-device) transfers Seedvault doesn't backup everything[1].
Are there more-functional, non-root, local (non-cloud) alternatives?
[1]: https://github.com/seedvault-app/seedvault/wiki/FAQ#why-do-s...
Seedvault is still woefully insufficient, but it sounds like there's work being done to replace it. I can't imagine the enterprise crowd will overlook that and I'm hoping the Motorola partnership enables faster development.
Not without root, no
I want to run graphene but I make android apps and need to test on device with a somewhat standard setup… login with google, etc. is this reasonable to do with graphene?
I'd get a 2nd phone for that and it never leaves the house/location - living inside a bag with conductive material
Hmm, you should have cheaper and separate phone for work anyway?
It is my cheaper separate phone. Main phone is iPhone which I can test iOS on. Android is mostly for testing, and backup/utility on long trips.
Makes you wonder who are clown employees coming up with these nonsense decisions
Same, I've got a Pixel 9 and GrapheneOS works perfectly on it. I really love having full control over the OS on my phone and being able to decide what actually runs on it.
would it have the desktop mode and linux terminal? That's the only reason I'm eyeing a Pixel
That Motorola phone that lets you install Graphene can not come soon enough. Pixel phones are not sold worldwide so it feels like they're gatekeeping security. I know that's not the case really, but there's very few ways to successfully degoogle otherwise.
> Pixel phones are not sold worldwide
Still boggles my mind the fact Google doesn't sell their phones worldwide. Obtaining a Pixel has proven to be quite difficult for me.
Not only obtaining but if you ever need warranty you're done. Just last week I went to a Samsung center and had my fold 6 fixed in 30 minutes, and these centers are everywhere around the world. Same thing with Apple, yet a 4.5 trillion dollar company can't ship and maintain a phone globally. It's so unserious.
Yeah. Could be difficult even if one is willing to forgo the warranty. My city has local repair services, they easily repaired my old Samsung phone. Servicing Pixels could be difficult even for them.
Out of curiosity, what was wrong with your Fold 6?
It still boggles my mind that the most popular privacy OS requires Google manufactured hardware, that fact alone makes me not trust it at all.
They list their exact criteria for supporting a device. So far, only Pixels fit all of them (and I guess the Motorolas will soon)
https://grapheneos.org/faq#future-devices
Phone hardware is a hellscape it doesn’t surprise me at all that they need to keep the number of supported devices small in order to deliver a decent product.
Despite Google's other failings, it was the OG supporter of data portability, and that spirit extends to its phones. No other phone manufacturer with wide distribution comes close. It's unfortunate that the people who design the hardware do such a poor job with the resources at their disposal.
Is it still the case that Android backups leave much to be desired when compared to iphone? Pretty much the only reason I use Apple is that I can switch to a replacement phone and it’s exactly the same state as the last backup.
It's ridiculous is what it is. It makes me deeply distrustful of the organisation behind Graphene that they would make such a crazy choice.
The intersection of phones that have unlockable bootloaders, public-ish driver blobs and decent hardware is tiny.
What other phone would you pick?
Everything Lineage supports.
I just moved away from GrapheneOS to Motorola because I decided I needed an audio jack again. There's definitely some annoying things about leaving, but at least now I can use again the three apps that didn't work for me on GrapheneOS...
Which phone and is it android then? Maybe I'm out of the loop on Motorola. I just bought a pixel, thinking of trying graphene. I was a bit miffed about the lack of jack until my partner pointed out I hadn't used the one on my old phone for over a year. I'd like to in the future though.
AFAIK Motorola only lets certain geographical regions to unlock bootloader, not everywhere.
They're referring to the partnership between GrapheneOS and Motorola: https://motorolanews.com/motorola-three-new-b2b-solutions-at...
This is a thing now
https://volla.online/en/operating-systems/volla-os/
I don't see anything they offer for security that's not also in AOSP/LineageOS/eOS/stock/etc.
Which is not to say that's not enough for most people, but why highlight them? It doesn't seem comparable to the laser-focus GrapheneOS has on security
Not GP, but Volla phones are cool in that they officially support running proper Linux[1], so you could just use Linux instead of Android if that's enough for your needs. And you can still boot into their de-Googled Android if you need to run Android apps.
[1] https://volla.online/en/operating-systems/ubuntu-touch/
I have two questions, if anyone has any advice.
1) What's a reasonable Pixel phone to buy to try out GrapheneOS? Is a 128GB Pixel 7 "good enough" or will I get a significantly better experience with a newer phone and/or more storage?
2) Is there a Graphene alternative that would let me de-google an Samsung A12? Back in the day I had some Galaxy S3 and S4 phones that I installed Lineage on, I have no idea if that's compatible to Graphene and/or still a going thing?
1) I'm typing this in a pixel 7 pro running grapheneos. I'd say these are plenty good enough. Device support is pretty solid compared to cyanogenmod of previous times. App installation is a bit slow using sandboxed play store. Not sure why that is.
I would suggest Pixel 8 series or later, since they get 7 years (instead of 5) of updates, which is also decisive for Graphene support duration.
I've been using Graphene on my Pixel 7a for about a year and I'm happy I made the switch. For sure it is a bit rougher than using Google's OS, but not enough to make me regret it.
The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right, and (2) the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Anyway, I looked at Google's Android 17 blog and yikes:
"With deep integration between hardware, software and AI, we’re transforming Android from an operating system to an intelligence system. It's about delivering new helpful experiences that anticipate user needs, and it brings more opportunities for engagement with your apps."
https://android-developers.googleblog.com/2026/06/Android-17...
> The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right,
GrapheneOS is compatible with the vast, vast majority of Android apps, so you can use GBoard or FUTO keyboard (which I recently switched to from GBoard), to get the ideal experience.
FUTO recently revamped their swipe to type model and it's now more accurate than GBoard in their testing. I am a huge swipe type person, so this is what held me in GBoard's clutches, but now I'm free.
The dataset is open source and anyone can add to it if you're on a mobile device here: https://swipe.futo.org
And you can learn about it here: https://swipe.futo.tech
> the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Google messages, the experience you get on PixelOS, is also compatible with GrapheneOS, but you will have to afford network access to sandboxed google play, among other things. I couldn't tell you specifically, but it will work out of the box before you restrict anything. Many people choose to use this setup because it opportunistically adds e2ee for chats between iPhones and other Androids using Google messages.
There's also other SMS apps, but I focused on switching people to Signal so I barely ever use SMS.
Once I replaced the default apps, GrapheneOS became a premium phone experience.
Yes! FUTO keyboard, then go into VOICE INPUT → MODELS → Explore Voice Input Models → English-244: “Best for the most accurate results, but more demanding.”
The voice recognition is built on Whisper, and is amazing. You can speak conversationally for a long time and it gets everything right, with smart decisions based on context.
My stupid thumbs text no more.
I just did. I had been using FUTO voice, but I see that FUTO keyboard also supports voice input, so I'm not sure if I should delete FUTO voice as being redundant now.
I don't believe it's necessary, it's move of an "if you want a dedicated voice keyboard, the UX is a little better" option. I don't have both installed though, as anecdotal evidence.
Thanks for your thoughts. I use FUTO voice usually, but there are situations where typing out a short message is better -- eg, in a restaurant or doctor's office or someplace where voice input might bother other people.
I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
The feature I'm missing is simply that rubbing my finger left or right on the spacebar in text mode causes the cursor insertion point to move left or right on in the text I'm entering. It makes it sooo much easier to correct typos.
> I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
Graphene's keyboard is the stock AOSP keyboard. Most Android systems ship with their own one instead of it, but that's the one that is built into the system by default.
FUTO and GBoard has the feature you're describing and I use it all the time. Pretty much anything you miss from Pixel UI can be attained by simply installing Google's app from the playstore.
There's also Heliboard, which has a swipe-type option
The problem I still have with the futo one is that it can't swipe type in multiple languages without switching every time. Gboard can do that. I use 3 languages intertwined constantly so I need that.
So I still use gboard but block its internet access.
Problem (1) is a keyboard problem, not a GrapheneOS problem. Graphene comes with the stock AOSP keyboard which is very basic, but you can absolutely replace it. Personally I'm using the FUTO Keyboard and it does have that feature, as well as swiping, speech to text and much more.
Maybe you can try installing another SMS app for problem (2)? Much like the stock keyboard, the stock Messaging app is just the AOSP app. Honestly it works fine for me so I don't have a recommendation.
Regarding 2: that is literally how SMS reactions work. Apps that recognize it just interpret it as "put that emoji on that message". It is unfortunate that it doesn't do that tho.
RCS is different, which you can sometimes get working by installing Google Messages¹, which is essentially the only app that supports RCS any more. Google runs essentially all the servers too.
---
1: There are no third-party RCS apps² because, unlike SMS which has an API and a shared database on the device, RCS is extremely locked down and it's literally impossible to create one in stock Android. This is also why it's only "sometimes" on GOS, the details are very complicated and rather enraging.
2: Samsung had one, but they're shutting it down in favor of Google Messages. A tiny number of other devices / telecoms have their own too, but they're rapidly shutting down as well. RCS is very nearly fully controlled and implemented by Google now, except for iMessage as a client only, for now, and there's no encryption between iMessage<->Google Messages last I checked (but there apparently is between Google Messages... but no normal person can really verify that because it's Just Google Everywhere).
I agree with this post and add one anecdotal data point.
I had installed graphene os on a pixel but after a couple months and a couple loops between lineage, stock, and graphene, I eventually settled on stock android. I have group messages with family and some of the family are on apple, some on android, and RCS only works with google messages and google services installed.
It's infuriating that I can't send RCS messages unless google allows me to. I want to go back to email or MMS. Supposedly after a month (!!) RCS group chats will fall back to MMS, but that was not my experience. Also, if you turn RCS on/off you may get kicked out of group messages [0].
[0] https://support.google.com/messages/answer/7189714?hl=en
Yeah, it's pretty awful tbh. I generally recommend disabling RCS, after learning a lot more about it - it feels like a hostile grab at global messaging at this point, heavily entrenched by telecom agreements. Use Signal or something instead.
Initially there were some promising details planned, but much of it hasn't panned out, and plus now it's Just Google™. Like, roughly everyone has heard that RCS brings E2EE privacy, right? Would it surprise you to learn that it was only added to the spec around a year ago, and nobody has it implemented yet? Google has their own thing between Google users, Apple has their own iMessage-only thing, and they both drop crypto when you cross the streams because it isn't in the spec. And neither is practically auditable (allowing auditing is part of the spec btw - have you seen that UI?).
And that's before even touching on the utterly massive amount of the spec that's clearly designed for businesses only, to send you highly customizable interactive UI. Which you can't use as a person. Or build your own app for. https://developers.google.com/business-communications/rcs-bu... / https://rcsforbusiness.google/
It just does not smell good. It's not in our best interests to let it win.
Yeah RCS always has been an embrace extend extinguish thing. The carriers were super pissed to lose their SMS revenue to WhatsApp and iMessage so they came up with this shit to be an active partner in the loop again, and they can bill for it again. Consumers didn't fall for that and it died off.
Unfortunately Google revived it but it's a very poor standard for interoperability. Not only because the lack of true E2EE in the open spec but also because you need to be a blessed party to run an RCS server and communicate with others. You can't run your own or choose a party you trust. It's either your carrier if they bother to run one, or Google.
It's just another power grab. Don't fall for its 'open' guise. They want you to use it so they can make you dependent and lock you in again. There's nothing open about it. If you want privacy, use signal. If you also want an open and federated network, use matrix or xmpp with OMEMO.
Other people have noted that you can switch out the keyboard and SMS app (which I did).
My single (minor) issue with GrapheneOS is the adaptive screen brightness. On the stock Android OS on a Pixel I'd mess around with the sliders for a week or two on a new phone and then it learned what I liked. Now it has a few set values, one of which is always too dim for me in darker conditions so I have to mess with the slider each and every time. I don't believe there's a way of fixing that.
Other than that I'm glad I switched, especially when I read about new "features" they add that I know I'd hate.
You shall engage more with your apps, user!
You should consider using signal as texting app?
I use GBoard on GrapheneOS. I just deny it network permission so it can't phone home.
I used to do this but I found it downloads needed language files in the background. So every time it updated, I would clear all the app data, open it again on something innocuous, like a text file, toggle each language I used. Not knowing how long it would take, I'd wait until each seemed to be behaving, then disable network permission. I still don't trust that it doesn't send data off via Play Services.
Now I use Heliboard with the swiping library added. It's not perfect, but has improved, and at least it can give more than three correction options (long–press centre suggestion with ellipsis below).
I really miss Keymonk — two–finger swiping, accurate, and no crap.
I do usually this, but recently on older phone (using it temporarily while I buy new) I had to reinstall it and found out, it didn't provide any word suggestions for ant language other than English and even gesture input for other languages didn't work, so at least during initial setup it must have (now?) internet connection most likely to download dictionaries (I thought they used to be included in past, never noticed this before), after allowing the connection, setting up and then disabling the connection, it works fine
Regarding (1), that's on your keyboard, which you can choose. Maybe you can give Futo a try? https://keyboard.futo.org/
Why does it need its own F-droid repo?
Because the code is not provided under a free/open-source license, and therefore does not meet the requirements for the main F-droid repo.
Ah interesting. They use the "FUTO source first" license. https://github.com/futo-org/android-keyboard/blob/master/LIC...
Open source with limitations on commercial use.
Simple Keyboard is on F-Droid too. Supports moving cursor via space bar.
Same for HeliBoard
I used to dread the promised deep system integration of AI, but honestly after setting Claude up on a server box and having it do sysadmin stuff for me that I've been putting off for ages I see the vision. I don't really want to mess with the details of working through system orchestration tasks, I want to say "spin up this service" and start using it, "change my config so X happens" and it does, and knows what needs restarting to pick up changes and all the fiddly knobs and configs that need syncing and their bespoke formats. I think Nix tried to unify this for people, but it arrived too close to LLMs so a lot of value (in this dimension) has been delivered by other means.
The point is, I'd like to be able to set up services, configuration, and run tasks on my phone this way too, ideally offline. If this system integration is what gives me programmatic control of my most personal computer and the ability to finally set up decent automated tasks and workflows then so be it.
The vendors are never going to give you control over your computer no matter what vision they try to sell you on. The whole point, from their perspective, is to use their control of your computer to gain more control over you, which they hope to then exploit for profit.
Right: Look at the ways Google has persistently taken away user-control and autonomy on the OS level.
Why would we expect the same company to exhibit a completely opposite philosophy as they add LLM features?
The thing is they don't setup their "intelligence system" for the type of task you wanna do. They are integrating it for tasks like "buy me a plane ticket for my next holidays", "order diner for me, the usual"...
Yes, Google famously uses their most advanced technology to make your life easier and not to look up your nose with a scanning electron microscope
I have tried ubuntu on mobile only once and never come back, because it had very bad and poor experience compared to native experience of that mobile. On which models this system works the best?
I took the plunge into GrapheneOS a week ago. I picked up a new Pixel10 Pro and never even tried the stock OS (except to unlock the boot loader).
I've got almost everything working the way I want. There were a few non-essential banking apps that won't install. The most annoying problem I had is when I tried to install Strava, which I cannot get working. The app installs, but it will not let me sign in. I guess I need a replacement, because I use that app a lot.
~Happy iPhone user for almost 20 (!) years. This has got me seriously thinking about picking up a Pixel.
I feel like you'd be taking on a lot of pain for no real benefits though?
What are North American people doing for replacing contactless payment? Last time I checked, the solution was to use Curve but it only works for Europe.
I don't. GrapheneOS is worth the effort of pulling a card out of my wallet.
It's infuriating that they won't do this for non Google Android. It's in the best interest of both the bank and the card owner. Credential theft risk goes down to basically zero when backed by a fingerprint authenticated virtual card.
What do you mean by credential theft? Stealing the numbers on the card or a malicious person triggering the contactless payment?
I'm sure contrats between Google and banks provide the financial guarantees that not open-source project would be able to. Unless governments mandate there's zero interest from banks to put extra effort into building for unpopular solutions
Banks don't want the headache of supporting multiple weird phone OSes and it's understandable. As long as they don't require running an apple/google-certified device and OS I don't care.
> Banks don't want the headache of supporting multiple weird phone OSes and it's understandable.
Commercially, this makes sense.
I am surprised that most nations of the whole world are fine with every citizen relying on one of two american companies for their lifestyle interactions though. I would have thought more nations would legislate their banks must support other options for sheer sovereign resilience.
> Commercially, this makes sense.
Does it though? The people in this thread are like "just use a card". Well I've done that for years and had my card skimmed, lost, and stolen over the years. The cost wasn't trivial either. The credit card company knocked it off my balance but also lost on sales when I didn't have my card while they issued me a new one. It cost the credit card company actual money in both lost sales and in dealing with the fraudulent transactions.
Now if I was allowed to use my rooted Android phone during those years? It would have been locked down tighter than the vast majority of Windows boxes.
People forget that one of the value-adds of credit cards in the first place is that suddenly you didn't have to walk around with a big wad of cash. Credit cards gave you that extra level of security. Even if someone stole it, it's useless to them as soon as you make a phone call to the CC company. We can verify a transaction with a yubikey-like secret store on your device that never shares the private key with the operating system and which generates a virtual credit card on the fly. That's literally how Apple Pay and Google Pay already work. So whether a device is rooted or whatever literally doesn't matter.
Does skimming still happen a lot? At least in Europe we have switched from magnetic strip to chip-based cards, which are protected against replay attacks.
I'm in Europe, but I had accepted that I had to do without. I hadn't heard of curve, going to check that out.
Garmin pay if you're ok with Garmin is one possibility.
They don't support amex or capital one, the two I use the most...
It's even available in my country! Never heard of it, would have assumed it's not being sold here. Let's see what that costs when I click the "shop now" button that's front and center
> Attention required!
> Sorry, you have been blocked
> The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
Thanks cloudflare *handshake* garmin. I suppose I'll stay with chip and pin for now
They have an app for Android that can do NFC? I thought it was only for their watches. Thanks!
There is no replacement. Strap a credit card to the back of your phone or pay cash.
Use a solvent to dissolve the plastic from the card then epoxy the extracted antenna and chip innards to the back of your phone case. Problem solved. (I'm only 50% joking, you can actually do this but maybe epoxy isn't the best option.)
Somewhat similar, Polar sells a band with an NFC payment chip in it (no experience, just saw it the other day):
https://support.polar.com/en/payment-wristband
I'd like to do this, but epoxy it to a dress watch
I have these cards I keep in my (RFID-blocking) wallet, one for each credit account. Then I just pull them out and tap to pay. It's super convenient - no app required!
What does RFID-blocking wallet do?
People cannot steal your card info via proximity to your wallet over NFC if the wallet’s physical barrier blocks the RF signal.
People can't steal your card info via proximity to your wallet over NFC even without an RF blocking wallet. This is tinfoil hat security cargo culting, like putting tape over your webcam while leaving the laptop's microphone connected (audio from your room is much more useful than 2834823428 frames of your greasy face).
No but they can steal up to the pin-free amount of money your card allows. They can just hold a sumup to your pocket. Here in Europe most people use debit cards with non-reversible transactions and that limit is often 70-100€ which is quite a lot of money where I live. And they can steal a lot more if they follow you and shouldersurf your pincode.
I definitely use one of those wallets. They're quite convenient too.
Putting my credit card in my phone case
Cash for most things, and just use a card like normal otherwise.
I don't really see the appeal of contactless payment, pulling a card out really doesn't take much time.
Cards are "contactless payment" these days.
Google Pay (Google Wallet) actually also has virtual number so my real card number won't leak in many cases.
Just having to take your phone with you is quite comfortable. Your phone is probably the pocket-sized item you are unlikeliest to lose.
True, but I also need my license to ride my motorcycle or drive a car, plus cash needs to go somewhere.
The post doesn't say - what's new? Anything to look forward to besides the security patches for A17 being available for longer than they will be for A16?
Asking as an A11 user who will probably soon need to switch to a new device. I haven't noticed anything on other people's phones that isn't available on mine, including on my work phone that runs an up-to-date GrapheneOS (but I don't need to do much more than calling and 2FA, so I might just not be seeing it). Anything you guys are excited for, or any protips of things to check out that were released recently?
Desktop mode is new and exciting.
This should have the full list; it's not a ton of changes, which speaks to how perfected Android has become.
https://android-developers.googleblog.com/2026/06/Android-17...
Ah, right I forgot they are discontinuing ChromeOS. Makes sense that current Android releases are focused on getting the Android laptop experience on par
Edit: not discontinued but 'merge with Android' https://en.wikipedia.org/wiki/ChromeOS
New garbage collector could be pretty big.
But some of the garbage collector changes are also rolling out to older Android versions through a Play System Update.
https://android-developers.googleblog.com/2026/06/Android-17...
I'm not sure though if GrapheneOS gets mainline modules at all (most likely not).
Presumably any new Android 17 features that aren't counter to GrapheneOS's mission, such as "Bubbles allows you to turn any app into a compact, floating window" https://blog.google/products-and-platforms/platforms/android...
Does GrapheneOS run on tablets? I don't see a whole chat app (shown in the example) fitting on my phone screen alongside something like a web browser, and the screenshot is from a square screen
GrapheneOS runs on an extremely limited set of hardware, mostly Google's own Pixel phones.
There's a shot of GrapheneOS on a tablet just past the three-minute mark in this video. I suspect that's a Pixel tablet (of which thee are several), though I'm not certain and the video doesn't specify:
<https://redirect.invidious.io/watch?v=aNgupWEV13M&t=188>]
Google Pixel tablet: <https://store.google.com/us/product/pixel_tablet?hl=en-US>
Discussion on Reddit says Google Pixel and Pixel Fold are both supported (tablets): <https://old.reddit.com/r/GrapheneOS/comments/16bp6e9/anyone_...>.
It's complicated. The Tensor G2 Pixel tablet was a solid device, and you can still buy it new from Google (with no choice on color or size in my country), but production has been discontinued and the two direct generational successors were canceled, in sequence. First it was skipping a generation, then it was canceling it entirely. The rumored "Pro" version also appears to have been axed.
I've used mine daily since it came out, and it's a great experience. I'd recommend picking it up for anyone who wants GOS on a larger screen. An iPad it isn't, but my iPad Pros have sat almost totally dormant since I got it years ago.
It lacks horsepower compared to the latest Pixel Pros, but that hasn't been a practical concern in anything I've done with it so far.
There's an (un)folding Pixel that runs GOS. Not exactly a tablet, but possibly sufficient depending on your needs. Not cheap, however.
Graphene made me like using a phone. It behave like a computer. Really lovely
> We've already tested the Android 17 port of GrapheneOS on the Pixel 6a, 7, 7a, 8, 10a, 10 and 10 Pro Fold.
No love for 9 or 9a? I guess it's still coming eventually.
- A 9a owner running GrapheneOS
https://grapheneos.social/@GrapheneOS/116761945417419946
>Those are just the devices we initially tested it on which mainly has to do with which devices were available to the people working on the port.
>To clarify the 2nd paragraph, we've ported GrapheneOS to Android 17 for all of the supported devices. That's a list of the devices we already built and tested it. Our initial public release will be available for all the supported devices and we'll have tested it on each by then.
I've been thinking it might be worthwhile to showcase that you can make GrapheneOS look beautiful or the same as stock Pixel UI. When I was considering switching from iPhone I had this misconception that it would look ugly or wouldn't look the same as Pixel UI, which is not the case at all. When I asked about it I wasn't given this clearcut answer that you can make GrapheneOS UI look the same or better than Pixel UI.
How much flexibility is there in changing appearance?
As an iPhone user, I really like what Oppo is doing with their ColorOS: https://www.oppo.com/nz/coloros16/
Wow that looks nice. I don't think you can get that.
You can change any apps to different apps meaning the keyboard, homescreen/launcher, messaging app. The launcher is a primary UI thing which is different from iOS and is totally customizable by just installing a new app.
So you can change the look of anything that depends on an app, but stuff like the control center, lock screen, volume sliders, connectivity icons, notifications afaict can't be changed.
https://niagaralauncher.com is a cool looking launcher that I used to use.
It's a little confusing but I'll say there's nothing ugly like the stock GOS apps that can't be changed and tha unchangeably UI elements match the Pixel UI.
Here's a comparison which will show both the unchangable stuff like control center, but also the Pixel launcher, which you can swap out.
https://www.youtube.com/watch?v=lwNicPJk4lY
I switched from iPhone and once I installed good looking apps I really prefer the look to iOS because it's a lot faster and smoother.
I wish they supported much more phones
I run GrapheneOS now 2 year :) always working fine
I have always wondered what this OS looks like. They have an incredibly detailed website with zero screenshots.
There are numerous video walkthroughs of GrapheneOS. This would be one starting point:
<https://redirect.invidious.io/watch?v=aNgupWEV13M>
Visually, it generally looks much like stock Android in terms of capabilities, though a stock install generally has far fewer apps installed.
Perhaps screenshots and sleek UI is not their selling point (and it isn't).
What's the biggest draw of GrapheneOS apart from de-googling? Does it have a better battery life? And compliance with NFC payments?
If you actually degoogle, supposedly battery life is better but if you start adding back in sandboxed play services, you lose some of the gains.
Greatly improved privacy and security and end-user control of your phone and its data. In those areas, possibly the best option, though iPhones might be better in security (not necessarily the other two areas) - Apple has a slightly bigger budget and a few more engineers, and directly controls the hardware.
It will depend on your banks/services. If those apps strictly implement Play Integrity API, you won't be able to use them on Graphene OS
Couldn't be happier using this on an old Nord Oneplus N10. Had to look around since it was out of date but thankfully they have archived builds.
What does it mean for an OS to be ported to another OS? Do they mean "ported to devices that support Android"?
It means they rebased all their changes on top of the new version. This is usually time-consuming because AOSP is not developed in the open, so you can't do this incrementally as things change -- you just get a massive drop sometime after release.
Android makes yearly releases. It is developed in cathedral-style. Google releases the source as a single big update. GrapheneOS is a fork. They need to port their customizations and extra software on top of the new release.
Every six months, not yearly. Google releases the major version and QPR2 as part of AOSP. QPR1 and QPR3 are Pixel-only.
Since they switched to QPRs and Pixel drops, major releases have become less important because feature roll out throughout the year.
It's just that nobody outside GrapheneOS and Samsung (to my knowledge) rolls out QPR2, so for non-Pixel/Samsung, the major releases are... major.
I think another major source of work for GrapheneOS is when Google releases QPR1 and QPR3, because GrapheneOS had to rebase the driver/firmware changes on top of QPR0/QPR2.
Think of GrapheneOS as being a set of patches on top of the Android Open Source Project that Google releases:
https://source.android.com/
They've ported the patches to work on top of the latest release.
Well, both, probably. GrapheneOS requires a lot of framework and device side changes.
I've been running GrapheneOS for over an year now. Bought a Pixel 6a last year as a cheap way to test waters, but pretty soon I upgraded to discounted Pixel 9. It took a while to set the basics (coming from iPhone), and I'm still have a couple of stuff missing, but at this point don't intend to use anything else (for as long as possible).
The biggest hurdles for me were - should I use separate profiles and how to get apps. Initially, I started with a separate profile for google stuff (like play store/services and apps downloaded from there, like Viber), but eventually I moved everything to the owner profile (and took a bit of a privacy and battery hit in the matter of convenience). Still, being able to control many app permissions, gives me a good state of mind that apps are not doing more then I expect.
Just looked at what android 17 brings to the table and I'm mildly excited - especially improving performance and adding more permissions (like ACCESS_LOCAL_NETWORK)
I made the same mistake after being burned by the PinePhone, buying a heavily discounted Pixel 6 to test various Android forks, which eventually included GrapheneOS. I quickly knew I'd found home upgraded to a 9 Pro XL.
From Google's Android 17 release:
> ... Android 17 expands the capabilities of AppFunctions, a platform API with a corresponding Jetpack library. It allows you to contribute your app's unique capabilities as orchestratable "tools" for Android MCP, the on-device equivalent of the Model Context Protocol. AI agents and assistants (like Google Gemini) can discover and execute AppFunctions to perform workflows on behalf of the user with direct access to the app's local state.
Is that implemented in GOS? How is that done securely - giving LLMs power to control some apps?
GrapheneOS would be so much more interesting if there was an official supported way for rooting it. That's the only reason I haven't switched to it on my several devices (all rooted)
That completely goes against what they're working towards. I understand why you would want to root your own phone, but GOS is targeting highest security standards and root ain't one of them (for good reason).
With Google making side loading extremely difficult soon, there's never been a better time to switch to a more secure OS for your phone.
There are some apps I can't do without like ReThink DNS, NewPipe and other open source apps which I use regularly. All would get blocked under Googles new regime.
Rethink DNS is in the Play Store though:
https://play.google.com/store/apps/details?id=com.celzero.br...
I own a z fold 6.
If I try Graphene what do I lose? Similar to how if you use something like icefox or icewolf one of those very secure browser, lots of normie websites like banking just straight up don't work. What would I lose by moving away from samsung's default to this more private OS?
You can't install Graphene OS on Samsung phones.
GOS won't install? It's blocked somehow? Or it's not officially supported?
It's not supported and you cannot unlock the bootloader most Samsung phones anymore (IIRC since OneUI 7).
Well, for some reason Pixel 9 series and also 10 pro is excluded?
<https://news.ycombinator.com/item?id=48563154>
permanent reminder that graphene and all other "alternatives to android" depend on extracted binary blobs. tons of them. which is the reason new (kernel) versions are such a chore/achievement.
I had been using LineageOS + microG for many years on my Pixel 3. I upgraded to a Pixel 8 and tried out GrapheneOS and the install experience was good, but I found some odd performance quirks - apps would be slow to install and run, downloads were slow, etc. Has anyone had similar issues?
Many apps that work on microG don't work in GrapheneOS without installing Google services anyway. I'm by no means across the full privacy implications, but my feeling is microG balances privacy and usability better for me.
I've since switched back to LineageOS+microG and am happy with it. Just my experience.
A lot of developers are lured into building in a dependency on Google services, so yes you'll need microG or, as GrapheneOS prefers, the original Google code running on your device for those apps to function. Or patch the app, like Langis does for Signal (not necessary for it to function without Google in this case, but it removes its calling out to Google's apps and services for those who don't want that). If you're happy with that setup and don't need protect-from-the-government levels of security (street thugs aren't going to ransomware your device by abusing an unlocked bootloader or send exploit chains that work on anything but the hardened allocator), LineageOS is probably the better choice for you. GrapheneOS has some nice things like easily denying the network permission for an app (even if they could theoretically work around it with intents) and having a custom A-GNSS server, but you can do the same on LineageOS by using root and something like AFWall+ for the network and configuring Graphene's A-GNSS (SUPL) proxy in the system settings (don't forget to donate if you use it and are able)
>but you can do the same on LineageOS by using root and something like AFWall+ for the network
lineageos has built-in firewall for years now. no need for afwall.
>but I found some odd performance quirks - apps would be slow to install and run, downloads were slow, etc. Has anyone had similar issues?
not sure about downloads specifically, but app installs are slow because grapheneos forces AOT compilation (JIT is disabled), presumably for security reasons.
Ah that makes sense, thanks!
Since grapheneOS only supports latest Google pixel phones, I tried installing LineageOS on my Mi11. Sadly, if you own a Xiaomi, you can’t just install another os. You need to unlock the bootloader and Xiomi limits you with a global quota of daily unlocked phones, you basically need to enter at midnight and hope. This is a complete nonsense, we have zero governance on our devices after paying them so much.
So I still need to buy a Google phone to get it? No thank you.
To get a sense of the project and its goals I recommend reading this post[1].
Buying a used Pixel is economical, environmental, and likely doesn't support Google. Pixels are the only secure and open android devices that could work for the project and meet the extensive requirements[2]. This is because GrapheneOS takes real steps to protect user privacy and security, not features that degrade security and don't increase privacy. You are going to be doing much more against Google by using GrapheneOS because it comes with 0 google services by default and takes advanced steps to protect you from all apps and services you install.
If you are still not willing or able to purchase a Pixel, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[3].
[1] Privacy and security on computing devices need to become far stronger to protect people from pervasive violations of their rights. https://xcancel.com/GrapheneOS/status/2044440381803069778#m
[2] https://grapheneos.org/faq#future-devices
[3] https://xcancel.com/GrapheneOS/status/2028448871374803007#m
It makes sense that an open source project would focus on one series of phones since their time and resources are limited.
That said, Google's hardware is behind their competitors and they've had a lot of problems in the past few years. The Pixel 8 Pro has hardware WiFi problems, the 9 and 10 are both minor updates with prices that are far too high, the 10 is eSIM only, etc.
> The Pixel 8 Pro has hardware WiFi problems, the 9 and 10 are both minor updates
The prime difference between P8 pro and P9 pro is that the newer one is nearly a usable size (just about fits in a pocket now). The battery also got substantially better in two ways: on mobile data (when you're on someone's WiFi, odds are you're also near a charger) you get 33% longer use time on all variants of the P9 and 55% on the P10 and P10p (9 to 12 and 14 hours, respectively), and hours of use per 30 minutes of charging went up from 4.6 for the P8 to 6.3 for the P9(p) and 6.2 or 7 for the P10 and P10p, respectively
The rest is indeed relatively minor but it's not an unwelcome upgrade. Prices didn't change much when buying second-hand 1.5 years after release, when the newest devices are out and nobody cares about the generation-before-last despite >5 years of updates remaining (plus however long you think it's fine without updates)
> Buying a used Pixel is economical, environmental, and likely doesn't support Google
Interesting. What do you think are reasons for google to run Pixel then?
Not being sarcastic here, but what links you shared (thank you) say imply there are almost no benefits for Google to run Pixels and as we all know, Google is not a company doing charities.
> What do you think are reasons for google to run Pixel then?
Get millions of users using their services. The average person who buys a Pixel will likely go all in with the Google ecosystem giving Google every word they type, every message to a loved one, every search. It's a data gold mine.
I doubt they sell Pixels at a loss, but even if they did they could make up for it like how Amazon does with kindles.
https://www.forbes.com/sites/zakdoffman/2026/04/28/price-of-...
I think they also use pixels for testing android and such which is why they keep it secure and open.
Motorola is not mentioned in any of the links.
https://news.ycombinator.com/item?id=47214645
third link
The Pixel was never sold in my country so it's much more difficult that you think. Even if it was I wouldn't buy it because I don't buy Google products.
> If you are still not willing to purchase a Pixel for whatever reason, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[2].
Ok? Wake me up when that happens.
> The Pixel was never sold in my country
Okay, see, that's an important thing to add to your original post. Saves everyone a lot of time.
If they don't sell them in your country, it's not "no thank you" as you said, it's "this doesn't apply to me".
I don't see how it's relevant. I couldn't possibly have made it any more clear I would not buy a Google device, new or used, because I don't like Google.
I am not sure why you even consider an android based OS then.
Because AOSP is open source and can be built without Google Play running at the background unlike the other alternative: giving up privacy to yet another big tech Apple.
Graphene adds many privacy features on top of regular AOSP. But it only works on phones that has good security features that are not woefully outdated or completely closed-off. Google has complete control over Pixel supply chain and they can make their phones with all bells and whistles for their ends and they behave a bit benevolently and expose the interfaces to the user too.
Most Android phones use Qualcomm which doesn't give a flying fuck about giving control or privacy to the users.
That's a value judgement, and it's a fair one. It does throw an additional constraint in the works though.
FWIW, I've been looking at the mobile / portable computing space fairly intensively for a month or so. I share your quite dim view of Google.
GrapheneOS does seem to be one of the most attractive Android alternatives.
There are also Lineage (based on CyanogenMod), AOSP, KaiOS (based on AOSP, via Firefox OS), LightOS (by Lightphone, AOSP), AphyOS (used by Punkt. mp03, also based on AOSP). These tend to be minimal, used on feature phones / dumbphones / minimalist phones. And there are /e/OS and iodéOS.
Among Linux-based non-Android options are Sailfish OS (Jolla), Ubuntu Touch (Ubuntu), PineOS (Pinephone), and PureOS (Purism), Tizen, Mobian (based on Debian), postMarketOS (based on Alpine Linux). These tend to be maximalist, offering a fuller experience than Android, with support for native Linux applications and configurations.
There are some non-Linux OSes, of which I'm aware of System 30+ (a/k/a S30+, Nokia), OpenHarmony (by Huawei), and ... something described as "realtime OS" or "RTOS" which actually had a name, for a Japanese flip phone, but which has slipped my mind (probably something reviewed by Jose Briones on his YouTube channel).
And of course there's iOS.
Briones by the way is an absolutely excellent resource: <https://josebriones.org/>. He's also one of the mods of /r/dumbphones at Reddit.
There are trade-offs, and what you choose depends on what you value, in the marketplace, in capabilities, in your own peace of mind.
If you want a full-featured device with wide acceptance, few limitations, and want nothing to do with Google, look at iOS devices.
If you want (nearly) full Android capabilities, but without Google's prying eyes and ears, GrapheneOS or LineageOS are probably your best bets. Whilst Graphene currently only works on Google Pixel devices, there's been a partnership announced with Motorola, there may be others in future (my speculation, with no other basis). And ironic as it seems, Graphene + Pixel actually does get you further from Google in many ways, though I still understand your position.
If you want full freedom / maximal privacy, and are prepared to make compromises on capabilities and battery life, look at one of the Linux-based, non-Android options. I've heard of quite a few bugs with these.
If you're looking for specific hardware capabilities (e-ink, folding / candybar, keyboard (T-9, qwerty, ...), small, large, tablet, headphone jack, etc., etc., or specific software capabilities, you're going to further refine your search. (Briones has a Dumbphone Finder at his website which does this pretty well.)
If you want modularity or repairability, there are devices such as Fairphone or Keyphone with (some) replaceable components.
If you want minimalism, look at an AOSP-based device, or perhaps S30+. These will give you feature phones capable of calls, texts, and a few apps, but not much else. For more complete computing you'll need either a desktop or a laptop.
There are more extreme options. I'm considering, for example, whether or not a roving SIP WiFi-only phone might be an option, and if so, what would be necessary to make that work. It would rely on a WiFi network provider (public or non-public network, or a cellular modem), and wouldn't function everywhere but should function in many locations sufficiently to be useful.
Most non-smartphone options I've looked at, and in particular the usual "dumbphone" suspects (Light Phone, Punkt.) tend to run an AOSP-based OS, with Nokia being the principle exception.
Briones FWIW uses the Light Phone III as his daily driver. That's somewhat spendy, and quite minimal, but he has his reasons, discussed at length at his blog and YT channel.
I'm leaning fairly strongly toward an option now, though my main hesitation is that KaiOS devices have very limited phone/SMS spam and/or traffic management. I'd prefer known-contacts-only could reach the device, that doesn't seem to be possible (KaiOS has only specific-caller blocking, and apparently a limited API for enabling more robust phone blocking). On the flipside, the device can be powered off, and/or battery removed.... I'm also looking at some VOIP/SIP options.
Only silver lining to this is they run a lot of discounts and promotions on them, and it's possible to buy them at a significant discount. Got my first Pixel 10 on a very cheap contract with trade-in promos on top, and got a second Pixel 10 at a 70% discount from the RRP.
It's not possible to buy them at all where I live, even if I wanted to funnel money to Google - which I do not. I have gone to great lengths to de-Google my life.
Ebay? A friend to ship it? I agree on the de-google part but putting graphene on a used pixel is aligned!
Absolutely, and it is irrational to refuse to buy hardware from Google (which, with Graphene, is under your control) when the alternative is to either run a Google OS on a third party phone (and give up control of the software), or Apple (equally bad), or some impractical and less secure alternative like a Linux phone incompatible with Android apps.
Soon, there will be compatible Motorola phones.
If you buy used, you save a bundle and google gets no money from you.
I still don't want a pixel, so I went with a used ebay phone and installed lineageos.