Why YSK GrapheneOS is a step above the rest. I understand it’s ironic de-google phone/tablet with google hardware, but it just works better then anything else. Permission toggles, pin scrambling, auto-reboot, scopes, MAC randomization, isolated user profiles, longer passwords, sandboxed apps, open source firmware, no bloat & the battery life is incredible now.
I hope people understand how easy it is to move to Linux & GrapheneOS full time & remove Apple, Google, Microsoft etc. It exceeded expectations so much so that I want to share it with other people. I cannot recommend this enough to improve your life. #FOSS
Too bad it’s only on available on the Pixel. My pixel 6 had a terrible fingerprint scanner… And when I upgraded to the 7, it was even worse (didn’t work in the dark).
So for now afwall+ on my rooted Moto Edge 2022 Plus gets the job done with blocking Google (and other invasive) apps.
I have a Pixel 7 that runs GrapheneOS and don’t have any of the fingerprint scanner issues you described. I don’t even understand how using it in the dark could make a difference since a circular portion of the screen under your finger lights up at maximum brightness when it is scanning your fingerprint. The only issue that I have is that sometimes a piece of dead skin peels off of my thumb or I wore a glove in the heat making my skin a little pruney which makes the scanner unable to read my fingerprint right. But that was a problem with my old Moto phone as well.
Edit: After making some research it appears that Google fixed the fingerprint scanner issue with a software update.
I’m sitting on a Chinese phone hoping the pixel 8 switches to a unltrasonic sensor. It’s really too bad my work doesn’t let me use custom ROMs. Makes me want to get a work phone
If the pixel 8 switches to ultrasonic instead of optical, then I’m all over it. The pixel fold has it built into the power button… The phone I’m using does the same and it has a 10/10 success rate. So I’m hoping they to with that.
Why do you let them take over your device like that?
Because I get a lot of flexibility from being able to take meetings from my phone. I can go for a walk during a meeting for example
Fair enough. I thought you meant they forced you into it lol.
Oh lol nope, that would be pretty crazy
Is it possible to spoof device signatures or relock the bootloader to get around those work restrictions? MagiskHide might also be able to help depending on the case
I have the pixel 6 now and the fingerprint scanner sucks. I thought about getting a pixel 7 because I assumed it would be better, thanks for the warning. Also, how did you manage to get a custom ROM for the Moto Edge 2022? I was looking for custom ROMs and found nothing. I read that nobody really has that phone so the support is lacking.
Don’t hold back from getting a good deal on the Pixel 7 because of the fingerprint scanner issue. It has been resolved with a software update since then. I have a Pixel 7 and the fingerprint scanner works just fine regardless of lighting conditions.
Do you have the regular Moto Edge 2022… or the Moto Edge Plus 2022?
oh dear.
i got all excited when i read “moto edge” cause it’s been a long while since i last rooted my phone. but now i suppose i will hold off on excitement until there is more clarification on your question.
If you have the non plus moto edge 2022 model… You can root it the same way as the plus version
Regular
Pixel 7 has face unlock though 👀
Doesn’t work in the dark… or any low light conditions. It’s not really a good implementation
I have a Pixel 7 and it works in the dark just fine. I feel like @techgearwhips might have gotten a defective phone.
Edit: After a quick search it appears that Google fixed it with a software update.
On my 7a, I found that making sure your thumb is clean and then pressing kinda firmly does the trick. I still prefer the back fingerprint sensor from my previous phone, a Pixel 2, as that was fast, locatable, and could be used to bring down the notifications, but honestly the success rate now is about equal
Not to mention Pixel phones aren’t available at all in several countries, don’t think I’ve ever seen one myself
On my pixel 6 you just have to wipe clean the scanner area first or press hard with your finger.
Agreed with many others here. GrapheneOS it’s fantastic.
A few points that haven’t been highlighted:
- The GrapheneOS camera is fast and responsive. I haven’t had a responsive camera in several generations of Android until I installed GrapheneOS.
- Everything is faster and more responsive on GrapheneOS. A $300.00 phone from last year running GrapheneOS responds to input like a $1000.00 phone, while keeping the longer battery life of a $300.00 phone.
- Defense-in-depth privacy and security controls. A lot of good privacy and security defaults add up to a lot more peace of mind. Thiis phone feels like my property, not just a portal to deliver ads and collect data about me.
GrapheneOS, Signal (or, I suppose, Telegram, just something E2E encrypted) and a raspberry pi running PiHole are 3 of the best investments I ever made in my day to day experience.
Telegram is NOT e2e encrypted by default. Even Signal has issues due to its insistence on not federating with other servers and being the sole CA in the system.
Not had issues with Signal, but yeah, wouldn’t touch Telegram with a barge pole. Probably a CIA honeypot.
I could never get my pihole to remain stable over long periods of time. Multiple reinstalls, two different pis, always issues with the network dropping or requiring both the pi and connected devices to be rebooted. A pain in the neck for a reason I’m not immediately able to figure out.
Interesting, I basically set it and forget it and the only time I’ve ever had to interact with it again was to tweak the blacklist to block something new or allow something through
It might be an issue with your particular cocktail of router/modem/isp/what have you - which is way harder to diagnose
That’s really strange to hear, I’ve run it in on a pi zero, until it died, a 4b, and now on a pair of orange pi zero 2 I think they are, without any issues I didn’t directly cause by computing drunk.
I’d give it another shot if you’re up for it, it’s worth it in my opinion. I’m also running wireguard on it, with clients on all our phones so we take that protection with us everywhere.
I wonder if it’s an SD card failure.
Mine was up for 200 days or so, basically untouched, before I upgraded the hardware.
I don’t understand most of those terms, but uh, sounds good?
Permission toggles that mean something, battery life and no bloat ware sound great to me.
Yeah those three things by themselves are worth switching for. Add to that the great security features and it’s basically the ideal smartphone.
Permission toggles are are what things apps have access to, Grapheneos gives:
-
Sensors permission (this is how your phone can use sensors to determine if you are walking, moving, how far your phone is away from your face)
-
internet permission toggle (this allows you to control what apps can directly connect to the internet)
-
Storage Scopes (You can control what files or directory any app that uses legacy storage permissions have access to instead of blank allowing all files access to the app)
-
Contact Scopes (This allows, like Storage Scopes, for you to control what apps can access contacts and who’s contact the app can or can not see)
You can and should give https://grapheneos.org/features a read.
As for banking apps, depending on what they are, may work. Paypal and some others work.
-
Can you add “Why YSK” to the start of your text body? This is for readability purposes as stated in Rule 2.
deleted by creator
That’s a single person on a project with multiple contributors. He’s also since stepped down. You’re acting like he’s the sole guy.
https://discuss.grapheneos.org/d/5235-stepping-down-as-project-leader-of-grapheneos
deleted by creator
Yeah doesn’t he have some kinda meltdown? Seems like a control freak.
deleted by creator
That’s a link to Louis’s video: https://www.youtube.com/watch?v=4To-F6W1NT0
Sad really as I also like the idea behind it. I’ve been running Cyanogenmod on 2 old phones in the past and just installed LineageOS on an old Tab S2 to breathe some new life into that old but still good tablet.
I wonder if it is somewhat related to that?
https://discuss.grapheneos.org/d/5235-stepping-down-as-project-leader-of-grapheneos
Here is an alternative Piped link(s): https://piped.video/watch?v=4To-F6W1NT0
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source, check me out at GitHub.
I have already saw the video about Louis and I’m totally with him totally, the only threat I just saw in that chat was threating banning Louis because he commented on a video of a youtuber with a community that swatted him and always go against him.
Yes, not the best way to get someone do what you want to do, but not as worse as leaking a private chat with someone without the other part agreement, and falsely accusing someone of possibly injecting malware inside a project only to go against you.
this is informative, and unfortunate
It is such a liberating experience not having any google product in my main profile. I only use some of the google app from time to time, like map and waze; so I locked them in a secondary profile with background data disabled, and background activity restricted.
Unfortunately, I still need to use slack for work and spotify for music though. These are the only two proprietary apps in my main profile with network access.
loberating
I don’t know why my spell checker do not work in jebra… Apparently I see much more misspellings on lemmy than other site, so it seems like I am not alone.
Understandable. I tried to use Jerboa too but it just has too many bugs right now.
Agreed. I have actually spent a lot of time reading through their code and I find what they do amazing. It’s a solid OS and is actually secure where the phone owner actually has control over their own phone.
You are such a nerd…
… and so wonderful! Thanks for looking over source code so busy folk like me don’t have to! :)
deleted by creator
Who said anything about less important?
We’re all busy, and we use our time how we choose. They choose to use it in this way and I thanked them. Maybe consider how you spend your time. Arguing on the internet gives you very little.
Removed by mod
This is informative, and unfortunate.
That’s a single person on a project with multiple contributors. He’s also since stepped down. You’re acting like he’s the sole guy.
https://discuss.grapheneos.org/d/5235-stepping-down-as-project-leader-of-grapheneos
Ohhhhh, didn’t know that. I guess it’s time to try this OS again. 👌
They have trouble interacting with people. Although I got frustrated with their behavior from time to time, nor do I in anyway endorse their behavior; I do not believe they are acting out of ill intent.
I do believe they need to get some help though. I personally go to therapist sometimes; I think they would benefit from the same help that we have access to.
It is truly unfortunate (and informative), the situation with Daniel. But they have stepped down from the project, so safe to say this won’t be an issue.
That’s a pretty harsh thing to say about one of the most talented and dedicated open source devs around. It’s also no longer true, he stepped down from his post in the GrapheneOS team a few months ago.
What did the team feel about him?
Good thing open source projects are… open and worked on by a bunch of people.
Here’s the original Techlore video Rossmann is referring to: https://neat.tube/w/gctuauB8TRVxCWjwdGWr8d
It’s been two years, so I’m not 100% sure, but I recall it being very detailed and convincing. Techlore’s main argument against using GrapheneOS is that “Leadership reflects the project.” Since the person in question stepped down, the project should be fine, now, even if that holds true. (Personally, I installed GrapheneOS despite that video.)
To get out of my bubble, I’ve also searched for a meta-video about the Techlore/GrapheneOS dev drama. I came to this frankly ridiculous video: https://www.youtube.com/watch?v=SjCM8srhTW4
I’m 7 minutes in, and having not seen Tom Sparks before, he pretty much ruined his reputation with me already. He tries find evidence of Techlore being toxic by searching for his own name. His “evidence” of toxicity is literally people saying that Tom Sparks has a bad reputation and that specific videos or recommendations by him are bad. Literal case of “all criticism is toxic”.
Later, I paused when he scrolled through the dozens of mentions he brings as “evidence”, and nearly everything is either neutral. Even the negative posts seem to be more about how is takes on various topics are, apparently, bad enough to become a bit of a meme.
Even his interpretations of what he quotes directly from Techlore are stretchy at times.
The fact that this is the supportive evidence of Techlore being toxic, my faith in Techlore being a good creator is fortified.
Does anyone else find it strange that three separate replies to this post use the words “unfortunate and informative?” Same guy with sock accts, bots, or just “unfortunate and informative” has been added to the lexicon today in the fashion of “cap” or “bet?”
Either way I guess it’s unfortunate and informative.
I can’t tell if you are asking in jest or seriously, but if you really are wanting to know, the phrase comes from Louis Rossman’s video about his encounter with the creator/previous lead dev on GrapheneOS. The dev was flipping out at Rossman and threatening him despite his product being advertised for free. So Rossman publicized the conversation and called the whole interaction “unfortunate and informative.” It’s become a bit of a meme phrase for the people who watch him and within his ongoing videos.
No thanks for clueing me in, I was aware of the situation but nkt the meme phrase, felt real creepy to see in the wild for the uninitiated lol.
Seems to be a little bit of an effort to discredit OS projects or products used for it. I’ve seen it for GrapheneOS, Pixel, Firefox, GIMP.
Unfortunate and informative. Time to look into CalyxOS.
Not a helpful comment.
I can’t recommend this enough. Been using GrapheneOS for the past 3 years and been happy with it ever since. No issues whatsoever and works just as well as the stock OS. Granted, it has less features but I like the minimalist approach.
Isn’t this for Pixel only devices? Or does this work on non-pixels too?
Pixel only I believe
Pixel only for now, yeah.
Here’s the list of officially supported pixels: https://grapheneos.org/faq#supported-devices
deleted by creator
You didn’t mention which devices this is compatible with, which even on the Android side is very limited, unfortunately.
It’s a neat idea, I’m glad it exists, but I can’t be sure it has full support the way stock Android does, and it’s not necessarily compatible with my Android phone anyway, and I’d have to root my phone and void the warranty, so I think I’ll give it a miss for now.
Maybe in a few years I’ll try it on an old phone that I don’t mind killing if something goes wrong, just in case! :-D
GrapheneOS only has support for OEM unlocked Google Pixel phones, and it runs pretty much perfectly on every device it supports. It is extremely easy to install, no rooting required. You just click buttons in a web browser while your phone is plugged in and there’s pretty much 0% chance of breaking anything.
https://grapheneos.org/install/
You’re supposed to buy a phone specifically to run GrapheneOS. This isn’t a ROM that you can swap onto any device, it’s native to a specific platform. Also, using GrapheneOS does NOT void the warranty, you can always switch back to stock Android with Google’s web installer.
I would love to switch to GrapheneOS, but I need to know a certain apps work before I can make the change. Is there any way I can do this? They are financial apps and sadly use GSF. I cannot avoid not having them sadly. Any tips?
They should work if you install sandboxed play services from the built in app store.
If those financial apps include banking apps, then this post by a mod of the GrapheneOS Discussion Forum should be useful. It includes a link to an up-to-date list of banking apps compatible with GrapheneOS and a link to steps to help resolve compatibility issues if they do occur.
Thanks for that, just what I was looking for! ✨
I upgraded a little early (while my previous phone wasn’t dead yet, for once) for this reason.
I’ve found financial apps work fine* even if they claim they need GFS. Your mileage may vary, of course.
*With the sandboxed GFS from the Graphene app store.
It’s hard to tell in advance, but apps that check SafetyNet will definitely not work and a lot banking apps use this.
There are some databases though that list compatibility for apps you can check out, e.g. https://plexus.techlore.tech/. If they work with microG, they should also work on GrapheneOS + sandboxes google play.
Are there any major daily driver features from Android missing here? Also are the updates usually stable?
It seems quite stable from my experience, and from online reviews. Some might say it us more stable than stock pixel. For example pixel 6 used to suffer from network issue due to google’s software: https://www.androidcentral.com/pixel-6-possible-network-connection-fix , which I haven’t found any discussion about the same problem on grapheneos.
However graphenos has its problems:
- App installation is very slow, this it further worsened by crapy apps on google play, for example Mcdonald app took me around 5mins to install app for the first time. But it will only be annoying when you install, since update is done in the background, so you will hardly notice it.
- No support for android auto.
- No now playing, call screning, face unlock (camera and photo, on the other hand, works fantastically, even without network premission).
- fingerprint will not trigger at least 30% of the time in low light. (I have a 7a, so it is probably because the software is not yet optimized)
The fingerprint scanner issue has been resolved with an update. I recently bought a Pixel 7 and am surprised to hear about a fingerprint scanner issue. It is working just fine now regardless of lighting conditions.
Nice! I have a 7a so it is probably because the software is not optimized yet.
Why would the app installation be slow? Do they create sandbox for each app?
“Android Runtime Just-In-Time (JIT) compilation/profiling is fully disabled and replaced with full ahead-of-time (AOT) compilation. The only JIT compilation in the base OS is the v8 JavaScript JIT which is disabled by default for the Vanadium browser with per-site exception support.”
Why would fingerprint reading get worse if the ambient light is low?
The issue was resolved in a software update. I recently got a Pixel 7 and didn’t even know about the existence of a fingerprint scanner issue until I came to this thread. It works perfectly fine now regardless of lighting conditions.
I think the in screen fingerprint reader on pixel is currently optical (which is just a little in screen camera), so it needs more optimizations to work well under low light.
https://www.howtogeek.com/694294/how-does-in-display-fingerprint-scanning-work/
However pixel 8 is rumored to move to ultrasonic, which probably will not be affected by low light.
Does GPS work as expected for you?
I don’t use GPS much, but I haven’t encounter any problem so far. Graphene uses GPS instead of network location, so it likely doesn’t work as well under a roof. But again, I personally have not encountered a problem.
Face unlock and fingerprint unlock are the biometric stuff I avoid when I get a phone to improve my privacy. I’ve not had issues with download speeds.
What is android auto?
Edit: auto = some car integration. Hands free works OOTB for me on GrapheneOS. Not needed anything more.
No Android auto is a deal killer for me.
I have used GrapheneOS for years now and it’s absolutely great as a daily driver. Very few apps malfunction and you can even use Google play store if you want. Updates are very frequent and Android OS updates usually release even faster than Google
Depends on how you use your phone. Main thing I miss is Google Pay’s tap to pay (disabled by Google unless you run a Google certified OS…which Google could easily certify Graphene but won’t), but most banking apps NFC tap to pay work.
Android Auto also doesn’t work, but I never used it. Some people might, though.
which Google could easily certify Graphene but won’t
I’m not on the Google fan bus and would be the first one here to drop Android at the drop of a hat, however, you are being deliberately deceptive here and I hate people like that: the reason it’s not certified is because Graphene devs don’t want to pay to get it certified, it’s not because Google refused to, like you are saying.
you are being deliberately deceptive here and I hate people like that
To be fair, you have no idea if they are being deceptive. They might simply not be aware that GrapheneOS chose not to pay to get certified. I certainly didn’t know that, and I’m not at all certain that Google would certify them if they chose to pay. Do you have a source for that?
Any developer can go here to start the process for GMS certification. If the Graphene devs didn’t know this, then they are fucking stupid, which i know they are not. Their TOS provides you the answers:
GMS is only available through a licence with Google and delivers a holistic set of popular apps and cloud-based services.
And I think the costs vary depending on how much bandwidth traffic you will be bringing Google to serve the certified content. Also, they allow you to certify non-Android OSes (such as Tizen and etc).
According to this post, it’s not that they don’t want to, it’s that GrapheneOS can’t be certified:
https://discuss.grapheneos.org/d/475-wallet-google-pay/9
That post implies that there is something Google won’t do which prevents them from certifying, which supports what the OP was saying.
That’s a very funny post to read. In summary they are demanding Google comply with their own standards they designed. It’s definitely two children yelling “No, you!” at each other.
I like Graphenes standards better, but it looks like Google is sticking with Play Integrity API over hardware-key attestation because it’s less insane to force end users to rely on costly solutions and more compatible with different commercial vendors (looks like some Certificate Authority vendors are effected).
I’m not being deliberately deceptive. Google absolutely could whitelist GrapheneOS if Google chose to, just like any app developer can as well by checking for the verifiedBootState with proper verifiedBootKey (GrapheneOS attestation link below).
Now, I don’t see Google doing that as GrapheneOS doesn’t and won’t ship with Play Store, Play services, or Service Framework. GrapehenOS actually has a compatibility layer so those don’t get special and device wide privileges like they do on devices that ship with them (sandboxed link below)…which Google probably requires. And I don’t see GrapheneOS budging on this as that’s one of their main selling points for security and privacy.
But I’m always down to learn and I’m not a developer. I don’t suppose you have a link that says the main thing that Graphene is missing is handing over money to Google to get certified, and ideally how much? If that was it, I’d be willing to bet money Graphene would’ve forked over the cash by now.
https://grapheneos.org/articles/attestation-compatibility-guide
Hi google, can you approve our phone that basically cuts your apps out and offers privacy from your mass spying operation please? Such a weird point.
I did acknowledge what you said by saying Google doesn’t want Graphene not including GMS stuff and won’t whitelist GrapheneOS, despite Graphene’s extra security measures. But this doesn’t change the fact that Google could…but won’t.
When I got a degoogled phone, I’d already decided I do not trust Google with my data and I want to be far away from them. With that decision came the decision that I don’t consider them an authority I rely on, and don’t want their opinion on what is good and what isn’t. If people aren’t ready to degoogle, that is fine, but to ask google if it’s cool to degoogle is a an area where maybe folk aren’t ready to degoogle.
In the UK we have tap to pay debit cards. Mixing that in with the phone is always weird, especially from a privacy perspective. I wouldn’t want that.
deleted by creator
deleted by creator
Yeah, as a Zenfone 9 owner, the 10 basically fixes the few small nitpicks I do have with it. Agreed though, don’t see it ever getting officially supported any more than I do any other non pixels.