I think most people here don’t really understand what’s going on here. Graphene OS is an Android mod with some extra security features designed to run on a hardened hardware. The main goal of Graphene OS is to protect users from some very specific attacks like some devices police uses to unlock phones or some targeted hacks by state actors. Unless you’re worried you may be targeted by such an attack and have some date you need to protect from them you don’t really need Graphene OS. You can run any of the other deGoogles Android mods on any hardware that supports it. You can already buy phones with pre-installed /e/ of iode ROMs. Many other phones support Lineage OS. Also, let’s keep in mind that GrapheneOS only supports Pixel because they don’t want to allow people to run their OS on hardware they don’t think is secure enough. It’s their choice not to support other phones.
Also, Google still controls AOSP so this does not solve any of the bigger Android issues. Motorola forking AOSP and providing the resourced needed to keep the development going would be amazing news. This is just one phone maker promising to fulfill the security requirements of Graphene OS. It’s basically like Dell offering Ubuntu laptops. Good news but it will not have a big impact on the ecosystem.
If you’re worried about police getting your data you’re already using GrapheneOS on a Pixel device. This is good news for you because you will have more options when changing phones in the future but not really a game changer in any way.
Reproducible builds and lack of telemetry, plus hardening against compromise (by any actors) is my personal use case. I only run free/libre infrastructure privately, and hope to move on to open/libre hardware in future.
But how is that significantly more secure than LineageOS? I have read through countless blog posts from GrapheneOS developers and have not yet encountered an explanation that is sufficiently convincing. Outside of additional security hardening, which is definitely a big pro, GrapheneOS doesn’t have many things that LineageOS doesn’t. LineageOS is fully FOSS and telemetry-free. They introduced the “Trust” control panel for managing all sorts of privacy and security matters. They have PIN scramble.
The only major, obvious security vulnerability lies in the proprietary driver blobs from the device vendors / OEMs. But AFAIK Google Pixels also have those, right? So outside of doubtlessly valuable measures like restricting malicious reprogramming / access through the USB port, in what ways is GrapheneOS actually more secure than LineageOS?
I never said you don’t. I’m saying that if you DO need it you should be running GrapheneOS on a Pixel already. If you can wait a year or two until this phone comes out it’s clearly not a “must have” for you.
Fair point. I really do wish it were more than “Pixel, or MotorolaSoonTM” for hardware choices. Who knows, though. Maybe other manufacturers will join the party.
I think most people here don’t really understand what’s going on here. Graphene OS is an Android mod with some extra security features designed to run on a hardened hardware. The main goal of Graphene OS is to protect users from some very specific attacks like some devices police uses to unlock phones or some targeted hacks by state actors. Unless you’re worried you may be targeted by such an attack and have some date you need to protect from them you don’t really need Graphene OS. You can run any of the other deGoogles Android mods on any hardware that supports it. You can already buy phones with pre-installed /e/ of iode ROMs. Many other phones support Lineage OS. Also, let’s keep in mind that GrapheneOS only supports Pixel because they don’t want to allow people to run their OS on hardware they don’t think is secure enough. It’s their choice not to support other phones.
Also, Google still controls AOSP so this does not solve any of the bigger Android issues. Motorola forking AOSP and providing the resourced needed to keep the development going would be amazing news. This is just one phone maker promising to fulfill the security requirements of Graphene OS. It’s basically like Dell offering Ubuntu laptops. Good news but it will not have a big impact on the ecosystem.
Nice try officer.
If you’re worried about police getting your data you’re already using GrapheneOS on a Pixel device. This is good news for you because you will have more options when changing phones in the future but not really a game changer in any way.
Reproducible builds and lack of telemetry, plus hardening against compromise (by any actors) is my personal use case. I only run free/libre infrastructure privately, and hope to move on to open/libre hardware in future.
But how is that significantly more secure than LineageOS? I have read through countless blog posts from GrapheneOS developers and have not yet encountered an explanation that is sufficiently convincing. Outside of additional security hardening, which is definitely a big pro, GrapheneOS doesn’t have many things that LineageOS doesn’t. LineageOS is fully FOSS and telemetry-free. They introduced the “Trust” control panel for managing all sorts of privacy and security matters. They have PIN scramble.
The only major, obvious security vulnerability lies in the proprietary driver blobs from the device vendors / OEMs. But AFAIK Google Pixels also have those, right? So outside of doubtlessly valuable measures like restricting malicious reprogramming / access through the USB port, in what ways is GrapheneOS actually more secure than LineageOS?
If you live in the united states, then you DO need protection against police and state attacks.
I never said you don’t. I’m saying that if you DO need it you should be running GrapheneOS on a Pixel already. If you can wait a year or two until this phone comes out it’s clearly not a “must have” for you.
Fair point. I really do wish it were more than “Pixel, or MotorolaSoonTM” for hardware choices. Who knows, though. Maybe other manufacturers will join the party.