Is Graphene OS good? Any downsides? I need to get a new phone soon.
I switched to it a year ago and I like it. The biggest draw for me is it gives me back control and ownership over my phone. It gives you actual and thorough control over what apps can do on your phone including Google's apps, which on other typical Android OS are being given all or most permissions with no ability for you to deny access to any of them.
To gain almost all the functionality of a regular Android OS you can install Google Play Services and run it sandboxed, which means it will only do what you allow it to do and access only what you will allow it to access, which for me is the bare minimum before things stop working too much for my tastes.
Besides Android auto for now, the only thing that won't work for me on it is my banking app, probably because of all the security checks involved in it. But I just use the browser-based online service to do my banking operations instead.
I got my banking app working by going into App Info for it, and toggling this to on.
This is also what I use to get 3 banking apps working
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
Don't you need to root to use Magisk? You can't root in GrapheneOS
You can tho its not advised
Magisk is how you get root.
Magisk also allows app spoofing, which may be something of a security risk, but using it to bypass things like banking app checks is one of the benefits. Personally, I like having root, and to me the benefits are worth the risk.
It may even be that GrapheneOS uses a little bit of Magisk's type of functionality. At least, that's how LineageOS4MicroG works - you need app spoofing to install MicroG, however this ROM comes with it preinstalled but disabled for anything else, so it closes the security hole. However, you probably can't defeat Google's SafetyNet with MicroG anymore.
I never managed to get MS "company portal" to successfully create a work profile. I had to give up in the end.
My banking app is in the list and already has a number of reports against it reporting the same problem I have with it. Exploit protection compatibility mode was already enabled on my phone. The app just freezes upon startup ever since an update that rolled in later last year and as I said, this problem has already been reported by other users.
:( thats annoying. i assume you have google play services installed.
its a good thing your bank doesnt enforce using the mobile app, like mine...
I never managed to get MS "company portal" to successfully create a work profile. I had to give up in the end.
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
I think it's great, and have been daily driving it for I think almost 3 years now. With the addition of sandboxed Google Play services, there's little it can't handle.
I'm running it. Bank apps and Safety net things (like Pokemon Go) all work. Aside from Android Auto, Google Pay refuses to work.
So, there's no downsides.
Actually, Google Translate didn't play ball when I tried it. I miss that one.
I really like Android Auto so I'll probably wait until they at least get that working to change. I wonder if Samsung Pay works on there...
I would guess that Samsung pay relies on Knox, which gets disabled by blowing an e-fuse, when you run a custom os. But maybe I'm wrong.
ah, that's a shame. I'm heavily relying on google pay (also BLIK, but I'm usingboth polish and Ukrainian cards, and blik is a poland-only thingy) since i only have virtual credit cards right now. having everything (bank cards, govt ids etcs) on my phone is just too convinient to give up like that
I was concerned with this myself and planned to just add a physical card under my phone case, but I was suprised how little difference using the card normally made.
And if you care about privacy, you probably shouldn't make your purchases using a google app.
That's the vibe I got from it. It took longer to activate the app than it took to get a card out of my wallet. It had the potential to fail if my battery was flat. Google could track my shopping habits.
So, that's a pass.
Upsides: Everything just works, no google tracking, creating a google account is optional and its easy to setup
Downsides: You aren't able to automatically backup the internal storage of apps without a lot of work (external files such as photos and documents are fine though)
I've been using it for about 1.5 years, I would recommend using it if possible
From my experience, its overall good. Its basically stock android, meaning no google smart features and apps by default, with more control over apps and google services. But for caution, some apps may break. You will have to mess around with the app settings to fix them. Also some apps will not work such as the google wallet app due to the OS not being acknowledged as official by google.
In short, its a more security focused OS that may require more involvement in configuration.
is there any way to do NFC payments with grapheneos?
Google Wallet didn't work last time I checked, but contactless payments worked perfectly well by setting my banking app as the payment app.
Not all banking apps work due to the system integrity checks they do. Support for your banking app can probably be confirmed here.
Confirmed my app works on GrapheneOS but doesn't seem to implement payment functionality. Guess they rely on google/apple/samsung pay 🤦
Now that I know this is a thing any banking app can just do, I am so disappointed in the predominance of "digital wallets"
That's a shame. I wouldn't bet on Google Play ever working on GrapheneOS.
Doesn't it only support Pixel phones?
Yes, if you want an alternative that supports more phones, look into Calyx OS
I love CalyxOS but they don't support Android Auto at the moment if this a dealbreaker for anyone
I used the Google to destroy the Google
Biggest downside is you lose Android Auto haha
But also pretty much all the Pixel-specific features like Call Screen, Hold For Me and many more.
Other than that it's fantastic and easy to install.
I still use Google Contacts, Camera, Photos and GBoard, all with internet connectivity disabled.
Get a Pixel and give it a shot. If it doesn't work for you the Pixels have amazing support in the custom ROM community so you'll be able to find something you like for sure.
I just moved from a Samsung - migration was a lot of manual work for me. Whether it's worth it depends on how much the increased security and control are worth to you. They were to me - I haven't had any issues otherwise.
i, for one, only have good things to say about it, EXCEPT device support (which is not GOS's fault)
GrapheneOS is probably the best, most private and secure Android ROM out there. I can only recommend it.
The only real downside is that the developers are divas. Also, there's something to be said about the security of a Google manufactured device and thinking your custom firmware protects you from them, however really that's true of any device, and the security benefits of sandboxing and other features may outweigh this.
I was hoping from the title that this meant that Graphene could run on the car. They’re still a huge privacy concern.
GrapheneOS requires specific safety hardware that, as of now, is usually available only on the Google Pixel line of phones. If your standard smartphone doesn't include it, I doubt a car does.
Android Auto is a specific system that mirrors app contents from your phone. It's basically an extended monitor for your phone with specific formatting to be car usage friendly. It doesn't do anything about a car's embedded systems
What do you mean "run on the car"? You might be thinking of Android Automotive, the car OS.
They’re still a huge privacy concern.
...who?
E: please stop speaking on behalf of the person I asked the question to. They are the only one who knows the answer.
Yes we're all aware, thank you. What does that have to do with my question?
What does that have to do with my question?
Which question? The one you asked who was the huge privacy concern? If so...did you read the article they linked you? Because the answer is there, and I'm not going to read it for you.
Which question?
...either of them?
The one you asked who was the huge privacy concern?
You are not the person I asked, nor is the last person who replied to me, so I don't know how you, they, or the article could possibly know who they were speaking of.
Plugging your phone in doesn't suddenly make your car or your phone more or less private so I don't understand the relevance.
...either of them?
They answered the "who is the huge privacy concern" with the link. I literally just said that.
so I don't know how you could possibly know who they were speaking of.
I read the link that was the replied to you, and applied context. It's not hard to understand what a person means when they literally write it down. It's one method of communication. Or do you constantly read articles, and never know what the authors meant unless you can quiz them directly?
Plugging your phone in doesn't suddenly make your car more or less private so I don't understand the relevance.
They weren't necessarily talking about making the car more or less private via plugging in the phone. The original comment in this thread was wishing GrapheneOS was on cars, and then "modern cars are bad for privacy" link. They were talking about the existing poor state of privacy on modern cars and wishing it was fixed via wishing GrapheneOS could be flashed to the car. There was nothing in this thread about plugging your phone into the car making it more or less private. Again...context.
They answered the "who is the huge privacy concern" with the link. I literally just said that.
No they literally didn't. That was someone else.
do you constantly read articles, and never know what the authors meant unless you can quiz them directly?
Only if they write very unclearly, as the person I replied to did.
It sounded to me like they were referring to Graphene, and not presumably who you meant about the OEMs, which is why I asked for clarification.
I'm gonna stop entertaining this pointless debate. Let me know if you hear back from the person who I actually asked the question to, byebye now.
And I literally just said you can't possibly know who the person I replied to was referring to.
They are obviously referring to the manufacturers in the link.
Only if they write very unclearly, as the person I replied to did.
They didn't. They gave you a link that you didn't read, clearly. Or if you did...then those manufacturers are who they're talking about.
byebye now.
Kthnxbye
You are right and they are wrong. The person you're responding to is completely irrational and unintelligent. As somebody that doesn't know them, I look down upon them and will probably periodically remember their foible and think lowly of them again and chuckle while thinking: "hah what a complete idiot". Rest assured that you won the argument and that no matter where the person you're responding to gets in life, there's at least one person who will periodically remember him and think down upon this simpleton of a person and think of you as the person who made them look like that. Hats off.
they meant it as having graphene replace the car's OS. the cars themselves is the privacy concern
I'm a Luddite for sure, but I'd be uncomfortable with my car having access to data about how I interact with my phone. I use Lineage and not Graphene, but I don't think I'd use Android Auto if it was available for Lineage. (Or maybe it is. Not sure. But I wouldn't use it regardless.)
the solution is to yank out the stock infotainment system and put in a new one that doesn't suck. that and cracking down on automakers who play dirty
Is there one that doesn't suck and isn't auto/carplay?
Also for people thinking that this will block the functions that your existing one has integrated with the vehicle, you can get something like iDatalink Maestro to translate things. As long as it's compatible with your car and the head unit is compatible with the Maestro then you can access existing functions.
Wow this is incredible, and I will be making the switch! This was the only unavailable feature that I couldn't go without.
Same. I used graphene and calyx for a while but really needed the nav features so stoped using them. Very excited for this!!
I recall watch pairing being temperamental when I tried it as well, but this will be a solid reason to give it another go. Maybe put it in one of the old phones for a test drive and go from there. Graphine certainly makes it easier to hop over with their online flash tool than most did in the past.
I'm more interested in that Nitro Phone 4, tbh. Not in buying it, as I'd just flash it myself, but it's an interesting product. They also include options for removing sensors, microphones and cameras, which seems kind of cool and crazy - without the microphones how do you make calls?!
You either connect a mic via Bluetooth or wired headset.
Bluetooth, doi, don't know why I didn't think of that.
Either you plug a wired microphone each time you receive a call, or you explicitly do not receive calls with the device and use it as a tablet basically.
Ahh yeah that makes sense.
I don't understand, isn't the Nitro just a rebranded Pixel with Graphene?
Yup it is, but apparently they also have options to physically remove components for added security. It costs €300 though, on top of the premium they charge for simply installing GrapheneOS and putting a sticker on the back.
So yeah, I find it interesting, but I don't think it's something I'd buy lol.
Yeah, don't ever connect your phone to your car. It has been proven that they steal all your data.
Better yet, don't have a phone.
Or a car
Better yet, have a de-Google'd phone and don't connect it to the car. Don't see why it is "better" not to have one at all.
You can't just go around proving people wrong all the time!
Is Graphene OS good? Any downsides? I need to get a new phone soon.
I switched to it a year ago and I like it. The biggest draw for me is it gives me back control and ownership over my phone. It gives you actual and thorough control over what apps can do on your phone including Google's apps, which on other typical Android OS are being given all or most permissions with no ability for you to deny access to any of them.
To gain almost all the functionality of a regular Android OS you can install Google Play Services and run it sandboxed, which means it will only do what you allow it to do and access only what you will allow it to access, which for me is the bare minimum before things stop working too much for my tastes.
Besides Android auto for now, the only thing that won't work for me on it is my banking app, probably because of all the security checks involved in it. But I just use the browser-based online service to do my banking operations instead.
I got my banking app working by going into App Info for it, and toggling this to on.
This is also what I use to get 3 banking apps working
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
Don't you need to root to use Magisk? You can't root in GrapheneOS
You can tho its not advised
Magisk is how you get root.
Magisk also allows app spoofing, which may be something of a security risk, but using it to bypass things like banking app checks is one of the benefits. Personally, I like having root, and to me the benefits are worth the risk.
It may even be that GrapheneOS uses a little bit of Magisk's type of functionality. At least, that's how LineageOS4MicroG works - you need app spoofing to install MicroG, however this ROM comes with it preinstalled but disabled for anything else, so it closes the security hole. However, you probably can't defeat Google's SafetyNet with MicroG anymore.
I never managed to get MS "company portal" to successfully create a work profile. I had to give up in the end.
if you dont mind me asking, which banking app do you use? have you checked out the privsec.dev compatibility report?
My banking app is in the list and already has a number of reports against it reporting the same problem I have with it. Exploit protection compatibility mode was already enabled on my phone. The app just freezes upon startup ever since an update that rolled in later last year and as I said, this problem has already been reported by other users.
:( thats annoying. i assume you have google play services installed.
its a good thing your bank doesnt enforce using the mobile app, like mine...
I never managed to get MS "company portal" to successfully create a work profile. I had to give up in the end.
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
Banking apps can usually be defeated by Magisk in Zygist mode, then you use the deny list to hide things from the app. Some might check with Google for security, which is much more difficult and maybe even impossible to circumvent, but in my experience these days they work fine.
I think it's great, and have been daily driving it for I think almost 3 years now. With the addition of sandboxed Google Play services, there's little it can't handle.
I'm running it. Bank apps and Safety net things (like Pokemon Go) all work. Aside from Android Auto, Google Pay refuses to work.
So, there's no downsides.
Actually, Google Translate didn't play ball when I tried it. I miss that one.
I really like Android Auto so I'll probably wait until they at least get that working to change. I wonder if Samsung Pay works on there...
I would guess that Samsung pay relies on Knox, which gets disabled by blowing an e-fuse, when you run a custom os. But maybe I'm wrong.
ah, that's a shame. I'm heavily relying on google pay (also BLIK, but I'm usingboth polish and Ukrainian cards, and blik is a poland-only thingy) since i only have virtual credit cards right now. having everything (bank cards, govt ids etcs) on my phone is just too convinient to give up like that
I was concerned with this myself and planned to just add a physical card under my phone case, but I was suprised how little difference using the card normally made.
And if you care about privacy, you probably shouldn't make your purchases using a google app.
That's the vibe I got from it. It took longer to activate the app than it took to get a card out of my wallet. It had the potential to fail if my battery was flat. Google could track my shopping habits.
So, that's a pass.
Upsides: Everything just works, no google tracking, creating a google account is optional and its easy to setup
Downsides: You aren't able to automatically backup the internal storage of apps without a lot of work (external files such as photos and documents are fine though)
I've been using it for about 1.5 years, I would recommend using it if possible
From my experience, its overall good. Its basically stock android, meaning no google smart features and apps by default, with more control over apps and google services. But for caution, some apps may break. You will have to mess around with the app settings to fix them. Also some apps will not work such as the google wallet app due to the OS not being acknowledged as official by google.
In short, its a more security focused OS that may require more involvement in configuration.
is there any way to do NFC payments with grapheneos?
Google Wallet didn't work last time I checked, but contactless payments worked perfectly well by setting my banking app as the payment app.
Not all banking apps work due to the system integrity checks they do. Support for your banking app can probably be confirmed here.
Confirmed my app works on GrapheneOS but doesn't seem to implement payment functionality. Guess they rely on google/apple/samsung pay 🤦
Now that I know this is a thing any banking app can just do, I am so disappointed in the predominance of "digital wallets"
That's a shame. I wouldn't bet on Google Play ever working on GrapheneOS.
Doesn't it only support Pixel phones?
Yes, if you want an alternative that supports more phones, look into Calyx OS
I love CalyxOS but they don't support Android Auto at the moment if this a dealbreaker for anyone
I used the Google to destroy the Google
Biggest downside is you lose Android Auto haha
But also pretty much all the Pixel-specific features like Call Screen, Hold For Me and many more.
Other than that it's fantastic and easy to install.
I still use Google Contacts, Camera, Photos and GBoard, all with internet connectivity disabled.
Get a Pixel and give it a shot. If it doesn't work for you the Pixels have amazing support in the custom ROM community so you'll be able to find something you like for sure.
I just moved from a Samsung - migration was a lot of manual work for me. Whether it's worth it depends on how much the increased security and control are worth to you. They were to me - I haven't had any issues otherwise.
i, for one, only have good things to say about it, EXCEPT device support (which is not GOS's fault)
GrapheneOS is probably the best, most private and secure Android ROM out there. I can only recommend it.
The only real downside is that the developers are divas. Also, there's something to be said about the security of a Google manufactured device and thinking your custom firmware protects you from them, however really that's true of any device, and the security benefits of sandboxing and other features may outweigh this.
google's shit is literally malware
You can't get an infection if you're a virus
https://en.m.wikipedia.org/wiki/Virophage
You can't just go around proving people wrong all the time...
Lol how are they divas?
Louis Rossmann explains it well in his video here
I'm pretty sure there have been stories going back years before this, but yeah that's a good example.
The lead dev has left the project. He was responsible for pretty much all of that. Presumably that is why.
Here is an example: https://github.com/bromite/bromite/issues/2141
I was hoping from the title that this meant that Graphene could run on the car. They’re still a huge privacy concern.
GrapheneOS requires specific safety hardware that, as of now, is usually available only on the Google Pixel line of phones. If your standard smartphone doesn't include it, I doubt a car does.
Android Auto is a specific system that mirrors app contents from your phone. It's basically an extended monitor for your phone with specific formatting to be car usage friendly. It doesn't do anything about a car's embedded systems
What do you mean "run on the car"? You might be thinking of Android Automotive, the car OS.
...who?
E: please stop speaking on behalf of the person I asked the question to. They are the only one who knows the answer.
Modern cars are a privacy shitshow
Edit: spelling
Yes we're all aware, thank you. What does that have to do with my question?
Which question? The one you asked who was the huge privacy concern? If so...did you read the article they linked you? Because the answer is there, and I'm not going to read it for you.
...either of them?
You are not the person I asked, nor is the last person who replied to me, so I don't know how you, they, or the article could possibly know who they were speaking of.
Plugging your phone in doesn't suddenly make your car or your phone more or less private so I don't understand the relevance.
They answered the "who is the huge privacy concern" with the link. I literally just said that.
I read the link that was the replied to you, and applied context. It's not hard to understand what a person means when they literally write it down. It's one method of communication. Or do you constantly read articles, and never know what the authors meant unless you can quiz them directly?
They weren't necessarily talking about making the car more or less private via plugging in the phone. The original comment in this thread was wishing GrapheneOS was on cars, and then "modern cars are bad for privacy" link. They were talking about the existing poor state of privacy on modern cars and wishing it was fixed via wishing GrapheneOS could be flashed to the car. There was nothing in this thread about plugging your phone into the car making it more or less private. Again...context.
No they literally didn't. That was someone else.
Only if they write very unclearly, as the person I replied to did.
It sounded to me like they were referring to Graphene, and not presumably who you meant about the OEMs, which is why I asked for clarification.
I'm gonna stop entertaining this pointless debate. Let me know if you hear back from the person who I actually asked the question to, byebye now.
They are obviously referring to the manufacturers in the link.
They didn't. They gave you a link that you didn't read, clearly. Or if you did...then those manufacturers are who they're talking about.
Kthnxbye
You are right and they are wrong. The person you're responding to is completely irrational and unintelligent. As somebody that doesn't know them, I look down upon them and will probably periodically remember their foible and think lowly of them again and chuckle while thinking: "hah what a complete idiot". Rest assured that you won the argument and that no matter where the person you're responding to gets in life, there's at least one person who will periodically remember him and think down upon this simpleton of a person and think of you as the person who made them look like that. Hats off.
they meant it as having graphene replace the car's OS. the cars themselves is the privacy concern
I'm a Luddite for sure, but I'd be uncomfortable with my car having access to data about how I interact with my phone. I use Lineage and not Graphene, but I don't think I'd use Android Auto if it was available for Lineage. (Or maybe it is. Not sure. But I wouldn't use it regardless.)
the solution is to yank out the stock infotainment system and put in a new one that doesn't suck. that and cracking down on automakers who play dirty
Is there one that doesn't suck and isn't auto/carplay?
Also for people thinking that this will block the functions that your existing one has integrated with the vehicle, you can get something like iDatalink Maestro to translate things. As long as it's compatible with your car and the head unit is compatible with the Maestro then you can access existing functions.
Wow this is incredible, and I will be making the switch! This was the only unavailable feature that I couldn't go without.
Same. I used graphene and calyx for a while but really needed the nav features so stoped using them. Very excited for this!!
I recall watch pairing being temperamental when I tried it as well, but this will be a solid reason to give it another go. Maybe put it in one of the old phones for a test drive and go from there. Graphine certainly makes it easier to hop over with their online flash tool than most did in the past.
I'm more interested in that Nitro Phone 4, tbh. Not in buying it, as I'd just flash it myself, but it's an interesting product. They also include options for removing sensors, microphones and cameras, which seems kind of cool and crazy - without the microphones how do you make calls?!
You either connect a mic via Bluetooth or wired headset.
Bluetooth, doi, don't know why I didn't think of that.
Either you plug a wired microphone each time you receive a call, or you explicitly do not receive calls with the device and use it as a tablet basically.
Ahh yeah that makes sense.
I don't understand, isn't the Nitro just a rebranded Pixel with Graphene?
Yup it is, but apparently they also have options to physically remove components for added security. It costs €300 though, on top of the premium they charge for simply installing GrapheneOS and putting a sticker on the back.
So yeah, I find it interesting, but I don't think it's something I'd buy lol.
Yeah, don't ever connect your phone to your car. It has been proven that they steal all your data.
Better yet, don't have a phone.
Or a car
Better yet, have a de-Google'd phone and don't connect it to the car. Don't see why it is "better" not to have one at all.
You can't just go around proving people wrong all the time!