TLDR: Extremely good FOSS mobile operating system with excellent security and privacy features. This is a well maintained operating system and I will be using this instead of LineageOS as my daily driver from this point forward. For a FOSS operating system it really does not feel like a community maintained OS with some holes like LineageOS does.
Also don’t rely on this post for advice but more a life update, I left it in the draft book for like 5 days… I probably rushed it.
The phone
I bought a Google Pixel 4a on eBay for a very small price of £250 which included two cases and it’s original box. I have no idea how the seller managed to sell it for so cheap. Before I used the Pixel 4a, I had a Samsung Galaxy S5 running the latest build of LineageOS and I had mained that as my phone for three years. I wanted to move to a newer phone because my phone had too small of space and even with it’s extended lifespan, I didn’t feel like this phone is good enough for the late future.
I am more focused on free software than I was before, so having a phone that at the minimum ran free software as the operating system was a serious requirement. I also wanted a ‘modern’ phone instead of an old Samsung from way too long ago, so I chose a Pixel 4a, a phone with easy flashing support and current support from the provider. The Pixel 4a also has excellent support from android distribution developers. Security is my second largest focus, so having a device that was still supported was important.
Backstory
A couple of years ago, I was aware of CopperheadOS, an android distribution focused on security and privacy, I remember back then wanting a phone running the operating system, and I knew that they formerly sold phones running the OS on online stores. The lead developer of GrapheneOS was the former developer for CopperheadOS, and it seems that the company running CopperheadOS has now closed source their product. I am not too well informed on the legal issues between the developer and the Copperhead team but it seems to be pretty dirty. GrapheneOS is the former CopperheadOS project and the current CopperheadOS is the split product from the former company who was sponsoring it.
I wanted to try GrapheneOS for a while. Currently, they only support Pixel phones and thats why the Pixel 4a is my current phone of choice as it will still have support for the next 2 years. The Pixel 4a is considered a budget model and me getting it for £250 was a steal in my personal opinion. I also heard that Google phones were very easy to flash the operating system (and this has appeared to be very true!). Flashing the Galaxy S5 for the first time was a serious pain of constantly removing the battery in and out during install.
Why I chose GrapheneOS
GrapheneOS is a free and open-source AOSP operating system built with security and privacy as the top priority. As a security researcher I want to have the maximum security possible with my home computers and devices. My privacy is also important, and in the past I had sacrificed software I enjoyed using to have greater privacy. I am aware of other operating systems based on AOSP that also focus on these two things, however GrapheneOS stuck out to me for a couple of reasons that made me choose them over other operating systems.
Comparisons (vs LineageOS, and CalyxOS)
I am aware LineageOS is not a security and privacy focused OS, but it should be worth noting that an unsupported device running LineageOS with the latest OS security patch is possibly more secure than an old Android device with the unsupported OS.
- GrapheneOS changes the Android operating system to the lowest level, with a hardened kernel, C library, memory allocator (based on OpenBSD’s) and creates changes to the higher levels of the operating system, with a special WebView / Browser (Vanadium) made to complement the OS’s changes.
- CalyxOS' changes to the kernel (if any) are not mentioned, although it has a hardened implementation of some technologies like MicroG (which is strictly unsupported by GrapheneOS for other reasons).
- LineageOS does not do any security enhancements and is documented to do the opposite. LineageOS actually increases the attack surface by enabling userdebug features by default and allows root access via ADB and promoting applications to root the device.
- GrapheneOS recieves weekly updates and does these updates seemlessly and automatically. I like having the security patches immediately when they are made, rather than waiting monthly like AOSP recommends.
- CalyxOS updates monthly to AOSP standards
- LineageOS updates vary by device, some updates usually happen daily, however its uncommon for them to be security updates.
- GrapheneOS supports verified boot by allowing the user to lock the bootloader after the OS is installed, this improves the security model by allowing the integrity of the operating system and boot chain to be checked, which prevents persistence in malware or an attack.
- CalyxOS also supports verified boot
- LineageOS requires an unlocked bootloader.
- GrapheneOS' custom webview is a feature difference not seen on any other operating system. By the looks of it however it appears to be no different to the Chromium webview, with telemetry features removed and support for GrapheneOS' low level operating system enhancements. The Vanadium app I could best describe is an ungoogled version of Chromium.
- CalyxOS nor LineageOS have a custom webview, although this is not really a disadvantage on their end.
- Usergroups from all 3 operating systems and the developer of GrapheneOS recommends using Bromite as a web browser. Bromite is a Chromium based web browser with built in ad-blocking and fingerprinting mitigations.
- The Bromite WebView is installable on a rooted LineageOS device alongside the device however root access is naturally a major security flaw in itself.
- GrapheneOS is completely de-googled and has no support for Google Play or open source re-implementations like MicroG. I chose GrapheneOS for this reason, I do not care about the incompatibility as I only run FOSS F-Droid applications.
- CalyxOS supports MicroG for Google Play Services compatible apps, as CalyxOS tries to focus on privacy and compatbility together. If something cannot run properly on GrapheneOS, I suggest using CalyxOS as an alternative instead.
- LineageOS supports the proprietary Google Play Services or MicroG. Usually when you install LineageOS, it comes with neither.
- I am also aware GrapheneOS has a sandbox for Google Play Services which allows them to be installed without privileges, but this feature is new and I would not personally use this feature yet.
- GrapheneOS bundles almost no apps into it’s operating system with the Auditor, Camera, Clock, Contacts, Files, Gallery, Settings, Phone and Browser being the only apps on the phone. It generally feels so empty when you install for the first time. I chose GrapheneOS because of this also, as my app choice is very limited of about 3-4 apps. It’s minimal apps and permission/battery management makes my phone last for days without charge.
- CalyxOS bundles apps like Tor Browser, Orbot, Signal, Aurora Store and their VPN app. While most are removable, I am not fond of this option as I do not use any of these apps.
- LineageOS bundles a lot of random stock apps (although some are removable and some can be deactivated).
What there is to know
GrapheneOS is not built to be another LineageOS
GrapheneOS is an operating system completely focused on security, privacy and freedom, LineageOS is focused on compatbility and customisation. While LineageOS is an excellent starting choice for a FOSS mobile operating system with it’s massive amount of devices it can be installed on, GrapheneOS is (by design) limited. This will be made significant in the next important note…
GrapheneOS is limited in support
Once a device stops being supported by the manufacturer, GrapheneOS will stop making updates for it. This is because the security of the devices' proprietary software outside of the operating system’s security cannot be guaranteed. Distributions like CalyxOS and LineageOS keep updating after device support has ended. If you have a device that is slowly losing support, do not install GrapheneOS as they will not assist you.
Google Play Services is unsupported.
Any app using Google Play Services will have missing features or won’t work at all. GrapheneOS may allow you to use the Google Play Services in a separate sandbox, however your mileage may vary. I recommend using CalyxOS instead of you depend on a Google Play Services application. The play services sandbox is still a newly implemented technology that is not completed on Graphene yet.
Security practice is essential
A secure phone won’t protect you against your shitty security or privacy habits.
The apps I use
Currently I use F-Droid as my app store choice, running only FOSS apps obtainable from the store. My current apps are NewPipe, Simple Notes, Orbot, Conversations, FairEmail, KeePass and Exitrpater. I’ll probably go more into them later…
End
I encourage you all to try GrapheneOS sometime, or if you use an Android device, to flash it with a new operating system running FOSS. If you are not that stuffed about security and want a pro-privacy operating system than I wholly recommend CalyxOS instead. Their integration of MicroG can make transitioning with GSP dependent apps easier.
I am also trying to write about my progress from moving to a complete FOSS environment. I hope I can finish the draft soon.