GrapheneOS and my new mobile device

2021/09/01

Tags: open source privacy security me 100DaysToOffload

TLDR: Extremely good FOSS mobile operating system with excellent security and privacy features. This is a well maintained operating system and I will be using this instead of LineageOS as my daily driver from this point forward. For a FOSS operating system it really does not feel like a community maintained OS with some holes like LineageOS does.

Also don’t rely on this post for advice but more a life update, I left it in the draft book for like 5 days… I probably rushed it.

The phone

I bought a Google Pixel 4a on eBay for a very small price of £250 which included two cases and it’s original box. I have no idea how the seller managed to sell it for so cheap. Before I used the Pixel 4a, I had a Samsung Galaxy S5 running the latest build of LineageOS and I had mained that as my phone for three years. I wanted to move to a newer phone because my phone had too small of space and even with it’s extended lifespan, I didn’t feel like this phone is good enough for the late future.

I am more focused on free software than I was before, so having a phone that at the minimum ran free software as the operating system was a serious requirement. I also wanted a ‘modern’ phone instead of an old Samsung from way too long ago, so I chose a Pixel 4a, a phone with easy flashing support and current support from the provider. The Pixel 4a also has excellent support from android distribution developers. Security is my second largest focus, so having a device that was still supported was important.

Backstory

A couple of years ago, I was aware of CopperheadOS, an android distribution focused on security and privacy, I remember back then wanting a phone running the operating system, and I knew that they formerly sold phones running the OS on online stores. The lead developer of GrapheneOS was the former developer for CopperheadOS, and it seems that the company running CopperheadOS has now closed source their product. I am not too well informed on the legal issues between the developer and the Copperhead team but it seems to be pretty dirty. GrapheneOS is the former CopperheadOS project and the current CopperheadOS is the split product from the former company who was sponsoring it.

I wanted to try GrapheneOS for a while. Currently, they only support Pixel phones and thats why the Pixel 4a is my current phone of choice as it will still have support for the next 2 years. The Pixel 4a is considered a budget model and me getting it for £250 was a steal in my personal opinion. I also heard that Google phones were very easy to flash the operating system (and this has appeared to be very true!). Flashing the Galaxy S5 for the first time was a serious pain of constantly removing the battery in and out during install.

Why I chose GrapheneOS

GrapheneOS is a free and open-source AOSP operating system built with security and privacy as the top priority. As a security researcher I want to have the maximum security possible with my home computers and devices. My privacy is also important, and in the past I had sacrificed software I enjoyed using to have greater privacy. I am aware of other operating systems based on AOSP that also focus on these two things, however GrapheneOS stuck out to me for a couple of reasons that made me choose them over other operating systems.

Comparisons (vs LineageOS, and CalyxOS)

I am aware LineageOS is not a security and privacy focused OS, but it should be worth noting that an unsupported device running LineageOS with the latest OS security patch is possibly more secure than an old Android device with the unsupported OS.

What there is to know

GrapheneOS is not built to be another LineageOS

GrapheneOS is an operating system completely focused on security, privacy and freedom, LineageOS is focused on compatbility and customisation. While LineageOS is an excellent starting choice for a FOSS mobile operating system with it’s massive amount of devices it can be installed on, GrapheneOS is (by design) limited. This will be made significant in the next important note…

GrapheneOS is limited in support

Once a device stops being supported by the manufacturer, GrapheneOS will stop making updates for it. This is because the security of the devices' proprietary software outside of the operating system’s security cannot be guaranteed. Distributions like CalyxOS and LineageOS keep updating after device support has ended. If you have a device that is slowly losing support, do not install GrapheneOS as they will not assist you.

Google Play Services is unsupported.

Any app using Google Play Services will have missing features or won’t work at all. GrapheneOS may allow you to use the Google Play Services in a separate sandbox, however your mileage may vary. I recommend using CalyxOS instead of you depend on a Google Play Services application. The play services sandbox is still a newly implemented technology that is not completed on Graphene yet.

Security practice is essential

A secure phone won’t protect you against your shitty security or privacy habits.

The apps I use

Currently I use F-Droid as my app store choice, running only FOSS apps obtainable from the store. My current apps are NewPipe, Simple Notes, Orbot, Conversations, FairEmail, KeePass and Exitrpater. I’ll probably go more into them later…

End

I encourage you all to try GrapheneOS sometime, or if you use an Android device, to flash it with a new operating system running FOSS. If you are not that stuffed about security and want a pro-privacy operating system than I wholly recommend CalyxOS instead. Their integration of MicroG can make transitioning with GSP dependent apps easier.

I am also trying to write about my progress from moving to a complete FOSS environment. I hope I can finish the draft soon.

>> Home