Thanks for sharing. For someone who is not so well versed in these technicalities, what does that mean for the user? That you’re more susceptible to fraud and hacking and malware?
From a user’s perspective, when you install an app, you can:
Determine if that app is allowed to access the internet.
If it needs access to your contacts, you can share which of your contacts, it can see (or none at all)
If it needs access to your files, you can determine which files/photos/music it sees (or none at all, but the application still believes it has access to everything)
There are a bunch of other, security features it provides, but from a “normal user” experience, the ability to take control of your data is probably one of the most impactful.
It is possible to do similar things with other CFW, but AFAIK, graphene is the only one to cleanly integrate it as a polished feature of the ROM.
I think it still supports Google. If someone wants a Pixel and one less is available second hand, thats one more person buying it in store. Probably not 1:1 relationship there, but still.
You would choose it for security hardening in general. E.g. it is harder for malware to infect, harder for unauthorized parties to gain access to data when the phone is locked, etc.
Basically GrapheneOS is for people worried about law enforcement or some state actors trying to access their phone using some commercial tools or 0 day exploits. It’s useful for journalist, lawyers, activists and so on.
Average users don’t really have to worry about those things. It’s unlikely that someone will try to hack you using such tools, you most probably don’t have any data wort protecting and it’s quicker and easier for you to just unlock your phone than to spend days/weeks/months in jail trying to protect your data.
What average user should care about is removing Google from their phones and blocking trackers. Other ROMs like iode also come without Google and have better tools than GrapheneOS for blocking trackers. They are as secure as any other Android phone.
Average users don’t really have to worry about those things.
That’s true, until it isn’t. What’s legal and moral now can change in a flash. Having a phone that’s resistant to software infiltration isn’t a bad thing.
What maskes you want Graphene over e/OS? I’m not so familiar with how they feel.
Graphene modifies AOSP for much more security.
E.g.
I dont think e/OS is as security oriented, more privacy oriented
Thanks for sharing. For someone who is not so well versed in these technicalities, what does that mean for the user? That you’re more susceptible to fraud and hacking and malware?
From a user’s perspective, when you install an app, you can:
There are a bunch of other, security features it provides, but from a “normal user” experience, the ability to take control of your data is probably one of the most impactful.
It is possible to do similar things with other CFW, but AFAIK, graphene is the only one to cleanly integrate it as a polished feature of the ROM.
edit: fix formatting
I see, and it can’t be installed on Fairphone?
No, the Graphene developers insist on hardware functionality that is not present on the Fairphone.
No, currently only on Pixels. Plans to support another future platform exist.
Hmm, in mean time I prefer buying Fairphone over supporting Google.
I prefer secure systems. Buy used/refurbished for not supporting Google.
I think it still supports Google. If someone wants a Pixel and one less is available second hand, thats one more person buying it in store. Probably not 1:1 relationship there, but still.
You can buy second hand! Backmarket, Ebay, Facebook Marketplace, Craigslist.
A big thing is gOS not using JIT compiling. So, app updates are pretty slow but this kills a lot of malware exploits.
https://grapheneos.org/features#exploit-mitigations
So if I were to choose graphene over eOS it would mainly be to be more protected from malware?
You would choose it for security hardening in general. E.g. it is harder for malware to infect, harder for unauthorized parties to gain access to data when the phone is locked, etc.
Basically GrapheneOS is for people worried about law enforcement or some state actors trying to access their phone using some commercial tools or 0 day exploits. It’s useful for journalist, lawyers, activists and so on.
Average users don’t really have to worry about those things. It’s unlikely that someone will try to hack you using such tools, you most probably don’t have any data wort protecting and it’s quicker and easier for you to just unlock your phone than to spend days/weeks/months in jail trying to protect your data.
What average user should care about is removing Google from their phones and blocking trackers. Other ROMs like iode also come without Google and have better tools than GrapheneOS for blocking trackers. They are as secure as any other Android phone.
That’s true, until it isn’t. What’s legal and moral now can change in a flash. Having a phone that’s resistant to software infiltration isn’t a bad thing.