Why YSK GrapheneOS is a step above the rest. I understand it’s ironic de-google phone/tablet with google hardware, but it just works better then anything else. Permission toggles, pin scrambling, auto-reboot, scopes, MAC randomization, isolated user profiles, longer passwords, sandboxed apps, open source firmware, no bloat & the battery life is incredible now.

I hope people understand how easy it is to move to Linux & GrapheneOS full time & remove Apple, Google, Microsoft etc. It exceeded expectations so much so that I want to share it with other people. I cannot recommend this enough to improve your life. #FOSS

  • techgearwhips@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Too bad it’s only on available on the Pixel. My pixel 6 had a terrible fingerprint scanner… And when I upgraded to the 7, it was even worse (didn’t work in the dark).

    So for now afwall+ on my rooted Moto Edge 2022 Plus gets the job done with blocking Google (and other invasive) apps.

  • MajorHavoc@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    Agreed with many others here. GrapheneOS it’s fantastic.

    A few points that haven’t been highlighted:

    • The GrapheneOS camera is fast and responsive. I haven’t had a responsive camera in several generations of Android until I installed GrapheneOS.
    • Everything is faster and more responsive on GrapheneOS. A $300.00 phone from last year running GrapheneOS responds to input like a $1000.00 phone, while keeping the longer battery life of a $300.00 phone.
    • Defense-in-depth privacy and security controls. A lot of good privacy and security defaults add up to a lot more peace of mind. Thiis phone feels like my property, not just a portal to deliver ads and collect data about me.
  • Usernameblankface@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    2 years ago

    I don’t understand most of those terms, but uh, sounds good?

    Permission toggles that mean something, battery life and no bloat ware sound great to me.

  • apotheotic@kbin.social
    link
    fedilink
    arrow-up
    0
    ·
    2 years ago

    GrapheneOS, Signal (or, I suppose, Telegram, just something E2E encrypted) and a raspberry pi running PiHole are 3 of the best investments I ever made in my day to day experience.

    • pancakesyrupyum@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      2 years ago

      I could never get my pihole to remain stable over long periods of time. Multiple reinstalls, two different pis, always issues with the network dropping or requiring both the pi and connected devices to be rebooted. A pain in the neck for a reason I’m not immediately able to figure out.

      • apotheotic@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        2 years ago

        Interesting, I basically set it and forget it and the only time I’ve ever had to interact with it again was to tweak the blacklist to block something new or allow something through

        It might be an issue with your particular cocktail of router/modem/isp/what have you - which is way harder to diagnose

  • cley_faye@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    The main reason I keep a “real” smartphone around is for banking app, that requires Google Play Protect (or whatever it is called, the thing that supposedly check around if you’re on a rooted phone). Support for this doesn’t seem there yet, which defeat the purpose.

        • darcy@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          2 years ago

          very insecure. especially if your 2fa method is on your phone as well (unfortunately many banks enforce this)

          • Virtual Insanity @lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            2 years ago

            Sounds like scare mongering.

            Why would that be any different than a PC with the 2FA app on the PC?

            Banking on suitably patched and secured phone is NOT an inherently risky activity.

            • darcy@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 years ago

              banks have old ahh security. not many support proper 2fa. but if u log in on your phone, and u do have your phone as the 2fa method, it makes no difference having 2fa. if someone gets your phone they get your banking log in and your 2fa method. its like putting totp 2fa on a computer to sign into something on the same computer. different devices for different purposes. remeber banking apps are always proprietry, so any zero day could be active right now, and we would not be the wiser. i suppose banking on a webpage on your phone is better, if you delete the cookie after.

          • FutileRecipe@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            2 years ago

            I said “average PC,” and you throw out Linux with a hardened browser. That’s not average. But how many people have Linux with a hardened browser? More importantly, how easy is that to set up compared to setting up GOS (I promise GOS is much, much easier to set up and use)?

            But if we’re going with extremes like this: no one should use banks on Linux with hardened browsers. Just go in person.

            • darcy@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              2 years ago

              installing a just-works distro (say linux mint) is just/almost as easy as grapheneos. assuming not doing dual booting (the phone is dual booting is it).

              librewolf (hardened fork of firefox) is like 2 commands on linux, or an installer wizard on windows.

              unironically the last statement is based. less technology is always more secure. we managed without it back in the day didnt we.

              im not going to say privacy and digital security is easy or one-size-fits-all or anything, we each have to make comprimises on convenience.

  • darcy@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    can confirm! grapheneos is very easy to install. love it, the only problem is the limited hardware support, but that is the fault of manufacturers not the os

  • muaveri@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    now that Fairphone is available in US they might give a shot at making GrapheneOS running on it

      • AncientMariner@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        2 years ago

        The two main features that aren’t biggies and GrapheneOS doesn’t support and they’re the deal breakers? Yeah, right…

        • B1naryShad0w@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 years ago

          Before switching OS’s I need to know if it’s compatible with the features that I value. It’s okay if you don’t value the same features as I do, but there’s no reason to be both rude and provide no useful information at the same time.

  • Pumpkinbot@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    Sounds great, especially since it’s Android-compatible. I’d have to jailbreak my phone, though, right? Always been worried to do that, myself, because I don’t want to break my phone or get cut off by my service provider.

    I might look into it on my Retroid Pocket 2+, though!

    • FutileRecipe@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 years ago

      Not sure what you mean by “jailbreak” as that’s rarely a term applied to Androids. On the phone side, you have to have a Pixel (6 and up are recommended due to increase security and longer support) and enable OEM unlocking, which requires no hacking/jailbreaking/rooting. It’s super easy to install.

      https://grapheneos.org/install/web

  • whiskers@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 years ago

    Are there any major daily driver features from Android missing here? Also are the updates usually stable?

    • FutileRecipe@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      2 years ago

      Depends on how you use your phone. Main thing I miss is Google Pay’s tap to pay (disabled by Google unless you run a Google certified OS…which Google could easily certify Graphene but won’t), but most banking apps NFC tap to pay work.

      Android Auto also doesn’t work, but I never used it. Some people might, though.

      https://grapheneos.org/features#sandboxed-google-play

      • BaroqueInMind@kbin.social
        link
        fedilink
        arrow-up
        0
        ·
        2 years ago

        which Google could easily certify Graphene but won’t

        I’m not on the Google fan bus and would be the first one here to drop Android at the drop of a hat, however, you are being deliberately deceptive here and I hate people like that: the reason it’s not certified is because Graphene devs don’t want to pay to get it certified, it’s not because Google refused to, like you are saying.

        • FutileRecipe@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          2 years ago

          I’m not being deliberately deceptive. Google absolutely could whitelist GrapheneOS if Google chose to, just like any app developer can as well by checking for the verifiedBootState with proper verifiedBootKey (GrapheneOS attestation link below).

          Now, I don’t see Google doing that as GrapheneOS doesn’t and won’t ship with Play Store, Play services, or Service Framework. GrapehenOS actually has a compatibility layer so those don’t get special and device wide privileges like they do on devices that ship with them (sandboxed link below)…which Google probably requires. And I don’t see GrapheneOS budging on this as that’s one of their main selling points for security and privacy.

          But I’m always down to learn and I’m not a developer. I don’t suppose you have a link that says the main thing that Graphene is missing is handing over money to Google to get certified, and ideally how much? If that was it, I’d be willing to bet money Graphene would’ve forked over the cash by now.

          https://grapheneos.org/articles/attestation-compatibility-guide

          https://grapheneos.org/usage#sandboxed-google-play

          • AncientMariner@lemmy.world
            link
            fedilink
            arrow-up
            0
            ·
            2 years ago

            Hi google, can you approve our phone that basically cuts your apps out and offers privacy from your mass spying operation please? Such a weird point.

            • FutileRecipe@lemmy.world
              link
              fedilink
              arrow-up
              0
              ·
              edit-2
              2 years ago

              I did acknowledge what you said by saying Google doesn’t want Graphene not including GMS stuff and won’t whitelist GrapheneOS, despite Graphene’s extra security measures. But this doesn’t change the fact that Google could…but won’t.