Graphene OS is not a good source of information.
They’re not a good source of information on Android security? Granted, they’re not perfect, but they are one of the leading teams in terms of Android security. I call BS on anyone calling GrapheneOS a bad source of information for Android security lol.
News regarding vulnerabilities reported to Google and physical attack roadmap
Improvements to factory resets by Google due to reports by GrapheneOS
The main thing they have going against them is the currently small list of apps, and it won’t grow unless people become aware of it and ask devs to put their apps there.
As for “not as open,” can you clarify what you mean? Yes, Accrescent does have “certain minimum requirements for all apps submitted to it to ensure the privacy and security of its users.” Is that what you mean,to loosen that? https://accrescent.app/docs/guide/appendix/requirements.html
Or “just get it from Accrescent and be done with it?” Are you implying if you get it from Accrescent, you’re somehow not done with it? Sorry, I don’t follow your logic.
Also, no thanks on F-Droid as GrapheneOS recommends against and there are multiple security issues:
F-Droid has far too many security and trust issues for us to recommend it. The vast majority of apps in the official F-Droid repository are built on their sketchy infrastructure and signed with their own keys. We’re concerned about a future mass compromise of F-Droid users.
A grapheneos community member is just a random person
A random person that is mentioned specifically by the official GrapheneOS account, not to mention that GrapheneOS has said Accrescent is their recommended app store above F-Droid. Maybe Accrescent dev is not a GrapheneOS core dev, but still a step up, with more credibility, than just “a random person.”
about which distro to use and got a range of suggestions but none of them were arch.
I think Debian is usually the strongest contender here.
Organic Maps is also available via https://accrescent.app/ which is developed by a GrapheneOS community member and even hosted in the GrapheneOS App Store.
Accrescent is a private and secure Android app store built with modern features in mind. It aims to provide a developer-friendly platform and pleasant user experience while enforcing modern security and privacy practices and offering robust validity guarantees for installed apps.
Accrescent comes from within the GrapheneOS community and we’re collaborating together.
I’d love to have working NFC pay
NFC works. NFC payment is dependent on the app as some block those that fail Play Integrity / Google certification. Google Wallet / Pay does not work for payment because Google blocks it.
Anker Prime Charger (250W, 6 Ports, GaNPrime): $169.99 but there’s a $30 code that shows up for me, which brings it to one penny below your $140 too steep threshold.
Do you have Google services installed? I use MicroG…
Yes, I have Google Plays Services, Google Services Framework, and the Google Play Store installed, which are all sandboxed. MicroG isn’t supported by GrapheneOS.
Nope, nor do I intend to. GrapheneOS frowns upon rooting and modifying the system as it typically widens your attack surface. I’m not using a secure OS then going around to purposefully make it less secure.
but I’m concerned RCS is going to become a deal break for me
For what it’s worth, I have RCS working with GrapheneOS. I don’t think I did anything special, but it did take awhile. I did see stuff on their forum about others having a bigger issue with it, though.
And of course, I prefer Signal, where possible.
Even just being rooted on the stock Pixel rom is a fight.
That, I can see being more of an issue than an unmodified, trusted 3rd party OS. If I remember right, rooting makes the device fail Verified Boot:
It establishes a full chain of trust, starting from a hardware-protected root of trust to the bootloader, to the boot partition and other verified partitions including system, vendor, and optionally oem partitions.
https://source.android.com/docs/security/features/verifiedboot
I’ve got old apps that won’t work any more.
I’m actually for this. The bar to entry for the Play Store is too low with too many low quality and unmaintained apps. I’m all for booting insecure and super old apps. They cheapen the ecosystem.
I’m holding out for the 10. The 8 added mirrored display (so you can mirror your screen on a monitor… I’d rather this come with the Pixel Tablet 2 and the Pixel Tablet skipped it form some reason) and MTE, which GrapheneOS says is the most significant addition to security since they’ve started the OS. If those come with the 10, not to mention the 10 is supposed to have Google’s inhouse chip and not Samsung’s…yep, I’m upgrading.
Do you pass play integrity?
GrapheneOS, and other non-OEM OSes, do not. It’s kinda the whole point of the article/OP I linked.
I’ll have to make do with a secondhand 7 pro
Ouch, that hits me right in the 7Pro feels lol. Make do, indeed, lolol.
I could see things as simple as…
Last I heard, the McDonalds’ app doesn’t work, of all things.
https://discuss.grapheneos.org/d/9123-the-mcdonalds-app-doesnt-work/
I don’t even use proprietary apps so most if the “security features” aren’t even useful to me
So only proprietary apps may have malware? Malware aside, only proprietary apps may have bugs that can be exploited? And all nonproprietary apps are perfectly safe? But seriously, there is so much wrong with that thinking.
Apps aside, GrapheneOS protects the actual OS and is kept up to date, much quicker than pretty much any other variant.
It is overly complex for no benefit to me.
What’s overly complex? Contact and storage scope I mentioned? You don’t have to use it. Separate profiles for work I mentioned? Again, don’t have to use it. GrapheneOS is one of the closest OSes to AOSP that I’ve seen. You could even just install the Play Store (which is in a sandbox by default, with no root, and you don’t have to do anything to specify that), only use the owner profile, and you get all of the security benefits with no extra work. You introducing F-Droid and using all nonproprietary apps is more complex than GrapheneOS out of the box.
Graphene sucks the life of android in my humble option.
What’s not “fun” or lifeless about it? It’s a phone. I use it exactly as I would a normal Pixel, with the exception of having the convenience of Google Wallet.
Everything is about security with anything else being second.
Would you rather it be all about fun/having life with everything else being second? That doesn’t sound safe. And I’m still confused about you saying it having no life.
I will say what I do differently vs a normal Pixel, is I use the storage scopes and lock certain apps to certain folders as well as contact scopes to lock certain apps to only see certain people. I don’t use my phone for work, but if I did, that would be a separate profile/user.
And I detest tipping culture, though I of course don’t fault the wait staff. I’d rather go to a local joint that pays its people appropriately…which are hard to find, admittedly.