I wouldn’t use Graphene OS personally since they refuse to accept negative press or the fact there may be alternatives. It is all about Graphene OS and how Graphene OS is grand. Don’t you dare criticize or use your device in a way they don’t endorce. I’m not even sure they would be willing to admit if there was a serious flaw in Graphene OS.
With that being said, I think Linux and AOSP have made a lot of progress in the right direction. Just because I don’t like the Graphene OS team doesn’t mean that some of there techniques can’t be applied outside of Graphene OS. Android and the Linux kernel have bith seen significant improvements in security.
Graphene OS will not work for everyone. It also only supports a handful devices even thought there are other devices that support bootloader relocking. Graphene has decided to instead frame everything that isn’t a Pixel running Graphene as universally bad.
I agree, Graphene is not for everyone, and what you wrote is a perfectly fine opinion when it comes to privacy- and security-focused daily driver OS’s for smartphones. If you’re a protester or a journalist though, it’s all or nothing. There are no alternatives, no compromises that can be made. If you use a smartphone you are at risk, even if it’s a Pixel with GrapheneOS.
Graphene has decided to instead frame everything that isn’t a Pixel running Graphene as universally bad.
They did say on several occasions that they would support other phones if they weren’t locked down (Samsung) and commended the security of upcoming Mediatek and Qualcomm chips.
I’m not sure I would even recommend it for a journalist. There are better tools for desktop and having basic opsec will go way farther than any tool. It also doesn’t support MicroG which is a deal breaker for me.
the debate on microg v sandboxed GPS is not settled tho
for example with sandboxed GPS you have option to cut network connection to GPS both store and service and maintain functionality of most apps
while with microg you are still pinging google with the spoofed identity
furthermore, microg is generally used in deployments like lineageos which is inherently insecure while buying decently private because bootloader is not locked unless it is pixel and because it is running in debug mode.
I think calyx upgrades on this decently from OS perspective.
Nobody should be going to a protest with their MF bootloader unclocked, bottom line.
GrapheneOS also has several hardening upgrades deployed through out the OS that is lacking in stock android. This upgrades are critical if your concern are state actors who have access to the best and freshest zero days sometimes know as backdoors depending on who you talk to.
I wouldn’t use Graphene OS personally since they refuse to accept negative press or the fact there may be alternatives. It is all about Graphene OS and how Graphene OS is grand. Don’t you dare criticize or use your device in a way they don’t endorce. I’m not even sure they would be willing to admit if there was a serious flaw in Graphene OS.
With that being said, I think Linux and AOSP have made a lot of progress in the right direction. Just because I don’t like the Graphene OS team doesn’t mean that some of there techniques can’t be applied outside of Graphene OS. Android and the Linux kernel have bith seen significant improvements in security.
Graphene OS will not work for everyone. It also only supports a handful devices even thought there are other devices that support bootloader relocking. Graphene has decided to instead frame everything that isn’t a Pixel running Graphene as universally bad.
Graphene OS ex main leader stepped down as he was getting death treats and was struggling with some mental problems
PS: info might not be entirely true
He is still involved but I would also like to point out that the problem is more than just him.
I agree, Graphene is not for everyone, and what you wrote is a perfectly fine opinion when it comes to privacy- and security-focused daily driver OS’s for smartphones. If you’re a protester or a journalist though, it’s all or nothing. There are no alternatives, no compromises that can be made. If you use a smartphone you are at risk, even if it’s a Pixel with GrapheneOS.
They did say on several occasions that they would support other phones if they weren’t locked down (Samsung) and commended the security of upcoming Mediatek and Qualcomm chips.
I’m not sure I would even recommend it for a journalist. There are better tools for desktop and having basic opsec will go way farther than any tool. It also doesn’t support MicroG which is a deal breaker for me.
the debate on microg v sandboxed GPS is not settled tho
for example with sandboxed GPS you have option to cut network connection to GPS both store and service and maintain functionality of most apps
while with microg you are still pinging google with the spoofed identity
furthermore, microg is generally used in deployments like lineageos which is inherently insecure while buying decently private because bootloader is not locked unless it is pixel and because it is running in debug mode.
I think calyx upgrades on this decently from OS perspective.
Nobody should be going to a protest with their MF bootloader unclocked, bottom line.
GrapheneOS also has several hardening upgrades deployed through out the OS that is lacking in stock android. This upgrades are critical if your concern are state actors who have access to the best and freshest zero days sometimes know as backdoors depending on who you talk to.