- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
GrapheneOS / Pixel
Posted on 9/11/23 at 4:43 pm
Posted on 9/11/23 at 4:43 pm
As we continue to de-google our lives, next major step is coming fast. Ditching Samsung, currently using S21 Ultras, but the battery life is starting to wane to about 60% of new, so they are next on the chopping block. Since the Pinephone64 is still not ready for prime time, we are considering jumping to Pixel 6 or 7, but immediately dumping the OS for GrapheneOS.
Anyone else running this have any thoughts to share?
Thinking I might need to just buy one and add a line to my Verizon account to test drive for a bit, I don't mind a few glitches/workarounds, but might save a few headaches before I try to migrate the Mrs over.
Anyone else running this have any thoughts to share?
Thinking I might need to just buy one and add a line to my Verizon account to test drive for a bit, I don't mind a few glitches/workarounds, but might save a few headaches before I try to migrate the Mrs over.
2
Posted on 9/12/23 at 8:13 am to dakarx
Graphene is a fully functional and well polished ROM. You even get to relock the bootloader after installing. I liked it for the most part but going google free is tough. It wasn't worth it for me so I went back to standard android on the Pixel and just disable on the google apps I dont use. I have verified they are no longer communicating via my network monitoring. It is the best compromise for myself.
Posted on 9/12/23 at 1:37 pm to dakarx
I ran a Pixel 6 with GrapheneOS for a little less than a year. It was my first Android phone, as I had the very first iPhone and stuck with iOS forever since until then. I felt the iPhone platform had become stagnant and I wanted to spice things up and have more fun messing around with my phone. My goals were to experience a platform with more software freedom outside of iOS limitations and to run a no-compromises, privacy- and security-first mobile OS.
This may seem like an odd tangent but the first thing to note is that GrapheneOS pretty much is just Daniel Micay. He's a controversial polarizing figure. I spent months in the Graphene Matrix chat room trying to figure him out, and the best conclusion I can come up with is that he is some kind of paranoid schizophrenic or something. There's a bit of an odd war between GrapheneOS and CalyxOS, and Daniel Micay constantly questions people's motives and if they're really part of the Calyx conspiracy. He accuses them of brigading and attacking the GrapheneOS community but he himself organizes brigades against them in his Matrix chat rooms. He comes off unhinged as hell, but GrapheneOS is by far the only legitimate aggressively secure ROM for Android and Calyx is nowhere close. Graphene is a true security-first hardened AOSP whereas Calyx is just AOSP with a bunch of privacy-related pack-ins, many of which actually increase the attack surface of the OS. The conspiratorial part of me wonders if the CIA is doing some kind of operation to discredit Micay or something. Nicholas Merrill, founder of Calyx, has a history of being the first person to be hit with a National Security Letter and gag order under the Patriot Act and suing over it, so it's not entirely out of the realm of this shite. But in the end, maybe a paranoid schizophrenic is exactly who you want writing your security-conscious software?
-- Anyway, as for the actual GrapheneOS. From the beginning I quickly realized I can't have everything I want. A lot of the cool hacking Android stuff requires root which essentially becomes a compromise on the security-first aspect of the experiment. Using F-Droid itself is a security concern. Much of the software on there is targeting old less secure API levels. GrapheneOS folks recommend to use Google Play store instead, but now we're compromising on privacy for security. You can use Aurora to anonymize access to Google Play Store, but it doesn't work for all apps and you're being reliant on Google still. If you want a paid app, you're gonna have to use the normal Google Play Store and jump through a bunch of hoops with VPNs and gift cards if you want true pure anonymity. In the GrapheneOS chat there was talk about making a new, secure alternative to F-Droid, but I don't know if that ever came to anything beyond the app that Daniel built to update and manage the Graphene built-in apps. In the end, I chose to have a mostly security-first approach at the expense of privacy and convenience, and I used a mix of Aurora, Google Play, and F-Droid, depending on the app I wanted to install.
And it's pretty much necessary to sacrifice that degree of privacy anyway, as a large amount of apps require Google services. You now just get to somewhat mitigate their access to your data by sandboxing Google services into having to play by the same rules as other apps, but you're still reliant on Google services in the end.
As for app compatibility... I found that almost everything worked fine.... until you get to the most critical apps. My wife and I took a trip to North Carolina and I ended up having her use her iPhone for our boarding passes because I couldn't get the wallet app to work correctly on my Pixel with GrapheneOS. On a different trip, the Hilton Hotel app worked great except the NFC digital key randomly stopped working sometimes, so I assigned it to my wife's phone instead and I had to go to the front desk and get a physical key for my wallet. My CapitalOne banking app always worked great until I made the mistake of updating it while on that trip: it never, ever worked again. Ever. We got stuck with a crowd outside of Camping World Stadium in Orlando for over an hour waiting for rideshares after a concert, and I wasn't entirely sure the browser version of Uber was working correctly, so I ended up having my wife use Uber on her iPhone instead.
So after like 10 months of using GrapheneOS exclusively as my mobile OS, I came to the following realizations:
1. Much of the fun hacking stuff you can do with Android that you can't do on iOS has a lot of security implications, which in turn affects app compatibility (like banking apps), so there wasn't a significant tech/fun advantage
2. Purely from a security hardened perspective, GrapheneOS is far beyond any other Android ROM, but even Daniel Micay himself believes iOS has a superior security model, so no security advantage
3. It doesn't matter which OS you choose, to use your phone practically and conveniently you're going to need to participate in Google and/or Apple ecosystems, so no real privacy or big tech-independence advantage
Everything was a series of compromises. When you add to that the idea that I didn't feel I could rely on my phone and the fact that everyone in my close and extended family are in the Apple ecosystem, and for the past 10 months I was using BlueBubbles with a macOS server relay to iMessage using my Pixel 6, I ended up going back to using my iPhone 12. I decided I don't need my phone to do anything special and embraced it simply being a reliable dumb appliance once more. That's not to say that I didn't enjoy Android, though, I felt defeated switching back to iOS and I missed some of the features on Android. I thought it would be fun to keep as a secondary device for other purposes than a primary phone, so I still own it, but it's gotten no real use so I didn't keep a line for it.
This may seem like an odd tangent but the first thing to note is that GrapheneOS pretty much is just Daniel Micay. He's a controversial polarizing figure. I spent months in the Graphene Matrix chat room trying to figure him out, and the best conclusion I can come up with is that he is some kind of paranoid schizophrenic or something. There's a bit of an odd war between GrapheneOS and CalyxOS, and Daniel Micay constantly questions people's motives and if they're really part of the Calyx conspiracy. He accuses them of brigading and attacking the GrapheneOS community but he himself organizes brigades against them in his Matrix chat rooms. He comes off unhinged as hell, but GrapheneOS is by far the only legitimate aggressively secure ROM for Android and Calyx is nowhere close. Graphene is a true security-first hardened AOSP whereas Calyx is just AOSP with a bunch of privacy-related pack-ins, many of which actually increase the attack surface of the OS. The conspiratorial part of me wonders if the CIA is doing some kind of operation to discredit Micay or something. Nicholas Merrill, founder of Calyx, has a history of being the first person to be hit with a National Security Letter and gag order under the Patriot Act and suing over it, so it's not entirely out of the realm of this shite. But in the end, maybe a paranoid schizophrenic is exactly who you want writing your security-conscious software?
-- Anyway, as for the actual GrapheneOS. From the beginning I quickly realized I can't have everything I want. A lot of the cool hacking Android stuff requires root which essentially becomes a compromise on the security-first aspect of the experiment. Using F-Droid itself is a security concern. Much of the software on there is targeting old less secure API levels. GrapheneOS folks recommend to use Google Play store instead, but now we're compromising on privacy for security. You can use Aurora to anonymize access to Google Play Store, but it doesn't work for all apps and you're being reliant on Google still. If you want a paid app, you're gonna have to use the normal Google Play Store and jump through a bunch of hoops with VPNs and gift cards if you want true pure anonymity. In the GrapheneOS chat there was talk about making a new, secure alternative to F-Droid, but I don't know if that ever came to anything beyond the app that Daniel built to update and manage the Graphene built-in apps. In the end, I chose to have a mostly security-first approach at the expense of privacy and convenience, and I used a mix of Aurora, Google Play, and F-Droid, depending on the app I wanted to install.
And it's pretty much necessary to sacrifice that degree of privacy anyway, as a large amount of apps require Google services. You now just get to somewhat mitigate their access to your data by sandboxing Google services into having to play by the same rules as other apps, but you're still reliant on Google services in the end.
As for app compatibility... I found that almost everything worked fine.... until you get to the most critical apps. My wife and I took a trip to North Carolina and I ended up having her use her iPhone for our boarding passes because I couldn't get the wallet app to work correctly on my Pixel with GrapheneOS. On a different trip, the Hilton Hotel app worked great except the NFC digital key randomly stopped working sometimes, so I assigned it to my wife's phone instead and I had to go to the front desk and get a physical key for my wallet. My CapitalOne banking app always worked great until I made the mistake of updating it while on that trip: it never, ever worked again. Ever. We got stuck with a crowd outside of Camping World Stadium in Orlando for over an hour waiting for rideshares after a concert, and I wasn't entirely sure the browser version of Uber was working correctly, so I ended up having my wife use Uber on her iPhone instead.
So after like 10 months of using GrapheneOS exclusively as my mobile OS, I came to the following realizations:
1. Much of the fun hacking stuff you can do with Android that you can't do on iOS has a lot of security implications, which in turn affects app compatibility (like banking apps), so there wasn't a significant tech/fun advantage
2. Purely from a security hardened perspective, GrapheneOS is far beyond any other Android ROM, but even Daniel Micay himself believes iOS has a superior security model, so no security advantage
3. It doesn't matter which OS you choose, to use your phone practically and conveniently you're going to need to participate in Google and/or Apple ecosystems, so no real privacy or big tech-independence advantage
Everything was a series of compromises. When you add to that the idea that I didn't feel I could rely on my phone and the fact that everyone in my close and extended family are in the Apple ecosystem, and for the past 10 months I was using BlueBubbles with a macOS server relay to iMessage using my Pixel 6, I ended up going back to using my iPhone 12. I decided I don't need my phone to do anything special and embraced it simply being a reliable dumb appliance once more. That's not to say that I didn't enjoy Android, though, I felt defeated switching back to iOS and I missed some of the features on Android. I thought it would be fun to keep as a secondary device for other purposes than a primary phone, so I still own it, but it's gotten no real use so I didn't keep a line for it.
Posted on 9/13/23 at 5:30 am to efrad
Thanks for the input (and miles of text!!). I do appreciate it!.
Think I will hunt around and pick up a used 6 and adding another line to play with it first and try it out as a daily driver.
I lean far more towards security and controlling data exfiltration over cellular than I am for apps, I really don't have or use more than a few. As long as my OpenVPN software works I can control/limit most (I'm never really off my local network routing everything through my VPN when off prem). This gives me access to my own 'cloud' services, password vaults, security systems, cameras, servers, etc. It works well, not perfect, some things like outbound MMS tends to queue pics but not send.
Think I will hunt around and pick up a used 6 and adding another line to play with it first and try it out as a daily driver.
I lean far more towards security and controlling data exfiltration over cellular than I am for apps, I really don't have or use more than a few. As long as my OpenVPN software works I can control/limit most (I'm never really off my local network routing everything through my VPN when off prem). This gives me access to my own 'cloud' services, password vaults, security systems, cameras, servers, etc. It works well, not perfect, some things like outbound MMS tends to queue pics but not send.
Posted on 9/16/23 at 6:17 am to efrad
Thanks for the very detailed response. I think you just saved me from wasting a lot of time.
This post was edited on 9/16/23 at 6:18 am
Posted on 9/16/23 at 5:59 pm to efrad
I bought a pixel 6 when it came out with grapheneos in mind because I really dislike the surveillance landscape we all live in, and immediately installed graphene when I got the phone. After about a year, I gave it all up and went back to stock pixel for essentially everything you mentioned.
I found myself installing almost everything from Aurora or the play store itself because the open source alternatives to most things just aren't even close. At some point I realized I wasn't doing myself any good and even missed some of Google's features like call screening and decided to switch back.
I still don't like the corporate surveillance we all live through but I can't deny how much I rely upon the conveniences on the other side of it. It feels like a deal with the devil but SO hard to not do the deal.
I found myself installing almost everything from Aurora or the play store itself because the open source alternatives to most things just aren't even close. At some point I realized I wasn't doing myself any good and even missed some of Google's features like call screening and decided to switch back.
I still don't like the corporate surveillance we all live through but I can't deny how much I rely upon the conveniences on the other side of it. It feels like a deal with the devil but SO hard to not do the deal.
This post was edited on 9/16/23 at 6:00 pm
Posted on 9/18/23 at 8:08 am to Hulkklogan
(no message)
This post was edited on 9/18/23 at 6:24 pm
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News