PullPantsUnswornAug 16, 2024

Switched to GrapheneOS today

https://lemmy.ml/post/19210475

Switched to GrapheneOS today - Lemmy

After using LineageOS for long time, I have finally moved to GrapheneOS. I use a lot of banking and financial apps which I never felt comfortable using on LineageOS due to lack of proper sandboxing, unlocked bootloader etc. GrapheneOS works flawlessly just like Android. You don’t even notice there’s hardening underneath. Also it protects from Google’s evil location tracking using WiFi/Bluetooth or even when the Location is turned off. I don’t understand how people in general are comfortable with Google tracking all the time. You can use Google Play and Play Services in a sandbox that works just like regular installation, but without deep tracking. If you haven’t tried GrapheneOS, try it. You won’t go back to regular Android.

Show threadcmheAug 16, 2024

I would like to switch, but there are a couple of points that are still holding me back right now:

  • Charge limits, on LOS I can root the phone, install ACC and still use the OTA updates, if I apply the patch afterwards.

  • Option for sandboxed MicroG, IMO privacy is also very important for security, and people should be able to decide if they like more privacy or more security.

  • Option for rooting sandboxed apps from outside. IMO I, and a person, like to have full control over my phone. Trust often comes with control. If I choose to trust one app to have root access to another app in order to inspect it, then this should be possible. Sandboxing could allow one app to have root access to individually chosen other apps, thus limiting the impact compared to system-wide root access.

Show threadnotfromhereAug 16, 2024
What are you contemplating switching from? Does your current OS meet those criteria?
Show threadcmheAug 16, 2024

I am currently using a rooted LOS with MicroG. It certainly is not as secure as GrapheneOS in terms of app sandboxing, encryption, regular security updates, etc., but I have control of the system, in case I need it, for instance ACC, F-droid privilege extension (F-Droid auto updates), ReVanced Manager (not using it currently) etc.

I trust GrapheneOS much more than Apple, but both go into a similar direction with their understanding of security. IMO taking control away from the user might be a good option, if you are dealing with just regular consumers, but I don’t really like the “one-size-fits-all” approach of it. And it is my device, I should be allowed to decide what I want to do with it.

BTW, this is just a personal annoyance of mine. The GrapheneOS devs do a very good job.

Show threadnotfromhereAug 16, 2024
I didn’t realize GrapheneOS limited control like that. Thanks for sharing!
Show threadthayerAug 16, 2024
They don’t.
Show threadiheartneopets
Would you mind elaborating?
Aug 16, 2024 at 2:38pmWeb
Show threadthayerAug 16, 2024

Sure, like I said above, GOS doesn’t at all prevent you from rooting the device. They only discourage it from a security point of view. Regarding MicroG, I’ve never had need for it myself but I’ve read many other posts over the years from users who have installed it on GOS in lieu of Graphene’s own implementation.

I would argue that overall GrapheneOS provides more control over the OS than some other Android-based operating systems.

Show threadiheartneopetsAug 16, 2024
Very interesting, thanks!