GrapheneOS is a mobile operating system which allows you to fully control your software use, removing the privacy and security-infringing influence of the big, invasive, foreign tech companies (i.e. Google, Microsoft, and Apple).
How does this compare with LineageOS?
Also I’m guessing neither will deal with the fact that I’m going to have to replace my phone because although it’s VoLTE capable, it hasn’t been provisioned for my phone model by my mobile network, it’s going to lose calling capability by the end of the year. It seems like much the same kind of artificial hardware obsolescence as forced by Microsoft with Windows 11.
I’ve seen a few projects trying to deGoggle Android devices. Aside from Graphene and Lineage, there’s;
- Replicant: Android with all proprietary software removed, and components reverse-engineered as necessary
- /e/OS: Android with non-Goggle apps, plus a suite of services, all based on Free Code,
- postmarketOS (mobile GNU, not Android)
Somehow us software freedom folks need to figure out how to make sure all working mobile devices can be supported by distros like these, and make these BYO OS easy to find and install. At least as easy as installing vanilla Ubuntu on a laptop, if not easier. If a mobile device has perfectly functional hardware, in theory there’s no reason it couldn’t keep working if someone had the resources to provide third-party support for the OS software. So how can we coordinate and resource that work?
I have 3 working mobile devices, and every one of them seems to be stuck on an unsupported Android version. Possibly because I refuse to login to the Goggle Prey Store, so I’m probably only getting critical security patches (if that). Even with the GNU/Linux experience I have, I’m yet to figure out how to install a different OS on a single Android device. So it seems to me it’s well beyond the reach of non-geeks.
But for anyone who doesn’t have the skills to install a new OS without bricking their device (and doesn’t have time to learn stuff like this), their only option is to buy a newer one. Not only is this wasteful and infuriating on a personal level, it’s massively wasteful at a societal level. There must be millions of perfectly functional computers thrown away every year for lack of software support. To their credit, the Greens put forward a Right to Repair bill to address this, but it was voted down on its second reading by the governing parties.
I’ve been using GrapheneOS for about 4 months now and I’m really enjoying it. There are a few caveats you need to be aware of before you take the plunge though, depending on the level of security you want:
Max security
Apps: don’t install any Meta, MS or Google apps. This isn’t easy if you use social media, and some apps only wok with Google PlayStore access (ASB’s banking app is one of them - that really surprised me!). Use FOSS apps instead like Organic Maps instead of Google Maps, Signal over Meta, Proton for secure and private comms/email/etc, Catima instead of Klarna… It’s a bit of a change, but you get used to it pretty quickly.
Phone/Data: get a prepay SIM so you’re anonymous ($4 for a Skinny prepay, $20 top-up) and keep flight mode on when you’re at work or home so you can’t be tracked. You can enable it so you have data access (if you don’t mind giving up you’re device’s ID/IMEI number) or use free/home/office wifi where available. Main down side is the GrapheneOS SIM is usually turned off due to flight mode, so you’re having to be selective as to when and where you allow it to run and remembering to turn it off afterwards.
Reasonable security
Just swap your current phone SIM into the new GrapheneOS phone and immediately avoid most headaches. Do you really care if your provider knows roughly where you are? If you’re up to no good, probably, but for 99% of us it’s probably fine.
Try to minimise the apps your install, find FOSS alternatives for as many as you can and reduce your Google/Meta/MS usage as much as possible.
GrapheneOS has a great Profiles feature, so you could create a Main profile that you use most of the time, a Meta profile for your Messenger and WhatsApp kind of apps, and a Google one for any Google apps or ones that need it. The down side of this being you have to change profiles to do this (quick but might get a bit annoying).
Minimum security
Use it just like your current phone. It’s still a much more secure OS and separates a lot of requests e.g. “Let [app] access your audio, images and videos?” is split into three options, so you can give it access to images and not audio or video. But at this stage you’re losing most of the benefit, so you have to ask if security and privacy are really much of a concern for you at this stage?
Bottom line
If you’re interested in privacy and security, you have to work for it. The ore secure you want your phone the more apps you have to give up/replace and the more profile or SIM management you have to do. I guess it comes down to how hard you want to work for it.
TL;DR I love my GrapheneOS phone, but still carry my old phone with me too for calls and the odd app I need/want that I’m never putting on GrapheneOS.
Hope that helps!
2 Likes
How did you install it? More importantly, perhaps, how did the gather the information necessary to understand that this was the correct install process to use?
It couldn’t have been easier to install actually - I was very surprised! I used the web-based installer in the instructions here and it did all the rest: Install | GrapheneOS
The process blew me away with how easy it was to follow and how quickly I was able to do the whole lot. Took me much longer finding FOSS apps to replace everything with, but I’m almost there. The GrapheneOS community has been great - loads of threads on their website and Reddit about common problems and solutions. So far there hasn’t been much I can’t do other than the obvious social media stuff, but I have to admit even that has a GrapheneOS version called SlimSocial that allows you to use Facebook and Messenger if you really have to/want.
I wouldn’t recommend it for everyone, as it’s a bit techie and you need to know some basic IT and security/privacy from the get-go, but if you’re a FOSS fan you’d be more than capable 
One thing worth noting is that GrapheneOS only works on Google Pixel hardware. See here
Also regarding “deGoggle Android” - now that 3g mobile service has been switched off, Samsung phones will not work with a 3rd party ROM installed due to incompatibility with samsung’s VoLTE implementation.
Is there any possibility of a technical fix for this?
I guess it is possible, but on the other hand unlikely. People have tried and had some success with a single phone model and android version, but I haven’t seen any easily usable, general solution, or it being integrated into lineageOs
See the here for one attempt, and read the final paragraph for explanation about the origin of the problem.
