12 years ago I moved from Symbian (does anyone remember?) to Android with a sad heart and great unhappiness about the amount of private data that would be siphoned out of the device. Fortunately there was CyanogenMod, an Android Open Source Platform (AOSP) fork that removed pretty much all privacy invading extras from Android. Happiness restored! Over the years, Cyanogen morphed into LineageOS, and I’ve been using this flavor of privacy friendly Android until today. While the future for free Android forks has looked a bit dire in some years, things are much healthier these days and there are several interesting options now apart from LineageOS which do not require living on the bleeding edge. So when it came to changing smartphones once again, I decided to try out something different: GrapheneOS.
GrapheneOS – But Why?
The decision to go for GrapheneOS came from the realization that its different focus compared to LineageOS is ideal for me. Let’s compare: The mission of LineageOS is to bring a de-Googled Android to as many devices from as many vendors as possible and then try to support these devices beyond the support timeline of the original manufacturer. A cool goal that helps a lot with sustainability. The goal of GrapheneOS on the other hand is to provide an Android fork that is as secure as possible and as privacy preserving as possible on Google Pixel devices. There are claims out there that GrapheneOS is more secure than iOS in lockdown mode, and while I won’t link to any of these discussions, it’s clear where GrapheneOS wants to be in terms of security. The GrapheneOS web site goes into great lengths what is done to make the platform as secure as possible, have a look there for the details.
Limited Lifetime
A bit unfortunate, but understandable from a security point of view, GrapheneOS only supports Pixel devices that are still supported by Google, i.e. still get security updates for both Android and the firmware. Currently, that means that the ‘oldest’ device still fully supported by GrapheneOS is the Pixel 6, while LineageOS goes much further back. That’s good enough for me, because I wanted to move from a Pixel 6 to a Pixel 8 anyway, and both devices would be supported by GrapheneOS. I would have been a bit hesitant with a Pixel 6, however, as full support by Google and hence also by GrapheneOS will likely end by the end of 2026, which is not that far away. After that, only updates for major security issues will be provided by GrapheneOS. Currently, this extended support includes the Pixel 4, which was released in 2019, i.e. 6 years ago. The Pixel 8, however, seems to be mainline supported until well into 2030, so it’s a good platform for me.
Installation
Fortunately, installing a different OS on Pixel devices is a relatively painless exercise and both LineageOS and GrapheneOS are installed in the same way: Unlock the bootloader in the Android developer menu and then flash LineageOS/GrapheneOS over USB. Done!
Sandboxing
When GrapheneOS starts up for the first time, it’s pretty much empty and all icons have a black/grey/white color. Fits to Graphene! For ‘special needs’, there is a GrapheneOS app store to install a number of additional apps. In case Google Play Services are really required, they can be installed into a sandbox with a an extra insulation layer around it to reduce the impact on privacy to a minimum. One can also go ahead and install alternative app stores such as F-Droid for privacy and security friendly apps, Aurora for access to the Google Play store and even the Google Play Store app itself if that is really required. All to be run in sandboxes to reduce the outflow of personal information. Personally, I chose to install F-Droid, as I mostly use open source apps, and Aurora to get the few proprietary apps from the Google app store I chose to use.
My first impression after a week of use: The OS runs very well and the few proprietary and privacy invading apps I have chosen to install run nicely in sandboxes and are well contained. More about sandboxing in a separate post.
Banking and eSIMs are Back Again!
And there are a number of goodies I was missing on LineageOS on my Pixel 6: I can now run my banking apps again on my main smartphone, and eSIM provisioning is working again as well now.
Who Owns GrapheneOS?
One thing that is important for me to know is who ‘owns’ GrapheneOS, i.e. who are the people behind it. The answer: GrapheneOS is open source and anybody can fork it should the current organizational setup fail at some point. The current ‘setup’ is the GrapheneOS Foundation in Canada, a non-profit organization that can collect money and pay the developers working on it. A good setup to ensure that a potentially subverted mother company can’t take the project in a direction that is incompatible with the goals for maximum privacy and security. For details have a look here.
Up Next
So much for today. In a number of follow-up posts, I’ll have a closer look at particular topics such as the sandboxing, the pros and cons of containing proprietary app in Work Profile vs. Android’s Private Area, how banking apps and notifications via Firebase are handled, etc. etc. So stay tuned 🙂