Since GrapheneOS is the standard recommendation for a custom ROM on Pixel devices and comes up very often, I figured we should have a thread about it.
For those who are using it, what Pixel device are you running GrapheneOS on and how is the overall experience? What are the things that you like about GrapheneOS and what are things you miss from the factory Android install?
As for me, my curiosity got the better of me and I finally went and installed GrapheneOS on my Pixel 7a using the web installer on Arch Linux and a USB cable.
So far, nothing unexpected and I’ll have to do a bit of exploring of the OS’ security features. The OS works just fine and feels obviously way cleaner and less bloated, the annoying search widget finally went away without having to install a custom launcher. The only thing that scared me a bit in the beginning was the contacts not syncing and some purchased apps not transferring over as the sandboxed Google Play saw the device as a different one but that was solved by giving it permission to access contacts and also waiting for Google Play to do its thing. Google Camera and Google Photos also worked fine without network permissions.
I haven’t tried Google Wallet’s NFC payments yet and I have no hopes for that one to work on GrapheneOS, but that is certainly a feature I will miss.
I like learning about it, but I worry about incompatibility with apps I might need for work and school.
I might switch to it someday, just not today
I have been using GrapheneOS since the Pixel 6 came out and I have no complaints. I get regular updates, the OS is super stable and my phone is free of the pre-installed ad- and spyware.
I also remember the ridiculously easy and straight forward install, something that I wasn’t expecting since I used to tinker with LineageOS and CyanogenMod way back. It almost feels like a stock rom.
The additional security features are great, though they come with the tiny inconvenience of not having access to system files (which is obviously by design).
Overall I couldn’t be happier with it and I’ll continue to use it for as long as I can.
Thats a excellent point, which goes back on the android ecosystem not scratching this itch itself outside of google.
in the past they supported a samsung phone, and a hikey device.
https://grapheneos.org/faq#future-devices
Hardware, firmware and software specific to devices like drivers play a huge role in the overall security of a device.
Non-exhaustive list of requirements for future devices, which are standards met or exceeded by current Pixel devices:
- Support for using alternate operating systems including full hardware security functionality
- Complete monthly Android Security Bulletin patches without any regular delays longer than a week
- At least 4 years of updates from launch (Pixels now have 7)
- Vendor code updated to new monthly, quarterly and yearly releases of AOSP within several months to provide new security improvements (Pixels receive these in the month they’re released)
- Linux 5.15 or Linux 6.1 Generic Kernel Image (GKI) support
- Hardware memory tagging (ARM MTE or equivalent)
- BTI/PAC, CET or equivalent
- PXN, SMEP or equivalent
- PAN, SMAP or equivalent
- Isolated radios (cellular, Wi-Fi, Bluetooth, NFC, etc.), GPU, SSD, media encode / decode, image processor and other components
- Support for A/B updates of both the firmware and OS images with automatic rollback if the initial boot fails one or more times
- Verified boot with rollback protection for firmware
- Verified boot with rollback protection for the OS (Android Verified Boot)
- Verified boot key fingerprint for yellow boot state displayed with a secure hash (non-truncated SHA-256 or better)
- StrongBox keystore provided by secure element
- Hardware key attestation support for the StrongBox keystore
- Attest key support for hardware key attestation to provide pinning support
- Weaver disk encryption key derivation throttling provided by secure element
- Inline disk encryption acceleration with wrapped key support
- 64-bit-only device support code
- Wi-Fi anonymity support including MAC address randomization, probe sequence number randomization and no other leaked identifiers
GOS’s mission is Security and User Agency first. Fuck google doesn’t even fit into their vision statement, it just so happens user agency and fuck google align most of the time.
Yeah and most install google play anyway. It’s literally a stock Pixel phone with missing features.
In what way do you think it’s not the same? Or are you only referring them running as user apps?
literally a stock Pixel phone with missing features
Does the stock Pixel operating system have a network permission toggle that can limit any app’s access to the internet pre- or post-install?
Does the stock Pixel OS have storage scopes or contact scopes, both of which give you granular control over what data an app can see/access?
Just like you can have Linux and proprietary stuff like Steam on it. It isn’t really contradictory, the whole issue is about choice and controlled privacy. When you install an app through the Sandboxed Google Play, you not only don’t have to deal with the Play background services anymore, but as Redoomed mentioned you also get more fine-grained control of what the installed app can and cannot do. Even proprietary stuff should be more secure in theory since among other things they reroute malloc calls to their hardened versions.
With the factory Android install you don’t have that much control and you can see that on the first boot as you’re from the start stuck with the ugly Google search bar on the home screen with no way to remove it other than installing another launcher.
still using my pixel 3a XL, graphene was great until suddenly it wasnt. As soon as google drops support for the device you’re on your own. Most of the apps still get updated but the OS no longer gets security updates, which is understandable but unfortunate.
It seems CalyxOS still offers extended support for your phone until August 2024 (see https://calyxos.org/docs/guide/device-support/ )
This is just to give people an opportunity to move off of the device.
Once this happens, and the phone is no longer getting hardware security patches, graphene OS and calyx OS both drop support for the device, with the exception of fair phone… were they pretend they’re getting hardware security patches but they’re not. That’s a separate discussion
For a device with no hardware security patches, you can run lineage OS, with an unlocked bootloader which isn’t great… or divest OS DOS… which locks the bootloader, but strips out a lot of the Google services. It might be a more extreme environment than you want, lineage might be the sweet spot of usable but not secure.
I have a pixel 3A as well, and I went through this exact same thing. My only complaint with graphene OS in this scenario is they should have pop-up notifications when support is being discontinued, so that you know you need to start migrating.
I only really noticed when I thought, hey I haven’t installed a operating system update in a long time… That’s not great.
Google Pay incompatibility is certainly a tough pill to swallow. Other than that is Google Maps working fine ? What about Android Auto? I’m definately interested to go this route.
Can’t speak about Android Auto, maybe someone else can chip in, but Google Maps works perfectly well.