this post was submitted on 05 Jan 2024
43 points (100.0% liked)

Free and Open Source Software

17928 readers
14 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Hi everyone, I’m looking to possibly simply my smartphone setup. I would really love to keep it as a utility: phone, text, camera, GPS, web browser, notes, email, music player. Im think of switching to local NextCloud backup system as well. I currently have an iPhone but used to flash ROMs on Android phones, so I would be willing to do that again for more privacy options and less unnecessary changes to the OS.

I have looked a little into it, and I’m wondering about getting a couple year old Pixel and putting GrapheneOS on it. I also searched a little and came across the Purism Librem 5 that has physical kill switches and sounds neat; a little pricy but I’d be willing to pay if it lasts a while and has good privacy options.

What are your thoughts? Are there other hardware suggestions or setups that you like? The idea of FOSS is appealing because it seems like the money aspect seems to skew the priority of smartphones.

you are viewing a single comment's thread
view the rest of the comments
[–] jarfil@beehaw.org 5 points 10 months ago (1 children)

I think the only thing you will lose with GrapheneOS is tap-to-pay

If you want any banking apps, they can also refuse to run without at least microG and some Magisk trickery. Some will go as far as refuse to run if they barely find a sudo binary on an otherwise locked non-rooted phone.

[–] IcyPenguin@beehaw.org 3 points 10 months ago (1 children)

Don't root your GrapheneOS system. This site offers a great summary why it's bad. Root and Magisk are huge increases in attack surface and microG isn't recommended either, as it requires root for basic functionality. GrapheneOS has created Sandboxed Google Play services, which takes the official Google Play services binary and runs them in the normal Android application sandbox. This is more private and secure than both the implementation on the Stock OS and microG. Most banking apps work on GrapheneOS with Sandboxed Google Play services, no need for root. In fact, root decreases your chances of getting banking apps to work, because a rooted device can't pass Google Play device integrity checks (previously known as SafetyNet).

[–] GreyEyedGhost@lemmy.ca 2 points 10 months ago (1 children)

I've been pretty meh on GrapheneOS, haven't actually used it, usually lean towards LineageOS, but the sandboxed Google Play feature sounds pretty interesting.

[–] IcyPenguin@beehaw.org 1 points 10 months ago (1 children)

Unfortunately, LineageOS is pretty insecure. Worse than stock Android. https://madaidans-insecurities.github.io/android.html#lineageos

Does Lineage actually have any advantages over Graphene?

[–] GreyEyedGhost@lemmy.ca 1 points 10 months ago (1 children)

Well, it works on more than 10 phone models. The criticisms in the post are valid, certainly, but that doesn't help much if my device isn't supported.

[–] IcyPenguin@beehaw.org 1 points 10 months ago

Honestly, the stock ROM on most phones is probably better than LineageOS. I would stick to that, maybe use the Universal Android Debloater to remove some of the crap and eventually get a Pixel with GrapheneOS.