Online discussion says Graphene is the most private phone OS, at the cost of some usability, but I’ve never seen anything elaborating on what capabilities are lost or made more difficult. Also, is there any information it doesn’t protect that I should know about, anything it can’t stop the phone from giving away?
It has some security features but you don’t have to use any of them, so it could just feel like stock android minus the bloatware. Don’t confuse security for “locked down.” It’s up to you how you want to configure the security settings.
The only thing is no NFC payments and the minimal chance a bank app doesn’t work. If the latter happens, use your bank’s website.
The phone can basically give anything away just like any other phone. Like I said it depends on the settings you choose but also how you use the phone.
It sounds like your research is limited to forums only and you haven’t reviewed the official documentation found on their website.
The only tradeoffs I have noticed are not GrapheneOS limitations, but apps deciding not to work with GrapheneOS. These are usually money-related apps. For example contactless payments with Google Pay don’t work because Google has decided that only phones with OSs that have an agreement with Google can use that feature. Same with some bank apps. There’s a community-sourced page keeping track of bank app compatibility: Banking Applications Compatibility with GrapheneOS | PrivSec - A practical approach to Privacy and Security
There’s also the threat of the Play Integrity API, that on its highest level, only phones with OSs that have an agreement with Google pass. So it could be that more apps start using it an lock access to whoever doesn’t pass the Play Integrity. There’s also an effort on trying to keep track of these apps too: Attestation compatibility guide | Articles | GrapheneOS
The feature you might consider a trade-off is that it comes with barely any apps, and the ones built-in are usually very basic. But you can choose to install whatever you like. You can install every Google app and get a nearly stock OS experience if you want.
I don’t think GOS offers protection for sms and phone calls. Besides who you communicate with, your location will be revealed by celltower triangulation.
1 Like
Not unless you enable airplane mode. That would mean forgoing a SIM card or at least switching back and forth between the two.
Information online about cell tower triangulation is mixed. There are some sources that say it either can’t be or simply isn’t implemented at scale, citing legal hurdles or technical impracticality, and others that talk like it’s happening with everyone all the time and someone should either do their best to address it or accept it.
What you have to understand is that cell towers inherently know the location of your device. It isn’t some capability implemented on top of the network. That it would be technically impracticable to track all devices on the network is therefore complete nonsense.
Subject article from the EFF:
2 Likes
Are there any ways to address this, besides a Faraday bag?
The best way to go about it is to simply enable airplane mode (which works properly on GrapheneOS) when possible and to use Wi-Fi. It’s very difficult for most people to never have access to data so I don’t think no SIM is a very practical approach. Just turn on data when you need it, but ideally not when on the move is my advice.
You can buy a non-KYC’d SIM as long as you recognise that still has significant limitations. As soon as you use it at home / at work it’s trivial to link to you, still marginally better than a KYC’d SIM though.
Read more in this topic: Mobile phone location tracking via cell towers - 4G vs 5G
PS: Let’s continue discussion of cellular tracking there if you have further questions.
2 Likes
I’m not seeing your point. Any phone allows airplane mode. Sim cards can be removed. E-Sims can be disabled.
I know you aren’t making the claim but this isn’t a unique feature of GOS.
See the post above your post
Downsides
- a handful of apps not working because they only work on Google-certified Android versions → need to complain to the app developers
- Google Pay not working
- Some Google cloud features which are baked into the Pixel OS (rather than AOSP) and not available as a separate app are missing in GrapheneOS, e.g. spam-filter for phone calls, photo editing with AI
the inly complaints I have are:
- Yes lack of Google Pay but my bank’s works
- RCS but that’s on Google
- Play Integrity API issues for sure but there does seem to be a workaround coming.
RCS should work if you give google messages the proper permissions. I am not so sure about 3rd party RCS implimentations though
https://discuss.grapheneos.org/d/1353-using-rcs-with-google-messages-on-grapheneos/42
even with that it didnt work for me.
My workaround is like this:
- Install an old (or oldest) Google messages version that still has RCS
- Set as default sms
- Close and force stop it, if chat features still doesn’t appear try the airplane mode and/or clear storage method
- Point is, turn on Chat features (now known RCS), verify your number and wait
- After you’re connected close the app and update Google Messages immediately
- Enjoy before it disconnects on you and having to repeat the workaround
pretty flawless for me besides no good backup solution, i hate android UI, and iMessage/Facetime cannot be replaced they r so sexy.
never assume grapheneOS is AFU proof unless your reboot timer is super short. best bet is to still turn phone off.
That’s an extreme recommendation for someone whose threat model is not that high. Why even have a phone in that case?
1 Like
iMessage/Facetime cannot be replaced they r so sexy
…Signal?
AFU phone is the downfall of many people. It’s basically guaranteed access if Cellebrite Premium is in play. GrapheneOS may present a challenge but any phone is always at risk in AFU which is why short reboot timer needed. If you aren’t interacting with your phone for awhile why does it need to be AFU? I say it falls within basic threat model especially if you are going out your way to install GrapheneOS in the first place.
No, GOS understands that users will have a wide variety of threat models and therefore allows users to set the reboot anywhere from 10 minutes to 72 hours.
You’re assuming many people will face a situation where they are confronted by law enforcement, so your statement is misleading.
2 Likes