I know that for most people, Graphene works fine. I’ve just had way too many personal experiences with Pixel devices failing, both hardware and software, and I’m not willing to run one as my device. I’ve been on Samsung for the last few years because of this.
I just got Immich set up, which means that the VERY last Google service I’m using is Android with Google/Samsung junk on it. I’m wanting to replace it, but it looks like Graphene doesn’t run on non-Pixel devices. I see some alternatives, such as Lineage OS (which appears to be extremely popular), and DivestOS work with non-Pixel phones. Are they as private? And are they as easy to set up and get running? And also important to me, do the cameras work pretty well still after using those operating systems? The one time I did use Graphene, the camera performance was pretty poor compared to iPhones, and even my blurry Samsung photos turned out better a lot of the time.
I would much rather go the route of a custom Android ROM than iPhone, but I wanted to get some feedback first.
I would suggest to reconsider using a Pixel or go with an iPhone.
I think nobody here would suggest otherwise, DivestOS is gone and Lineage is miles away and make no sense if it’s not for extending life of an old unsupported device.
If you search on the forum you’ll find many discussions about that.
The camera performance on GOS is exactly the same as on stock, you can even use Gcam with all the perks.
It can be as private as Graphene OS if no Google services are installed. Difference is that the former lacks a strong security model because of its unlocked bootloader.
If your threat model involves:
Counter-forensics
Sensitive professional work
Malware exposure
You should consider installing Graphene OS instead. If you want the camera to work better, you can install GCam (Google’s default camera app) and revoke its network permissions.
Otherwise, Lineage OS is a great option for a secondary device, not a primary one.
Yeah same with me and my siblings we only use Lineage OS for most of our android devices and couldn’t bought a pixel do to their incompatibility with ksa SIM cards
Did you use the GOS integrated camera app or the Google camera app?
I would recommend to just use Googles official camera app without network permission.
Apart from the not so easily fixable parts like blobs, you can reduce at least some connections to Google via ADB shell.
E.g. these commands change the captive portal connectivity check from Google to another server, in this case the one from German security researcher Mike Kuketz:
adb shell settings put global ntp_server [server URL]
Verify via:
adb shell settings get global [variable from above]
You can also edit the build.prop file and insert DNS settings there, as well as well as adding the NTP server and commenting out any variable referencing Google in the GPS.conf, but I don’t know if there’s any benefit.
You’ll need to adb pull/push the specific file from/to their respective folders.
All of this needs to be reapplied after each update.
There surely are ways to automate it via compatible recovery menu and a Magisk survival script for example (or any post-boot script), but these exceed my abilities.
At least the first commands can be copied and sent all at once (with line breaks), only the file modifications are a bit tedious.
Also, there isn’t much won by the above, but at least it should work on any OS.
I don’t think so, in Pixel stock Google camera is the default camera app. If you use Gcam on GOS you’ll have the same features like portrait mode, night vision, HDR, etc. and you can run it without google services and internet permission.
But the unlocked bootloader only is a threat physically yes if someone has access to your device they can install some malware on it. What if I installed Lineage OS without any Gapps or Micro G?Does that make it close to graphene without with sandboxing and without the day 1 security updates? Thank you