alt.hn

1/17/2025 at 6:39:04 PM

GrapheneOS: Private and secure mobile OS with Android app compatibility

 https://grapheneos.org/

by saikatsg

1/18/2025 at 1:21:13 AM

Despite it probably not being a use case that was considered in development, the thing I’ve found Graphene to be excellent for is actually managing a young child’s first tablet. Give them access to a small handful of learning and education focused apps, maybe a semi-educational creative game like minecraft, the camera app and a drawing app with a stylus. Then completely disable external comms like phone, messaging, browser, notifications. You can have a separate admin acct for device management and give that account the ability to load apps and toggle functionality.

This would probably work great for older non-techie relatives’ tablets as well.

iOS is very much not built with this level of multi account fine-grained permissions in mind.

by pixelready

1/17/2025 at 7:42:13 PM

Great project. The stability and smooth updates and ease of installing are all excellent.

by ar-jan

1/17/2025 at 11:34:11 PM

I really really really want to love GrapheneOS, but the Pixels are just not very competitive devices. What make a Pixel standout is google smarts. Without all that stuff, you have a generations behind slow processor, a meh set of camera sensors, a smaller battery, and an unremarkable screen (edit: that's not fair, apparently it is a very bright screen). It's a midrange phone for 1000 dollars

I trust the GrapheneOS dev when he says the security chain is great on pixels and that supporting more devices is kinda a nightmare, but the whole pixel+grapheneOS package is just not as appealing at that price-point

by soganess

1/17/2025 at 7:44:51 PM

Graphene is pretty cool in theory, but I found it to be a huge pain. The Play sandboxing is great, again in theory, but it leaves too much broken.

You should install Graphene if and only if you have zero need for steam, discord, or anything not in F-Droid AND you actively want to use your phone less. It makes your device drastically less desirable and useful.

If all you ever do on your phone is open a web browser and SMS AND you don't rely on voicemail, Graphene is pretty sweet.

I love the concept, I just found it incredibly impractical. I switched to lineage after six or eight months.

The real thing that made me switch was multiple OS updates per week. The incessant forced updates from Samsung is why I switched phones and installed Graphene. It got so bad that I had to block the persistent update notification and just went without for several months. Lineage is a little more respectful in this regard.

by mystified5016

1/17/2025 at 9:05:03 PM

Voicemail? I think I could figure out how(/why) to get a fax first..

I've not had any trouble with play apps from the sandbox, even finance ones and I let it reboot itself when idle for updates which to my surprise has never caused it to miss a wake up alarm. Now that Android One is dead I'm not sure I could use an Android Phone without Graphene. It is a shame another manufacturer isn't supported though.

by snailmailstare

1/17/2025 at 8:44:41 PM

I am using Discord under GrapheneOS and it works fine. No idea about Steam.

by fph

1/17/2025 at 9:03:46 PM

Discord works, but you don't get push notifications. The steam app works, but the steam guard qr code scanner is just removed from the app if play services aren't running. If they are running, it will usually just crash when you open the qr scanner.

So yeah they "work" but not completely.

You also absolutely cannot sign into your work Google account due to device security. Fully unsupported. Voicemail doesn't work for some of the largest providers, so I have to call my own number and navigate the menu tree like it's the 1900s.

Graphene makes a lot of compromises for you and the attitude seems to be that Graphene knows better than you what's best for you and your device. That's why root access is explicitly forbidden.

by mystified5016

1/17/2025 at 11:27:30 PM

I've been using GrapheneOS for a couple years now. I'm glad to see an Android fork that holds their ground as far as Play services are involved. You call them compromises but I see at more as providing visibility when apps are doing something I would otherwise object to but don't know about. It's opinionated, and therefore not for everyone.

FWIW, Discord notifications are working fine for me.

I also strongly discourage signing into work accounts on your personal phone. It's a privacy nightmare. Have them buy you one. Turn it off when you're not working.

by gausswho