Edward Snowden loves it. It is insanely secure. But it is worth switching to over standard Android? Here’s everything you need to know about GrapheneOS…
If you’re even remotely interested in mobile security and privacy, you’ll know that Google’s Android OS isn’t exactly the poster child for either. In fact, most of the time it’s the exact opposite – a data mining, privacy-invading window that tracks and monetizes your every move.
But what if I told you there was an alternative? One that puts privacy and security first, without sacrificing the functionality and ease-of-use we’ve come to expect from our smartphones?
What is GrapheneOS?
GrapheneOS is an Android-based, open-source, privacy and security-focused mobile operating system for Google Pixel devices. It builds upon the Android Open Source Project (AOSP) and adds a host of features designed to enhance the security and privacy of your device.
It’s important to note that while Google’s Android (Stock OS) has decent security, privacy can vary depending on the settings chosen, both in the OS and the user’s Google account if they choose to log in with one.
GrapheneOS takes Android’s security to the next level while providing users with powerful privacy features and customization options.
Key Features of GrapheneOS
Enhanced Security and Privacy
GrapheneOS is built with security and privacy at its core. It includes numerous hardening features and improvements to the Android sandbox and permission system. For example, GrapheneOS adds two new permissions that aren’t standard in Android: the network permission toggle and the sensors permission toggle. These allow users to have fine-grained control over which apps can access the internet and device sensors, respectively.
Compatibility with Google Play Services
Contrary to popular belief, GrapheneOS does not prevent users from accessing Google apps and services. Thanks to the sandboxed Google Play feature, users can install Google Play Services and use their favorite apps, including Gmail, Chrome, and YouTube, while still benefiting from GrapheneOS’ enhanced security and privacy.
Sandboxed Google Play is not a workaround but a carefully implemented feature that allows users to choose which apps and profiles can access Google Play Services. This flexibility ensures that users can enjoy the apps they need without compromising their privacy.
Ongoing Development and Support
GrapheneOS is constantly evolving, with new features and improvements being added regularly. The team behind GrapheneOS is dedicated to supporting a wide range of devices that meet specific security requirements, ensuring that users have access to the latest security updates and features.
Revocable Permissions
Another standout feature of GrapheneOS is its revocable permissions system. This means you can grant or revoke permissions for individual apps at any time, giving you complete control over what data they can access.
For example, if you don’t want a particular app to have access to your location data, you can simply revoke that permission in the settings. This level of granular control is a game-changer for privacy-conscious users.
Vanadium WebView and Browser
GrapheneOS comes with its own hardened version of the Chromium web browser and WebView implementation, called Vanadium. This browser is built with security in mind, with features like automatic updates, sandboxing, and site isolation.
Vanadium also includes a number of privacy-focused features, like built-in ad blocking and tracker blocking. This means you can browse the web without worrying about being tracked or served intrusive ads.
Randomized MAC Addresses
Every device on a network has a unique MAC address that can be used to identify it. This can be a privacy concern, as it allows your device to be tracked across different networks.
GrapheneOS solves this problem by randomizing your device’s MAC address for each new connection. This makes it much harder for anyone to track your device’s movements or build a profile of your behavior.
The Future of GrapheneOS
GrapheneOS is constantly evolving, with new features and improvements being added all the time. One of the most exciting recent developments is the addition of support for Android Auto, which allows you to use your GrapheneOS device with your car’s infotainment system.
I’ve forked some repositories of GrapheneOS and am going to apply my patches onto their stable releases. However, I will do this irregularly and don’t commit to any schedules. It may sometimes take ages for me to release a new version. If you can’t wait, you can always apply the patches yourself.
When there is a new version, you will find a new tag under platform_manifest tags. The tag name is always “-sn” appended to a valid GrapheneOS stable release. At the time of writing the current tag is 2023112900-sn
Simply follow the official GrapheneOS build instructions, but use my platform manifest instead of GrapheneOS’s (replace TAG_NAME with a valid tag from platform_manifest tags):
GitHub
The GrapheneOS team has also been working on expanding the number of devices that can run the OS. While it’s currently only officially supported on Google Pixel devices, there are plans to bring it to other Android devices in the future.
Is GrapheneOS Right for You?
GrapheneOS is an incredibly powerful tool for anyone who values their privacy and security. If you’re someone who wants to take control of your digital life and protect your data from prying eyes, it’s definitely worth considering.
GrapheneOS is an excellent choice for anyone who values privacy and security without sacrificing usability. Despite its robust security features, GrapheneOS is designed to be user-friendly and compatible with most apps and services.
Whether you’re a privacy enthusiast or simply looking for a more secure mobile operating system, GrapheneOS offers a compelling alternative to stock Android. With its strong focus on security, privacy, and compatibility, GrapheneOS allows users to enjoy the benefits of a hardened Android experience without giving up the apps and services they rely on.
I switched from Gmail to Proton Mail, both for my business and personal accounts, and it has been a revelation. The notification system – specifically, syncing across devices – isn’t as slick as Gmail but this is a small price to pay for improved security and deliverability.
On the plus side, it means I check my mail less – and that’s something we all should do more of.
GrapheneOS does require a bit more technical know-how than stock Android. If you’re not comfortable with things like sideloading apps or using alternative app stores, it might not be the best fit for you.
That being said, with the ability to run a sandboxed version of Google Play, you can really have your (privacy) cake and eat it.
The Bottom Line
Is GrapheneOS right for you? That kind of depends. It depends if you can live without access to Big Tech services like Google, Gmail, and Microsoft’s apps.
However, it’s important to note that there are some significant considerations and trade-offs to keep in mind, particularly if you’re accustomed to using a conventional smartphone from either Apple or an Android device manufacturer.
It’s crucial to understand that the fundamental purpose behind these specialized operating systems is to distance yourself from the influence and reach of Big Tech companies, with Google being a prime example.
By opting for a privacy-centric OS like GrapheneOS, you are effectively cutting ties with Google’s ecosystem and the convenience it provides.
Transitioning to a privacy-focused smartphone OS requires a willingness to adapt and explore new tools and workflows. It may take some time to find suitable replacements for the apps and services you rely on, and there might be a learning curve involved in familiarizing yourself with these alternatives.
Moreover, it’s important to consider the potential impact on your daily smartphone usage. Some apps or services you currently use may not be available on these alternative platforms, or they may have limited functionality.
This could include banking apps, social media clients, or other applications that heavily rely on Google Play Services for features like push notifications or location services.
Before making the switch to a privacy-focused OS, it’s essential to assess your needs and priorities. If you heavily depend on specific Google apps or services for work or personal use, you may find it challenging to adapt to a Google-free environment.
On the other hand, if privacy and data security are your top concerns, and you’re willing to make some compromises in terms of convenience and app selection, then exploring these alternative operating systems could be a worthwhile endeavor.
Ultimately, the decision to embrace a privacy-focused smartphone OS is a personal one that requires careful consideration of your own needs, preferences, and the trade-offs you’re willing to make. It’s not a one-size-fits-all solution, and what works for one person may not be suitable for another.
By weighing the benefits and drawbacks, and understanding the implications of moving away from the Google ecosystem, you can make an informed choice that aligns with your values and priorities in the digital age.
