...
🔍

GrapheneOS 101: What You Need To Know

Edward Snowden loves it. It is insanely secure. But it is worth switching to over standard Android? Here’s everything you need to know about GrapheneOS…



If you’re even remotely interested in mobile security and privacy, you’ll know that Google’s Android OS isn’t exactly the poster child for either. In fact, most of the time it’s the exact opposite – a data mining, privacy-invading window that tracks and monetizes your every move.

But what if I told you there was an alternative? One that puts privacy and security first, without sacrificing the functionality and ease-of-use we’ve come to expect from our smartphones?

What is GrapheneOS?

GrapheneOS is an Android-based, open-source, privacy and security-focused mobile operating system for Google Pixel devices. It’s like Android on steroids, with a host of features designed to protect your data and keep your device secure.

But there are caveats, especially if you’re used to running a standard smartphone, either from Apple or one that runs Android. 


The first is that there is no Google Play Store or Google Play Services, so if you want apps, you’ll need to use alternative stores – like F Droid. 

The entire point of these types of operating system is keeping them away from Big Tech, companies like Google. Although there are workarounds in place that can allow for Google Play to run on GrapheneOS (see below):

Sandboxed Google Play is close to being fully functional and provides near complete compatibility with the app ecosystem depending on Google Play. Only a small subset of privileged functionality which we haven’t yet ported to different approaches with our compatibility layer is unavailable. Some functionality is inherently privileged and can’t be provided as part of the compatibility layer.

GrapheneOS Blog

If you go the GrapheneOS route, you cannot use Gmail or Chrome or YouTube. But there are alternatives, and in some cases – like email – they’re great with options like Proton Mail. 

Developed by the GrapheneOS team, this OS has gained a reputation as the go-to choice for privacy enthusiasts and security experts alike. In fact, it’s even been recommended by Edward Snowden himself.

GrapheneOS Origins

GrapheneOS has an interesting origin story. Its main developer, Daniel Micay, originally worked on another security-focused Android fork called CopperheadOS. However, after a falling out with his co-founder in 2018, Micay was dismissed from the company.

But Micay wasn’t about to let that setback stop him. He continued working on the project under a new name – Android Hardening. In April 2019, the project was officially renamed GrapheneOS, and the rest is history.

Key Features of GrapheneOS

GrapheneOSPin

No Google Apps by Default

One of the most notable things about GrapheneOS is that it doesn’t come with any Google apps pre-installed. This means no Google Play Store, no Google Maps, and no Gmail.

While this might seem like a downside at first, it’s actually a huge win for privacy. Google’s apps are notorious for collecting user data, so by not including them, GrapheneOS gives you a clean slate to work with.

Of course, if you do need access to Google apps, you can always install a sandboxed version from the “Apps” app that comes with GrapheneOS. This allows you to use Google services without giving them full access to your device.

Revocable Permissions

Another standout feature of GrapheneOS is its revocable permissions system. This means you can grant or revoke permissions for individual apps at any time, giving you complete control over what data they can access.

For example, if you don’t want a particular app to have access to your location data, you can simply revoke that permission in the settings. This level of granular control is a game-changer for privacy-conscious users.

Vanadium WebView and Browser

GrapheneOS comes with its own hardened version of the Chromium web browser and WebView implementation, called Vanadium. This browser is built with security in mind, with features like automatic updates, sandboxing, and site isolation.

Vanadium also includes a number of privacy-focused features, like built-in ad blocking and tracker blocking. This means you can browse the web without worrying about being tracked or served intrusive ads.

Randomized MAC Addresses

Every device on a network has a unique MAC address that can be used to identify it. This can be a privacy concern, as it allows your device to be tracked across different networks.

GrapheneOS solves this problem by randomizing your device’s MAC address for each new connection. This makes it much harder for anyone to track your device’s movements or build a profile of your behavior.

The Future of GrapheneOS

GrapheneOS is constantly evolving, with new features and improvements being added all the time. One of the most exciting recent developments is the addition of support for Android Auto, which allows you to use your GrapheneOS device with your car’s infotainment system.

I’ve forked some repositories of GrapheneOS and am going to apply my patches onto their stable releases. However, I will do this irregularly and don’t commit to any schedules. It may sometimes take ages for me to release a new version. If you can’t wait, you can always apply the patches yourself.

When there is a new version, you will find a new tag under platform_manifest tags. The tag name is always “-sn” appended to a valid GrapheneOS stable release. At the time of writing the current tag is 2023112900-sn

Simply follow the official GrapheneOS build instructions, but use my platform manifest instead of GrapheneOS’s (replace TAG_NAME with a valid tag from platform_manifest tags):

GitHub

The GrapheneOS team has also been working on expanding the number of devices that can run the OS. While it’s currently only officially supported on Google Pixel devices, there are plans to bring it to other Android devices in the future.

Is GrapheneOS Right for You?

GrapheneOS is an incredibly powerful tool for anyone who values their privacy and security. If you’re someone who wants to take control of your digital life and protect your data from prying eyes, it’s definitely worth considering.

GrapheneOS is hardcore though; there’s no corners cut with respect to privacy. It’s the operating system you go for if you want to go all-in on privacy and effectively remove yourself from any tracking by Big Tech. 

Social media, in its most common forms, is obviously a no-go, you’ll need alternatives for Google Maps, YouTube, and Gmail. Obviously, some are easier than others. Proton Mail is brilliant, for instance, both for business users and personal use. 

I switched from Gmail to Proton Mail, both for my business and personal accounts, and it has been a revelation. The notification system – specifically, syncing across devices – isn’t as slick as Gmail but this is a small price to pay for improved security and deliverability. 

On the plus side, it means I check my mail less – and that’s something we all should do more of. 

GrapheneOS does require a bit more technical know-how than stock Android. If you’re not comfortable with things like sideloading apps or using alternative app stores, it might not be the best fit for you.

That being said, the GrapheneOS team has done an excellent job of making the OS as user-friendly as possible. With a little bit of patience and a willingness to learn, most people should be able to get up and running with GrapheneOS without too much trouble.

The Bottom Line

proton mail 101Pin

Is GrapheneOS right for you? That kind of depends. It depends if you can live without access to Big Tech services like Google, Gmail, and Microsoft’s apps.

However, it’s important to note that there are some significant considerations and trade-offs to keep in mind, particularly if you’re accustomed to using a conventional smartphone from either Apple or an Android device manufacturer.

One of the primary challenges you’ll encounter is the absence of the Google Play Store and Google Play Services on these privacy-focused operating systems. This means that if you want to install and use apps on your device, you’ll need to rely on alternative app stores, such as F Droid, which is a popular choice among privacy enthusiasts.

It’s crucial to understand that the fundamental purpose behind these specialized operating systems is to distance yourself from the influence and reach of Big Tech companies, with Google being a prime example. By opting for a privacy-centric OS like GrapheneOS, you are effectively cutting ties with Google’s ecosystem and the convenience it provides.

As a result, you won’t have access to widely-used Google apps and services such as Gmail, Chrome, or YouTube. This can be a significant adjustment for many users who have grown accustomed to the seamless integration and functionality offered by these platforms.

However, it’s worth noting that there are alternative apps and services available that can fill the void left by Google’s absence. In the case of email, for instance, you have excellent options like Proton Mail, which prioritizes user privacy and security.

These alternatives may not have the same level of polish or feature-richness as their Google counterparts, but they align with the principles of privacy and data protection.

Transitioning to a privacy-focused smartphone OS requires a willingness to adapt and explore new tools and workflows. It may take some time to find suitable replacements for the apps and services you rely on, and there might be a learning curve involved in familiarizing yourself with these alternatives.

Moreover, it’s important to consider the potential impact on your daily smartphone usage. Some apps or services you currently use may not be available on these alternative platforms, or they may have limited functionality.

This could include banking apps, social media clients, or other applications that heavily rely on Google Play Services for features like push notifications or location services.

Before making the switch to a privacy-focused OS, it’s essential to assess your needs and priorities. If you heavily depend on specific Google apps or services for work or personal use, you may find it challenging to adapt to a Google-free environment.

On the other hand, if privacy and data security are your top concerns, and you’re willing to make some compromises in terms of convenience and app selection, then exploring these alternative operating systems could be a worthwhile endeavor.

Ultimately, the decision to embrace a privacy-focused smartphone OS is a personal one that requires careful consideration of your own needs, preferences, and the trade-offs you’re willing to make. It’s not a one-size-fits-all solution, and what works for one person may not be suitable for another.

By weighing the benefits and drawbacks, and understanding the implications of moving away from the Google ecosystem, you can make an informed choice that aligns with your values and priorities in the digital age.

Richard Goodwin

Richard Goodwin is a leading UK technology journalist with a focus on consumer tech trends and data security. Renowned for his insightful analysis, Richard has contributed to Sky News, BBC Radio 4, BBC Radio 2, and CNBC, making complex tech issues accessible to a broad audience.

Subscribe
Notify of
0 Comments
Inline Feedbacks
View all comments
Scroll to Top