Why YSK GrapheneOS is a step above the rest. I understand it’s ironic de-google phone/tablet with google hardware, but it just works better then anything else. Permission toggles, pin scrambling, auto-reboot, scopes, MAC randomization, isolated user profiles, longer passwords, sandboxed apps, open source firmware, no bloat & the battery life is incredible now.

I hope people understand how easy it is to move to Linux & GrapheneOS full time & remove Apple, Google, Microsoft etc. It exceeded expectations so much so that I want to share it with other people. I cannot recommend this enough to improve your life. #FOSS

  • FutileRecipe@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    1 year ago

    Depends on how you use your phone. Main thing I miss is Google Pay’s tap to pay (disabled by Google unless you run a Google certified OS…which Google could easily certify Graphene but won’t), but most banking apps NFC tap to pay work.

    Android Auto also doesn’t work, but I never used it. Some people might, though.

    https://grapheneos.org/features#sandboxed-google-play

    • BaroqueInMind@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      which Google could easily certify Graphene but won’t

      I’m not on the Google fan bus and would be the first one here to drop Android at the drop of a hat, however, you are being deliberately deceptive here and I hate people like that: the reason it’s not certified is because Graphene devs don’t want to pay to get it certified, it’s not because Google refused to, like you are saying.

      • asap@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        you are being deliberately deceptive here and I hate people like that

        To be fair, you have no idea if they are being deceptive. They might simply not be aware that GrapheneOS chose not to pay to get certified. I certainly didn’t know that, and I’m not at all certain that Google would certify them if they chose to pay. Do you have a source for that?

        • BaroqueInMind@kbin.social
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          1 year ago

          Any developer can go here to start the process for GMS certification. If the Graphene devs didn’t know this, then they are fucking stupid, which i know they are not. Their TOS provides you the answers:

          GMS is only available through a licence with Google and delivers a holistic set of popular apps and cloud-based services.

          And I think the costs vary depending on how much bandwidth traffic you will be bringing Google to serve the certified content. Also, they allow you to certify non-Android OSes (such as Tizen and etc).

            • BaroqueInMind@kbin.social
              link
              fedilink
              arrow-up
              4
              ·
              edit-2
              1 year ago

              That’s a very funny post to read. In summary they are demanding Google comply with their own standards they designed. It’s definitely two children yelling “No, you!” at each other.

              I like Graphenes standards better, but it looks like Google is sticking with Play Integrity API over hardware-key attestation because it’s less insane to force end users to rely on costly solutions and more compatible with different commercial vendors (looks like some Certificate Authority vendors are effected).

      • FutileRecipe@lemmy.world
        link
        fedilink
        arrow-up
        2
        arrow-down
        3
        ·
        edit-2
        1 year ago

        I’m not being deliberately deceptive. Google absolutely could whitelist GrapheneOS if Google chose to, just like any app developer can as well by checking for the verifiedBootState with proper verifiedBootKey (GrapheneOS attestation link below).

        Now, I don’t see Google doing that as GrapheneOS doesn’t and won’t ship with Play Store, Play services, or Service Framework. GrapehenOS actually has a compatibility layer so those don’t get special and device wide privileges like they do on devices that ship with them (sandboxed link below)…which Google probably requires. And I don’t see GrapheneOS budging on this as that’s one of their main selling points for security and privacy.

        But I’m always down to learn and I’m not a developer. I don’t suppose you have a link that says the main thing that Graphene is missing is handing over money to Google to get certified, and ideally how much? If that was it, I’d be willing to bet money Graphene would’ve forked over the cash by now.

        https://grapheneos.org/articles/attestation-compatibility-guide

        https://grapheneos.org/usage#sandboxed-google-play

        • AncientMariner@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Hi google, can you approve our phone that basically cuts your apps out and offers privacy from your mass spying operation please? Such a weird point.

          • FutileRecipe@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            edit-2
            1 year ago

            I did acknowledge what you said by saying Google doesn’t want Graphene not including GMS stuff and won’t whitelist GrapheneOS, despite Graphene’s extra security measures. But this doesn’t change the fact that Google could…but won’t.

            • AncientMariner@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              When I got a degoogled phone, I’d already decided I do not trust Google with my data and I want to be far away from them. With that decision came the decision that I don’t consider them an authority I rely on, and don’t want their opinion on what is good and what isn’t. If people aren’t ready to degoogle, that is fine, but to ask google if it’s cool to degoogle is a an area where maybe folk aren’t ready to degoogle.

    • AncientMariner@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      In the UK we have tap to pay debit cards. Mixing that in with the phone is always weird, especially from a privacy perspective. I wouldn’t want that.