Fairphone is the sort of phone for people who think LineageOS with an unlocked bootloader is secure made by a company who has sincerely promised to make things better but hasn’t substantially improved security (especially in how often they push security patches). Grapheneos is not a brand name you can just apply to give a phone more reputation, its an OS that represents the highest standard of security.
Thanks for sharing. For someone who is not so well versed in these technicalities, what does that mean for the user? That you’re more susceptible to fraud and hacking and malware?
Basically GrapheneOS is for people worried about law enforcement or some state actors trying to access their phone using some commercial tools or 0 day exploits. It’s useful for journalist, lawyers, activists and so on.
Average users don’t really have to worry about those things. It’s unlikely that someone will try to hack you using such tools, you most probably don’t have any data wort protecting and it’s quicker and easier for you to just unlock your phone than to spend days/weeks/months in jail trying to protect your data.
What average user should care about is removing Google from their phones and blocking trackers. Other ROMs like iode also come without Google and have better tools than GrapheneOS for blocking trackers. They are as secure as any other Android phone.
That and privacy, you also have a lot of control over what each app can do with gOS’s permissions settings vs standard ROM and most of that is enabled by default. Can break some apps, especially banking related. I have 122 installed, of that three gave me a little bit of trouble where I had to disable some protections to get them functional. DeGoogled by default, I use microG for some limited Play services to get stuff like Youtube Revanced working.
You would choose it for security hardening in general. E.g. it is harder for malware to infect, harder for unauthorized parties to gain access to data when the phone is locked, etc.
I want GrapheneOS more than repairability, personally. I hope the Fairphone + GrapheneOS combination is possible some day…
Fairphone is the sort of phone for people who think LineageOS with an unlocked bootloader is secure made by a company who has sincerely promised to make things better but hasn’t substantially improved security (especially in how often they push security patches). Grapheneos is not a brand name you can just apply to give a phone more reputation, its an OS that represents the highest standard of security.
What maskes you want Graphene over e/OS? I’m not so familiar with how they feel.
Graphene modifies AOSP for much more security.
E.g.
I dont think e/OS is as security oriented, more privacy oriented
Thanks for sharing. For someone who is not so well versed in these technicalities, what does that mean for the user? That you’re more susceptible to fraud and hacking and malware?
Basically GrapheneOS is for people worried about law enforcement or some state actors trying to access their phone using some commercial tools or 0 day exploits. It’s useful for journalist, lawyers, activists and so on.
Average users don’t really have to worry about those things. It’s unlikely that someone will try to hack you using such tools, you most probably don’t have any data wort protecting and it’s quicker and easier for you to just unlock your phone than to spend days/weeks/months in jail trying to protect your data.
What average user should care about is removing Google from their phones and blocking trackers. Other ROMs like iode also come without Google and have better tools than GrapheneOS for blocking trackers. They are as secure as any other Android phone.
A big thing is gOS not using JIT compiling. So, app updates are pretty slow but this kills a lot of malware exploits.
https://grapheneos.org/features#exploit-mitigations
So if I were to choose graphene over eOS it would mainly be to be more protected from malware?
That and privacy, you also have a lot of control over what each app can do with gOS’s permissions settings vs standard ROM and most of that is enabled by default. Can break some apps, especially banking related. I have 122 installed, of that three gave me a little bit of trouble where I had to disable some protections to get them functional. DeGoogled by default, I use microG for some limited Play services to get stuff like Youtube Revanced working.
You would choose it for security hardening in general. E.g. it is harder for malware to infect, harder for unauthorized parties to gain access to data when the phone is locked, etc.
Probably next best thing