Tags: #security #privacy #Android #GrapheneOS #CopperheadOS #AOSP
GrapheneOS: Control over Operating System for Smartphones Regained
This is a short introduction to GrapheneOS, which is a security and privacy focused operating system for smartphones compatible with Android apps…
Introduction
In the 21st century, customer’s choice of mobile phones has been reduced to smart phones equipped with only two operating systems. It has always been pointless to argue, which one is better in the terms of privacy and security, as only those companies that were able to monetise information gathered from their customers have survived. The rest is history. As a result, here and there, now and then, another hopeful project arises from the ashes in an attempt to refresh and disrupt the stale environment of mobile communication only to return back where it came from due to lack of resources, promotion or general interest.
Currently, the mythical “phoenix” has materialised into GrapheneOS, which is a mobile operating system built by Daniel Micay, who is the former author of CopperheadOS. GrapheneOS is an open source privacy and security focused mobile OS with Android app compatibility, which provides various security and privacy features that for some reason, are not implemented in the vanilla Android Open Source Project (AOSP). Furthermore, it uses alternatives to Google apps/services like F-Droid with better defaults and finer-grained permission control.
Those, who are interested are left with tho options:
- downloading and installing the compiled binary,
- or building everything themselves.
The currently supported device list is quite short, though, and covers the Google released devices only, i.e.
- Google Pixel 3 and Pixel 3 XL,
- Google Pixel 2 and Pixel 2 XL,
- Google Pixel and Pixel XL.
Since Google issues AOSP updates approximately once a month, the aforementioned Google devices are provided with regular protection. Naturally, GrapheneOS updates come within the same period, which is a great asset when compared to other manufacturers that are releasing myriads of devices each year without a proper update schedule.
Possible Downsides
On the other hand, the security- and privacy-oriented measures come at a price. Not having access to Google apps/services prevents the devices from being tracked and stalked by some apps, but also substantially reduces the amount of usable services and mobile phone features, as a lot of popular apps are hardwired to the Google services system and they are very rarely available as open-source.
To name a few:
- The Google Pixel Camera app has currently no alternative in any repository. Users have to deal with the lack of features such as: HDR+ or slow motion.
- The Yalp Store is a Google Play Store alternative, which enables users to access it independently from the Google Services Framework. Unfortunately, it has sometimes troubles working using the built-in account (anonymous mode) due to the short-lived nature of authentication tokens.
- The Aurora Store is a fork of Yalp Store, which allows to download apps directly from Google Play Store and which can search for updates of installed apps.
- The compilation of GrapheneOS including all related processes is a resource hungry procedure that needs to be done every time an update becomes available (each month). The following items should be of concern:
- Bandwidth consumption (tens of GiB of source code needs to be downloaded).
- Disk space needed to store downloaded sources and compilation products (about 250GiB).
- Compilation time (from several hours to several days depending on the amount of RAM available >16GiB and CPU cores and speed).
Conclusion
Considering all the details and the pros & cons mentioned earlier, everyone can make their own informed decision, options of which are summarised as follows:
- I want an open-source mobile operating system.
- My primary concern is security and privacy.
- I have a supported device.
- I have the resources related to the building process.
- Continue to GrapheneOS: Building Process Prerequisites
- I do not have the resources related to the building process.
- Continue to GrapheneOS: Installation Tutorial
- I have the resources related to the building process.
- I do not have a supported device.
- I have the resources related to the building process.
- There may still be hope to be able to build the GrapheneOS manually.
- I do not have the resources related to the building process.
- There may be an alternative ROM available from LineageOS.
- I have the resources related to the building process.
- I have a supported device.
- I am just looking for an open-source alternative.
- The most popular alternative is LineageOS.
- My primary concern is security and privacy.
- I do not want an open source mobile operating system.
- Stick to the stock ROM and pray that an update emerges when necessary.