I really appreciate having a non-Google Android OS, free of Play services and other lock-in, and use Graphene on my own Pixel. The focus on security and hardening is also appreciated, but I wish the project were more ambitious in terms of actually improving on Android in terms of usability, features, and overall experience. As-is it feels like a barebones AOSP with all the security improvements existing as a sort of hypothetical improvement in the background.
It would be a complete waste of time for devs to focus on making the AOSP apps pretty. I don't really get the hate, AOSP apps are completely fine and it's not like you have to look at it all the time
I'm not sure what you mean. They do have a secret key used for hardware attestation, but to my knowledge it's not supported anywhere and your own build would pass attestation just as well.
While this is awesome, I'm kinda skeptical on the premise on two points.
Almost nobody cares about privacy, and this is going to be super expensive. I might be fine with paying extra, but the economy might not work out, like it didn't for Blackphone. Fairphone is barely alive as well. Seeing as phones are just source of ad money Google can drop the prices on their phones as well.
Some European countries and banks already require crap like Play Integrity for essential apps. So far it's possible to hold out, but for how much longer?
GrapheneOS user here. Every single banking and financial app I use works. Both European ones and non-European. Some require changing per-app settings, but nothing crazy. There's a good chance that your banking app will work.
Maybe the real focus should be treating Android as a single purpose environment rather than your real/life depending one.
Maybe the better approach would be focusing on getting postmarketOS to work, and use an emulation or recompilation layer that is running Android in a box (pun intended). Anbox and others were still too painful to use for daily usage, but maybe you can get rid of everything except the things that Play Integrity checks against? Maybe we can make waydroid work?
why not the other way around? aosp already has a much better security posture, already runs almost everything virtualised, and will soon run 'desktop linux' apps in a vm
in fact statements from graphene suggest they hope to eventually move away from linux on the host
it won't be a special graphene phone, they are working with the OEM to make their next flagship meet graphene's security requirements; it'll just be another phone they support that isn't a pixel
What if one doesn't own an android/iphone device? Banking is a fundamental need, so most countries regulate them to cater to a wide range of users. In this case it's possible that the bank could be compelled to provide you a 2FA device if you don't have one.
I don't think there is such regulation. Many banks simply do not have any other means of authentication any more. They can't give out 2FA devices because their systems just don't support them.
Barclays in the UK offer (or used to) a hardware device with a keypad allowing the user to do a challenge-response using the bank card's chip and PIN. Not sure if they still do, though.
That's because they're stupid or doing something suspicious, probably both.
There's legitimately zero reason to allow 2FA only on your own propreitary app. You can't even make a financial argument - allowing other TOTP methods is cheaper because now you don't need an app!
> Article 7 Requirements of the elements categorised as possession
> 1. Payment service providers shall adopt measures to mitigate the risk that the elements of strong customer authentication categorised as possession are used by unauthorised parties.
> 2. The use by the payer of those elements shall be subject to measures designed to prevent replication of the elements.
it costs basically nothing to change banks. you sign up to a new one and they transfer your account and direct debits. you just tell your employer where to send your next salary payment.
The "a" models haven't been 300€ for a good while now. Launch price for 9a was 549€. So I would set that as the floor price for any speculation about this.
This is excellent news. I've always wanted to try GrapheneOS, but I dislike Google and dislike Pixels even more (Tensor sucks + there's the whole VoLTE/5G issue), so I never got a chance to try it out.
Hopefully they select an OEM which supports pKVM - that's the one Pixel feature I'd really like to see being implemented on other Android devices.
I use a Samsung Fold because I read a lot of books/manga, and I also love its multitasking features over stock Android/Pixel. Finally I also prefer it's form-factor (roughly 3:4 unfolded screen, and a narrow front screen) over other similar devices.
But it's obviously not for everyone so I can't really recommend it to everyone. And to be honest I can't in good faith recommend any Android phone these days, I hate what Google and other OEMs have done to the ecosystem.
I'm quite bullish on Linux phones though, like the FuriPhone FLX1, the Volla Phone Quintus, and the Jolla C2 - obviously again they're not for everyone, so for normies I would recommend an iPhone, and for techies I'd suggest giving the Linux phones a try (or maybe get a OnePlus/Nothing phone and load LineageOS+Magisk if you don't mind playing the cat-and-mouse game with Play Integrity).
It's more of an issue for carriers who don't sell Pixel devices, particularly in countries where the Pixel isn't sold officially (eg: New Zealand). So generally VoLTE, VoWiFi and sometimes even 5G too might not work. You can use a hack to get around that, but now Google has blocked that hack: https://news.ycombinator.com/item?id=45553764
Edit: Looks like there's an updated workaround now, but this is what I mean - it's really unacceptable that an essential feature like VoLTE - which is required to make phone calls - may not work depending on your carrier/region.
Actually I'm not sure it's reasonable to complain about a feature that you're informed won't work, on a phone that you're using in a region it's not meant to be in, doesn't work.
Yes, Pixels should probably be sold in all markets. But if you're explicitly circumventing that you shouldn't be surprised.
I disagree, because making phone calls is the most basic and core functionality of a phone, it's not just some random feature that you can simply dismiss, especially with many counties worldwide shutting down 3G networks - VoLTE is a necessity if want to make phone calls.
Google is the only major OEM (that I'm aware of) that has these deliberate draconian roadblocks to prevent VoLTE - an essential feature - from working. On OnePlus and Xiaomi devices for instance, you can always go into the engineering menu via the dialler and enable VoLTE on unsupported networks. Xiaomi even has an official code to disable carrier checks. Samsung takes it a step further and partnered with the GSMA[1] to enable VoLTE globally by default on all their Android 15+ phones. So I think it's fair to criticise Google for going in the opposite direction as other Android OEMs.
A phone bought in one region should be supposed to continue working when you travel to other regions - which people (in most parts of the world) do all the time.
And, indeed, my phones all do that. However, they don't all work with local sim cards, so something fishy is still going on, sometimes.
It's hopeful news. GrapheneOS have had access to security patches as part of their agreement with an OEM partner already, so I assume these discussions/plans have been with the same partner. They are also hopeful of getting full access to AOSP releases which would greatly alleviate the pain Google have put custom OS developers through recently.
I am still very surprised that any OEM is willing to commit to monthly security updates and OS upgrades for a minimum of possibly five years. I think it would be a good thing for GrapheneOS to have more than one partnership in future for the Android ecosystem as a whole.
I have a feeling they're working with OnePlus. They've lost their "enthusiast" vibe over the years, and officially supporting GrapheneOS could help them to reclaim it while still keeping prices high (or even justifying raising them).
I wonder what percentage of Pixel sales ended up running Graphene. It feels like running Graphene is the only real benefit to a Pixel. I wonder if Google is getting out of phones after Pixel 10 or 11.
Yeah, I recently upgraded to the 9a from the 4a for $250 USD and am still really enjoying Pixels. I might just be out of the loop on what's available, but I can't imagine many other phones at this price are competitive.
The A line is still a competitive midrange (at least when on sale) and if you enjoy the pixel experience there's nothing wrong with it at all.
However the regular pixel or the pro haven't been competitive in several years. This year is particularly bad because it's very close to iPhone price for less storage, less performance, worse battery life, and less easily accessible help (tech support/warranty/repair).
The usual comeback is the the pixel is fast enough so it doesn't matter. And it's kinda true. But it doesn't change the fact that it's poor value, midrange hardware for premium price.
I think with the suggestion made at the end about that google would be getting out of phones (for some reason - perhaps graphene causing google long term phone margins to no longer be worth it? What are you actually suggesting?) it's hard to really know what you're going for here.
GrapheneOS have mentioned in the past that the Qualcomm baseband processors compare well to competition in terms of security and isolation support on their respective SoCs. There may be other aspects they need to catch up to Pixels on regarding security though (like the secure element, open-source TEE etc.).
I applaud them - finding an OEM to build a phone for an Android fork is extremely difficult, because Google conditions access to the Play store on a manufacturer not building any phones with Android forks [1]. A move so ridiculously anti-competitive and hostile that it's outrageous they haven't been sued for it yet by at least the EU. It's not only that their products spy on you - they are actively doing all they can to kill any other products. If you care about privacy, they are your enemy, it's as simple as that.
[1] While it might not be an official requirement, being granted a Google apps license will go a whole lot easier if you join the Open Handset Alliance. The OHA is a group of companies committed to Android—Google's Android—and members are contractually prohibited from building non-Google approved devices. That's right, joining the OHA requires a company to sign its life away and promise to not build a device that runs a competing Android fork. Acer was bit by this requirement when it tried to build devices that ran Alibaba's Aliyun OS in China. Aliyun is an Android fork, and when Google got wind of it, Acer was told to shut the project down or lose its access to Google apps. - https://arstechnica.com/gadgets/2018/07/googles-iron-grip-on...
The article doesn't say that the manufacturer would ship anything with GrapheneOS. I read it as users will still get to install it themselves, which now finally will be possible with a non-Pixel device.
This is at least partially banned by the injunction from Epic vs Google:
7. For a period of three years ending on November 1, 2027, Google may not condition a payment, revenue share, or access to any Google product or service, on an agreement with an original equipment manufacturer (OEM) or carrier to preinstall the Google Play Store on any specific location on an Android device.
8. For a period of three years ending on November 1, 2027, Google may not condition a payment, revenue share, or access to any Google product or service, on an agreement with an OEM or carrier not to preinstall an Android app distribution platform or store other than the Google Play Store.
I would suspect that the sort of person (like myself) that would rather run GrapheneOS over LineageOS would rather install themselves than buy preinstalled. Much easier to verify no one slipped you an altered image.
So the Android MADA and the AFA was wholesale struck as illegal a couple years ago, both in the US and elsewhere. So this requirement cannot legally exist. Whether Google will give someone a license who also ships a fork though is certainly in question, I suspect most OEMs aren't willing to risk their business seeing if the mafia wants to follow the law. Google has such a reputation for being abusive at this point an actual agreement or rule is no longer necessary.
By not publishing Pixel device trees Google shot themselves in the foot removing the only reason for me buying their devices, while at the same time gaining nothing. Great move :)
A lot of people will say "well, the market of people who want that is so small that its not even a blip on Google's radar", but let's cut that one off at the pass: No one buys pixel devices anymore. Their sales are abysmal, Tensor mobile silicon has been a failure, and the one thing they kinda had going for them was general good vibes with the broader tech community. But, they're Google, so they ruined that too.
I suspect there will be a Pixel 11, maybe a Pixel 12, but that'll be it.
Anyone know if partnering with a major OEM for official support makes it more likely that they will be able to consistently support things like banking apps (and maybe even payment apps) in the future?
I suspect the answer is "no" but I want to believe...
The situation you're alluding to is not a case of "GrapheneOS doesn't support banking apps" but rather "Some app publishers employ Google Play Protect and other measures in order to explicitly block GrapheneOS". GrapheneOS can not do anything about that. Choose your banking and payment apps accordingly.
FWIW I have run several banking apps on GrapheneOS without any issues whatsoever, never had any blocks or compatibility issues. Might just be luck of the draw but just to say you probably do have options.
Yes, I understand many banking apps do work and from reports I have read online it even seems like a couple of the banking apps I use are among the good ones. What gives me pause is how fragile the situation is. Banking apps get "upgraded" all the time to include new security "features". Already I have had my main banking app refuse to work because I had accessibility features enabled for a different app, and subsequently refuse to work again because I had developer mode enabled. If my banking app works on GrapheneOS I am convinced it is because the bank has not gotten round to blocking it yet and it's only a matter of time, unfortunately.
If you want your bank to take the liability for any monetary losses from your account getting hacked (for example, through spyware using accessibility on Android), then you have to be OK with their requirements.
If you don't like their requirements, you need to take the liability yourself. You could use PayPal or a stablecoin to store your money.
Or root with Magisk and hide the developer mode from the offending app. Unfortunately it's always a cat and mouse game, so for some apps it's probably easiest to have a cheap, outdated (and by some metrics thus unsafe) device in a drawer at home.
Your money is far more at risk with scams and phishing than it is with whatever boogeyman spyware you may try to think of that does not exist in real life.
They can fund the development and support work for attesting GrapheneOS along with funding support for compatibility with the os. The more users that GrapheneOS has the less money they'll need to pay to fund such a project.
I sincerely doubt it, but a large OEM with first-party support makes it (IMO) more likely for banking apps to support GApps-less handsets(instead of the inverse, Graphene supporting banking apps) - a dramatically better outcome, as that allows Waydroid more breathing room as a viable solution for Linux-first handsets too.
This would of course be contigent on GrapheneOS growing their market- and mind-share in the general public, while also taking several years to impact the least move-fast-and-break-things industry (consumer banking).
If those apps use "Play Integrity" (bad choice) then the probability is close to zero because it's Google that controls it. Other OEMs that currently pass it do it only because the device was certified by Google.
But being certified by Google of course precludes not preinstalling or sandboxing their GMS apps.
The answer is it depends. Banking and similar Apps trying to "protect" the user from themselves aka treat the user like a retarded child do this through several mechanisms:
> Google Play Integrity
Essentially a Google API that App Developers integrate that checks if the device runs an Operating System signed by Google as "Play Certified". This can go as far as being backed by a hardware trusted platform module. I doubt Google will certify GrapheneOS given their modifications towards sandboxing the play services. This can be faked to a degree but GrapheneOS choses not to do it and to fake the TPM part you need leaked keys. For more details on how to fake it look at this thread: https://xdaforums.com/t/guide-how-to-pass-strong-integrity-o...
> Fingerprinting the Device OS
This can very from app to app and just tries to fingerprint the device in many ways to see if it's running a custom rom of some kind. This does things like check to see if the bootloader is unlocked or if root is installed. I think this is something an official grapheneos phone might fix since the phone vendor could allow grapheneos to sign their releases as native equivalent
> Banning GrapheneOS by Name
Some Apps Developers literally ban GrapheneOS by name.
> Failures due to Google Play Sandboxing
Since GrapheneOS sandboxes Google Play Services there might be compatibility issues that prevent the app from working right. This would likely be unaffected by a GrapheneOS Phone.
> Failures due to Advanced Security Features
Some Apps just don't "like" the advanced security features like the hardened malloc and other protections and just fail. This can be disabled most of the time
They have to start somewhere. Unfortunately part of the issue is that most OEMs do not even support their budget models as well as their flagships, so they would fall short of basic reasonable GrapheneOS requirements like 5+ years of timely security updates.
When I was looking, the older models were around $500. Looks like they came down in price. I also looked at used, but my company stipend/discount would only apply to new.
This is good news, but I hope that the device is not a "Graphene-phone". I.e. that it's not strictly built for GOS, but that it's a good generic and open device that happens to support GOS. For example, I would like such hardware to also be able to run mainline Linux, and to be able to run GOS on other devices besides the single approved one, potentially from different manufacturers.
Graphene doesn't have the volume to get a custom flagship grade device made for them. So even if they get a device that ships with Graphene preinstalled? It's going to be a variant of another Android phone.
Which is, generally, not that good for Linux mainlining. Qualcomm SoCs are "meh" when it comes to mainline Linux support - some parts are there, but a lot of them aren't. It has been getting better for the last bit though?
I hope it's not one of the biggest names. I hope they've decided to work with a more ethical brand to elevate their quality. How about a Graphene OS phone with a removable battery?
Yeah, was kinda hoping they's work with Fairphone to fix their shit security situation... Anyway, hopefully another ethical brand fingers crossed! Thanks for the link!
However, Motorola/Lenovo seems the most logical partner, they were previously in the Android One program (which was sort of the successor to the Nexus line).
That would be interesting. I have long wished that Sony phones would allow re-locking the bootloader to an OS signed with my own keys.
Some of their Xperia Compact models have been excellent, but they haven't been making them like that in recent years. Dare I hope for a return of their truly compact flagship phones and GrapheneOS support?
As far as I'm aware, their flagship Xperia phones do support bootloader re-locking [1]. The problem is they haven't fulfilled GrapheneOS's other requirements: https://grapheneos.org/faq#future-devices
I use Sailfish on an Xperia 10 mod. III. Unfortunately the only Xperia models which support the full Sailfish w/Android compatibility are the way too long ones. I intensely dislike long phones. I miss my old Jolla phone (they're the maker of Sailfish), it was perfect but developed a technical problem after many years. The Xperia is clumsy when compared to the Jolla phone. Glass surfaces back and front (who thought that was a good idea? Glass is slippery, and glass breaks), sometimes slips from my hand, or wherever I put it if it's not 100% flat. Glass..well, you get the idea what happens then..
I really appreciate having a non-Google Android OS, free of Play services and other lock-in, and use Graphene on my own Pixel. The focus on security and hardening is also appreciated, but I wish the project were more ambitious in terms of actually improving on Android in terms of usability, features, and overall experience. As-is it feels like a barebones AOSP with all the security improvements existing as a sort of hypothetical improvement in the background.
It would be a complete waste of time for devs to focus on making the AOSP apps pretty. I don't really get the hate, AOSP apps are completely fine and it's not like you have to look at it all the time
Anyone who doesn't like how they look has an absolute right to fix it and no right at all to complain. ;-)
You can't fix GrapheneOS. It's not LineageOS.
I'm not sure what you mean. They do have a secret key used for hardware attestation, but to my knowledge it's not supported anywhere and your own build would pass attestation just as well.
While this is awesome, I'm kinda skeptical on the premise on two points.
Almost nobody cares about privacy, and this is going to be super expensive. I might be fine with paying extra, but the economy might not work out, like it didn't for Blackphone. Fairphone is barely alive as well. Seeing as phones are just source of ad money Google can drop the prices on their phones as well.
Some European countries and banks already require crap like Play Integrity for essential apps. So far it's possible to hold out, but for how much longer?
GrapheneOS user here. Every single banking and financial app I use works. Both European ones and non-European. Some require changing per-app settings, but nothing crazy. There's a good chance that your banking app will work.
https://github.com/PrivSec-dev/banking-apps-compat-report
https://privsec.dev/posts/android/banking-applications-compa...
Maybe the real focus should be treating Android as a single purpose environment rather than your real/life depending one.
Maybe the better approach would be focusing on getting postmarketOS to work, and use an emulation or recompilation layer that is running Android in a box (pun intended). Anbox and others were still too painful to use for daily usage, but maybe you can get rid of everything except the things that Play Integrity checks against? Maybe we can make waydroid work?
[1] https://waydro.id/
why not the other way around? aosp already has a much better security posture, already runs almost everything virtualised, and will soon run 'desktop linux' apps in a vm
in fact statements from graphene suggest they hope to eventually move away from linux on the host
Doesn't play integrity verify the hardware among other things?
it won't be a special graphene phone, they are working with the OEM to make their next flagship meet graphene's security requirements; it'll just be another phone they support that isn't a pixel
This is the real problem: I need my phone to work with my bank. So whatever we're doing, that's the bar to clear.
Buy the cheapest updatable phone that will work for your bank(probably a used iPhone) and use a free OS for everything else.
No, I don't want to buy, take care of, and carry around 2 devices at all times. I'm not a drug dealer.
Is there something important in banking apps that cannot be done with a web browser?
My bank uses the banking app for auth if I try and login via a browser.
Do they offer a physical 2FA device? Mine does and it's really useful
What if one doesn't own an android/iphone device? Banking is a fundamental need, so most countries regulate them to cater to a wide range of users. In this case it's possible that the bank could be compelled to provide you a 2FA device if you don't have one.
Good luck with that, in Germany many public transport operators are moving into app based tickets for the monthly/yearly subscriptions.
You can still get a plastic card, however it requires paying extra and some additional forms, the reasoning being it is not environment friendly.
I don't think there is such regulation. Many banks simply do not have any other means of authentication any more. They can't give out 2FA devices because their systems just don't support them.
Barclays in the UK offer (or used to) a hardware device with a keypad allowing the user to do a challenge-response using the bank card's chip and PIN. Not sure if they still do, though.
Edit: https://en.wikipedia.org/wiki/Chip_Authentication_Program
That's because they're stupid or doing something suspicious, probably both.
There's legitimately zero reason to allow 2FA only on your own propreitary app. You can't even make a financial argument - allowing other TOTP methods is cheaper because now you don't need an app!
Unfortunately the EU regulation makes the truly user controlled 2FA methods essentially non-compliant.
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CEL...
> Article 7 Requirements of the elements categorised as possession
> 1. Payment service providers shall adopt measures to mitigate the risk that the elements of strong customer authentication categorised as possession are used by unauthorised parties.
> 2. The use by the payer of those elements shall be subject to measures designed to prevent replication of the elements.
This says something along the lines of "it should be hard to extract the TOTP secret".
However if you can get so far as to get the secret from the TOTP app, you can as well back up the entire phone and restore elsewhere, can't you?
> That's because they're stupid or doing something suspicious, probably both
Small comfort for whoever needs to use that bank. This is the disconnect geeks and Free Software needs to bridge to make any headway.
it costs basically nothing to change banks. you sign up to a new one and they transfer your account and direct debits. you just tell your employer where to send your next salary payment.
Sometimes it’s more complicated than that. And the other banks aren’t any less “stupid”.
What more do you want your phone to do at this point?
work in 10 years
You might like /e/OS. It's less secure/hardened than Graphene, but offers a de-Googled Android with a focus on privacy and usability.
The base operating system is quite far behind on app compatibility, privacy and "deGoogling" in comparison to GrapheneOS https://eylenburg.github.io/android_comparison.htm.
It uses microG which has its own set of issues, though.
And it's a 1:1 copy of LineageOS, so there's that.
"GrapheneOS didn’t reveal the name of its new partner, but said that those devices will be priced in the same range as Pixels"
which means what?
~300€ like the "A" models?
~1000€ like the pro models? both?
The "a" models haven't been 300€ for a good while now. Launch price for 9a was 549€. So I would set that as the floor price for any speculation about this.
This is excellent news. I've always wanted to try GrapheneOS, but I dislike Google and dislike Pixels even more (Tensor sucks + there's the whole VoLTE/5G issue), so I never got a chance to try it out.
Hopefully they select an OEM which supports pKVM - that's the one Pixel feature I'd really like to see being implemented on other Android devices.
Curious, what phone would you recommend/do you use?
I use a Samsung Fold because I read a lot of books/manga, and I also love its multitasking features over stock Android/Pixel. Finally I also prefer it's form-factor (roughly 3:4 unfolded screen, and a narrow front screen) over other similar devices.
But it's obviously not for everyone so I can't really recommend it to everyone. And to be honest I can't in good faith recommend any Android phone these days, I hate what Google and other OEMs have done to the ecosystem.
I'm quite bullish on Linux phones though, like the FuriPhone FLX1, the Volla Phone Quintus, and the Jolla C2 - obviously again they're not for everyone, so for normies I would recommend an iPhone, and for techies I'd suggest giving the Linux phones a try (or maybe get a OnePlus/Nothing phone and load LineageOS+Magisk if you don't mind playing the cat-and-mouse game with Play Integrity).
What is the VoLTE/5G issue? On T-Mobile, haven't had any issues with it living in a pretty rural spot. Isn't that like a Verizon problem?
It's more of an issue for carriers who don't sell Pixel devices, particularly in countries where the Pixel isn't sold officially (eg: New Zealand). So generally VoLTE, VoWiFi and sometimes even 5G too might not work. You can use a hack to get around that, but now Google has blocked that hack: https://news.ycombinator.com/item?id=45553764
Edit: Looks like there's an updated workaround now, but this is what I mean - it's really unacceptable that an essential feature like VoLTE - which is required to make phone calls - may not work depending on your carrier/region.
Actually I'm not sure it's reasonable to complain about a feature that you're informed won't work, on a phone that you're using in a region it's not meant to be in, doesn't work.
Yes, Pixels should probably be sold in all markets. But if you're explicitly circumventing that you shouldn't be surprised.
I disagree, because making phone calls is the most basic and core functionality of a phone, it's not just some random feature that you can simply dismiss, especially with many counties worldwide shutting down 3G networks - VoLTE is a necessity if want to make phone calls.
Google is the only major OEM (that I'm aware of) that has these deliberate draconian roadblocks to prevent VoLTE - an essential feature - from working. On OnePlus and Xiaomi devices for instance, you can always go into the engineering menu via the dialler and enable VoLTE on unsupported networks. Xiaomi even has an official code to disable carrier checks. Samsung takes it a step further and partnered with the GSMA[1] to enable VoLTE globally by default on all their Android 15+ phones. So I think it's fair to criticise Google for going in the opposite direction as other Android OEMs.
[1] https://www.mobileworldlive.com/gsma/gsma-samsung-team-on-vo...
A phone bought in one region should be supposed to continue working when you travel to other regions - which people (in most parts of the world) do all the time. And, indeed, my phones all do that. However, they don't all work with local sim cards, so something fishy is still going on, sometimes.
it's not complaining to tell people not to buy a phone that doesn't work.
They made this "announcement" around 80 days ago here on HN :) [1]
1- https://news.ycombinator.com/item?id=44676691#44678172
The tone of this announcement seems a lot more certain than the previous one, at least.
I remember reading that comment. Disappointing article, but good to know it's still in progress.
It's hopeful news. GrapheneOS have had access to security patches as part of their agreement with an OEM partner already, so I assume these discussions/plans have been with the same partner. They are also hopeful of getting full access to AOSP releases which would greatly alleviate the pain Google have put custom OS developers through recently.
I am still very surprised that any OEM is willing to commit to monthly security updates and OS upgrades for a minimum of possibly five years. I think it would be a good thing for GrapheneOS to have more than one partnership in future for the Android ecosystem as a whole.
I have a feeling they're working with OnePlus. They've lost their "enthusiast" vibe over the years, and officially supporting GrapheneOS could help them to reclaim it while still keeping prices high (or even justifying raising them).
I wonder what percentage of Pixel sales ended up running Graphene. It feels like running Graphene is the only real benefit to a Pixel. I wonder if Google is getting out of phones after Pixel 10 or 11.
Could estimate ~1% (+/- 1%) given the Graphene user estimates [1] and the tens of millions of Pixels sold at this point.
[1] https://discuss.grapheneos.org/d/21946-grapheneos-popularity...
Interesting, I wouldn't have guessed they had tens of millions active.
1% of "tens of millions" is hundreds of thousands.
> only real benefit to running a pixel
Not a phrase I expected to read, whew. Tough customers.
I've been very happy with several generations of pixels at this point compared to the alternatives.
Yeah, I recently upgraded to the 9a from the 4a for $250 USD and am still really enjoying Pixels. I might just be out of the loop on what's available, but I can't imagine many other phones at this price are competitive.
The A line is still a competitive midrange (at least when on sale) and if you enjoy the pixel experience there's nothing wrong with it at all.
However the regular pixel or the pro haven't been competitive in several years. This year is particularly bad because it's very close to iPhone price for less storage, less performance, worse battery life, and less easily accessible help (tech support/warranty/repair).
The usual comeback is the the pixel is fast enough so it doesn't matter. And it's kinda true. But it doesn't change the fact that it's poor value, midrange hardware for premium price.
6a to 9a here too!
It's probably a negligible percentage. Installing custom ROMs is niche even within the tech crowd.
Typical mind fallacy.
According to one estimate, there are about 250k total GrapheneOS users https://discuss.grapheneos.org/d/12281-how-many-grapheneos-u...
This source claims Google shipped 10 million devices last year https://coolest-gadgets.com/google-pixel-smartphones-statist...
If we generously assume every GrapheneOS user bought a new phone in the last year, 2.5% of those Pixels are running Graphene.
Is it a fallacy if I never made a claim about percentage?
I think with the suggestion made at the end about that google would be getting out of phones (for some reason - perhaps graphene causing google long term phone margins to no longer be worth it? What are you actually suggesting?) it's hard to really know what you're going for here.
Cool but isn't the appeal of Pixels it's baseband security model/USB
https://security.googleblog.com/2024/10/pixel-proactive-secu...
I don't have all the links to post here but I recall this being a big factor.
GrapheneOS have mentioned in the past that the Qualcomm baseband processors compare well to competition in terms of security and isolation support on their respective SoCs. There may be other aspects they need to catch up to Pixels on regarding security though (like the secure element, open-source TEE etc.).
This could be really good considering current events in the android space.
Oh, good. There's going to be a migration path for F-Droid users after Google's latest actions.
[dead]
Amazing news!!! Google is incapable of selling their phones worldwide. Here's to hoping GrapheneOS's new phones will be easier to get hold of.
I applaud them - finding an OEM to build a phone for an Android fork is extremely difficult, because Google conditions access to the Play store on a manufacturer not building any phones with Android forks [1]. A move so ridiculously anti-competitive and hostile that it's outrageous they haven't been sued for it yet by at least the EU. It's not only that their products spy on you - they are actively doing all they can to kill any other products. If you care about privacy, they are your enemy, it's as simple as that.
[1] While it might not be an official requirement, being granted a Google apps license will go a whole lot easier if you join the Open Handset Alliance. The OHA is a group of companies committed to Android—Google's Android—and members are contractually prohibited from building non-Google approved devices. That's right, joining the OHA requires a company to sign its life away and promise to not build a device that runs a competing Android fork. Acer was bit by this requirement when it tried to build devices that ran Alibaba's Aliyun OS in China. Aliyun is an Android fork, and when Google got wind of it, Acer was told to shut the project down or lose its access to Google apps. - https://arstechnica.com/gadgets/2018/07/googles-iron-grip-on...
The article doesn't say that the manufacturer would ship anything with GrapheneOS. I read it as users will still get to install it themselves, which now finally will be possible with a non-Pixel device.
This is at least partially banned by the injunction from Epic vs Google:
https://storage.courtlistener.com/recap/gov.uscourts.cand.37...GrapheneOS' Reddit comment shown in the article says "selling devices with GrapheneOS preinstalled would be nice but wouldn't be required".
To me that sounds like devices with GrapheneOS preinstalled is not gonna happen.
I would suspect that the sort of person (like myself) that would rather run GrapheneOS over LineageOS would rather install themselves than buy preinstalled. Much easier to verify no one slipped you an altered image.
So the Android MADA and the AFA was wholesale struck as illegal a couple years ago, both in the US and elsewhere. So this requirement cannot legally exist. Whether Google will give someone a license who also ships a fork though is certainly in question, I suspect most OEMs aren't willing to risk their business seeing if the mafia wants to follow the law. Google has such a reputation for being abusive at this point an actual agreement or rule is no longer necessary.
By not publishing Pixel device trees Google shot themselves in the foot removing the only reason for me buying their devices, while at the same time gaining nothing. Great move :)
A lot of people will say "well, the market of people who want that is so small that its not even a blip on Google's radar", but let's cut that one off at the pass: No one buys pixel devices anymore. Their sales are abysmal, Tensor mobile silicon has been a failure, and the one thing they kinda had going for them was general good vibes with the broader tech community. But, they're Google, so they ruined that too.
I suspect there will be a Pixel 11, maybe a Pixel 12, but that'll be it.
Anyone know if partnering with a major OEM for official support makes it more likely that they will be able to consistently support things like banking apps (and maybe even payment apps) in the future?
I suspect the answer is "no" but I want to believe...
The situation you're alluding to is not a case of "GrapheneOS doesn't support banking apps" but rather "Some app publishers employ Google Play Protect and other measures in order to explicitly block GrapheneOS". GrapheneOS can not do anything about that. Choose your banking and payment apps accordingly.
FWIW I have run several banking apps on GrapheneOS without any issues whatsoever, never had any blocks or compatibility issues. Might just be luck of the draw but just to say you probably do have options.
Yes, I understand many banking apps do work and from reports I have read online it even seems like a couple of the banking apps I use are among the good ones. What gives me pause is how fragile the situation is. Banking apps get "upgraded" all the time to include new security "features". Already I have had my main banking app refuse to work because I had accessibility features enabled for a different app, and subsequently refuse to work again because I had developer mode enabled. If my banking app works on GrapheneOS I am convinced it is because the bank has not gotten round to blocking it yet and it's only a matter of time, unfortunately.
If you want your bank to take the liability for any monetary losses from your account getting hacked (for example, through spyware using accessibility on Android), then you have to be OK with their requirements.
If you don't like their requirements, you need to take the liability yourself. You could use PayPal or a stablecoin to store your money.
Or root with Magisk and hide the developer mode from the offending app. Unfortunately it's always a cat and mouse game, so for some apps it's probably easiest to have a cheap, outdated (and by some metrics thus unsafe) device in a drawer at home.
Your money is far more at risk with scams and phishing than it is with whatever boogeyman spyware you may try to think of that does not exist in real life.
There has to be a limit here. Blocking accessibility in the name of security is piece of shit behavior. That's uh, a technical term.
Banks have plenty of money. They don't need to be up your ass to keep liability down.
Spyware using accessibility on Android still makes Play Integrity valid.
We're in this funny situation where the hacked and outdated device is considered more "secure" by Google because Google controls it
> GrapheneOS can not do anything about that.
OEM support is a step toward passing integrity, and that's what those apps are looking for.
>GrapheneOS can not do anything about that
They can fund the development and support work for attesting GrapheneOS along with funding support for compatibility with the os. The more users that GrapheneOS has the less money they'll need to pay to fund such a project.
I sincerely doubt it, but a large OEM with first-party support makes it (IMO) more likely for banking apps to support GApps-less handsets(instead of the inverse, Graphene supporting banking apps) - a dramatically better outcome, as that allows Waydroid more breathing room as a viable solution for Linux-first handsets too.
This would of course be contigent on GrapheneOS growing their market- and mind-share in the general public, while also taking several years to impact the least move-fast-and-break-things industry (consumer banking).
But still, a man can dream.
If those apps use "Play Integrity" (bad choice) then the probability is close to zero because it's Google that controls it. Other OEMs that currently pass it do it only because the device was certified by Google.
But being certified by Google of course precludes not preinstalling or sandboxing their GMS apps.
The answer is it depends. Banking and similar Apps trying to "protect" the user from themselves aka treat the user like a retarded child do this through several mechanisms:
> Google Play Integrity
Essentially a Google API that App Developers integrate that checks if the device runs an Operating System signed by Google as "Play Certified". This can go as far as being backed by a hardware trusted platform module. I doubt Google will certify GrapheneOS given their modifications towards sandboxing the play services. This can be faked to a degree but GrapheneOS choses not to do it and to fake the TPM part you need leaked keys. For more details on how to fake it look at this thread: https://xdaforums.com/t/guide-how-to-pass-strong-integrity-o...
> Fingerprinting the Device OS
This can very from app to app and just tries to fingerprint the device in many ways to see if it's running a custom rom of some kind. This does things like check to see if the bootloader is unlocked or if root is installed. I think this is something an official grapheneos phone might fix since the phone vendor could allow grapheneos to sign their releases as native equivalent
> Banning GrapheneOS by Name
Some Apps Developers literally ban GrapheneOS by name.
> Failures due to Google Play Sandboxing
Since GrapheneOS sandboxes Google Play Services there might be compatibility issues that prevent the app from working right. This would likely be unaffected by a GrapheneOS Phone.
> Failures due to Advanced Security Features
Some Apps just don't "like" the advanced security features like the hardened malloc and other protections and just fail. This can be disabled most of the time
If the phone is rooted, most banks will not support it. That includes grapheneOS.
Your phone isn't rooted on GrapheneOS.
GOS isn't rooted.
"GrapheneOS didn’t reveal the name of its new partner, but said that those devices will be priced in the same range as Pixels"
Boo
They have to start somewhere. Unfortunately part of the issue is that most OEMs do not even support their budget models as well as their flagships, so they would fall short of basic reasonable GrapheneOS requirements like 5+ years of timely security updates.
Yep. I like my midrange phone I got for ~$300. I'm not paying top-dollar just for GrapheneOS.
Pixel 9a was $350 during last week's Amazon prime day sale. Currently at $399. Likely to go down again for Black Friday, etc..
I'd love a phone around that price that would run Graphene.
Why not just buy an older pixel a model ...? Like a 7a ... It is cheaper and runs GOS.
I personally can't buy phones without physical dual sim.
Dual eSIMs when travelling have failed me too many times.
Everything is moving to esim.
When I was looking, the older models were around $500. Looks like they came down in price. I also looked at used, but my company stipend/discount would only apply to new.
you can get a used 6a for ~$160
You get a used 7a for that price.
graphine needs a built in calendar app that uses caldav
Is DAVx⁵ not sufficient?
Oh I hope it's one that makes flippables. It'd be hard to go back to mega-slabs now.
I hope so.
This is good news, but I hope that the device is not a "Graphene-phone". I.e. that it's not strictly built for GOS, but that it's a good generic and open device that happens to support GOS. For example, I would like such hardware to also be able to run mainline Linux, and to be able to run GOS on other devices besides the single approved one, potentially from different manufacturers.
Graphene doesn't have the volume to get a custom flagship grade device made for them. So even if they get a device that ships with Graphene preinstalled? It's going to be a variant of another Android phone.
Which is, generally, not that good for Linux mainlining. Qualcomm SoCs are "meh" when it comes to mainline Linux support - some parts are there, but a lot of them aren't. It has been getting better for the last bit though?
https://news.ycombinator.com/item?id=45586622
GrapheneOS + Xiaomi hardware = Pixel killer
I hope it's not one of the biggest names. I hope they've decided to work with a more ethical brand to elevate their quality. How about a Graphene OS phone with a removable battery?
At any rate, they explicitly said that they are not working with fairphone [1]
[1] https://news.ycombinator.com/item?id=44678459
Yeah, was kinda hoping they's work with Fairphone to fix their shit security situation... Anyway, hopefully another ethical brand fingers crossed! Thanks for the link!
2027 in EU: https://www.pcmag.com/news/eu-smartphones-must-have-user-rep...
Any guesses who the OEM is? I'm thinking Nothing.
They said "major OEM" so I don't think it's them. Unlikely to be Samsung either. Maybe Xiaomi or Lenovo (Motorola)?
No shot on it being Xiaomi (or any other BBK brand like OnePlus), they haven't been super great to the custom rom community in some years now.
I would have guessed HMD, but they just pulled out of the US market: https://www.androidauthority.com/hmd-global-leaves-us-market...
However, Motorola/Lenovo seems the most logical partner, they were previously in the Android One program (which was sort of the successor to the Nexus line).
They said it'd be priced similarly to Pixels, so ~$1000 range. Afaik the only Motorola phone in that range is the Razr, but that'd be a weird choice.
I sure hope they're not excluding the a series when they say that.
Given that OnePlus is the only other vendor that currently has semi-decent custom rom support my guess is them, followed by HMD.
My guess is Sony.
That would be interesting. I have long wished that Sony phones would allow re-locking the bootloader to an OS signed with my own keys.
Some of their Xperia Compact models have been excellent, but they haven't been making them like that in recent years. Dare I hope for a return of their truly compact flagship phones and GrapheneOS support?
As far as I'm aware, their flagship Xperia phones do support bootloader re-locking [1]. The problem is they haven't fulfilled GrapheneOS's other requirements: https://grapheneos.org/faq#future-devices
[1] https://github.com/chenxiaolong/avbroot/issues/299#issue-232...
Sailfish also supported some Sony devices, https://docs.sailfishos.org/Support/Supported_Devices/
I use Sailfish on an Xperia 10 mod. III. Unfortunately the only Xperia models which support the full Sailfish w/Android compatibility are the way too long ones. I intensely dislike long phones. I miss my old Jolla phone (they're the maker of Sailfish), it was perfect but developed a technical problem after many years. The Xperia is clumsy when compared to the Jolla phone. Glass surfaces back and front (who thought that was a good idea? Glass is slippery, and glass breaks), sometimes slips from my hand, or wherever I put it if it's not 100% flat. Glass..well, you get the idea what happens then..
If they got rid of their fear of the US market, they might actually have gotten somewhere.
The US smartphone market basically consists of two brands: Apple and Samsung. Everyone else is fighting for scraps.
Yes, but making it hard to impossible to fully license the Jolla software in a non community level and support their project is a bit frustrating.
Sony pulled out of NA a few years ago so that would be non-ideal for many folks…