Looks like GrapheneOS will be available on another "major Android OEM” soon [1].
Regulation should prevent Google from subsidising manufacturers to use Android. Arguably the recent antitrust legislation [2] applies in this case because they're effectively paying manufacturers to place that horrendous and impossible to remove search bar on the home screen.
[1] https://www.androidauthority.com/graphene-os-major-android-o... [2] https://www.justice.gov/opa/pr/department-justice-wins-signi...
GrapheneOS is in some ways not an open OS. The official builds don't provide root access. So for example apps are able to hold your data hostage from you.
I get that this is in the name of security hardening. And you can make a build that has limited root access and is officially supported. But GrapheneOS isn't the end-all solution to computing freedom. Although hopefully on those devices you will be able to install custom OSes (root capable build of Graphene or otherwise).
People can modify GrapheneOS however they want including making their own builds with the officially supported userdebug root support enabled. Open and free doesn't mean catering to power users with the official setup at the expense of everyone else. It doesn't mean sacrificing substantial privacy and security for niche aesthetic customization and other power user features. Defining freedom for devices as software providing more customization options for power users is strange. The freedom is from it being open source and any OS being permitted on the devices.
Devices built to officially support GrapheneOS MUST include first class support for using an alternate OS that's not the official GrapheneOS, which is part of our requirements at https://grapheneos.org/faq#future-devices. These requirements apply to official GrapheneOS devices in the same way as devices using a Google Mobile Services stock OS. Combined with the OS being open source, that's what gives people the freedom to legally and practically use/make forks of it with arbitrary changes.
Userdebug builds of GrapheneOS are officially supported, although we don't recommend using them on a production device. Setting ro.adb.secure=1 for a userdebug build does preserve most of the security as long as ADB isn't used, but not all of it. It still downgrades security when ADB isn't used since the changes to accommodate having root access and other debug features via ADB have an impact beyond when it's actually used. It doesn't destroy the overall security model in the way people typically integrate root access where a huge portion of the OS has it and it's accessible to apps in a persistent way.
GrapheneOS is all about security, not privacy or freedom. You coincidentally get privacy and freedom benefits, but only where they don't conflict with security.
That's untrue. The main focus of GrapheneOS has always been privacy. This level of privacy is enabled through good security. GrapheneOS goes above and beyond in regards to privacy. No other custom Android OS hosts its own time server, proxies for PSDS and SUPL, captive portal, Wi-Fi positioning proxy, Widevine provisioning proxy, etc.
GrapheneOS doesn't make any connections to Google or Qualcomm by default, unlike all the other other Android-based systems. https://grapheneos.org/faq#default-connections
See https://eylenburg.github.io/android_comparison.htm
As previously mentioned, GrapheneOS hosts a proxy for the Qualcomm SUPL service. In addition, it removes unique device identifiers from the requests, that would normally be present.
GrapheneOS supports the Pixel tool for provisioning eSIMs, but it's fully sandboxed and doesn't share any data with Google.
People have the freedom to modify GrapheneOS in any way they want and run it on their device instead of the official releases. Freedom doesn't mean GrapheneOS going out of the way to provide all kinds of power user with major downsides. As an unrelated example, GNOME isn't less free than KDE because it's more minimal and doesn't have extensive configuration.
Root access doesn't magically make an OS "open". You can disable System Integrity Protection on macOS and get full root access. That doesn't make it an open OS in any way. Root access fundamentally breaks the security model of Android. It's totally unsuitable for production environments. See https://madaidans-insecurities.github.io/android.html#rootin...
Raw root access isn't what I'd want apps to have.. it's that the Android permission system deliberately limits what the user can consent to, the rest is for "system apps" and to install those you need to unlock bootloader and start the whole "journey" while saying goodbye to banking apps.
Implementing a more flexible permission model + sandbox would probably involve too much work for them.
Hopefully AVF might make things a little better if we'd be able to run Android VMs on Android - so you'd be able to run a rooted VM inside GrapheneOS.. but this depends on Google keeping Android open source, yet QPR1 was not released.
I agree that a powerful permission model is a great feature. But that doesn't obsolete the option to have the "root permission" that you can give when required. Sure, for my specific gripe a "full filesystem access" permission would be sufficient and better. But there are going to be other use cases that require other permissions. So it is always going to be useful to have that backup root permission that you can assign to very specific apps when required.
Root access isn't available by default, but it takes about 120 seconds (including waiting for it to reboot) to add it.
Last I checked the situation was similar to what it is in Calyx, which is that it's not officially supported and you have to keep manually reapplying the root after every update.
Userdebug builds of GrapheneOS with ADB root access are officially supported. We recommend setting ro.adb.secure=1 rather than making a standard userdebug build with always-on unauthenticated ADB if it's not solely for development.
Modifying the official builds by replacing part of the core OS with Magisk and then using that to modify the rest of the OS dynamically is what's not officially supported and strongly discouraged. That doesn't mean there isn't official support for root, which is available in userdebug builds without the same massive negative impact to the security model of the OS.
I've been trying to make a UserDebug build for the last few days by following the official instructions at https://grapheneos.org/build, and am running into some trouble which I suspect are due to minor steps in the documentation that are missing or incorrect.
Is it possible to get some help on this? Posted some messages to the #general and #development channels on Discord (you mentioned in your very helpful comment at https://news.ycombinator.com/item?id=42536302 that's the go-to for support) but am not getting any response. I'd even be happy to make a fat donation or pay for some support here.
Also out of curiosity, have you guys considered providing an official release that is configured this way, perhaps gated behind a giant "Proceed at your own risk" banner? Is your reasoning here influenced by a perception that providing root access without enough friction might weaken your bid for Play Integrity recognition or your chances of individual app developers like banks treating your OS on equally trusted footing as Google's?
Oh yep, forgot about that. I barely ever update so I only have to re-root 2-3x a year.
> Looks like GrapheneOS will be available on another "major Android OEM” soon.
I'm secretly hoping that this will be Framework or Nothing.
Could either of those be considered a major Android OEM? I was thinking Motorola.
True. Or maybe resurrect HTC.
On my samsung phone, I just tested, the search bar was as easy to remove as any other widget.
I just wish they had two sizes, a pocket version please. I have small Trumpian hands.