And once you are on GrapheneOS, break free from your proprietary watch ecosystem and switch to GadgetBridge (https://gadgetbridge.org/)
I run a Thinkpad with NixOS and KDE, a Pixel 9 with GrapheneOS, and an Amazfit watch paired with GadgetBridge on my phone.
It's a testament to the hard work of the FOSS maintainers of these projects, and the spirit of open source, that everything works flawlessly together without any cloud service sucking up my data. For example, I can control youtube and music playback on my laptop with my watch because KDE Connect syncs my laptop and my phone, and gadgetbridge syncs the phone and the watch. The breezy weather app on my phone can automatically push its data to gadgetbridge which in turn pushes the data to the watch. And so on. So many little things, developed independently, working like a single well oiled machine.
I tried GadgetBridge because it cannot sync the activity files (.fit and/or .gpx) so I still had to plug the watch into a computer to keep the actual data.
So I ended installing ActivityLog2[0] to do something with the files I had to have on desktop and GadgetBridge was of little use because relying on GadgetBridge without actually syncing the files might make me forget about doing the backup to a device I control (GrapheneOS or a computer).
As soon as GadgetBridge support syncing the files from the watch to the app (or any local folder on Android), I'll install it again and stop doing the manual backups over USB. Syncthing will do it automatically.
[0] https://github.com/alex-hhh/ActivityLog2
Under settings->automations->auto export, you have "Auto export zip" where you can specify export interval. The zip file includes all the data (personally, I only see .fit files) from your app. For sync, you might have to use something like syncthing.
Garmin watches seem quite open even without that. I have all my data syncing to influxdb every 15min for a Grafana dashboard and it works great.
In background I also have Withings scale sync the measurements a couple of times a day to Garmin.
How do you sync the data out of Garmin? Something like https://github.com/matin/garth, or syncing directly from the watch?
Probably the reason why Garmin watches are well supported by GadgetBridge
I didn't need anything more on my to-do list, but this is intriguing.
Setting up GadgetBridge is very easy since it's just an android app. No flashing firmware etc. However, not all gadgets are equally supported, and you should check the support status of your device - https://gadgetbridge.org/gadgets/ (I bought my watch only after checking that page for compatibility).
Alternatively, consider PineTime, which even offers a choice of the OS it runs: https://pine64.org/documentation/PineTime/
> And once you are on GrapheneOS, break free from your proprietary watch ecosystem and switch to GadgetBridge
Then switch back to Google/Apple after half a year when you discover that you can’t run
- your banking app - any government app - the app required to access large sports events - the pandemic tracking app without which you can’t enter an airport - various other random apps
because they ALL detect that you’re running on a phone with an unlocked bootloader and will flat out refuse to start. And for many of those, there is no legal alternative.
(The extent of this varies depending on where you live, of course.)
Most banking apps work perfectly, most government apps work perfectly, etc. It is only an exceptionally small subset of apps using anticompetitive measures such as play integrity.
Also, do not leave your bootloader unlocked. That is an incomplete GOS install and you will need to lock it to secure your device. Not locking it is both insecure and will make a much higher number of apps fail.
You can lock the bootloader again with GrapheneOS and many banking apps work.
You won't pass Google Play hardware attestation that way, and you won't find a bank in Europe or the UK that doesn't require that to log on to their website within five years.
You pass basic, but not device or strong integrity. This is purely googles fault and is an artificial limitation that requires regulatory restrictions.
My bank works fine after relocking (in NL, Europe). And last time I checked all Dutch banks work. My VISA credit card app (from ICS) also works. Same for the government identification app, the government message app, our insurance app. In fact, I haven't encountered anything outside of Google Pay that didn't work.
(I don't deny that there are apps that won't work. Best to check before switching full-time.)
> - the pandemic tracking app without which you can’t enter an airport
Not sure if airports specifically used another mechanism, but the Android contact tracing APIs were actually reimplemented in microG, allowing these apps to work even on custom roms.
Your other examples don't hold universally either (banking apps are compatible with un-rooted custom ROMs more often than not, and not sure how many sports event apps use integrity checks), but your general point stands that it may come with trade-offs.
YMMV. I run sandboxed Google Play Services on GrapheneOS so almost every app works. My digital payments app works, and the same with most government apps I have tried. My private bank's app doesn't work, but I just use their website for the handful of times a year I need to access it.
Does NFC work with those digital payment apps on Graphene?
In India we use QR codes for payments. NFC in general does work (for example, I use a yubikey for 2FA).
No banking app on phone because why; no government app because oh fuck why, whats wrong with your government (at least in primary phone and I never needed secondary); app for sport events - thats just me but I prefer doing sports rather than passively watch them, so 0 loss; pandemic what? its 2026 and I never saw such requirement in Europe, Africa nor Asia; no other app requires that.
Thats not coming from some paranoid security person, just regular (software dev) joe.