The main difference is that GrapheneOS prioritizes security hardening first and foremost (above usability or compatibility). /e/OS focuses on privacy (i.e. reducing data leakage to adtech) and usability over security.
To put it concretely, GrapheneOS recommends running all the proprietary Google apps in a locked "sandbox" so they can't read data on the phone outside the sandbox -- but obviously Google still gets to see everything you do in their apps. /e/OS tries to provide [largely but not entirely FLOSS] alternatives (e.g. their own Maps app, their own email, their own calendar) that make your phone usable out of the box without Google software.
> but obviously Google still gets to see everything you do in their apps
Well, the actually scary part of google services is that they have this quasi-elevated access in your phone where it can do a lot of stuff ordinary android services just can't do. E.g. google maps' location sharing works this way (but don't quote me on that).
GrapheneOS managed to "put it back into the bottle", and it runs as a regular android service anyone could write, with the same rules applying. So you have much more control on what you allow it, and this will also limit what data apps relying on google services can leak about you.
[dead]
> security hardening first and foremost (above usability or compatibility).
Right. Something that GrapheneOS boosters often fail to mention. It's not like those guys at Google are just idiots and don't know how to make a hardened allocator. Android uses a different hardened allocator that is much, much faster and uses less space. GrapheneOS is slower and uses more memory.
I assume this is all technically correct, but in practice I've not noticed any speed difference between stock Pixel and GrapheneOS. Maybe their Vanadium browser when tab switching, that feels slow, but I wasn't planning on being part of the Chromium monoculture anyway so this doesn't matter to me
That's great and, of course, only your experience matters to the choice of which OS you use. I just don't want people to get the impression there are no tradeoffs.
Another tradeoff GrapheneOS makes is because of the way they configure the USB port makes it more possible that you will irreversibly brick your phone by accident. You could say that the USB management is the only really material difference between Android and GrapheneOS when it comes to a law enforcement search threat model, but that also comes with a tradeoff.
Not sure if I'm understanding you right, but I wasn't saying that my experience is the only one that matters. Just that it's not a thing one notices in practice, at least not under conditions I've experienced (I figure a reader can fill in that last bit for a comment written in the first person). Saying AOSP's is "much, much faster" suggests it would be noticeable and afaik it's not (at human timescales), so I wanted to add that info to the thread
Good point about the USB thing btw. It's obvious to me and the reason why I go one step further and leave USB debugging always enabled now that there's this private key authorisation method anyway (it asks for computers whose key it doesn't yet trust), but indeed a lot of users might follow GrapheneOS' advice without realising
I just want to note that I believe the default setting is that data is disabled for the USB port when the phone is locked except after a reboot (before unlocking the phone for the first time), so if you break your screen you have the option to use the keyboard if you reboot the phone.