Do you run into issues with apps not supporting it? Things like banking or auth? That is the main complaint I see for alternative phone OSes, and I don't know if that has gotten any better.
I've been dailying GrapheneOS for more than 2 years. I haven't had any issues with any of my bank apps. Although there are apparently some that do block usage on non-google-certified OSs. The only limitation in my use cases pre-GrapheneOS that I've found is not being able to make NFC payments through Google Wallet, but I found a bank in my country whose app implemented NFC payments, and made an account with them to be able to convenintly pay with my phone.
edit: and I'd like to add, GrapheneOS brought me back the joy of using my phone. Since 2018 or so I started to dread my phone (and the internet) more and more. Installing GrapheneOS brought back the joy on using these marvelous computers (and self-hosting brought back the joy of using the internet)
GrapheneOS user here, on my only phone, aka my daily.
I love my phone and when I replace it, I will be flashing GrapheneOS again. This is my second phone with it so far, and roughly year 4 or 5.
With that said, it isn't for everyone. I definitely remember some issues upon first install, a learning curve if you want to call it that. I also introduce intentional obstacles in certain "workflows" in my life that dissuade certain usage, like excessive social media use. With that said, I no longer remember what I introduced myself and what was an OS characteristic. I do remember having frustrations with most banking apps IF I didn't log into the play store mirror. Since I'm "hardcore" and am not willing to sign into a Google product on my phone, they just don't work. However I don't think they would be an issue for most people.
If you are on the fence, you can make a backup of your phone, try it out, and if you don't like it, you can reinstall the default Android and restore your backup. I've done it before when I used my previous GrapheneOS phone for store credit for my next phone, and figured they'd want a factory reset default OS on there.
The first is the anti-trust angle. Some subset of bank apps don't work because of attestation and that's a significant barrier to adoption for switching to competitors, so it ought to be an anti-trust violation for the platform to do that.
The second is, you try it and discover that your bank doesn't work. If you want it bad enough you can switch banks, and the fact that it doesn't work is a signal that your bank has a weak security team who is just cargo culting deleterious vendor nonsense without evaluating whether it has any real security value.
(The use case for attestation is completely orthogonal to bank apps because it can't prevent credential stealing from compromised phones running a fake app since the fake app won't require attestation, and it can't prevent attackers from using stolen credentials to transfer funds because once they have the credentials they can just use a normal phone, and that's the case even if the attestation was completely airtight, which it isn't. Meanwhile the devices that can pass attestation are generally more vulnerable because it implies they're running the more-likely-to-be-outdated OS that came with the device rather than a third party upgrade with more recent patches, so they're essentially encouraging their customers to not upgrade their OS. Banks that do this are wearing clown makeup and you have to ask if you trust them with your money.)
The replies whenever this question is asked remind me of when I used to have a Windows Phone and was trying to convince myself it was the best phone on the market. Yeah, I couldn't use YouTube because Google blocked Microsoft's YouTube app; and I wasn't able to deposit my paychecks because my bank didn't have a Windows Phone app or mobile deposit support on their website; and sure, using Messenger or Snapchat (which was exploding at the time) meant using somebody's reverse-engineered WP version of those apps...
But look at all the information I can get from the Live Tiles! Oh and isn't Cortana neat! A little more self-flagellation for the penitent ones who've traded corporate app stores for daily inconvenience.
Whatever issues I've run into I've been able to work around. I don't use tap-to-pay with the phone at all so that's not an issue. The things I get in return for using GrapheneOS all outweigh any downsides.
My bank detected someone logging in with my password from a GrapheneOS phone and made me change my password and scan my face. That was dumb.
With that out of the way, and the device now seemingly authorized, it still doesn't work, because when I log in, the app restarts. That could be a real compatibility problem.
Yeah, I tried that out last year when this whole debacle was announced for the first time.
I'm not going back to paying without my phone. So yeah, I'm not going to a free platform either.
the choice really is mostly down to Google's Android or iOS - unless you're ready to make sacrifices. If you are... More power to you! I'm not (at this point in my life) right now.
Unfortunately, there is no way to use Google Pay on it. I'm all for trading some convenience for privacy, but not having to carry all my cards is too much of a convenience for me :(
Graphene sounds great in theory. Until you read the device compatibility page and see you're still at the mercy of Google. In order to support graphene you must first pay Google for one of the most expensive android devices on the market. Oh and Google never sold this device in my country so I guess I'm out of luck even if I wanted to do that.
> Until you read the device compatibility page and see you're still at the mercy of Google.
Alternate take: good. I'd rather the GrapheneOS team pick standardized (if limited) hardware configurations to support and then spend their (many multiples less than Google) resources on the platform rather than device compatibility.
The Android OEM diversity mean the time/economics of supporting every phone with a non-Google OS were never going to work, and I'd rather have it working well on a limited number of platforms than poorly on more.
Firmware engineering and patching sucks and delivers little value to the user, because best case (you solved the issue or patched the hardware errata) something basic that a user expects is now working.
Nobody is going to switch to a platform because a phone can now make calls. Even if there are 1000+ human hours in patching some cheap clone LTE chip it uses.
Motorola devices that match the GrapheneOS requirements are coming next year. It's good thing they're not compromising on hardware requirements that would undermine the goals of the project. If there's anyone to blame it's the dismal state of affairs on the hardware security side of my most Android phone manufacturers.
Don't pay taxes. Steal cars, punch Trump, call a black person the N-word ... see how it goes
Paper and pencil offer a far more blank canvas compared to the very specific hardware constraints of a phone, and ecosystem of software limited to the common languages
Software dev and use is, comparatively, heavily constrained and on rails compared to sitting by a tree and imagining
To buy the phone ones agency is coupled to the subset of legitimate options to make money
Same for electricity to charge it, battery replacement, screen repair if it breaks.
Or choose freedom. I've been enjoying GrapheneOS for a couple of years now and recommend it.
Do you run into issues with apps not supporting it? Things like banking or auth? That is the main complaint I see for alternative phone OSes, and I don't know if that has gotten any better.
I've been dailying GrapheneOS for more than 2 years. I haven't had any issues with any of my bank apps. Although there are apparently some that do block usage on non-google-certified OSs. The only limitation in my use cases pre-GrapheneOS that I've found is not being able to make NFC payments through Google Wallet, but I found a bank in my country whose app implemented NFC payments, and made an account with them to be able to convenintly pay with my phone.
edit: and I'd like to add, GrapheneOS brought me back the joy of using my phone. Since 2018 or so I started to dread my phone (and the internet) more and more. Installing GrapheneOS brought back the joy on using these marvelous computers (and self-hosting brought back the joy of using the internet)
GrapheneOS user here, on my only phone, aka my daily.
I love my phone and when I replace it, I will be flashing GrapheneOS again. This is my second phone with it so far, and roughly year 4 or 5.
With that said, it isn't for everyone. I definitely remember some issues upon first install, a learning curve if you want to call it that. I also introduce intentional obstacles in certain "workflows" in my life that dissuade certain usage, like excessive social media use. With that said, I no longer remember what I introduced myself and what was an OS characteristic. I do remember having frustrations with most banking apps IF I didn't log into the play store mirror. Since I'm "hardcore" and am not willing to sign into a Google product on my phone, they just don't work. However I don't think they would be an issue for most people.
If you are on the fence, you can make a backup of your phone, try it out, and if you don't like it, you can reinstall the default Android and restore your backup. I've done it before when I used my previous GrapheneOS phone for store credit for my next phone, and figured they'd want a factory reset default OS on there.
There are essentially two separate issues here.
The first is the anti-trust angle. Some subset of bank apps don't work because of attestation and that's a significant barrier to adoption for switching to competitors, so it ought to be an anti-trust violation for the platform to do that.
The second is, you try it and discover that your bank doesn't work. If you want it bad enough you can switch banks, and the fact that it doesn't work is a signal that your bank has a weak security team who is just cargo culting deleterious vendor nonsense without evaluating whether it has any real security value.
(The use case for attestation is completely orthogonal to bank apps because it can't prevent credential stealing from compromised phones running a fake app since the fake app won't require attestation, and it can't prevent attackers from using stolen credentials to transfer funds because once they have the credentials they can just use a normal phone, and that's the case even if the attestation was completely airtight, which it isn't. Meanwhile the devices that can pass attestation are generally more vulnerable because it implies they're running the more-likely-to-be-outdated OS that came with the device rather than a third party upgrade with more recent patches, so they're essentially encouraging their customers to not upgrade their OS. Banks that do this are wearing clown makeup and you have to ask if you trust them with your money.)
The replies whenever this question is asked remind me of when I used to have a Windows Phone and was trying to convince myself it was the best phone on the market. Yeah, I couldn't use YouTube because Google blocked Microsoft's YouTube app; and I wasn't able to deposit my paychecks because my bank didn't have a Windows Phone app or mobile deposit support on their website; and sure, using Messenger or Snapchat (which was exploding at the time) meant using somebody's reverse-engineered WP version of those apps...
But look at all the information I can get from the Live Tiles! Oh and isn't Cortana neat! A little more self-flagellation for the penitent ones who've traded corporate app stores for daily inconvenience.
Whatever issues I've run into I've been able to work around. I don't use tap-to-pay with the phone at all so that's not an issue. The things I get in return for using GrapheneOS all outweigh any downsides.
My bank detected someone logging in with my password from a GrapheneOS phone and made me change my password and scan my face. That was dumb.
With that out of the way, and the device now seemingly authorized, it still doesn't work, because when I log in, the app restarts. That could be a real compatibility problem.
Yeah, I tried that out last year when this whole debacle was announced for the first time.
I'm not going back to paying without my phone. So yeah, I'm not going to a free platform either.
the choice really is mostly down to Google's Android or iOS - unless you're ready to make sacrifices. If you are... More power to you! I'm not (at this point in my life) right now.
Unfortunately, there is no way to use Google Pay on it. I'm all for trading some convenience for privacy, but not having to carry all my cards is too much of a convenience for me :(
I've heard of people using curve pay instead.
Graphene sounds great in theory. Until you read the device compatibility page and see you're still at the mercy of Google. In order to support graphene you must first pay Google for one of the most expensive android devices on the market. Oh and Google never sold this device in my country so I guess I'm out of luck even if I wanted to do that.
> Until you read the device compatibility page and see you're still at the mercy of Google.
Alternate take: good. I'd rather the GrapheneOS team pick standardized (if limited) hardware configurations to support and then spend their (many multiples less than Google) resources on the platform rather than device compatibility.
The Android OEM diversity mean the time/economics of supporting every phone with a non-Google OS were never going to work, and I'd rather have it working well on a limited number of platforms than poorly on more.
Firmware engineering and patching sucks and delivers little value to the user, because best case (you solved the issue or patched the hardware errata) something basic that a user expects is now working.
Nobody is going to switch to a platform because a phone can now make calls. Even if there are 1000+ human hours in patching some cheap clone LTE chip it uses.
Motorola devices that match the GrapheneOS requirements are coming next year. It's good thing they're not compromising on hardware requirements that would undermine the goals of the project. If there's anyone to blame it's the dismal state of affairs on the hardware security side of my most Android phone manufacturers.
This will not help you in your country, but in places where it is sold, you can buy used one of the prior generation phones, which are also supported.
My plan is to follow and hop on this train, hope it’s available in other countries also:
https://news.ycombinator.com/item?id=47214645
Uh huh. Freedom. In some empty rhetorical sense. Meanwhile you still have 99.999% of the usual obligations.
Go freely walk out your local supermarket without paying.
But your Android phone is unlocked #winning
Are you comparing installing apps on your phone to theft?
>Go freely walk out your local supermarket without paying.
that's your definition of freedom?
It's an example of constraints that still apply.
Don't pay taxes. Steal cars, punch Trump, call a black person the N-word ... see how it goes
Paper and pencil offer a far more blank canvas compared to the very specific hardware constraints of a phone, and ecosystem of software limited to the common languages
Software dev and use is, comparatively, heavily constrained and on rails compared to sitting by a tree and imagining
To buy the phone ones agency is coupled to the subset of legitimate options to make money
Same for electricity to charge it, battery replacement, screen repair if it breaks.
Really just quickly becomes a ball and chain
So free!
Beauty is in the eye of the beholder. I use Android and iOS regularly and while Android's ugly, it's slightly less ugly.
GrapheneOS.