The problem with GrapheneOS as a way to protest what Google is doing with Android is that you have to buy a Google Android device to be able to use it. Buying a Google device to be able to protest what Google is doing with their Google devices seems counter productive.
I don't know how good /e/OS is, but at least there is a place to get it factory loaded on cell phones and install it on phone brands other than Google.
And then there is Lineage OS, which I've had good luck using the extend the life of phones in the past. I haven't tried it since Play Integrity started being such an important feature, but I suppose that just pushes one to be even more open source on their Lineage device. I've been wanting to try Lineage again, but I misplaced the phone I want to try it on.
Better, but supporting the resale market still improves the appeal for new buyers who plan to eventually sell.
lawn 14 hours ago [-]
GrapheneOS is luckily working with another OEM but that's still 1-2 years away.
Buying a phone from Google is hardly ideal, but the effect is limited by the earnings being nothing but a blip in the grand scheme of things. Having an alternative OS is important enough to offset it IMO.
pjmlp 1 days ago [-]
The fallacy is that AOSP (which GrapheneOS forks from), and Chromium used to install it, are both dependendent on Google engineers, money, and the willigness to keep the platforms open, to some extent.
neodymiumphish 1 days ago [-]
Is your alternative that someone should build a complete from-scratch alternative OS that can still be booted on the same hardware?
For the time being, AOSP and Chromium are still open source, so why not piggy-back off of all that labor and development to provide what GrapheneOS users want at minimal cost and effort?
42lux 1 days ago [-]
Sailfish is alright.
pdimitar 15 hours ago [-]
Do you have experience daily-driving it? Any prominent negatives?
42lux 14 hours ago [-]
I use it on an XA2, which is a bit of an older phone, but even there it runs fine. Sometimes the Android apps slow down and you have to relaunch the application layer, but that's just one click and takes about 5 seconds. That said, most Android apps run fine. All the enterprise stuff works great (Okta, MS Authenticator, Exchange etc.). Native Apps are a bit hit and miss but development is rather easy.
I'd say the biggest pain point is that Google Maps doesn't work because of the lack of Google Play Services. The missing Maps/Play Services also breaks apps that rely on the maps API. Most of them just fall back to not showing a map at all while the rest of the app functions normally, but it's still an inconvenience. For turn by turn navigation I switched to HERE Maps which works without problems.
tpoacher 3 hours ago [-]
i used to have a jolla and loved my sailfish phone ... until the phone died and i could fix it ...
sailfish itself was great though. admittedly the android compatibility layer really helped though
pjmlp 1 days ago [-]
If the goal is to be fully free from backdoors and development being cutted out at any time, yes.
neodymiumphish 1 days ago [-]
If the source is fully open (it is) than detecting and disabling backdoors is completely possible. Not to mention the fact that other OS projects face the same risks.
If Google cuts development of AOSP in favor of some closed-source alternative, the GrapheneOS team could simply continue development of AOSP on their own.
wolvesechoes 1 days ago [-]
> If the source is fully open (it is) than detecting and disabling backdoors is completely possible
There exists a possible world where a group of underpaid FOSS devs forked Chromium and AOSP and effectively developed it further.
But it is not our world.
> the GrapheneOS team could simply continue development of AOSP on their own.
They won't be able to do so.
neodymiumphish 6 hours ago [-]
Which makes the idea that a group like them could build their own OS from scratch all the more unattainable... That's the point I'm trying to make. At least if Google ever drops AOSP, it would be when it's still an intact OS available to continue development on. Additionally, I suspect a group like Graphene could get a lot more support developing AOSP's replacement in that instance, considering how many other manufacturers and devices utilize AOSP-derived software.
twelvedogs 1 days ago [-]
Graphene relies on a lot of closed source driver code I would imagine
mindslight 22 hours ago [-]
If you define the goal that way, then you actually need to clear a much higher bar of making your own hardware. Personally I'd much rather maintain a long term fork of AOSP than have to design, market, sell, and support a new device.
msgodel 1 days ago [-]
Desktop Linux works very nicely on smartphones actually provided all the drivers are there. I lived with a PinePhone running FVWM on Xorg for a couple years and if the hardware didn't crumble away I'd still be using it today.
No need to "build a complete from-scratch alternative OS" when that was already done 30 years ago.
nolist_policy 18 hours ago [-]
Did you actually use it as a phone?
msgodel 17 hours ago [-]
Yes although mostly over VOIP. Voice calls aren't actually very complex though of you prefer using those directly.
gradientsrneat 1 days ago [-]
A fallacy which the author acknowledges.
> "I guess the best way to degoogle right now is to buy from Google"
Google has a monopoly on sort-of-open-but-not-really smartphones. And interoperability on ARM desktop isn't looking pretty either.
pjmlp 1 days ago [-]
This looks the same kind of situation when I noticed FOSDEM corridors started to be full of Apple laptops, but apparently the irony is lost on new generations.
hungmung 1 days ago [-]
I remember about 10 or 15 years ago somebody pointed out that a big chunk of the GNOME devs used Apple laptops, even at public appearances, and it answered a lot of my questions about the state of the project.
(and I say this as a user of GNOME)
jajuuka 1 days ago [-]
They really don't. It's just that development of custom roms like GrapheneOS are centered around Pixels. Plenty of other devices have unlockable bootloaders. The custom rom scene though is so small that concentrating on a couple devices is the only way to keep development moving forward though. Same reason why Asahi Linux is the only option on Apple Silicon Macs.
wkat4242 1 days ago [-]
Many have unlockable bootloaders (though the number is rapidly declining with Samsung closing up). But not many have relockable bootloaders. This is one of the things that grapheneos have set as a minimum standard, hence the reliance on pixels. There's a few other specific things that the titan chip provides which they rely on but the relocking is the main thing.
ycombinatrix 1 days ago [-]
To be more specific - relockable with a custom AVB key. I think most devices can relock with the default Google AVB key.
wkat4242 24 hours ago [-]
Well they can but not with custom firmware installed. As grapheneos is custom firmware, the google key makes no sense in this context.
subscribed 17 hours ago [-]
"unlockable bootloader" is the requirement to flash anyone alternative on the phone, yes, but the GrapheneOS you mentioned will support _any_ device that is "flashable" and secure enough: https://grapheneos.org/faq#future-devices
Currently it's only Pixels from 8 up.
Other alternative firmware projects don't seem to be too concerned about security (eg they don't support relocking bootloader, don't support secure boot, don't release patches for months), so they're not really in the same ballpark ALTHOUGH I agree that they still might be better option than stock OS on the device abandoned by the vendor.
subscribed 20 hours ago [-]
There's simply no choice with hardware now if someone wants it to meet some secure baseline.
No other vendor makes secure android hardware.
hoppp 8 hours ago [-]
The more I read about google removing sideloading the more I feel like the internet has become an animal farm from George Orvell, and we are on one side of the fence. Are we on the farm or outside looking in?
hollow-moe 1 days ago [-]
Imo, Graphene wants to be a "Google certified" ROM OEM, they don't make devices but software. A good and secure ROM for sure but they're still begging them for Play Integrity[1] and "sandboxing" GMS isn't fighting Google.
[1] https://grapheneos.social/@GrapheneOS/112878070618462132
gausswho 1 days ago [-]
This is not what they've claimed. Their pursuit of their own hardware phone next year could rattle the phone duopoly. If, and a big if, the intelligence agencies of the world will allow it to be sold.
jajuuka 1 days ago [-]
If Pine64 can't pull it off with millions in funding then I'm not sure how Graphene is going to accomplish that.
gausswho 1 days ago [-]
Those operations, much as i respect them, did not reach the attention that GrpaheneOS has. Have they reached a takeoff velocity that more principled players didn't? Wouldn't be the first time we sang that chorus.
pjmlp 21 hours ago [-]
As someone seeing this going on since OpenMoko, was at Nokia when Nokia 770 Internet Tablet was shown to employees for feedback before going public, it has always been the same story regarding getting these devices actually flying off the shelves from consumer shops.
Some enjoy more attention than others, savy people buying them online, and eventually fade away for the next attempt, while general public continues unaware of their existence.
gausswho 19 hours ago [-]
This too is part of a pattern. Punk followed rock and roll. Is GrapheneOS the band that brings the culture? I wanna say yes on its own merits, but it's the political buffoonery that makes me think it's caught some lightning in a bottle.
subscribed 20 hours ago [-]
No, they aren't begging?
They wrapped Google services into sandbox for users relying on done software (with great success, even Android Auto works), and raise Play Integrity lie/false security with developers and regulators (Google claims a handset without security updates for years is safe).
There's better (standard aosp) attestation mechanism GoS fully supports and which is supported by slowly growing number of developers (including banks).
subscribed 17 hours ago [-]
s/done software/some software/, sorry
jasonvorhe 1 days ago [-]
"Taking legal steps" isn't "begging" though.
playforclaude 1 days ago [-]
There is no winning. Get an iPhone, or a dumbphone.
jamesnorden 14 hours ago [-]
I've noticed in this type of thread that the typical HNer can't fathom that people like using Android as an OS and they're not using it solely because you can sideload apps or install custom ROMs. Maybe there's a name for that.
playforclaude 10 hours ago [-]
The article in question almost entirely focuses on those topics, so such comments are entirely relevant.
There's nothing special about liking Android as an OS. I'm sure it applies to practically everyone who has an Android phone :-).
wkat4242 1 days ago [-]
An iPhone is even less open
playforclaude 1 days ago [-]
None of these options are "open". You just have to decide what you really want from a communications device.
jasonvorhe 1 days ago [-]
A Pixel with GrapheneOS is pretty much as open as it gets. Any iPhone or Samsung is a downgrade from that.
playforclaude 1 days ago [-]
How do you see that playing out in the medium to long term? Google have made it very clear that they're done with the "open" side to Pixel, and they have comparatively unlimited resource to throw at the issue.
tiagod 1 days ago [-]
GrapheneOS team have published that they're working with a smartphone manufacturer that is working on releasing a phone that matches their security requirements.
wkat4242 24 hours ago [-]
But even then, Google will keep hampering AOSP efforts too in the long run.
They're also introducing a new requirement that sideloaded apps must be validated by them.
akimbostrawman 20 hours ago [-]
Which is irrelevant because GOS does not by default implement Google playstore and play services that have that limitation.
If Google implements the same play services sideloading limitation in AOSP which is unlikely, it can be removed like anything else because it's open source.
playforclaude 10 hours ago [-]
You missed the primary issue OP mentioned, which is that ASOP is becoming a smaller and smaller part of the entire OS, and there's an ever-increasing amount of work needed to make it work on a real phone.
subscribed 20 hours ago [-]
Still, GOS team have confirmed they are able to unlock bootloader, flash custom keys and relock it on the new Pixel 10, so?medium term seems to be safe.
They previously ported Android 16 within 2 weeks on all the supported devices despite obstacles.
It's not so bad.
playforclaude 10 hours ago [-]
That just means that the Pixel 10 meets their security requirements. Porting this time around will require a significant amount more work (if it's even possible), due to various changes in the way Google publishes updates to ASOP.
I don't know how good /e/OS is, but at least there is a place to get it factory loaded on cell phones and install it on phone brands other than Google.
And then there is Lineage OS, which I've had good luck using the extend the life of phones in the past. I haven't tried it since Play Integrity started being such an important feature, but I suppose that just pushes one to be even more open source on their Lineage device. I've been wanting to try Lineage again, but I misplaced the phone I want to try it on.
https://eylenburg.github.io/android_comparison.htm
Buying a phone from Google is hardly ideal, but the effect is limited by the earnings being nothing but a blip in the grand scheme of things. Having an alternative OS is important enough to offset it IMO.
For the time being, AOSP and Chromium are still open source, so why not piggy-back off of all that labor and development to provide what GrapheneOS users want at minimal cost and effort?
I'd say the biggest pain point is that Google Maps doesn't work because of the lack of Google Play Services. The missing Maps/Play Services also breaks apps that rely on the maps API. Most of them just fall back to not showing a map at all while the rest of the app functions normally, but it's still an inconvenience. For turn by turn navigation I switched to HERE Maps which works without problems.
sailfish itself was great though. admittedly the android compatibility layer really helped though
If Google cuts development of AOSP in favor of some closed-source alternative, the GrapheneOS team could simply continue development of AOSP on their own.
There exists a possible world where a group of underpaid FOSS devs forked Chromium and AOSP and effectively developed it further.
But it is not our world.
> the GrapheneOS team could simply continue development of AOSP on their own.
They won't be able to do so.
No need to "build a complete from-scratch alternative OS" when that was already done 30 years ago.
> "I guess the best way to degoogle right now is to buy from Google"
Google has a monopoly on sort-of-open-but-not-really smartphones. And interoperability on ARM desktop isn't looking pretty either.
(and I say this as a user of GNOME)
Currently it's only Pixels from 8 up.
Other alternative firmware projects don't seem to be too concerned about security (eg they don't support relocking bootloader, don't support secure boot, don't release patches for months), so they're not really in the same ballpark ALTHOUGH I agree that they still might be better option than stock OS on the device abandoned by the vendor.
No other vendor makes secure android hardware.
Some enjoy more attention than others, savy people buying them online, and eventually fade away for the next attempt, while general public continues unaware of their existence.
They wrapped Google services into sandbox for users relying on done software (with great success, even Android Auto works), and raise Play Integrity lie/false security with developers and regulators (Google claims a handset without security updates for years is safe).
There's better (standard aosp) attestation mechanism GoS fully supports and which is supported by slowly growing number of developers (including banks).
There's nothing special about liking Android as an OS. I'm sure it applies to practically everyone who has an Android phone :-).
They're also introducing a new requirement that sideloaded apps must be validated by them.
If Google implements the same play services sideloading limitation in AOSP which is unlikely, it can be removed like anything else because it's open source.
They previously ported Android 16 within 2 weeks on all the supported devices despite obstacles.
It's not so bad.