Comment by hkgvk

13 hours ago

The only reason I have not switched Graphene is because for reasons I do not understand, Graphene OS is very closely tied with Google hardware.

I bought a /e/os Fairphone instead.

Those reasons are explained clearly and openly. Ironically, your /o/OS is way less open than GOS on Google hardware.

  • How is /e/ less open than Graphene? As far as I understand, they are both pretty open minus firmware that they can't control?

    I'm actually curious if there's something I don't know about /e/

  • I just want to be as far from Google as I can. I do not want to buy google hardware. Graphene does not allow me to do that.

    • Not only you use Android OS developed by Google, somehow you choose a less open OS distribution, exposing you MORE to Google and their shit, only because you don't want to use their hardware that happens to actually be as open as it gets, including the firmware?

      Why do you choose to die on that hill? It's ridiculous!

Pixels are consistently "third party Android builds friendly", plus GrapheneOS has a list of required security features (beyond their control): https://grapheneos.org/faq#future-devices

e.g. first one in the list:

> Support for using alternate operating systems including full hardware security functionality

GrapheneOS wants users to lock the bootloader (≈enable Secure Boot) after install by providing user signing keys (avb_custom_key) -- that already seems to leave only Pixel, Nothing and Fairphone.

https://github.com/chenxiaolong/avbroot/issues/299

I bought a second hand pixel when I had to buy a new phone. Still better for the planet than buying a new fairphone anyway.

It's because only Pixel devices have proper hardware security to build anything secure on top.

  • Hardware security is irrelevant to me. I just want to leave Google behind me. I do not want Google's hardware.

Sigh, /e/OS.

Your phone is running proprietary Google DroidGuard blobs in a privileged process every time an app initiates a Play Integrity request.

If you install some Google apps like Google Maps, they are run with more privileges than other apps (their microG fork gives apps elevated privileges when they match certain Google signing key fingerprints).

Also, your device is running a firmware bundle provided by Fairphone's Chinese ODM, including TCL image processing blobs. Your phone will soon run an ancient kernel and firmware tree with many known critical CVEs.

But this all doesn't matter anyway, because security hardening is only for spies and pedophiles according to the CEO of Murena (the company that makes /e/OS).