this post was submitted on 05 Jan 2024
43 points (100.0% liked)
Free and Open Source Software
17931 readers
77 users here now
If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Don't root your GrapheneOS system. This site offers a great summary why it's bad. Root and Magisk are huge increases in attack surface and microG isn't recommended either, as it requires root for basic functionality. GrapheneOS has created Sandboxed Google Play services, which takes the official Google Play services binary and runs them in the normal Android application sandbox. This is more private and secure than both the implementation on the Stock OS and microG. Most banking apps work on GrapheneOS with Sandboxed Google Play services, no need for root. In fact, root decreases your chances of getting banking apps to work, because a rooted device can't pass Google Play device integrity checks (previously known as SafetyNet).
I've been pretty meh on GrapheneOS, haven't actually used it, usually lean towards LineageOS, but the sandboxed Google Play feature sounds pretty interesting.
Unfortunately, LineageOS is pretty insecure. Worse than stock Android. https://madaidans-insecurities.github.io/android.html#lineageos
Does Lineage actually have any advantages over Graphene?
Well, it works on more than 10 phone models. The criticisms in the post are valid, certainly, but that doesn't help much if my device isn't supported.
Honestly, the stock ROM on most phones is probably better than LineageOS. I would stick to that, maybe use the Universal Android Debloater to remove some of the crap and eventually get a Pixel with GrapheneOS.