I’ll hold off on a new phone to watch for this. Android could be great without Google’s nonsense. An OS that has high end hardware support and continues to work on convergence with desktop Linux both by the communities development and Google’s
Exactly. Google is evil, and I don’t want Google-related things on my phone.
Every cell phone manufacturer has some interest in diversifying the operating systems. Because Google develops Android and sells its own cell phones, it has an unfair market edge. And now Google is threatening to filter out apps that it doesn’t like which makes the risk even higher.
So we can be sure all of the other major manufacturers of Android phones have considered if they’d like to support other distributions.
Maybe they will make deal with other distributors to ship their exclusive app stores and so that would be a good economic move for them
All I know is that whoever partners up with PostmarketOS, Mobian, and Ubuntu Touch will win big
manufacturer will offer GrapheneOS support on future versions of their existing models, priced similarly to Pixels.
Great, so I still won’t afford it…
I paid $120 for each Pixel I own.
I refuse to pay a premium to have the “latest and greatest gadget”
How’s the battery life so far on the phones you’ve had?
Pixels will be supported until EoL. You can get a used Pixel 8a or 9a, which will get supported until May 2031 and April 2032 respectively. Both feature modern, important hardware security features, such as the ARM memory tagging extension.
Please be Motorola and put it on my Razr+…
I’m hoping for motorola too.
Don’t know if that’s an existing phone because from what I read the new integration will be for a new/next gen device. So not anything that’s on the market now
Yah, a guy can dream though, can’t he?
Hope for Motorola but for some reason I want to put a guess in for LG
LG who exited the smartphone market in 2021?
FR?
Yeah mate, long gone. Real shame that, loved their V-series.
oops all Xiaomi!
largest market share outside of Samsung and Apple.
Add Nokia, Brax, and other smaller phone companies that actually value privacy, open-source, repairability, linux, and consumer-friendly then we got a deal
Brax?? Lol
Hey I don’t know a whole lot about it but it seems kinda interesting
Some are saying dude is a snake-oil saleperson. Idk always felt a bad vibe about that youtube channel.
Yes definitely never buy anything from him
But if google goes on with locking out the app store with the developer verification bs, how would would this play into that? If Aurora won’t install the app or the app won’t run, then we’ve accomplished little in that area. I’m really hoping I’m missing something.
Custom ROMs should be able to disable the checks. My bigger concern is what it does to the open app ecosystem as a whole.
TBH I would actually expect GrapheneOS not to disable these checks. GrapheneOS devs pride themselves to have the best implementation of the official Android security model, and enforcing signature checks is likely part of that…
They might add additional certificates I guess, to allow their own apps, and maybe a selected few others.
Except this ‘signing’ is more of a control feature than a security feature. Just because Google markets it as a security feature doesn’t mean it is.
Well… The Android security model, as it is implemented in stock android and GOS, is about top down control, the full trust is given to the system vendors, not the end users. No rooting for instance. From this perspective not allowing installation of apps that cannot be blocked by the system vendor, fits well with that model.
TBH, I am not a fan of that security model. And this is my critique of GOS. It doesn’t allow the user full access to their device, so that they can check and control what each application is storing or sending to third-party servers. Instead it is on full security and allows apps to store and transfer information to which the user has no access to.
But the system vendor/developers would have that access, because they control the whole base system.
The focus of the Android security model and in turn of GOS is on security, at the cost of privacy or freedom.
This is incorrect. The sideloading checks are implemented in Play Protect, which needs elevated privileges to function. On GrapheneOS, Google Play services run with normal privileges, just like any other user-installed app. This means, there are no Play Protect checks in GrapheneOS, and there will never be. It would only be possible on ROMs, such as LineageOS with Gapps, where Play services are installed as system apps, running with higher privileges than all other apps.
Well, good to know.
I was thinking more about the way of Android security models, and that it would make sense for GOS to restrict available storefronts to stay consistent with their way to implement them. But good to know that it will not automatically happen just by updating the google services.
And I would also think that people would likely complain if they where to implement it in a different way.
Sandboxed Google Play is one of the key features of GrapheneOS. So far no other OS has allowed users to enjoy the full functionality of Android Auto, the Pixel LPA for managing eSIMs, and the Google Mobile Services suite (not talking about the other Pixel OS stuff) with the only exception being GPay, without full sandboxing, and without granting excessive privileges (SGP is unprivileged, the eUICC LPA obviously requires higher privileges for managing eSIMs, but it’s fully sandboxed and can’t communicate with Play services, or access the internet)
Nothing needs to be disabled, since it isn’t present in GrapheneOS in the first place. The sideloading checks are implemented in Play Protect, which needs elevated privileges to function. On GrapheneOS, Google Play services run with normal privileges, just like any other user-installed app.
But the app might refuse to run without those checks being done. Or a new format, apkx2 I don’t know, might only be able to be decrypted with the proper key and only once verification. It’s not a new tactic. I’m very, very glad to see this type of development finally happening (though, admittedly, a couple decades later than of hoped), but it’s now a new ballgame, and google owns the stadium, the seating pricing, and concessions, the parking lot, and ticketing counter. I’m concerned we’ve waited too long. What’s GOS’s plans for this? They’re, essentially, going to have to create a new ecosystem, with most of the growing pains of new ecosystems.
Finally, some good news!
Whats that?
A HW manufacturer (aka OEM) will share specs and interfaces with the GrapheneOS team, who will develop an official port for the hardware, with support and everything. The OEM will allow bootloader unlocking and maybe even ship some of these phones with Graphene preinstalled, depending on what their contract with Google allows. To this day, only Pixels have officially received GrapheneOS releases because Google has documented their hardware interfaces in AOSP. Now, AOSP is no longer developed with the Pixel as a target but a virtual device, putting the future of GrapheneOS on Pixels into question (the team refuses to use reverse-engineered hardware interfaces, as they could result in bugs: for example, many Samsung cameras only expose a 16:9 section of the 4:3 sensor in the open Camera2 API; other frequent issues with custom ROMs include VoLTE, Play Integrity and bootloader relocking).
Thanks for the detailed explanation.
the team refuses to use reverse-engineered hardware interfaces
Small correction: Current and future GrapheneOS releases for Pixels are produced by reverse-engineering Pixel OS releases. adevtool was developed together with the developer of ProtonAOSP back then, to automate extracing several components from the stock Pixel OS.
Thx
thank you for explaining
I bet on Steam /hjk
It’d be so awesome if Fairphone made a deal for Fairphone 7
Fairphone is very far from meeting GrapheneOS’ requirements: https://grapheneos.org/faq#future-devices
They also openly supported harassment of GrapheneOS developers in the past.
A lot of their marketing is very misleading, or completely false. They’re not the moral and ethical company they claim to be.
my hot take: while this is good for users in short term, in long term it just prolongs non-copyleft android OS hold for google.
my only hope for grapheneos is that they pointed that they may move from android too.
That’s the long-term plan, yeah. Moving from Linux entirely actually, as they mentioned a future microkernel project
as I said in last post, I only see copyleft as a viable alternative. too many dev efforts forked and privatized. android should have been a warning. but many devs just think open source is enough. and they still think getting adapted by big corporation will not change the direction of projects.
I am personally going in the direction of testing and helping only copyleft projects. so I skipped RedoxOS. even-though I like rust and new microkernel OSes.
If I am going to give my time to a project (small as it is) I don’t want it to end up like android.
I completely agree, and a strong copyleft licence is something that GPLv3 does much better than its predecessor, which is unfortunately why it has not been adopted by the Linux kernel. I foolishly assumed that GrapheneOS, given the values it professes, would be distributed under the GPLv3 licence, but I have now discovered that this is not the case, in a move that I frankly cannot understand. Hope that changes in the near future, but it’s not very likely to happen I guess
yea, a lot of open source projects are done by people that don’t see the point of copyleft software.
I think a lot of people just go with the 4 freedoms that RMS laid out. when I read devs’ reasons to use non-copyleft license, it boils down to “I don’t want to limit freedom of later devs even if those devs are gonna fork it and make it private”. even when they say “I don’t care” they mean the same.and they have the right to see it that way. my thinking is that humanity used to not have copyright at all. and the reason we are not living in caves is that knowledge mostly was spread (even when going from father to son only).
so I think software needs to go that way as much as it can.
I understand that developing software needs money and I even understand patents to an extent. but shit gone mad and patents are gone crazy. android is THE shining prime example of what happens even with a company that at least pretended not to go this way (that was naive to think they wouldn’t)that’s why I going to write any software I write (even though I am just starting programing) in the most copyleft license ever I find.
maybe even more stalman than gpl3.btw is there any site that explains the practical diff between gpl2 and 3? not tldr but not in details either, just maybe explain case base what happens?
Genuinely wish it’s a Chinese OEM, I’d love to run Graphene on something like the Xiaomi 17 Pro
Chinese phone cameras are far superior than anything else. It would be cool tbf
took their time
Anyone guessed Jolla? If not, I place my bet…
Do they count as major?
Certainly not
…good point…
Not sure I’d trust Graphene so long as Daniel is still involved
Can you elaborate?
In all the time i looked online Ive never found a legitimate basis for these vague claims of drama around Graphene. See a lot of it in Louis Rossman circles (nothing against him, but he made a dramatic video on YT about leaving GrapheneOS) it’s reactionary at best. Someone got blocked people got mad, full story only the ones directly involved know.
In all the time i looked online Ive never found a legitimate basis for these vague claims of drama around Graphene. See a lot of it in Louis Rossman circles (nothing against him, but he made a dramatic video on YT about leaving GrapheneOS) it’s reactionary at best. Someone got blocked people got mad, full story only the ones directly involved know.
Louis was directly involved with this. He’s the one who exposed the whole situation and brought receipts.
Daniel is extremely paranoid (arguably part of why GOS is as secure as it is), but that paranoia can also lead to anxiety and assuming everyone is “out to get you”.
Daniel resigned 2 years ago and I always see these comments conveniently leave that out.
Daniel resigned as the head developer a few years ago.
The incident in question happened before that. Also, he’s still listed as a Graphene OS Foundation director, which means he still has a lot of pull.
I always see these comments conveniently leave that out.
You should probably brush up on your research instead of simping.
My point stands, a lot of petty personal stuff that seems unrelated to GrapheneOS. But there is never anything fruitful from engaging you types.
Lots of people blocked. Rossman made excellent points.
Techlore and Rrossman both have excellent videos going into detail the long history of his negative impacts on the community
Because linking to the site itself rather than the video is useless - https://techlore.tv/w/auQigUjYTqkME1Bj7uPEPm
I don’t know… Part of me thinks that someone overruled Daniel on this decision. He stepped down as the main dev years ago, but is still a director… maybe the other directors overruled Daniel?
But again, I don’t know. I’m just shooting from the hip.
Sock puppets.
There aren’t too many OEMs that sell worldwide. So that would be one of Samsung, Sony, Moto, OnePlus.
Not certain Sony counts as worldwide anymore since they seem to have retreated from the US.
My money is on Motorola.
How repairable are Motorola smartphones?
I have had several versions of the Moto G family and they’re pretty easy to repair. Usually under $30 for a screen. Trickiest part is glueing the back panel back on.
I agree, Motorola is owned by Lenovo. They have found middling success with the return of their Razr line and with phones in the lower to mid tier range. But they really want something super flagship. Something like the Think Phone would have probably sold really well with a Graphene option.
Device hardware, firmware, and software are integrated to protect your most sensitive data from mobile threats. With Moto KeySafe, PINs, passwords, and cryptographic keys are isolated from other device data for an added layer of high-level security.
Yeah this sounds like what Graphene insists on.
That sounds like a fancy speak for a Trusted Platform Module. Isn’t some kind of TPM mandatory to obtain a google certification for a new device?
It (unfortunately) isn’t required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.
Yeah, a TPM or secure element. I don’t think it’s required.
It (unfortunately) isn’t required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.
Are you sure there’s no rate limiting? My phone definitely does rate limit the on-boot disk decryption prompt. Do you mean there’s no rate limiting if someone detaches the NAND and brute-forces it off-device?
The only way a graphene is phone gets major adaptation is if you could use pay with it.
I can pay with NFC and my GrapheneOS phone.
Where is this/ what app do you use?
I’m in the UK and use Curve. I’ve used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
There are several supported apps, such as Curve Pay, PayPal, and banking apps that have their own tap-to-pay implementation.
https://shkspr.mobi/blog/2025/06/contactless-payments-with-grapheneos/
https://grapheneos.social/@GrapheneOS/115295538501760765
You can also use the
contactless payments supportedtag when searching the GrapheneOS banking app compatibility list on GitHub. https://github.com/PrivSec-dev/banking-apps-compat-report/issues?q=is%3Aissue+label%3A"contactless+payments+supported"Not OP, but my (German) bank supports the Digitales Bezahlen App with GrapheneOS. I used it exactly twice, both times because I forgot my wallet at home.
We need details please
I’m in the UK and use Curve. I’ve used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
I think people overestimate that feature. Where I live you still have to hand your card to the teller most of the time and nobody is handing their phone over for tap to pay.
deleted by creator
I pay with a normal card but I’d say the majority of people around me pay with their phone.
Also, I need to use my bank app to pay for things online. I scan a QR code and confirm the payment with a pin or fingerprint. Correct me if I’m wrong but I think many bank apps also don’t work properly with graphene.
Edit: maybe I’m getting confused, I thought bank apps normally needed google play services and that because of that they don’t work on grapheneOS, but I don’t know if that’s correct
hmm how bout round the world?
Like Germans prefer cash but tons go all digital—yuge in China for example, Apple Pay’s big stateside (USA)…
Curious your region btw to expand my knowledge on this
I live in the US and I also just got back from a 10 day trip that had me in 6 different airports around the US and saw basically nobody using their phones to pay. I saw a bunch of people using the translate app, the camera, FaceTime, Apple wallet for boarding passes, but no tap to pay.
I think it’s because the places that use it also have their own apps, like Starbucks. You can order and pay in the app and if you are likely to setup Apple Pay you are probably fine going all the way with the app too. The same is true of Walmart and other major retailers who also specifically don’t take Apple or Google pay because they want you to use their app.
It’s heavily used everywhere else in the world, the US is well-known to lag behind on payment technology. It’s like travelling back in time when you go there.
I pay with my phone literally everywhere in Canada, haven’t opened my wallet in months. I was in the US last year and they didn’t have mobile payment terminals at restaurants so you always had to pay for sit down service at a counter, always wanted me to sign for tap, kept calling it Apple Pay instead of tap or contactless, had places that would only swipe a physical card which isn’t even allowed in other countries anymore, it’s crazy.
Walmart takes tap in Canada, they were one of the last holdouts. The “individual app for each service” thing is very American, even American companies abroad don’t do it because they’ll lose business. It’s the same thing with cash transfers. There are 100 different private ways to send money in the US. PayPal, CashApp, Facebook Pay, Apple Pay, Venmo, etc.
None of those exist in Canada because we just have Interac e-transfers. Hard to compete with free & automatic support by every bank account in the country. Other countries have similar systems. The US has Zelle but as far as I know that was implemented way later and doesn’t have the mindshare.
So random that the USA is lagging behind in this regard, travelled Europe - everyone using phone pay, and in Australia my home country, it’s pretty much the only way people pay nowadays.
Not really. The kind of people this ROM caters to are exactly the kind of people who don’t use Google Pay to begin with.
There’s other pay features in the world like Wero and MobilePay
Oh man, please. My current Motorola could use replacing, official Graphene support would be fantastic
That would make sense as Motorola is fairly supportive of custom roms
Ooh yeah let’s get a 6" 2025 take on the OG Motorola Droid with the slide out keyboard, to make it more linux-phone-y.
It’s not going to be a Chinese company.
What makes you think so? This (admittedly pretty vague) response indicates quite the opposite: https://grapheneos.social/@GrapheneOS/115118480213473033
Because they actually care about security.
How come? I’d bet they’d be the most easiest “oem” to get started with.
All western ones will be on the mercy of google licencing, so I’d guess no one wants to burn bridges.
I’m quite sure no one would consider Chinese company as safe option for privacy and clearly security focused phone.
Also as Sony already has the Sailfish support the company is likely going to be Sony.
I wouldn’t bet on it. Lenovo is used across North American corporations, banks and government institutions.
I hope Sony simply because I want a headphone jack and an MicroSD card reader. Their phones are already pretty bloat free and their custom apps, usually focused on the camera system, would mesh very well with GrapheneOS. Would be a great way for them to become relevant again.
How repairable are Sony smartphones?
I don’t know, never broke mine.
Hot take, but no alt phone will reach critical mass without those features. They need support from even the most stubborn users
If the Graphene phone wants to presents itself as a consumer-first phone, I agree.
Samsung doesn’t really rely on Snapdragon too much, so that might be out.
Samsung is also a synonym for useless bloat, locked boatloaders, intrusive ads, and every other hostile feature ever. They are the last one to open up their phones.
True. But my S3 ran like a young racehorse when I installed Cyanogen back in the third age, when the orcs still roamed Rohan.
The US-based flagships do.
Yeah, but European ones don’t (or at least last time I checked). I guess that would be a hassle for them to keep compatibility.
