Get the top HN stories in your inbox every day.
jordand
sivers
Ha! Me too! Exact same. Bought a Pixel 10. Intended to do the default Android for a while. But it was filled with ads for “Wicked” which had me looking at my phone with a sneer on my face I couldn't erase - as if someone had smeared feces all over it and threw it on my bed.
So I jumped straight to GrapheneOS, which was way easier and less extreme than I had been warned. So beautifully minimal, with no crap. Now my phone feels like a simple Linux (Void/Arch) PC. So wonderful.
edwcross
Does it affect the photo quality? It used to require letting go of the default photo app and thus a downgrade in photo processing.
Cider9986
No, if you install the Google camera there is no difference in quality and by revoking network you don't lose privacy.
subscribed
I mean...... Google Camera has slightly different approach to low light photos and much better panorama mode, which means you can just install it and use with network access denied.
I mainly use native camera (good in most cases, can be brought up immediately with double power button press, from locked), Google camera (rarely), BlackMagic for when I need control over videos and ProShot when I need control over images (the last one might be hard to install - it's a paid app (I'm a paid user, this is how I got it), but not long time ago the moron of the developer made the app "incompatible" with devices without Google surveillance buttplug claiming it will prevent people pirating it form opening support cases....???).
So you can have multiple camera apps. Thankfully Google is not Samsung or Sony, and all the apps have full access to the cameras.
theodric
Install a 3rd party GCam and then the answer is no https://www.celsoazevedo.com/files/android/google-camera/
teekert
iOS is also going into this direction, just open the AppStore, it’s all the cheapest most horrible apps. Temu (shop like you don't give a s* about the planet), addictive AI Waifu’s (who needs human interaction anyway), clean your stuff but fake-time-wasting style (it's free dopamine!), search option’s first hit is often scammy (ie search for MS Authenticator). I feel that Steve ("If you want pr0n get an Android") would turn around in his grave from the sight of this.
Its just a matter of time before this cesspool will leak into the rest of the OS, AppStore shows us the temptation is too big for Apple. When my iPhone 12 mini dies it’s /e/OS or GrapheneOS for me. My devices should serve me and my thoughts are my own.
strcat
You should read https://discuss.grapheneos.org/d/24134-devices-lacking-stand... about /e/ and also look at what they say about devices with strong privacy and security including but not limited to https://grapheneos.social/deck/@GrapheneOS/11635397373214317....
port11
The AppStore has been like that for eons, but then again I don’t know a single person that uses it or checks the “content” posted there. It’s an utter waste of time.
I don’t think it will leak. After the U2 debacle, Apple might have learned not to push too hard on this front.
OtomotO
What about banking Apps? No problem there?
Some of them have ridiculous secur... compliance rules.
goerg
There is a list of compatible banking apps: https://privsec.dev/posts/android/banking-applications-compa...
Scrounger
> What about banking Apps? No problem there?
Most banking apps work, but Google Pay/NFC payments won't work.
Semaphor
The vast majority work, check this list for details: https://privsec.dev/posts/android/banking-applications-compa...
aaron_m04
I had to enable "exploit protection compatibility mode" to use my credit union's app.
anticrymactic
In my experience: Everything™ works, except Google pay unfortunately.
plorg
My banks app complains will block me and tell me to disable developer mode, but if I turn it right back on after launching the app it won't complain for maybe another week. The post that really annoys me, though, is that if you don't set up biometric unlock they will not allow you to use the extended login cookie, so you need to put in your password every time, most don't work with password managers either (whether intentionally or not).
Cub3
> it was filled with ads
You bought a phone from an advertising company?
fg137
It's not like buying from Samsung is any better.
dackdel
for some reason i read that in archer(animated) voice.
harvey9
Don't recall my old nexus devices having ads in the OS. Disappointing where Google has taken this.
yard2010
"Do you not?"
petre
[dead]
aaron_m04
> [...] until I noticed Google had force bundled a 'Wicked For Good' movie promo theme with the latest security update.
This is how users learn to not update anything.
chuckadams
Won't matter when they force the updates anyway. You think that's your phone?
theandrewbailey
When I got a new phone last year, I purposely got a Pixel (open box 9a) to put GrapheneOS on it immediately. Been happy living the de-Googled Android life since.
I was sad that I had to go through the OOBE setup on the stock image to unlock the bootloader. At least it doesn't force an internet connection and login, unlike Windows.
sowbug
If it's any consolation, the wipe* requirement before unlocking the bootloader is generally a good thing, even if it's inconvenient. Someone who is targeting your personal data gets access to your encrypted phone, either by stealing it or in an evil maid situation. They unlock the bootloader and install privileged code that helps them recover the symmetric encryption key or intercept your PIN. Then they either have your data or wait for you to enter the PIN. In theory recovery shouldn't be possible (access to the key depends on a secure element that rate limits brute-force attacks), but security bugs do happen. Wiping* your data before removing the bootloader's signing requirement is an extra layer of protection.
*It doesn't actually wipe your data; it just destroys the symmetric key, making the data permanently unreadable.
Markoff
AFAIK you can't unlock bootloader without wiping the data, that's my experience from last 15 years unlocking bootloaders on various phones
so it's kinda pointless to wipe data prior wiping them again during the bootloader unlocking process
Sophira
While the OOBE of the stock image doesn't force an Internet connection, the ability to unlock the bootloader does - whether you can do it or not depends on the phone manufacturer's desire, and Android for some reason uses an Internet connection to check that.
My understanding is that it is impossible to unlock the bootloader on a new recent (Android 7+ at least; possiblt earlier) Android phone until it has connected to the Internet. After that, the ability to unlock the bootloader is permanent.
dlenski
Yep, on older phones it was certainly possible without an Internet connection.
On the Nexus 5, you could just `fastboot oem unlock` right out of the box, install TWRP (custom "recovery") and install CyanogenMod/LienageOS, without ever booting the stock ROM.
On my Moto G4 Play and Moto X4, you had to get an unlock code from the Motorola website (based on the phone serial number I think) and waive some warranty terms, but once retrieved at least the phone didn't need to be online to unlock the bootloader.
The process on the newer Pixels is disappointingly intrusive, like basically everything Google has done for the last decade.
Sophira
...I feel a bit silly. When I said "Android 7+", I was thinking of my Pixel 7, which runs Android 13, so "Android 13+" is what I actually meant to say. Oops.
Markoff
it should be possible on Sony and OnePlus phones and maybe other brands, though it can require obtaining code from internet on other device, but the device being unlocked itself doesn't need to have internet connection
qurren
Is it possible to install basic Google apps like Gmail, Calendar, Maps, Drive without googlifying the whole phone?
I'm not looking to fully de-Google but I want Google as apps and not my OS.
handedness
I run a litany of Google (and other corporate/business apps) apps in Private Space under the owner's profile, which is only unlocked when I need it for something. That space's connection can go out over a WireGuard tunnel if I need those apps to be on any specific networks, while the rest of the phone's traffic is unaffected. The file systems stay functionally separate (although that's not a major concern given how file encryption is handled, plus the dream that is Storage Scopes), and that space has its own camera app and such.
The Owner profile itself doesn't run Google Play Services, so when that Private Space is locked and dormant it's effectively a degoogled stack.
Some will invariably argue that an old pocket-sized Linux PC with a cellular modem is a superior experience, and for some specific things it may well be, but GrapheneOS is the only viable option for someone looking for a user-respecting modern phone with very few limitations.
hxorr
I believe one of Graphene OS's main features is that they allow you to run google play services in a sandboxed environment, so you can run your standard google apps but without the standard android deal where google play services has unfetteted access to all your phone's location/data/etc info
strcat
Yes, those are all compatible and the only way to use them is as regular sandboxed apps without any special access. Sandboxed Google Play can be installed in the profiles of your choice. Installing it in the main Owner user is a valid choice and doesn't at all ruin what GrapheneOS provides but you can make a dedicated work profile or Private Space for it to keep it separate. Only apps in the same profile can see it and use it, so you can control which apps will use their functionality depending on it that way.
hiitsmyaccount
Yes, you install the Google Play store via the GrapheneOS App Store. The OS comes with like 5 apps out of the box. The rest is up to you.
Biggest caveats that I've encountered: tap to pay via Google Wallet is a no go, Android Auto can be flaky, MDM managed work profiles don't work at the moment, and some apps that use the Google Play integrity API fail to validate and refuse to work (I've only encountered one app that fails, and plenty others that work.)
In general, I'm moving towards a de-Googled life and GrapheneOS is a great entrypoint towards that.
drnick1
> I'm not looking to fully de-Google but I want Google as apps and not my OS.
This is entirely possible as other posters have explained. But I think it kind of defeats the point of Graphene, at least somewhat. Google is already profiling every aspect of your life by reading your emails, files, calendar, location, etc? In that case, OS access becomes moot.
I think that GrapheneOS makes most sense as part of a broader move towards privacy-respecting alternatives. I see the sandboxed Play Services as something useful perhaps in a secondary user profile, for the odd commercial app required and only available from the Play Store.
notRobot
Yes, you can have sandboxed Google apps: https://grapheneos.org/usage#sandboxed-google-play
upboundspiral
Yes absolutely.
You can install nonprivileged google stuff on the main account.
Alternatively you can setup a private space (accessible to the main user but mostly separate from the main system) with a few clicks in the settings.
If you prefer more friction / isolation you can setup a separate user where you can install the google stuff.
bigiain
Memories of Apple force pushing a U2 album to everyone's iPod (or maybe iPhone) back in the day.
IdiotSavage
Or the more recent memory of the F1 ad pushed via the wallet app.
LeoPanthera
That was a hilariously tone-deaf incident, but it's hardly comparable. Google pushed ads. Apple gave you a free album.
davidwritesbugs
Yes, but a _U2_ album. An ad is 30 seconds of irritation, but a U2 album is like having broken glass sown under your skin.
genpfault
What's the app data backup/restore story on GrapheneOS?
My understanding is that even with pseudo-D2D (device-to-device) transfers Seedvault doesn't backup everything[1].
Are there more-functional, non-root, local (non-cloud) alternatives?
[1]: https://github.com/seedvault-app/seedvault/wiki/FAQ#why-do-s...
subscribed
Backup situation is absolutely awful, don't count on it.
handedness
Seedvault is still woefully insufficient, but it sounds like there's work being done to replace it. I can't imagine the enterprise crowd will overlook that and I'm hoping the Motorola partnership enables faster development.
3092-8121-9924
> Seedvault is still woefully insufficient
Ever since seedvault implemented local D2D API for app data availability and changed their repository format (inspired by restic's hashing) I've grown to trust seedvault enough that it's my sole phone backup.
Seems to schedule/backup/restore just fine, even cross-device. Gets all the apps and files I care about. Incremental runs are slow but efficient (<1MB transferred).
I have some UX gripes and would prefer if key and snapshot management was more flexible but the sentiment I see seems to be rooted in the earlier days when seedvault was more naive.
Look forward to a GOS-native solution all the same.
lucb1e
Not without root, no
amelius
Happy GrapheneOS user here too since 2+ years now.
Small point of critique: it would be nice if it was a little bit easier to switch between personas, for example by simply scrolling to a different workspace. Because now the feature is mostly unused on my phone.
RachelF
I too, liked it.
However, some apps that I need for work, like Microsoft Authenticator, no longer work under GrapheneOS.
https://www.theregister.com/on-prem/2026/03/10/microsoft-tig...
eszed
Yeah, I'm hanging on with GrapheneOS (on a Pixel) until their native-hardware (Motorola) phones come out, which hopefully will solve this. As I understand it, third-party (banks and so forth) app vendors have to accept their security attestation, which they don't right now, but (I hope) will with Motorola behind them.
cybertim
Graphene is NOT a jailbroken/rooted OS, its a real secure unrooted, bootloader locked OS, and MS Authenticotor works just fine. If anything does not work its related to dependency of the App maker on a certain attestation google play services grapheneos.org/articles/attestation-compatibility-guide
MIL-STD
Root =/= insecure. You probably have administrator access on your home computer operating system, and can very likely do online banking via the web browser with no issues. A secure API is possible regardless of the host metal, operating system, or user permissions.
flawn
This does not play a role - even if you lock your bootloader Play Integrity Checks still fails, and that means you can't use certain apps, MDM and overall restricts your usage. Thank Google for that.
idiotsecant
Sounds like your work has been using your personal phone for free
Gigachad
I hate how common it's become for companies to force you to install things on your personal phone. Even worse is some of them demand you install a MDM profile on your personal phone which feels 1000% over the line of reasonable.
dlenski
I've just refused to install such things on my phone.
You want me to have email and teams/slack on my phone? Sorry, I won't install the spyware. Want to pay for me to have a second phone with it? Okay. No? Well then, I just won't have email on my phone.
palata
Microsoft Authenticator works on my GrapheneOS (not rooted).
_carbyau_
From the linked article it seems this is related to Entra accounts which are Azure cloud related.
Sarkie
Google Authenticator works?
gonzalohm
I think Google authenticator implements the standard OTP which lots of apps (including keepass) should support. Microsoft uses their own propietary crap
sieabahlpark
[dead]
Randomno
> Wicked For Good
Is this an antithesis to Don't Be Evil?
phreack
That Motorola phone that lets you install Graphene can not come soon enough. Pixel phones are not sold worldwide so it feels like they're gatekeeping security. I know that's not the case really, but there's very few ways to successfully degoogle otherwise.
matheusmoreira
> Pixel phones are not sold worldwide
Still boggles my mind the fact Google doesn't sell their phones worldwide. Obtaining a Pixel has proven to be quite difficult for me.
wraptile
Not only obtaining but if you ever need warranty you're done. Just last week I went to a Samsung center and had my fold 6 fixed in 30 minutes, and these centers are everywhere around the world. Same thing with Apple, yet a 4.5 trillion dollar company can't ship and maintain a phone globally. It's so unserious.
elAhmo
They definitely can, they just don't want to.
JBiserkov
As the old joke goes: Microsoft is a software company, Apple is a hardware company, Google is an ads company.
matheusmoreira
Yeah. Could be difficult even if one is willing to forgo the warranty. My city has local repair services, they easily repaired my old Samsung phone. Servicing Pixels could be difficult even for them.
d3Xt3r
Out of curiosity, what was wrong with your Fold 6?
dakolli
It still boggles my mind that the most popular privacy OS requires Google manufactured hardware, that fact alone makes me not trust it at all.
flexagoon
They list their exact criteria for supporting a device. So far, only Pixels fit all of them (and I guess the Motorolas will soon)
HybridStatAnim8
GrapheneOS is not going to compromise on hardware security for the sake of spiting one specific company. GrapheneOS supports all viable platforms, and right now that is the pixel lineup. Additional device support requires OEMs step up their game, and so far, only Motorola is up to the task, and we should get Motorola devices with official GrapheneOS support next year.
There is nothing crazy about doing something properly.
WD-42
Phone hardware is a hellscape it doesn’t surprise me at all that they need to keep the number of supported devices small in order to deliver a decent product.
lern_too_spel
Despite Google's other failings, it was the OG supporter of data portability, and that spirit extends to its phones. No other phone manufacturer with wide distribution comes close. It's unfortunate that the people who design the hardware do such a poor job with the resources at their disposal.
undefined
mvdtnz
It's ridiculous is what it is. It makes me deeply distrustful of the organisation behind Graphene that they would make such a crazy choice.
okanat
AFAIK Motorola only lets certain geographical regions to unlock bootloader, not everywhere.
tom_alexander
They're referring to the partnership between GrapheneOS and Motorola: https://motorolanews.com/motorola-three-new-b2b-solutions-at...
xvedejas
I just moved away from GrapheneOS to Motorola because I decided I needed an audio jack again. There's definitely some annoying things about leaving, but at least now I can use again the three apps that didn't work for me on GrapheneOS...
ccppurcell
Which phone and is it android then? Maybe I'm out of the loop on Motorola. I just bought a pixel, thinking of trying graphene. I was a bit miffed about the lack of jack until my partner pointed out I hadn't used the one on my old phone for over a year. I'd like to in the future though.
StingyJelly
I use usb-c dac and it is honestly fine. you can get one with charging bypass and keep that one with the charger
timedude
Which apps didnt work?
NamlchakKhandro
This is a thing now
microtonal
Posting about Volla in a GrapheneOS thread is... I guess courageous?
They are kind of the opposite of GrapheneOS. Ancient kernel trees, ancient firmware bundles, etc. And since downstreams like /e/OS just take their kernels/firmware, they are ancient as well. Using Volla phones opens you up to a lot of known vulnerabilities.
Besides that, Volla is basically a marketing company (with some external contractors) that does Eurowashing. E.g. one of their phones (Quintus) is a phone designed by an Emirates company, produced by a Chinese ODM, marked up by 500 Euro by Volla (they probably turn some screws and flash the firmware to be able to call it 'from Germany'. You can get the same 719 Euro phone here for ~160 Euro:
https://www.amazon.ae/Android-Smartphone-Storage-Octa-Core-M...
I don't understand why people do free promotion for Volla, given that they are mostly snake oil salesmen.
port11
Wow, good to know. Sounds like the kind of company that Worse On Purpose would love! The shenanigans people go through to make money…
For the curious: https://marbit.substack.com/p/worse-on-purpose
lucb1e
I don't see anything they offer for security that's not also in AOSP/LineageOS/eOS/stock/etc.
Which is not to say that's not enough for most people, but why highlight them? It doesn't seem comparable to the laser-focus GrapheneOS has on security
d3Xt3r
Not GP, but Volla phones are cool in that they officially support running proper Linux[1], so you could just use Linux instead of Android if that's enough for your needs. And you can still boot into their de-Googled Android if you need to run Android apps.
goodpoint
They look way more trustworthy.
strcat
Those are much less private and secure than the Android Open Source Project on Pixels without the major privacy and security improvements of GrapheneOS. Those aren't privacy or security hardened devices.
tasty_freeze
I've been using Graphene on my Pixel 7a for about a year and I'm happy I made the switch. For sure it is a bit rougher than using Google's OS, but not enough to make me regret it.
The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right, and (2) the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Anyway, I looked at Google's Android 17 blog and yikes:
"With deep integration between hardware, software and AI, we’re transforming Android from an operating system to an intelligence system. It's about delivering new helpful experiences that anticipate user needs, and it brings more opportunities for engagement with your apps."
https://android-developers.googleblog.com/2026/06/Android-17...
Cider9986
> The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right,
GrapheneOS is compatible with the vast, vast majority of Android apps, so you can use GBoard or FUTO keyboard (which I recently switched to from GBoard), to get the ideal experience.
FUTO recently revamped their swipe to type model and it's now more accurate than GBoard in their testing. I am a huge swipe type person, so this is what held me in GBoard's clutches, but now I'm free.
The dataset is open source and anyone can add to it if you're on a mobile device here: https://swipe.futo.org
And you can learn about it here: https://swipe.futo.tech
> the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Google messages, the experience you get on PixelOS, is also compatible with GrapheneOS, but you will have to afford network access to sandboxed google play, among other things. I couldn't tell you specifically, but it will work out of the box before you restrict anything. Many people choose to use this setup because it opportunistically adds e2ee for chats between iPhones and other Androids using Google messages.
There's also other SMS apps, but I focused on switching people to Signal so I barely ever use SMS.
Once I replaced the default apps, GrapheneOS became a premium phone experience.
sivers
Yes! FUTO keyboard, then go into VOICE INPUT → MODELS → Explore Voice Input Models → English-244: “Best for the most accurate results, but more demanding.”
The voice recognition is built on Whisper, and is amazing. You can speak conversationally for a long time and it gets everything right, with smart decisions based on context.
My stupid thumbs text no more.
tasty_freeze
I just did. I had been using FUTO voice, but I see that FUTO keyboard also supports voice input, so I'm not sure if I should delete FUTO voice as being redundant now.
arcanemachiner
There's also Heliboard, which has a swipe-type option
tasty_freeze
Thanks for your thoughts. I use FUTO voice usually, but there are situations where typing out a short message is better -- eg, in a restaurant or doctor's office or someplace where voice input might bother other people.
I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
The feature I'm missing is simply that rubbing my finger left or right on the spacebar in text mode causes the cursor insertion point to move left or right on in the text I'm entering. It makes it sooo much easier to correct typos.
Cider9986
FUTO and GBoard has the feature you're describing and I use it all the time. Pretty much anything you miss from Pixel UI can be attained by simply installing Google's app from the playstore.
flexagoon
> I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
Graphene's keyboard is the stock AOSP keyboard. Most Android systems ship with their own one instead of it, but that's the one that is built into the system by default.
wolvoleo
The problem I still have with the futo one is that it can't swipe type in multiple languages without switching every time. Gboard can do that. I use 3 languages intertwined constantly so I need that.
So I still use gboard but block its internet access.
danielspace23
Problem (1) is a keyboard problem, not a GrapheneOS problem. Graphene comes with the stock AOSP keyboard which is very basic, but you can absolutely replace it. Personally I'm using the FUTO Keyboard and it does have that feature, as well as swiping, speech to text and much more.
Maybe you can try installing another SMS app for problem (2)? Much like the stock keyboard, the stock Messaging app is just the AOSP app. Honestly it works fine for me so I don't have a recommendation.
Groxx
Regarding 2: that is literally how SMS reactions work. Apps that recognize it just interpret it as "put that emoji on that message". It is unfortunate that it doesn't do that tho.
RCS is different, which you can sometimes get working by installing Google Messages¹, which is essentially the only app that supports RCS any more. Google runs essentially all the servers too.
---
1: There are no third-party RCS apps² because, unlike SMS which has an API and a shared database on the device, RCS is extremely locked down and it's literally impossible to create one in stock Android. This is also why it's only "sometimes" on GOS, the details are very complicated and rather enraging.
2: Samsung had one, but they're shutting it down in favor of Google Messages. A tiny number of other devices / telecoms have their own too, but they're rapidly shutting down as well. RCS is very nearly fully controlled and implemented by Google now, except for iMessage as a client only, for now, and there's no encryption between iMessage<->Google Messages last I checked (but there apparently is between Google Messages... but no normal person can really verify that because it's Just Google Everywhere).
strcat
GrapheneOS will eventually have a GrapheneOS RCS app, but for now RCS is fully supported via Google Messages and sandboxed Google Play:
Groxx
There have been consistent problems with activating RCS, for many years. But it does work for some/many, yes.
And AFAIK they have only been desiring to build their own RCS app, and researching it, but have no concrete plans. It'll probably be extremely hard to do, given how much interaction it requires with individual telecoms, and how large the specs are and how much they change - it'll be signing up for significant dedicated eng/business/etc effort that will never decrease. Though I would very much like it if it does happen.
Personally: it worked for about a year for me, then stopped for several months, then worked for two, then I disabled it. All on the same phone, same OS install, same carrier and phone plan, and same location. No issues at all on stock Android with everything else identical which my wife uses. You can find tons of cases like this with Graphene users, RCS just doesn't work/activate/??? as well for some reason.
rookderby
I agree with this post and add one anecdotal data point.
I had installed graphene os on a pixel but after a couple months and a couple loops between lineage, stock, and graphene, I eventually settled on stock android. I have group messages with family and some of the family are on apple, some on android, and RCS only works with google messages and google services installed.
It's infuriating that I can't send RCS messages unless google allows me to. I want to go back to email or MMS. Supposedly after a month (!!) RCS group chats will fall back to MMS, but that was not my experience. Also, if you turn RCS on/off you may get kicked out of group messages [0].
[0] https://support.google.com/messages/answer/7189714?hl=en
Groxx
Yeah, it's pretty awful tbh. I generally recommend disabling RCS, after learning a lot more about it - it feels like a hostile grab at global messaging at this point, heavily entrenched by telecom agreements. Use Signal or something instead.
Initially there were some promising details planned, but much of it hasn't panned out, and plus now it's Just Google™. Like, roughly everyone has heard that RCS brings E2EE privacy, right? Would it surprise you to learn that it was only added to the spec around a year ago, and nobody has it implemented yet? Google has their own thing between Google users, Apple has their own iMessage-only thing, and they both drop crypto when you cross the streams because it isn't in the spec. And neither is practically auditable (allowing auditing is part of the spec btw - have you seen that UI?).
And that's before even touching on the utterly massive amount of the spec that's clearly designed for businesses only, to send you highly customizable interactive UI. Which you can't use as a person. Or build your own app for. https://developers.google.com/business-communications/rcs-bu... / https://rcsforbusiness.google/
It just does not smell good. It's not in our best interests to let it win.
strcat
RCS via Google Messages and sandboxed Google Play is fully supported on GrapheneOS:
garciansmith
Other people have noted that you can switch out the keyboard and SMS app (which I did).
My single (minor) issue with GrapheneOS is the adaptive screen brightness. On the stock Android OS on a Pixel I'd mess around with the sliders for a week or two on a new phone and then it learned what I liked. Now it has a few set values, one of which is always too dim for me in darker conditions so I have to mess with the slider each and every time. I don't believe there's a way of fixing that.
Other than that I'm glad I switched, especially when I read about new "features" they add that I know I'd hate.
hiitsmyaccount
I use GBoard on GrapheneOS. I just deny it network permission so it can't phone home.
Walf
I used to do this but I found it downloads needed language files in the background. So every time it updated, I would clear all the app data, open it again on something innocuous, like a text file, toggle each language I used. Not knowing how long it would take, I'd wait until each seemed to be behaving, then disable network permission. I still don't trust that it doesn't send data off via Play Services.
Now I use Heliboard with the swiping library added. It's not perfect, but has improved, and at least it can give more than three correction options (long–press centre suggestion with ellipsis below).
I really miss Keymonk — two–finger swiping, accurate, and no crap.
Markoff
I do usually this, but recently on older phone (using it temporarily while I buy new) I had to reinstall it and found out, it didn't provide any word suggestions for ant language other than English and even gesture input for other languages didn't work, so at least during initial setup it must have (now?) internet connection most likely to download dictionaries (I thought they used to be included in past, never noticed this before), after allowing the connection, setting up and then disabling the connection, it works fine
dopidopHN2
You should consider using signal as texting app?
teekert
You shall engage more with your apps, user!
andrepd
Regarding (1), that's on your keyboard, which you can choose. Maybe you can give Futo a try? https://keyboard.futo.org/
jstanley
Why does it need its own F-droid repo?
ssddanbrown
Because the code is not provided under a free/open-source license, and therefore does not meet the requirements for the main F-droid repo.
scns
Simple Keyboard is on F-Droid too. Supports moving cursor via space bar.
QuantumGood
Also on the homepage: "Volkswagen started blocking GrapheneOS users"
https://news.ycombinator.com/item?id=48571526masonwan
That's exactpy why I get Google Pixel phones.
Support expires? Upgrade to custom ROM Ads? Upgrade to custom ROM Want to use it as server? Upgrade to custom ROM.
If I would use Apple iPhone, these old phones would be trash very soon.
MikeKusold
The iPhone 11 was released almost 7 years ago and is still supported by the latest iOS.
For context, that would put it at the same release as Pixel 3 or Pixel 4. Those devices stopped receiving updates in 2022-2023.
anonymousiam
I took the plunge into GrapheneOS a week ago. I picked up a new Pixel10 Pro and never even tried the stock OS (except to unlock the boot loader).
I've got almost everything working the way I want. There were a few non-essential banking apps that won't install. The most annoying problem I had is when I tried to install Strava, which I cannot get working. The app installs, but it will not let me sign in. I guess I need a replacement, because I use that app a lot.
binarin
The most hilarious is McDonald's app - it refuses to work without Play Integrity check. I wonder what braindamaged reasoning is behind this. Do they want to position themselves as a bank or something?
QuantumGood
Also on the homepage: "Volkswagen started blocking GrapheneOS users"
https://news.ycombinator.com/item?id=48571526bhelkey
Fastfood apps typically offer deals to new customers.
I suspect this is an attempt to prevent folks from spinning up many new accounts to get these deals.
pona-a
I recall a year or so ago, there's been a story about someone hacking McDonalds loyalty program, with that app doing something stupid like storing your balance on the client or something. It seems instead of firing whatever offshore sweatshop that made that, they just doubled down on "mitigations".
mtlynch
Was it this it this one by Eaton Works?
throawayonthe
the app actually did the play integrity thing long before that :P
drnick1
What would anyone use an app to order food from McDonald's? Just walk into the restaurant, pay cash, and walk out with the food.
bhelkey
McDonald's app (other other similar apps) offer discounts to ordering through their app.
For example, McDonald's has a long running campaign, 99¢ for coffee. Any size, iced or hot.
domh
Huh, it works just fine in the UK. Wonder if they have different builds (or completely different apps) for different regions. Or maybe it's the GrapheneOS compatibility layer that makes it work? Not sure.
pona-a
Play Integrity has several levels. GrapheneOS MEETS_BASIC_INTEGRITY, which I believe only requires a locked bootloader and no superuser.
There's also been some discussion of spoofing MEETS_DEVICE_INTEGRITY, since before Android 13 it didn't rely on a TPM, and many apps don't want to lock out older devices, but it's been decided against it [0].
[0] https://github.com/GrapheneOS/os-issue-tracker/issues/1986
drnick1
"Strava is an American internet service for tracking physical exercise which incorporates social networking features."
Sounds like spyware, to be honest.
haltcatchfire
I run Strava on my Pixel 10 Pro Fold running GrapheneOS. IIRC you need to have Google Play Store installed (with zero permissions, preferably) to make Strava work.
anonymousiam
Both Google Play Store and Google Play Services are installed, with minimal permissions. Strava still does not work.
flaburgan
I know a friend is using Strava on his Pixel 10 running graphene so there should be a way
anonymousiam
There should be a way, but I have not yet found it, and I've spent some time on this. I've installed/uninstalled Strava about a dozen times, rebooted each time, tried various permissions, but stood my ground on some of the permissions. Should I give Strava access to my photos and my microphone? I'll never go that far.
darkteflon
~Happy iPhone user for almost 20 (!) years. This has got me seriously thinking about picking up a Pixel.
Cub3
I feel like you'd be taking on a lot of pain for no real benefits though?
portly
I did this half a year ago and it was fine for me. One of the benefits is of course privacy. For instance, I noticed that ads get completely out of touch which proved to me that I'm being tracked less.
Also never have that feeling anymore that my phone is spying on me.
8fingerlouie
Any iPhone user with a measure of privacy knowledge will experience the same.
I'm using NextDNS for DNS level ad blocking as well as iOS built in tools, and I get ads for women's hygiene products (I'm male), travel, dining, server parts, cars, and everything in between.
The main difference between Android and iOS is (or used to be?) that Android typically phones home with everything, frequently visited locations, calendar appointments, voice commands. On iOS most of that runs on-device. Siri voice to text/text to voice runs on device, various "ai" things in photos runs on-device, frequently visited locations are device local.
tcfhgj
real benefits: being able to install free software
ikurei
Jumped to GrapheneOS a few months ago. Works great. The keyboard was bad but you should install FUTO, as some other comments recommend.
My only issue with it has been a few apps not working correctly, and not the ones I expected. I did my research before hand and knew that my banking apps would work, thinking those would be the main challenge.
Turns out the bike-sharing system in my city, Madrid, won't work. I ended up installing Google Play services (that run sandboxed in Graphene, but still wanted to avoid), and it works sometimes, but mostly doesn't. I use these bikes a few times a week, so this is a major hassle, and I end up carrying my ancient iPhone with me sometimes just for this.
This and Trade Republic have been my only two problems. Happy otherwise, but do your research before switching, and don't assume only the apps you expect to be problematic will be.
mycall
Why don't you connect with the makers of Madrid and see what they can do about it? That is sometimes the best way to fix these types of incompatibilities.
gck1
I was using GrapheneOS for years, until the battery died while I was on an important call, trying to get someplace. Plugged it in, but little did I remember that I had installed OS update that was pending app optimization phase that happens during next boot.
GrapheneOS has some hardening in this phase, which as I understand, essentially has to rebuild all apps without cache.
And as I have a ton of apps, I was parked for 30 minutes waiting my phone to boot up.
And because of this app optimization thing, I always delayed OS update finalizations, which probably isn't the best thing.
Unfortunately, GrapheneOS recommendation to this was to have fewer apps. Had to let it go after that.
dsr_
App optimization happens in the background now, and pops a notification when it is done, asking to restart all open apps.
gck1
Oh, then the biggest pain point I've had is now resolved. I should give it another go.
I've seen payments being another problem - but Garmin watch handles it for me. And paying with a watch becomes a conversation starter with merchants for some reason.
Sayrus
I'm not sure how Garmin works, but for instance with Google Wallet-compatible watches, you need a phone where wallet can run. I've had this setup for a year where I loaded the cards from another phone and used a watch to pay.
However Wallet didn't like this setup. Tokens expired at varying delays, sometimes a day, sometimes a week or payment failed without reasons.
Nowadays, I just use my bank's app which work fine on GOS.
Cider9986
I have multi day battery life and I only charge to 80% so it was either user error or a hardware failure.
GOS has much better battery than stock pixel ui because of less services and telemetry.
throawayonthe
i have mine set to auto-restart for updates and i shortened the 'restart when idle for n hours' value so it usually just does everything at night
Milpotel
> GrapheneOS recommendation to this was to have fewer apps
Sounds reasonable. People tend to install way too many apps on their phones and than blame the phone about short battery life or too many notifications.
gck1
Having many apps will not affect battery life on Android in any meaningful way. Actively using them will. Apps can't just sit there and run in background, unless you explicitly gave them that permission.
Android also takes permissions away from apps after they haven't been used in a while anyway.
So most of the battery consumption will be from the apps that you actively need and use. Android's battery usage screen backs this up.
The metro app I installed when I was on a trip in Istanbul is still on my phone, but it's dormant. Yes, I should definitely uninstall it, but I really can't be bothered to do this all the time. On stock Android, phone takes care of this for me. On GrapheneOS, either I take that responsibility or face the consequences - which I don't really want.
lifeisgood99
What are North American people doing for replacing contactless payment? Last time I checked, the solution was to use Curve but it only works for Europe.
mrbluecoat
I don't. GrapheneOS is worth the effort of pulling a card out of my wallet.
gvurrdon
In general I'd agree.
Curve demand a "video selfie" and I've never been comfortable with sending companies such biometric data.
hparadiz
It's infuriating that they won't do this for non Google Android. It's in the best interest of both the bank and the card owner. Credential theft risk goes down to basically zero when backed by a fingerprint authenticated virtual card.
627467
I'm sure contrats between Google and banks provide the financial guarantees that not open-source project would be able to. Unless governments mandate there's zero interest from banks to put extra effort into building for unpopular solutions
tombh
What do you mean by credential theft? Stealing the numbers on the card or a malicious person triggering the contactless payment?
jojobas
Banks don't want the headache of supporting multiple weird phone OSes and it's understandable. As long as they don't require running an apple/google-certified device and OS I don't care.
jcul
I'm in Europe, but I had accepted that I had to do without. I hadn't heard of curve, going to check that out.
400thecat
the Play store reviews for Curve are attrocious, especially the most recent ones. Looks like Curve is absolutely unusable, for many reasons
carlmr
Garmin pay if you're ok with Garmin is one possibility.
lucb1e
It's even available in my country! Never heard of it, would have assumed it's not being sold here. Let's see what that costs when I click the "shop now" button that's front and center
> Attention required!
> Sorry, you have been blocked
> The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
Thanks cloudflare *handshake* garmin. I suppose I'll stay with chip and pin for now
mendelmaleh
They don't support amex or capital one, the two I use the most...
wolvoleo
They have an app for Android that can do NFC? I thought it was only for their watches. Thanks!
drnick1
There is no replacement. Strap a credit card to the back of your phone or pay cash.
fc417fc802
Use a solvent to dissolve the plastic from the card then epoxy the extracted antenna and chip innards to the back of your phone case. Problem solved. (I'm only 50% joking, you can actually do this but maybe epoxy isn't the best option.)
microtonal
Somewhat similar, Polar sells a band with an NFC payment chip in it (no experience, just saw it the other day):
mendelmaleh
I'd like to do this, but epoxy it to a dress watch
pona-a
There are a few other banks running their own NFC payment systems, like Swedbank in my country.
orthoxerox
I am not North American, but instead of Google Pay I use my bank's app for contactless payments.
kQq9oHeAz6wLLS
I have these cards I keep in my (RFID-blocking) wallet, one for each credit account. Then I just pull them out and tap to pay. It's super convenient - no app required!
Cider9986
What does RFID-blocking wallet do?
ArmadilloGang
People cannot steal your card info via proximity to your wallet over NFC if the wallet’s physical barrier blocks the RF signal.
mcsniff
[flagged]
Saris
Cash for most things, and just use a card like normal otherwise.
I don't really see the appeal of contactless payment, pulling a card out really doesn't take much time.
mixmastamyk
Cards are "contactless payment" these days.
eipi10_hn
Google Pay (Google Wallet) actually also has virtual number so my real card number won't leak in many cases.
preisschild
Just having to take your phone with you is quite comfortable. Your phone is probably the pocket-sized item you are unlikeliest to lose.
Saris
True, but I also need my license to ride my motorcycle or drive a car, plus cash needs to go somewhere.
dopidopHN2
Graphene made me like using a phone. It behave like a computer. Really lovely
preisschild
I can say the same. Been using LineageOS and GrapheneOS for most of my life. Some things are not super convenient (I generally dont install non-free-software applications and don't have Google Play services enabled), but the rest of the experience is great. No crashes, no bugs, no unexpected behavior. Currently I'm using the Pixel 9 Pro XL.
I can also recommend Gadgetbridge for BLE smartwatch integration.
tcfhgj
Sadly not an option as long they don't support Fairphones
strcat
Fairphones are far from meeting the security requirements to run GrapheneOS and have chosen an incompatible path. It won't be available for their devices.
https://discuss.grapheneos.org/d/24134-devices-lacking-stand...
Cider9986
I don't think that fairphone is interested in privsec so it will never be supported.
tcfhgj
them supporting e/OS suggests otherwise
strcat
/e/ is the direct opposite of a privacy or security focused OS. It doesn't provide bare minimum standard privacy and security patches while setting an inaccurate Android security patch level. It lags many months behind on patches even on devices where they're the least behind. It's typically years behind on kernel, driver, firmware and major OS updates. It doesn't keep the standard privacy and security protections intact and lagging behind on OS updates means not having the current ones. It sends user data to OpenAI and other third parties without consent.
https://community.e.foundation/t/voice-to-text-feature-using...
https://codeberg.org/divested-mobile/divestos-website/raw/co...
https://discuss.grapheneos.org/d/24134-devices-lacking-stand...
/e/ and Murena have repeatedly claimed providing strong privacy and security mainly benefits criminals and claim devices doing it are mainly used by criminals. Here's one example of many:
https://grapheneos.social/deck/@GrapheneOS/11635397373214317...
An iPhone is a hardened device with drastically better privacy and security than an /e/ device. It would fall under the claims from /e/ and Murena about hardened devices.
Cider9986
It seems to me that /e/ is opposed to privacy and security.
HybridStatAnim8
No, them supporting e/OS corroborates the claim that their goal is not privacy or security.
Get the top HN stories in your inbox every day.
I've been running GrapheneOS for 7 months now and I'm not going back. When I bought my Pixel 10 last year, I wasn't actually planning on trying Graphene for a while....until I noticed Google had force bundled a 'Wicked For Good' movie promo theme with the latest security update.