GrapheneOS is the only Android OS providing full security patches

As a LineageOS user, I'd be interested in the disparity between GrapheneOS and LineageOS.

This is a great resource! Thanks

If you care about security above all else and you have a Pixel, GrapheneOS should really be your only consideration.

LineageOS has a place for those who care less about security and more about features, "freedom", compatibility, community etc...

I was a LOS user and maintained my own forks for devices, but switching to GrapheneOS was a good decision and I don't really miss anything.

They have different goals:

GrapheneOS wants to make a FOSS Android with the security model that makes it hard for any bad party to break into the phone.

LineageOS wants to make a FOSS Android that respects user's privacy first and foremost - it implements security as best as it can but the level of security protections differs on different supported devices.

Good news is that if you have a boot passphrase, it's security is somewhat close to GrapheneOS - differing in that third parties with local access to the device can still brute-force their access whereas with GrapheneOS they can't - unless they have access to hardware level attacks.

Graphene OS provides advanced security capabilities and a thorough defense-in-depth approach including a hardened supply chain. GOS aims to provide mechanisms to protect against 0day attacks. For example Celebrite can not open up GOS. GOS relys on hardware support provided by Pixels. Graphene OS works on getting their developments upstream.

For a list of security features see here [0].

[0] https://grapheneos.org/features

That comparison shows "Deblobbed? Yes" for GrapheneOS. That implies they've replaced (most of) the blobs for wifi, bluetooth, 5g chips etc.

Is that actually true? It's such a big deal, and I see little to no work being done on this front.

Anyone have any idea what GrapheneOS actually deblobbed?

They can because they essentially support Google chipsets, which are not blobby like MediaTek or Qualcomm because Google for all its faults is still relatively open (except their recent change in release schedules is why the Pixel 10 series still only has experimental GrapheneOS support).

GrapheneOS is a locked-down, security-hardened system that's good if you need absolutely maximal security (e.g. journalists, activists, folks targeted by state actors). LineageOS is a more of an open system for tinkerers who want to play outside Google's walled garden.

You can have root to control your own device on Lineage, but not Graphene.

I believe you can root GrapheneOS. It just breaks the security model, so it's not recommended to do so.

Ah, you're right: https://github.com/schnatterer/rooted-graphene

I stand corrected. Still, as you say, less point in it since it breaks their security model.

It might be important to mention, that Lineage OS is available on a number of the devices abandoned by their original vendors, so sometimes it may be a much better solution to get a Lineage OS onto their former "flagship" which stopped getting updates 18 months after the release.

So if the bootloader can be relocked and not passing Play Integrity scam is not a problem, Lineage may be a better option. Better than nothing, that is.

Nice! Thanks for the link. I noticed they didn't mention MOCOR OS (for the new Nokia 3210), but then I remembered that that's not an Android version. I'll see if they can add it somewhere else.

Unrelated, but this led me to find gnuclad, which may be somewhat externally maintained and is used to create the cladogragms.

Do you claim that there's a place where I can find datasheets for peripheral devices for Google Pixel? Like GPU, etc.

No, but they used to publish the source code for the drivers as part of AOSP. Now they no longer publish the device trees. Check out GrapheneOS' other Mastodon posts for the gory details.

that is simply wrong.

GrapheneOS is both in terms of security and privacy the best but currently only supports pixel phones.

LineageOS is trying to support as many devices as possible still with lot of google connections and missing security updates.

>Good news is that if you have a boot passphrase, it's security is somewhat close to GrapheneOS

its not anywhere close https://grapheneos.org/features

Just yesterday I took an old Motorola smartphone from 8 years ago (Android 9) and put LineageOS on it.

Poof, it's transformed from unusually-glitchy e-waste to a tool someone can actually benefit from.

> So if the bootloader can be relocked

Their website says they recommend against that and will not support it, because of a high chance the device will get bricked. :(

Here’s an example of the radio firmware and vendor blobs required for a pixel 9 pro XL build: https://github.com/TheMuppets/proprietary_vendor_google_komo...

Nobody, including Graphene, is getting away with building their own modem firmware. The reduced blobs are on userspace and some HAL components.

If you have a Pixel -> Graphene, if not -> Lineage.

I personally don't care about "security" all that much, my main reason for using Graphene is freedom to use my hardware in any way I wish. This means unrestricted ability to run any program on the phone from any source. Sideloading restrictions don't apply to Graphene, and it is also impossible for state actors to impose things such as client-side scanning of text messages. It's also immune to unwanted AI anti-features.

I use my own "cloud" infrastructure with my phone and I am not interested in using Google's. My Graphene device is configured to route all traffic through Wireguard tunnel and my DNS server. I also use exclusively use my own email server and "cloud" storage for all non-work related purposes. Graphene makes this easy by not leaking any information to Google.

It's nowhere near that. Pretty sure even modules are signed by Google.

I am overwhelmed by the specificity of your demonstrated knowledge on this topic.

That sounds amazing. I aspire to get a setup like yours. I am on a Pixel with the stock OS and I can't stand the way Google is pushing AI into everything on my phone.

I haven't switched it to Graphene OS yet because I read that there are issues with NFC and a few other things. I assume this new phone won't have those problems so I think that will be my catalyst to do a big overhaul.

Don't understand your statement about avoiding client-side scanning of text messages. I've always assumed it would be done by the apps themselves, e.g. WhatsApp, Telegram, etc..

How can LOS's security be somewhat close to GOS if it's worse than OEM? LOS lacks verified boot, hardware security features, it's often behind is security patches.. With "advanced protection" enabled stock OEMs are even more secure, but GOS is even more secure still. When it comes to EOL devices, LOS may be more secure than OEM depending on your threat model.

https://eylenburg.github.io/android_comparison.htm

Yes, even Apple with its practically infinite resources took 14 years from when it acquired Infineon's mobile chipset unit to launching its C1 modem. So much of the telcos' allegedly open protocols are actually implementation-dependent that it takes a lot of testing on actual mobile networks to validate interop.

It's not really locked down. You can toggle or enable some of the more activist-orientated features. The only limitation I'm aware of is that some apps requiring the strongest Play Integrity setting (ChatGPT, some banks, very few airline apps) just won't work on GrapheneOS.

It very much depends on your personal threat model, if you expect targeted attacks LOS doesn't hold a candle to GOS, but at least for my threat model verified boot and hardware security features outside of my control don't have a substantial security benefit.

Obviously it would be preferable to have up to date security patches, but as long as there are plenty oven even more easily exploitable devices, and there is no WannaCry level attack ongoing it is a risk I'm willing to accept for more user freedom.

Here is a good comparison among the major open source android distributions

https://eylenburg.github.io/android_comparison.htm

I think they're saying the phone doesn't stop you from installing a version which doesn't do that.

> I stand corrected. Still, as you say, less point in it since it breaks their security model.

It breaks the entire point of the security model on ALL android devices. It isnt recommended on any Android distribution. It doesnt matter if its LOS or GOS

Honestly don't care for the idea of a system secured from its owner. If I wanted to use iOS, I would.

> Honestly don't care for the idea of a system secured from its owner

It's not. It's making your data secure more secure from attackers.

Not having root prevents me from taking proper backups that include app data, it prevents me from using Aegis to import TOTP codes from Authy. I get that on some abstract level it is more "secure" from any malicious software that might find its way onto the device, but the practical upshot is largely obstructing the user from using the system.

Have you ever had to work on a locked-down machine at an office? I don't need Google or Graphene to play IT department for me.

> Not having root prevents me from taking proper backups that include app data

You can handle this better without root. GrapheneOS includes SeedVault per default for example.

> Have you ever had to work on a locked-down machine at an office?

Fortunately I'm the admin at work :)

> I don't need Google or Graphene to play IT department for me.

GrapheneOS is security+privacy first and "enabling root" compromises on this. Thats why its not recommended.

This depends what you mean by 'issues with NFC'. My understanding is that Google require an OS that is blessed by them for contactless payments in Google Wallet to work. That restriction applies to all alternative operating systems that aren't Google certified stock Android.

The OEM partnership would not change that.

In non-NA regions there may be more options for mobile contactless payments using apps that are not Google Wallet/Pay. So it also depends where in the world you are.

I doubt contactless payments will ever work on Graphene. In any case, I don't find carrying a credit card particularly inconvenient. I prefer cash for small transactions too; it's the only means of payment that is truly anonymous.