I was thinking about using graphene OS, but I’ve read some lemmy users dislike this OS due to perceived misleading advertising and the pixel 7a you’re supposed to install graphene on because it’s from google (an advertising company).

Another option would be lineage OS, but there is so much false information about this OS, namely compatible phones that simply don’t work with this OS and no support.

what works for you? I want a phone with no google, that doesn’t force me to use the manufacturer’s ecosystem and that won’t show the apps I don’t want or need (on an asus I own you cannot neither get rid nor hide bloatware)

  • springonion@discuss.online
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    GrapheneOS ships with a sandboxed, FOSS Google Play Services which can optionally do a bunch of Google things (use their APIs, login to Google etc.) plus they have some hosted services that can substitute Google services (like geolocation).

    GrapheneOS doesn’t ship with any Google services by default. We do provide an easy and safe way to install the Google Play components if desired, they are run under the same sandbox and constraints as any other ordinary app you install. Because they expect privileged access that they don’t get on GrapheneOS, we add a compatibility layer that essentially teaches them to work under the normal circumstances that is the sandbox. If you don’t want them you don’t have to do anything, they are not present in that case.

    LineageOS basically doesn’t ship with any Google Play style API/frameworks at all. It’s a pure AOSP experience. Any apps on F-Droid work but third party apps (like ones found on Google Play) are hit and miss. If you can just use F-Droid for all of your apps then LineageOS is probably a much more private and secure offering.

    LineageOS does make connections to Google by default, as does AOSP. GrapheneOS changes those connections while LineageOS doesn’t. They can be viewed here:

    https://eylenburg.github.io/android_comparison.htm

    Keep in mind, that table isn’t exhaustive. It lists the regular connections AOSP makes and how each OS handles them, but doesn’t include information on any additional connections that occur.

    You can absolutely download apps from F-Droid on GrapheneOS, what makes you think you can’t, and how did you conclude that LineageOS is more private and secure?

    Both GrapheneOS and LineageOS publish monthly updates with upstream security patches for all supported devices.

    LineageOS is pretty commonly behind on updates. As an example, it seems that LineageOS 21 (based on Android 14 QPR1) came out in February of this year.

    https://9to5google.com/2024/03/12/lineageos-21-review/

    You cannot ship the full security patches without being on the latest version of Android, which is Android 14 QPR3 now. Of course, if the device is EOL, that’s doubtly the case, and no OS can fix that.

    Apparently both GrapheneOS and LineageOS connect to connectivitytest.gstatic.com via http as a Captive Portal test by default,althoughh this was as of 2019-2020 and both might have changed since then.

    I don’t know if this was the case in 2019, but it certainly isn’t the case now. On GrapheneOS, you have the choice of using the GrapheneOS server for the internet connectivity check, changing it to Google’s server or even disabling it altogether.

    • theroff@aussie.zone
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      You can absolutely download apps from F-Droid on GrapheneOS, what makes you think you can’t, and how did you conclude that LineageOS is more private and secure?

      I never said that GrapheneOS couldn’t download apps from F-Droid. I didn’t mention GrapheneOS being able to use F-Droid in my dot points but that was just an oversight, not intenttional.

      GrapheneOS doesn’t ship with any Google services by default. We do provide an easy and safe way to install the Google Play components if desired, they are run under the same sandbox and constraints as any other ordinary app you install.

      The problem with this is that so many apps use Google Play Services. If I didn’t want a phone that used Google, I wouldn’t use an OS that bent backwards to make it work.

      The sandbox model is OK in theory, except when your bank app asks for permissions for microphone, camera, contacts and files, and refuses to start without them.

      The app model is a bit broken IMO and GrapheneOS both enables and perpetuates it.

      LineageOS is pretty commonly behind on updates. As an example, it seems that LineageOS 21 (based on Android 14 QPR1) came out in February of this year. You cannot ship the full security patches without being on the latest version of Android, which is Android 14 QPR3 now.

      I might be being a bit naïve here, but Android 14 came out in October, 4 months prior to LOS 21, which is not particularly long. Android 13 is still supported by upstream. This sounds a bit like running RHEL or Debian vs bleeding edge Arch, no? It’s a common debate whether RHEL systems are constantly out of date, the counterargument being that vulnerabilities are often found in new software versions. Without real statistics about security vulnerabilities over time it’s difficult to make an informed decision about software version policies.

      LineageOS does make connections to Google by default, as does AOSP. GrapheneOS changes those connections while LineageOS doesn’t.

      That is excellent, I’m glad to hear GrapheneOS is changing some of the defaults to be a bit better.