I’m considering the switch to GrapheneOS, so I watched this interview with one of the members of the GrapheneOS team, and honestly, I feel it was a great general introduction to it and touched on common features and misconceptions.

For those who don’t know, it’s one of the most secure and private mobile operating systems out there. Some things that I took away:

  1. They touched upon MAC randomization. I researched a bit on my own about what the need for it is. Apparently, it’s standard practice to randomize MAC addresses when scanning WiFi connections. However, GrapheneOS (and Pixel firmware) are even better at this, as they make sure they don’t leak any other identifiers when doing so. They also allow you to get a new random MAC for every connection that you make (not sure whether this is very useful, as this can cause problems). On a related note, even when WiFi/Bluetooth are “off,” stock Android can still scan in the background to improve location accuracy (by matching visible networks/devices against Google’s database). So basically, even with WiFi/Bluetooth off, Google still knows where you are. In GrapheneOS, this option is off by default.

  2. They have their own reverse proxies that they use to talk to Google on your behalf when needed.

  3. Apparently, in the USA you can be compelled to provide a fingerprint or Face ID. Courts have ruled this doesn’t violate the 5th Amendment because it’s physical, not testimonial. BUT you cannot be compelled to provide a password/PIN. That’s considered testimonial evidence, protected by the 5th Amendment. GrapheneOS has a two-factor system where, after using your fingerprint, you still need to enter a PIN, so it helps with this. They also have a BFU state after reboot, which is the safest and requires you to enter your full passphrase.

  • ☂️-@lemmy.ml
    31·
    5 hours ago

    the only bad thing about graphene is that it needs an expensive pixel. and how they are mostly unobtanium.

    • pmk@piefed.caEnglish
      3·
      4 hours ago

      I got a pixel 9a for 370 euro in Sweden, which isn’t too bad. You can get a good refurbished 7 for less and it will have support for years to come.

    • Luffy@lemmy.ml
      3·
      3 hours ago

      Just doing some TP math for you.

      A xiamoi Redmi something something is about 130€. A pixel 8a is 370€ or a 9a 500€.

      With the xiaomi, you are getting no security updates for more than a year. For a pixel 8a, you get 6 years and 7 with the 9a. Therefore, if you want to keep your phone up to date because your Banking app needs those to work, you are looking at about 65/71€ per year. Also, if you want to keep it longer, you can use it for longer, with the build quality and a battery change up to 10 years or so.

      Also, anecdotally, those cheap phones are built like shit, run like shit, and you are genuinely better off buying a Samsung galaxy S7 and daily driving that. (Which I got when the S10 first came out, and BTW is still holding strong when I need a second phone in case I loose my pixel 7, after 6 years, unlike my huawei P30 which didn’t last a year until it started getting to 100°C when being on, and lagging to the point of being unusable.)