this post was submitted on 30 Aug 2024

153 points (100.0% liked)

Privacy Guides

16541 readers

43 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.

You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...

Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!

This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.

Moderation Rules:

We prefer posting about open-source software whenever possible.
This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
No soliciting engagement: Don't ask for upvotes, follows, etc.
Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
Be civil, no violence, hate speech. Assume people here are posting in good faith.
Don't repost topics which have already been covered here.
News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
No misinformation: Extraordinary claims must be matched with evidence.
Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago

MODERATORS

jonah@lemmy.jonaharagon.net

153

GrapheneOS now officially supports Pixel 9, 9 Pro, and 9 Pro XL | GrapheneOS is a private, secure mobile operating system with Android app compatibility, developed as a non-profit open source project (9to5google.com)

submitted 2 weeks ago by ForgottenFlux@lemmy.world to c/privacyguides@lemmy.one

42 comments fedilink hide all child comments

all 45 comments

sorted by: hot top controversial new old

[–] ExtremeDullard@lemmy.sdf.org 38 points 2 weeks ago* (last edited 2 weeks ago) (9 children)

And it still doesn't support anything that isn't a Pixel phone.

I respect GrapheneOS very much. But the fact that you need a Google phone to install a deGoogled Android ROM is one contradiction I just can't get past. I hate Google and I'm never going to buy their hardware and give them money for the privilege of escaping the Google corporate surveillance.

I'm aware of the technical reason why GrapheneOS only supports Pixel phones, but that irony is just too rich for me. So I use CalyxOS on a very much non-Google FairPhone4, and while it's formally slightly less secure than GrapheneOS, at least Google got none of my money and that's a lot more important than security to me.

[–] narc0tic_bird@lemm.ee 26 points 2 weeks ago (2 children)

It is quite ironic. "I don't like Google, let me free myself from all of Google. But to do that first let me buy that $500-$1,000 phone made by Google to then get rid of all the Google software on it".

[–] helenslunch@feddit.nl 16 points 2 weeks ago (2 children)

Google makes a lot more money from your data than they do from these phones.

[–] narc0tic_bird@lemm.ee 8 points 2 weeks ago (2 children)

I still think if I was strictly anti Google that would imply giving them not a single dime.

[–] eighty@lemmy.world 7 points 2 weeks ago (1 children)

I don't really have a stake in this race because it's quite a dilemma (personally I like the idea of Graphene supporting more devices with varying security promises) but I'd imagine between buying a 2nd hand Pixel or exclusively using Google services, Google would rather people do the latter.

They simply make more out of data gathering and GrapheneOS sidessteps that, so as a user I'm leaning towards the former so I can more readily degoogle myself.

[–] StormWalker@lemmy.zip 1 points 2 weeks ago

degoogle yourself

[–] muntedcrocodile@lemm.ee 2 points 2 weeks ago

I don't think it's about not giving google money, I think it's about protecting personal privacy. I will happily give Google money if it's in a privacy respecting manner for high quality product.

[–] PrivateNoob@sopuli.xyz 1 points 2 weeks ago (1 children)

Well if you're influenced by ads then absolutely. I'm not sure how much money does it make from techy people like us. It definitely makes something.

[–] helenslunch@feddit.nl 5 points 2 weeks ago (1 children)

It doesn't matter if you're influenced or not.

[–] StormWalker@lemmy.zip 1 points 2 weeks ago

I'm influenced..

[–] PirateMike94@lemmy.world 1 points 1 week ago

To be fair, there's an argument to be made that "I'll just pay Google one last time in order to get my privacy back."

[–] boredsquirrel 19 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

Their hardware requirements are pretty clear. Samsung is the only one with comparably secure devices, but they use nonstandard tools like Odin and lock down many security features to the stock OS only.

Other companies are supposedly not making anything as secure.

https://grapheneos.org/faq#future-devices

Also, only Google can really ship updates that quickly and fully, as Android is literally their OS. They are also a huge company, so yeah they have way more resources than a random other company you might prefer.

Example Fairphone, which has horrible update schedules

[–] ExtremeDullard@lemmy.sdf.org 9 points 2 weeks ago* (last edited 2 weeks ago) (4 children)

I am aware of the shortcomings of my choice.

But my priority is to not give a cent to Google: what am I supposed to do then?

I argue that GrapheneOS gives Pixel phones more value, thereby supporting Google. That is not great.

[–] stallmer@sopuli.xyz 14 points 2 weeks ago

Buy a used Pixel phone.

[–] communism@lemmy.ml 10 points 2 weeks ago (2 children)

If your priority is to not give a cent to Google then don't use GrapheneOS. There are other degoogled OSes for people whose priority is that. If your priority is security then you'd be willing to sacrifice on avoiding anything Google by getting GrapheneOS.

In any case, technically if you wanted to avoid anything primarily made by Google you'd have a Linux phone. The degoogled Android OSes are still based on Google's open-source code.

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

if you wanted to avoid anything primarily made by Google you’d have a Linux phone

That's true.

Unfortunately that's not possible: I live in a country that delegates secure authentication to banks, and banks only supply 2FA apps that work in Android or iOS. If I had a Linux phone, I'd still need another phone with Android just for the purpose of banking, interacting with social services, logging in my work hours, getting notifications from the post office...

That's the misery of Android: Google is such a pervasive monopoly that even if you want a fully deGoogled OS, the basis of it has to be 95% made by Google anyway because the rest of society goes along and reinforces their monopoly. And at some point, even someone like me has to make compromises to simply live normally.

I would gladly buy a Linux phone and I'd even put up with their quirks (I tried one once so I know they're not as polished an experience as Android). But I am also a practocal man and it's just not an option.

[–] communism@lemmy.ml 8 points 2 weeks ago

I'm sorry to hear that, but also, what does that mean for people in your country who don't have smartphones? I know that sometimes people aren't allowed to own smartphones (refugees, or sometimes imposed on a defendant as part of criminal proceedings)—if you don't own a smartphone can you just not participate in society there?

Tbh when I've been required to install some kind of dodgy proprietary app that doesn't work well with GrapheneOS I just tell them I don't have a smartphone and they seem to be fine with that and offer me a "low-tech" alternative for whatever it is (usually some kind of 2FA app). It's concerning when important things are inaccessible to people without a smartphone, because of course that's the baseline for things being accessible for everyone regardless of their phone situation, e.g. people with degoogled phones etc.

[–] boredsquirrel 3 points 2 weeks ago

I also dont think you give Google a lot of money when just leeching on their services with lots of fake accounts.

I use Youtube with adblock / custom apps since 6 years or something, so that should be equal to the market value I gave their phones on the used market

[–] boredsquirrel 10 points 2 weeks ago

The phones are good. Yes it is a lot of money, and they do silly stuff with these phones, like removing everything or using glass everywhere

I just buy used. Way cheaper, never gonna pay more than for my Laptop

[–] StormWalker@lemmy.zip 1 points 2 weeks ago

It is funny, pixel phones gaining popularity due to de-googling. Something seems very wrong with that haha

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Example Fairphone, which has horrible update schedules

Fairphone's release schedule and Calix' release schedules are two different things. CalyxOS is updated less often than GrapheneOS for sure, but it's updated a lot more often than Fairphone OS.

[–] boredsquirrel 4 points 2 weeks ago (1 children)

Nobody talked about Calyx, but yeah, Fairphone is the worst XD

Others like /e/OS are similar to Fairphone (it runs on Fairphones)

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago (1 children)

Nobody talked about Calyx

I did, and you replied to me 🙂

[–] boredsquirrel 3 points 2 weeks ago

And now I am replying back, just like that!

[–] DrJenkem@lemmy.blugatch.tube 13 points 2 weeks ago (1 children)

Are you using a vibes-based threat model?

[–] e8d79@discuss.tchncs.de 12 points 2 weeks ago

Not every threat model requires the security level GrapheneOS provides. My threat model ends with Google and other big corporation shouldn't spy on me and if I lose my phone anyone finding it shouldn't get in and be able to steal my identity. I think DivestOS and CalyxOS do a fine job with that.

[–] TexMexBazooka@lemm.ee 5 points 2 weeks ago

Buy used? Pixel 8s are on a fire sale now

[–] phoneymouse@lemmy.world 5 points 2 weeks ago (1 children)

It would be nice if the GrapheneOS dev would work it out with the FairPhone folks to make a device that could be supported. I don’t know why any company would hesitate to work with him, he is obviously doing good stuff, but I agree, Pixel only is kind of a turn off because it doesn’t seem like a long term path to building something sustainable in terms of both hardware and software. It’s a workaround.

[–] ExtremeDullard@lemmy.sdf.org 6 points 2 weeks ago* (last edited 2 weeks ago)

I think GrapheneOS should come with a no-compromise-security branch that only supports Google Pixel phones and an "ordinary security" branch that supports a wide variety of less-secure but non-Google hardware for people who can't stomach the idea of buying a Google phone.

GrapheneOS would reach a much wider audience, and not everybody needs perfect security. I for instance am a low-value target and I have no need for GrapheneOS-level security.

[+] qweertz@programming.dev 4 points 2 weeks ago (1 children)

[deleted]

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

If you buy second-hand, you give money to Google.

Someone bought the phone the first time and gave their money to Google, and you reimbursed part of that money to that buyer. In the end, Google gets your money. Maybe not full brand-new retail price, but what you paid for your second-hand phone goes indirectly into Google's coffers.

Buying anything Google, second-hand or not, supports Google's business. Given the choice, I refuse to support Google in any way, shape or form.

[–] TheHobbyist@lemmy.zip 11 points 2 weeks ago (1 children)

I'm sorry, what? That does not make sense to me.

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago

Really?

Say I buy a pack of gum at the supermarket. The supermarket got my $2. Then I resell the pack of gum to my neighbor for $1.50. Who do you think has my neighbor's $1.50 in his pocket? Me or the supermarket?

Hint: it's not me. I'm still down $0.50 from the moment before I bought the pack of gum. And even if I had sold it to my neighbor full price because it's new and unopened, it'd like I never bought it in the first place and my neighbor did.

[+] qweertz@programming.dev 5 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

[deleted]

[–] ExtremeDullard@lemmy.sdf.org 5 points 2 weeks ago (1 children)

tl;dr: your money does not go to Google and the ppl you get it from would have purchased it anyway. The device just ends up in your hands instead of the land fill or being recycled

It all depends on how you look at it. You choose to see it as your money saving an object from the landfill, and I choose to follow the trail of my money going all the way to Google's pocket ultimately.

But those two outlooks are not incompatible: they both hold true. You just choose to disregard the latter while I can't get past it.

[–] helenslunch@feddit.nl 5 points 2 weeks ago

usually used or refurbished devices are from ppl who would have bought it anyway

You don't think resale value affects purchasing choices at all?

[–] uzi@lemmy.ca 2 points 2 weeks ago

Which phone on the market has the best hardware sexurity?

[–] StormWalker@lemmy.zip 1 points 2 weeks ago

I hear you. And it is ironic, I agree. The way I deal with it in my head is: I use nothing google in my life. (Except for YouTube via NewPipe). And I purchase a Pixel pro used from eBay when it is 1 year old, and keep it until I feel the need to upgrade. New pixel pro's here in the UK sell for £900-£1000, but you can pick up a used one on eBay only 1 year old for £300, and the money does not go directly to google. So my contribution to google is tiny compared to most people. If GrapheneOS ever do support another flagship phone with good cameras then I will gladly swap. But for now I don't see an option where I can have it all. There has to be a compromise somewhere. But I applaud your anti-googleism!

[–] Cyberjin@lemmy.world 1 points 2 weeks ago

Pixel phone also uses modified Exynos chips, that Samsung themselves stopped using in Europe because they suck.

[–] boredsquirrel 6 points 2 weeks ago

Damn that was fast.

[–] TheHobbyist@lemmy.zip 2 points 2 weeks ago

I think early last year they hyped some potential partnership to have a custom grapheneOS device, anyone know what happened to that?

[–] DoucheBagMcSwag@lemmy.dbzer0.com 2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

Is android auto still broken?

What are you losing by going to this?

[–] jet@hackertalks.com 9 points 2 weeks ago (1 children)

https://eylenburg.github.io/android_comparison.htm

Here is what you gain

[–] DoucheBagMcSwag@lemmy.dbzer0.com 6 points 2 weeks ago

Oh cool! Auto is working?? I may give this a try since I don't give a shit about Google pay