Remix.run Logo
andai 6 hours ago

Can someone explain this? I've used custom ROMs back in the day (Cyanogen!) but I'm not familiar with GrapheneOS.

I remember Cyanogen ships without Google Play etc., right? (Because if you install Google Services and a bunch of crap from their store (theirs and otherwise) that spies on you, it defeats the purpose of a privacy preserving OS.

So I'm assuming Graphene is at least as strict as that? (Well Cyanogen at least give you the option of installing all that crap but that would seem to defeat the purpose in this case.)

But more broadly I'm not sure I understand the relevance in this particular context. The article mentions that an abuser could put spyware on your phone? Is that a realistic scenario? (Ok I suppose half the stuff on the Play store is spyware so maybe it's more realistic than I'm thinking...)

grapheneos 5 minutes ago | parent | next [-]

> So I'm assuming Graphene is at least as strict as that?

GrapheneOS is a privacy and security hardened OS. LineageOS and CyanogenMod aren't in that space. GrapheneOS preserves the standard privacy and security features and updates of the Android Open Source Project as a baseline. It greatly improves privacy and security with major privacy and security features along with much better privacy/security updates. It keeps up with the major OS updates including having a release based on Android 17 since the day it was released (2026-06-16).

> Can someone explain this? I've used custom ROMs back in the day (Cyanogen!) but I'm not familiar with GrapheneOS.

GrapheneOS is a production quality OS with around 15 people paid to work on it. It's not a hobbyist project. We've never used the term custom ROM since it isn't accurate and propagates misconceptions. It's best to avoid it.

> The article mentions that an abuser could put spyware on your phone? Is that a realistic scenario?

Yes, stalkerware is very common and there are a bunch of apps marketed for this purpose. It's helpful to get a new phone set up from scratch without the same accounts or automatically restoring any data on it. This can be a GrapheneOS phone but it doesn't particularly need to be. It's not GrapheneOS recommending itself for this purpose. There are an assortment of privacy and security features relevant to this in standard Android 17 and in the features added by GrapheneOS but nothing essential to this. GrapheneOS makes sense as a general choice for a new phone for many people due to being a highly usable, compatible, private and secure device but we're not specifically recommending it for being who are victims of stalkerware ourselves.

lewiscollard 4 hours ago | parent | prev | next [-]

> The article mentions that an abuser could put spyware on your phone? Is that a realistic scenario?

Yes, stalkerware is an entire genre of software and it is designed for exactly this purpose.

How “stalkerware” apps are letting abusive partners spy on their victims https://www.technologyreview.com/2019/07/10/134249/stalkerwa...

The Abuser in Your Pocket: How Stalkerware Threatens Women’s Privacy https://safeescape.org/stalkerware-threatens-womens-privacy/

'I thought I'd been microchipped': How abusers spy on partners with 'parental control' apps https://news.sky.com/story/i-thought-id-been-microchipped-ho...

A web search for the term will turn up many more results. Graphene OS's hardening against exploits, compared to the abysmal record of Android vendors, gives much better odds against any of these apps being able to run with elevated privileges, which means Android's sandboxing is effective.

(Happy Graphene OS user of many years here.)

palata 3 hours ago | parent [-]

Happy GrapheneOS user here as well, but...

I am having a hard time believing your first link, which says:

> In Anna’s case, stalkerware was disguised as a picture message, sent to her by the man she was dating (let’s call him David), just a few weeks after they met. She was then under constant surveillance for about two years

That sounds like an NSO-level attack, right? I doubt abusers routinely pull that out?!

I totally get the problem that "the abuser knows the iCloud password and can use the FindMyPhone feature to track the victim", or "the abuser convinced the victim to install an app that would track the victim without their consent". But I am genuinely wondering how much GrapheneOS protects against that.

watwut 37 minutes ago | parent [-]

> That sounds like an NSO-level attack, right?

Not really, these are available to any script kiddy as long as unpatched phones and software exists. It takes some initial effort to find them out, but that is it.

And I remember similar attacks floating around few years ago even outside domestic violence situation.

Cider9986 6 hours ago | parent | prev | next [-]

Zero Google services are shippsx by default, but you can install Play Store and Services in a sandbox and it has minimal privacy problems, depending on the permissions you give it.

Their docs are really good, not only for their phone but for learning about privacy and security: https://grapheneos.org

You could still install an app that spies on you on grapheneos because it has 99.99% android app compatibility, so if you gave an app designed for spying the relevant permissions, it would still be able to spy. No way it could hide location indicator or anything like that, but I doubt it could do that on other OSes (don't quote me on other OSes).

izacus 3 hours ago | parent | prev | next [-]

It's an advertisement. That's pretty much the difference, the company selling these phones has a very high margin for essentially resell of Google phones with reflash of GrapheneOS.

Nursie 6 hours ago | parent | prev | next [-]

I mean, some obvious things are there in the article, IMHO -

- App isolation and hidden profiles (up to 32 separate profiles)

- Verified Boot (tamper detection on every startup)

So you can do stuff on there that's not going to tip off someone who's controlling enough to demand to see your phone, and so you'll at least be tipped off if someone compromises it.

palata 2 hours ago | parent [-]

> hidden profiles (up to 32 separate profiles)

I am a happy user of GrapheneOS, I don't know about "hidden" profiles. I am not sure what they are talking about.

> App isolation

That's an Android thing, not specific to GrapheneOS.

> Verified Boot (tamper detection on every startup)

That's an Android thing, not specific to GrapheneOS.

defrost 6 hours ago | parent | prev [-]

[flagged]

Walf 3 hours ago | parent [-]

Have you got a link to anything about hiding parallel accounts? I use GrapheneOS, and don't see anything in the UI about it. Am I looking for the wrong thing? From what I can see, it's the same as stock Android's user switching, which has obvious UI elements about switching session.

I see hidden profiles is an open issue, here: https://github.com/GrapheneOS/os-issue-tracker/issues/5003

defrost 3 hours ago | parent [-]

[flagged]

Walf 2 hours ago | parent | next [-]

As much as I don't like to, I do use Google things on phone, and I've really only ever used secondary profiles to use shady apps with far too broad permissions, such as the kind required to update firmware or get data from wireless/Bluetooth devices.

If you do want a smart phone, but don't want rubbish on it, Graphene is very bare-bones by default. F-Droid and other FOSS-friendly app stores can fill in a lot of gaps, and respect your privacy.

Some apps will simply not run without Play Services, but if you had to use such an app, I believe you could do it in a second profile and have Play Services disabled in your main. Regular apps installed for secondary profiles show as "Not installed for this user" in my main, but Play Services is a bit special.

defrost 2 hours ago | parent [-]

[flagged]

palata 2 hours ago | parent | prev [-]

> I may very well be assuming things about G-OS that it doesn't yet have (or may never have).

No offence but... next time maybe make it clear that you are just assuming and don't have any experience with the thing you are describing?

> My mental picture would have been it having partitioned storage (to reduce chance of accidental over writes) filled with "random seeming 'noise'" that held hidden account specific data only accessible with a user provided key.

That would be a normal account on an encrypted phone. Nothing special about that.

defrost 2 hours ago | parent [-]

[flagged]