I think the reason GrapheneOS never did a GSI is because most of their security improvements rely on specific hardware calls that GSI abstractions don’t provide access to. This probably would still be an improvement over lineage though, just not as secure as base Graphene is.
It depends. I run GrapheneOS and it can pass everything except the most strict integrity check (which is just that you’re using a custom ROM at all).
In practice most apps don’t have any problems. Google assistant doesn’t really work for me but I’ve seen posts saying people have gotten it working. Google wallet and Google Pay are also explicitly blocked by google, so they will never work.
Doesn’t GrapheneOS have a lot of benefits besides the 3 pixel-requiring hardening features which are removed in Graphite (and the 3 others which are disabled by default but can be re-enabled on some devices)?
I’m not disputing that those hardening features are worthwhile! Pixels with Graphene are obviously much more difficult to exploit than phones without those features.
But there are billions of non-Pixel phones in the world which aren’t about to be thrown away, and the vast majority of phone users absolutely cannot afford a Pixel. GraphiteOS (if it actually works?) seems to me like it is probably a major improvement over the other options available for them.
I think it’s a lot more than just 3 features removed. AFAIK the whole hardware attestation is based on the Titan chip and you don’t have to trust the devices hardware, because you can cryptographically prove that the software is unchanged. It’s not only about the Auditor app, but the whole integrity of the OS, the boot process and firmware is secured by the Pixel’s hardware or more specific the Titan chip.
And the billions of devices can not be saved by a GrapheneOS fork because they’re mostly missing crucial firmware and generally get no updates anymore. That’s why GrapheneOS is only supporting recent devices and especially Pixel devices because they receive up to 7 years updates.
I’m all into getting people a more secure OS but I fear that a GrapheneOS fork is perceived as a secure OS when it’s actually not. The most important security features are still recent (firmware) updates and hardware attestation, verified boot etc.
But why?
so that many non-pixel devices can have an OS with most of the benefits of GrapheneOS?
I think the reason GrapheneOS never did a GSI is because most of their security improvements rely on specific hardware calls that GSI abstractions don’t provide access to. This probably would still be an improvement over lineage though, just not as secure as base Graphene is.
Wait… an improvement over Lineage ? That alone makes it worth existing in the first place.
At first I thought, Graphene OS without it’s features… Why? But what you say sounds like it actually makes sense.
deleted by creator
It depends. I run GrapheneOS and it can pass everything except the most strict integrity check (which is just that you’re using a custom ROM at all).
In practice most apps don’t have any problems. Google assistant doesn’t really work for me but I’ve seen posts saying people have gotten it working. Google wallet and Google Pay are also explicitly blocked by google, so they will never work.
But those benefits rely on the Pixel’s hardware. This is contradictory.
Doesn’t GrapheneOS have a lot of benefits besides the 3 pixel-requiring hardening features which are removed in Graphite (and the 3 others which are disabled by default but can be re-enabled on some devices)?
I’m not disputing that those hardening features are worthwhile! Pixels with Graphene are obviously much more difficult to exploit than phones without those features.
But there are billions of non-Pixel phones in the world which aren’t about to be thrown away, and the vast majority of phone users absolutely cannot afford a Pixel. GraphiteOS (if it actually works?) seems to me like it is probably a major improvement over the other options available for them.
I think it’s a lot more than just 3 features removed. AFAIK the whole hardware attestation is based on the Titan chip and you don’t have to trust the devices hardware, because you can cryptographically prove that the software is unchanged. It’s not only about the Auditor app, but the whole integrity of the OS, the boot process and firmware is secured by the Pixel’s hardware or more specific the Titan chip.
And the billions of devices can not be saved by a GrapheneOS fork because they’re mostly missing crucial firmware and generally get no updates anymore. That’s why GrapheneOS is only supporting recent devices and especially Pixel devices because they receive up to 7 years updates.
I’m all into getting people a more secure OS but I fear that a GrapheneOS fork is perceived as a secure OS when it’s actually not. The most important security features are still recent (firmware) updates and hardware attestation, verified boot etc.