Greetings fellow privacy fans! I know that this topic has been discussed to death, but I feel as though this can add to the overall discussion. This also may hopefully end up a being a decent summary of both ROMs.
With the Pixel 6a coming out soon, I am looking to flash either CalyxOS or GrapheneOS. I would like to choose the correct OS for me before I get the phone, as once I flash one or the other, I do not see myself changing it.
My threat model does not require the greatest security of all time, but something that could at least prevent someone from getting into the phone if it sat unattended for short periods of time. I would prefer as much privacy as reasonably possible. (Being anonymous is unimportant for my threat model.)
Recommendations from a few privacy centered people.
Techlore: On the resource page Techlore recommends CalyxOS. (If I remember correctly Techlore used to recommend GrapheneOS first before trying CalyxOS, not sure anymore due to the drama.)
The New Oil: Seems to recommend GrapheneOS (Recommends CalyxOS too, but leans more towards GrapheneOS)
The Hated One: Recommends GrapheneOS (Seems to be for more extreme threat models.)
Mental Outlaw: Recommends CalyxOS (He believes good operation security to be the key to privacy.)
Privacy Guides: Recommends GrapheneOS on Pixel 6 devices. (Only recommends CalyxOS for OnePlus phones and Fairphones. Not sure why they only recommend GrapheneOS otherwise.)
(These sources are certainly not exhaustive, but I believe these are certainly some of the most trusted.)
(Corrections encouraged, its why I posted.)
Both can be completely de-googled, but that is impractical so both ROMs have a solution. CalyxOS’s solution is micro-G. It runs with important permissions (not sure on the official terminology) but sends less data back to google than regular google play services. Graphene’s solution is sand-boxed google play services. This sends less data too and be can be tuned to what permissions it has, and therefore what data it can send (please correct me if I am wrong about sand-boxed google play.) It also runs with less permissions.
If possible I would like to choose which apps get to use or not use micro-G or sand-boxed google play services. I know this can be done with user profiles, but at this time, it disables notifications on the user profile not in use, which is not a feasible option for my use case.
Do work profiles solve this issue? And if so, would this put CalyxOS in a slightly better position as they have built in work profiles and do not rely on a third party app to create a work profile?
A final privacy note is with E-sims. CalyxOS still sends phone information to google with E-sims. (I believe the specific information sent is listed on the Privacy Guides website.) Which I assume to only be an issue with phones that support E-sims. But is this even an issue if someone decides to just not use E-sims? Can this be disabled? Or is this just something CalyxOS needs to improve?
(Final note, on privacy I will not be typing anything about location as I plan to keep anything to do with location off.)
From my simple understanding, GrapheneOS improves upon the default AOSP security standards and CalyxOS maintains it. I have only partially read the GrapheneOS website on what improvements GrapheneOS makes to security, and while some of the improvements sound like they would be cool to have, I am not sure that I actually need any of them. Anything that is practical let me know.
(Passwords for example, GrapheneOS extends the allowed length past 16 characters. But I cannot use something like KeePassDX to access my phone so I have to physically type the characters, typing 16 for me already takes a long time so is it really worth it to have more? Is there a better way that avoids bio-metrics?)
CalyxOS performs the same if not better than default AOSP. GrapheneOS due to hardening is slower than default AOSP. This is my understanding from Techlore’s comparison video (Which seems to have been taken down due to age if I am not mistaken.) My main question being, is this still the case? Or due to the Pixel 6 having physical hardware improvements, do the two ROMs have similar performance speed? Or is performance speed completely different from what I have described here?
The people behind each custom ROM.
GrapheneOS I believe has a small team of at least two members to my knowledge. The leader seems to have intentionally gotten into drama. While this may have in no way affected GrapheneOS as a ROM, it does not inspire confidence. CalyxOS is made by the Calyx Institute which to my knowledge (again), is also a small team. I thought I saw somewhere the Calyx Institute got into some drama? This may just have been from someone who is trying to insight a privacy scare. But I would still like to verify anyway, as it may or may not affect my final decision.
Before I close, I have one final concern, support. If you couldn’t tell, I am waiting for the 6a to save money, as it is basically a cheaper version of the 6. I have heard that CalyxOS supports phones a bit longer than GrapheneOS. I am aware that google themselves have to provide security updates to the pixel, but I would like to not have to buy another phone for as long as possible. And if CalyxOS does support what they can for just a tiny bit longer, it may sway my decision.
Well that was long. Looking forward to replies!
(There is a good summary of questions in the replies.) (Also why did I get a thumbs down? I am confused.)