GrapheneOS vs CalyxOS

I wanted to ask the forum what they think about GrapheneOS and CalyxOS. What are their differences and what are the things the one or the other does better privacy or security wise?

from my novice point of view about both Operating System:

CalyxOS is using the AOSP Security without improvements to it. instead of Google services you have the option to install MicroG a OpenSource implementation of the Google services. To Note: MicroG gets system level access as far as I understood.

GrapheneOS greatly improves to the AOSP Security model and does not use MicroG. You have the Option to Install the original Google Services in a Sandbox. Basicly Google Services do not get System level Access.

Both are an improvement to a standard Google Android System in terms of Security and Privacy.
Which to choose depends on your Thread Model, use case, preference and what you want from your Phone and Phone OS.

GrapheneOS only Supports Pixel Phones, CalyxOS also supports one or two other Phone models besides Pixels.

The Websites of both Projects have really good Documentation and I recommend to read them both :slight_smile: for a better picture.

Also on YouTube you can find a lot of videos about both OS :slight_smile:

Personally I am going to get GrapheneOS on my next Phone as I find the concept of removing the system level access from Google services better than exchanging the system level access to an alternative that still communicates with google.

3 Likes

Hey thanks for your input!

I have read both documentations specifically on microG and sandboxed Google Services and in my understanding both solutions would send the same amount of data to google. With microG only the needed data is sent and with sandboxed Google Services the sent data is limited because of how unprivileged Google Services are. So if we are talking about the compatibility tools they are on the same level privacy wise but not on the same level security wise because sandboxed Google Services are much better isolated than microG.

Is my assumption correct?

The sandboxed Google Services also do not get access to your Hardware identifiers like IMEI and SIM id number.

About security: I do not know that, but I assume that sandboxed google services are more secure and they are the original google services and google is really really good with data security.

I think that if you’re looking to improve your privacy and want to go further, CalyxOS or GrapheneOS will both cover most people. If Stock Android is the baseline, I would say that Calyx goes one step further for privacy and Graphene goes one step further than Calyx.

Though I do wonder if that’s still the case. I know it’s conventional wisdom, but also technology and teams change so that doesn’t necessarily mean it will always be in this order.

4 Likes