So following my recent post regarding switching off my EOL iPhone, I have bought a Pixel 9A and installed GrapheneOS on it. I am loving how minimal it is even in comparison to the purest form of Android included on the Pixel by default.
I have gone through the settings on the owner profile and adjusted them to my liking. I am now looking to set up a compartmentalized multi-profile phone. My initial plan was to create 3-4 profiles in addition to the Owner profile, one of which including a private space within it as well, and have all of these profiles running in the background to forward notifications to the active user.
I have since decided against that initial plan as I know myself to be too obsessive over minor details (e.g. making sure settings are the same across all profiles, even for no good reason) as well as the fact that some things would be objectively torturous to manage on that setup, the biggest example of which being my KeePass password database.
My new plan is to first have the Owner profile be used for app installation, and then pushing those apps to a single secondary user profile which also includes a private space. This secondary user profile would include my personal apps and data in its regular space, and my professional apps in its private space (which include a Google sign in to Gmail and an organization account sign in to Microsoft apps, yuck). This would allow easier management of my password database and logging in to services, especially considering the shared clipboard feature. Some feedback would be appreciated, here is the setup in more detail:
Owner profile:
Google Play store with throwaway account signed in (created on the stock Pixel OS before flashing, dodged phone number requirement)
Maybe another app installation method such as Obtainium
Orbot or another free, private VPN running 24/7 (some recommendations here would be nice)
Daily profile:
Normal space:
Two Proton Mail accounts signed in, perhaps use PWAs here if there is a way to enable notifications through them?
SimpleLogin
Notesnook
A maps app (would love to use a privacy respecting maps app, but this may end up being Google Maps without sign in)
WhatsApp
Discord
Private YouTube front end (or just use the website without sign in)
Yubico Authenticator
KeePassDX
Calculator app, camera app, notepad app, browser app, voice recorder app, clock app, weather app, basic calendar app for the sake of the month view widget, photos app, phone app, SMS app
LOCAL DATA: Contacts list, photos, and KeePass database would be stored here
Private space:
Microsoft apps
Gmail
Slack
As for the frustrations I’ve had with GrapheneOS thus far, it’s mainly two things:
Outdated-looking stock AOSP apps. To make it worse, I’ve looked into potentially replacing them but have read that it could cause issues (keyboard not showing up for phone unlock, phone calls or alarms not showing after a fresh reboot, potentially contact scopes feature not working with a custom app, etc.). Is there any way to deal with this issue? If so, what are some recommended apps for privacy and security?
I would like to have a strong, lengthy alphanumeric password as I used to have on my iPhone. The problem is that on my iPhone, I used to overcome the inconvenience of typing it in every time I use my phone by using Face ID. On the Pixel there is fingerprint unlock with a 2-factor PIN which seems fairly comparable in terms of security for my threat model, but the fingerprint sensor on my phone is extremely unreliable and won’t work 80% or more of the time, making it effectively nonexistent. I believe the issue is to do with me using a tempered glass privacy screen protector, but I am not about to use my phone naked and end up destroying my screen. PIN unlock on the Pixel seems to be resistant to advanced brute-force attacks, but I am concerned about someone manually brute-forcing the 6-digit PIN I use in case I lose my phone or have it stolen. I am at a loss for what to do here.
Overall I believe I made a great decision, but as I mentioned there are some things I need to figure out as well as some problems I am currently facing. Would appreciate some insight
Orbot or another free, private VPN running 24/7 (some recommendations here would be nice)
Proton VPN is free, however you have a few limitations
Outdated-looking stock AOSP apps. To make it worse, I’ve looked into potentially replacing them but have read that it could cause issues (keyboard not showing up for phone unlock, phone calls or alarms not showing after a fresh reboot, potentially contact scopes feature not working with a custom app, etc.). Is there any way to deal with this issue? If so, what are some recommended apps for privacy and security?
Could you share the apps? I never encountered an outdated style of an app.
On the Pixel there is fingerprint unlock with a 2-factor PIN which seems fairly comparable in terms of security for my threat model, but the fingerprint sensor on my phone is extremely unreliable and won’t work 80% or more of the time, making it effectively nonexistent.
I own a Pixel 8a with GOS and a long (6 words) passphrase with symbols as a password as well as Fingerprint with Pin-MFA.
Since I’m also someone who drops the phone often (5 meter from a building on a stone, in the bath, on my motorcycle, gotten ran over by the bus – the smartphone not me – and so on) I use a very strong tempered glass and never encounter these typed of issues.
There is a specific setting in the security settings tab to turn on something similar to “tempered glass mode” which helps to mitigate such issues, if this doesn’t work than I could only suggest you to buy another glass.
PIN unlock on the Pixel seems to be resistant to advanced brute-force attacks, but I am concerned about someone manually brute-forcing the 6-digit PIN I use in case I lose my phone or have it stolen. I am at a loss for what to do here.
A 6-digit PIN is at least on an Pixel 7/8/9 with up to date GOS secure enough to withstand APT and state-level attackers as far as we know according to the latest cellibrite leaks and GOS own recommendations.
So if you are not an Edward Snowden or a country leader, the 6-digit PIN should be enough.
Don’t get me wrong they are functional for my use case, but at least personally, I hate the way they look. Especially the for some reason blue AOSP clock app. I read that the GrapheneOS team is working on overhauling or replacing them, but I doubt it’s happening any time soon as this was stated over a year ago and recent complications because of Google are certainly not helping.
If you’re talking about Screen Protector Mode I have already turned it on but it didn’t help. What glass do you use if you don’t mind sharing? Ideally I am looking for one with privacy shoulder-surfing protection like the one I have now.
Yes I am aware. However what I meant is that I am more so concerned about someone guessing my PIN or manually taking their time typing it in for months until they get it right (no advanced brute-forcing techniques through an external device, which seems to be what the Pixel and GrapheneOS are protecting against).
In this case my old, 32-character long password would definitely buy me more time to reset all account credentials and log out of all accounts on my phone before the theoretical attacker is able to get in.
For the PIN question, have you considered a longer PIN? I used to use an alphanumeric password but it was too cumbersome to enter one handed. I switched to a 12 digit PIN and that works just fine. If a phone number in the US is 10 digits and we can memorize those, I figured I could memorize 12 digits.
Example: 123 456 789 123
Not so bad when you break it up. Also this is not my PIN lol
Have you tried using heliboard or floris keyboard? I had some minor issues with AOSP keyboard on lineageOS and I tried these two, both worked flawlessly and I would recommend them over the AOSP one. I disabled the AOSP keyboard.
KInd of unrelated, but how is the battery life on 9A after flashing GOS?
What kind of SOT are you getting and is it any better/worse than the stockOS?
Great that you are happy with your decision so far. Here is some of my personal experience with a similar phone and the opinions I formed from it. I hope it will proof helpful for you.
You can setup multiple user profiles on Android and the feature should be even more advanced on GrapheneOS. But there is also Work Profiles on Android and I really hope on GrapheneOS too.
You can create your Work Profile with Insular or Shelter. I use Shelter on CalyxOS. With that you can have the same App twice and isolate work apps and their data from private apps and their data, without ever switching profiles. On iPhone such a feature does not exist, so many people do not know about it.
I don’t use a screen protector and find them to be pretty stupid. They reduce the picture quality of the screen and inhibit sensors like the finger print sensor. They don’t even provide real additional protection, at least in my case. That’s a bad pun, because i use a case to protect my phone from damage. I chose one with extra shock absorption on the four corners, because dropping the phone on a corner is the most likely cause for a broken screen. It also has a lip around the screen. So if the phone lays on screen down on a flat surface, there is a gap of almost one millimeter between the surface and the screen. To keep the phone further protected it just a has it’s own pocket or compartment, in whatever it’s transported in. - That’s what works for me. I never had a broken phone screen. And yes I dropped every phone I had at least once. Even you still believe in screen protectors, I hope you can at least see that there is another way, even if it’s not the one you choose to follow.
For maps and navigation I really like Organic Maps because of it’s sleek interface. I also like OSMAnd~ because of it’s many features, but it is not as sleek and needs much more storage. I used both with offline maps. There are two major downsides compared to Google Maps. You don’t get real time traffic information, which is not an issue for me, because on my usual routes, I would not benefit from it and even Google Maps wouldn’t have actually good data. The other downside is a vastly inferior search function, wich makes finding a location much less convenient. It is not a deal breaker and I still find everything (sometimes with the help of an internet search in my web browser). It is just a little bit annoying.
To find nice Apps you can search on https://f-droid.org/ and https://android.izzysoft.de/repo even if you don’t want to use either of them. They both “app stores“ are at least a comprehensive list of most Open Source Apps out there. There are also “Awesome Open Source Android“ App Lists you can browse through. For beginners, I’d stick to F-Droid. Their selection is (the closest thing to) an trusted catalogue with vetted apps.
I haven’t but I’ve looked briefly into other keyboards such as the Fossify keyboard (pretty sure it was that one, could be wrong), but the problem is the keyboard was broken for a period of like 3 months or something on specifically GrapheneOS I believe because it didn’t support something called direct boot or something…? Don’t quote me on the details but basically people were locked out of their phones for that entire period because the keyboard wouldn’t launch on boot for people to enter in their passwords.
I looked up the keyboards you mentioned just now and in terms of looks they are definitely great looking and miles ahead of the AOSP one. I just don’t want to lock myself out of my phone if I can help it, so that’s why I am afraid of switching from the AOSP keyboard. I’ve heard similar (though not as severely punishing) issues in regards to switching from other stock AOSP apps on GOS such as the clock or phone apps.
Sorry can’t provide any information on this as I basically immediately flashed GOS on the phone like two days ago and haven’t really switched to it seriously just yet. I am still in the experimentation phase for now.
Yes I know about the feature and it’s great that Android supports this. Honestly don’t see it ever coming to iOS.
Android 16 also introduced the Private Space feature which is the same thing but more integrated into the system and (based on what I’ve read) better isolation. GOS has it and it is what I am planning to use.
Interesting take on the screen protector problem. For me it’s not just about protecting the screen though because mine also prevents shoulder-surfing attacks.
Furthermore I believe in my case protecting the screen is extra important because Google does not officially support my country for the Pixel phones (got mine from Amazon) and so Pixel phones and support for them within my country basically doesn’t exist. If the screen were to break that would be incredibly unpleasant.
If that’s a concern on GOS then its best to avoid it until you are certain. I tried out heliboard on my lineage OS device (without gapps) for 2 months and didn’t have any issue.
alright if you can’t provide a comparison, then could you let me know what kind of battery timings are you getting now, (or whenever your experimentation phase is over)
I use Accrescent and Obtainium for installing open source apps.
Proton VPN, just like @Onscreen5341 mentioned, has a free option. If you install it using Google Play/Aurora, you can login as a guest - without a Proton account.
I replaced SimpleLogin with Proton Pass, which contains more features and has a nicer UI.
I’ve used Organic Maps for a few years. Recently, I switched to CoMaps, which is based on Organic Maps. Both use OpenStreetMap, work offline, and don’t require any account.
I’ve used multiple apps for YouTube:
NewPipe/Tubular/PipePipe
Materialious/Clipious
LibreTube
Unfortunately, YouTube is aggressively blocking Invidious, Piped, yt-dlp, and cobalt.tools, making these apps unreliable.
I recommend the Fossify suite of utility apps, which includes the following and more:
Which would you personally recommend and why? I noticed Clipious is on Accrescent.
About the Fossify apps and the others you mentioned, have you faced any issues specifically related to the replacement keyboard, clock, contacts, phone, and messages apps you use? I read of potential issues when using them on GrapheneOS, specifically related to rebooting the phone leading to missing keyboard for entering password, potentially missing alarms and calls with custom clock and phone app, and certain features such as contact scopes relying on the stock contacts app (not sure about this one).
For the last few weeks, I’ve been using yewtu.be (or another Invidious instance) when I want to watch a YouTube video. Piped and cobalt.tools seem broken for a while now… And I mostly use the FreeTube desktop app on my PC anyway.
I haven’t had any issues. For any clock/alarm app, make sure the app can run in the background and has the right permissions. If you encounter a bigger issue you can ask for advise on the Graphene OS forum.
When I used CalyxOS, that work profile was something I appreciated a lot.
HOWEVER, you can only have work profile on the Owner profile, not another User Profile. So the way @passwordless has GrapheneOS set up, where Owner is just for installing apps to shuttle them to separate user profiles, is incompatible.
I personally do miss having the work profile and if I had known of this limitation ahead of time, I would be using the Owner profile as my main profile, which will have Shelter running and managing my work profile.
There is this other feature in Android called Private Space, which is similar to work profiles. Main difference is work profiles are managed by another app, while Private Space is a native Android feature and GrapheneOS recommends it over work profiles. But again, this is only available on the Owner profile.
EDIT: Even though Google says won’t work on secondary user profiles, GrapheneOS did some magic to allow Private Space to work on any user.
As all apps in GrapheneOS are sandboxed, many threat models might not even need separate user profiles, so it’s worth experimenting. It’s typical for users to go through multiple setups before finally settling on what they think works best for them.
Wow, I appreciate the clarification. Work Profiles doesn’t work outside of Owner and I only read Google’s notes about private spaces which mentioned not being available on secondary user’s profile, so I just assumed without trying. GrapheneOS devs are magicians.
You have a great setup. I did something similar with my Pixel 8. Just leave it and live with it for 2 months. You’ll get over Face ID, it’s just a loss.
