Stock OS vs GrapheneOS

I just finished watching Techlore’s video about why Henry is leaving alternative operating systems and I decided to compare stock OS to GrapheneOS against the same points in the video.

  1. Project trust

Can you trust GrapheneOS to keep up with upstream updates?

Yes, you can because GrapheneOS stays really close to upstream and in some cases even deliver updates before the stock OS does and has an excellent track record.

GrapheneOS updates are completely seamless, more secure, and robust. They’re even more private and the benefit of that is that GrapheneOS isn’t able to comply with a government order to build, sign and ship a malicious update to a specific user’s device based on information like the IMEI, serial number, etc. The update server only ends up knowing the IP address used to connect to it (which can be hidden with a VPN or Tor) and the version being upgraded from based on the requested incremental.

  1. GAPP

I will just skip this because all of the GAPP features work on GrapheneOS except for restricted app installation.

The reason for that is because for that feature to work it requires Google apps to have privelleged access to your phone which is a big no-no and that’s why GrapheneOS chose to go out of its way to make Google Play Services work fully sandboxed without any privileged access instead using a half baked solution like MicroG.

But that’s not a big deal because you can revoke the install permission from all of your apps and only use Play Store (yeah it’s just that simple).

  1. Nice-to-haves

MySudo works on GrapheneOS.

Paying for applications works the same way it does on stock OS.

So what do you lose when switching from stock OS to GrapheneOS?

  1. Android Auto doesn’t work because it requires privileged access to your phone.

  2. Some garbage banking apps don’t work too, but most of them do. Though you can do banking in a PWA or web browser or on a separate device.

  3. You lose data collection.

  4. You lose Google having privileged access over your phone.

  5. You lose a lot of proprietary bloatware and a lot of attack surface.

  6. You lose contactless payments with Google Pay, but other implementations of contactless payments work.

While gaining everything that’s mentioned here:

Thanks for reading, if you see any mistakes please correct me and if you have any questions just ask.


GrapheneOS is still a smallish(?) donation funded project with a small userbase whereas Google has entire teams of people insuring feature and security fixes are shipped out to their devices as soon as possible. Not to knock the GrapheneOS team but it’s a fact that it will still take time for them to test the updates and push them out compared to stock.

  • Convenient backup solutions like Google One
  • Material You stock apps (continuous design language between apps is lacking on GOS)
  • Live translate
  • Call screening
  • Adaptive charging
  • Hey Google
  • Parental controls
  • Google Recorder transcription
  • Now playing on the lockscreen
  • Quick tap (double tap back of phone)
  • Google hold for me
  • Adaptive sound
  • Live caption
  • Extreme battery saver
  • Realtime background audio filtering for calls
  • Ultra-wideband car key integration
  • At a glance

Looking at this as an end user who may not be that interested in privacy you do lose a lot of features that are included with the phone (basically all of the cool features).


Privacy and security are the only reasons to install GrapheneOS, I don’t think anyone thinks it’s a more feature rich version of Android.

Some people want an open source operating system for their computer, and many of them are going to want an open source operating system for their phone for the same reasons.

For some people, the features don’t matter, they just don’t want a phone they can’t trust.


To be fair if you know your way, you can add all the cool features.

The main thing that GOS probably lacks is the working of banking apps, thats pain in the ass in the custom rom ecosystem.


GrapheneOS Foundation is incorporated as a federal non-profit organization in Canada.

It doesn’t matter how GrapheneOS is funded because what GrapheneOS needs is not money but more talented developers that they could HIRE to work on a project.

As I said above, GrapheneOS is very close to upstream in terms of updates, and in some cases, GrapheneOS is ahead of stock OS.

I prefer privacy and security over convenience. SeedVault or manual backups work well enough for me and most of the other GrapheneOS users and the team is working on a new backup implementation that will replace SeedVault.

I have no idea what you mean. You can easily achieve the same on GrapheneOS.

These are available on GrapheneOS by default, I don’t know where you got this information.

TLDR: Some of the things you mentioned aren’t available because they require privileged access and most of the things you mention can be easily done on GrapheneOS and some of them already exist by default. And all of the features you mentioned are convenience features.

1 Like

Most of them work.

1 Like

I think the reason why Henry doesn’t use GrapheneOS is because of the whole Daniel Micay leadership stuff but I hope that with the new leadership, things will change.


I will not engage in nontechnical discussions, especially this one, because it’s childish and unproductive, and unhealthy.

GrapheneOS as of now has enough money. What they need is talented developers that they could HIRE for that money.

Talented developers still need to be paid. For example there is a lot of work on Linux because there is a lot of money in that world since Linux is used all over the server space.

To bring an example closer to here, imagine saying that all Techlore needs is good video editors or something. They would need money to hire those people. We shouldn’t expect people to work on things simply because of passion.
(just an example not saying the video editing is bad)


Again, they have money, they need talented developers to hire with that money, which makes it irrelevant that they are non-profit.

1 Like

Just wanted to add that some of these garbage apps may still work if you enable the “Exploit protection compatibility mode” in the app settings. So, if your app doesn’t work maybe you want to try that first before giving up.


I’m aware of that. I’m talking about apps that don’t work just because only stock operating systems have “Google certification” which doesn’t matter at all and is useless. This is just a way to gatekeep people to use stock OS.

GrapheneOS has a detailed guide on how to make all of the apps work on not only GrapheneOS but other alternative operating systems without sacrificing any security but actually improving it.

If the app doesn’t work on custom operating systems it’s because developers of that app don’t give a FU*K.

“GrapheneOS users are strongly encouraged to share this documentation with app developers enforcing only being able to use the stock OS. Send an email to the developers and leave a review of the app with a link to this information. Share it with other users and create pressure to support GrapheneOS rather than locking users into the stock OS without a valid security reason. GrapheneOS not only upholds the app security model but substantially reinforces it, so it cannot be justified with reasoning based on security, anti-fraud, etc.”

And? This doesn’t at all address Jordan’s point:

And? Even if this is the case it still doesn’t address the concerns raised by @jordan

I’m glad they work well enough for you, but they don’t work well enough for everyone. Especially people coming from the Apple ecosystem who have both secure and convenient backup options in the same place. (Encrypted local backups, and now E2EE cloud backups with ADP)

addressed by:

You can acknowledge these are genuine shortcomings of something and still acknowledge it’s for people prioritizing those specific security features. Those ‘people’ are not everyone, though I’m happy it works for your uses. Just as stock fit my uses, and shortly after iOS + Lockdown + iCloud ADP.

Well, just one not working for someone can be a huge issue for them. This issue exists for pretty much all custom ROMs unfortunately. (to different extents - unless you’re installing Play Services) But the app issue is a serious one and saying ‘most of them work’ is not what the average consumer wants to deal with, coming from a situation where 100% of their apps work.

Leadership of a project is 100% relevant to a service. When Moxie left Signal people watched (and discussed) very carefully to see how the project would be handed over. Discussing this is neither childish, unproductive, nor unhealthy. If you choose not to engage in that discussion then don’t, but I would expect others to productively discuss the valid concerns of any project receiving new leadership.

And? This doesn’t really change people’s points.

And? At the end of the day it still means the average end-user may not be able to use the apps through this project. If you want to battle who’s responsible for this then go for it, but the average user won’t care - and it’s ultimately still a shortcoming of the project at the end of the day, whether or not they’re the ones responsible.


Micay has literally claimed that Techlore and it’s community has engaged in a year-long harassment that culminated in him being swatted. He’s accusing @Henry and the folks here of nothing short of attempted murder.

I don’t love Louis Rossman, but watch his video on the subject.

I would hope to God that this alone greatly affects “project trust.” I get that he’s stepping down, but as is, I don’t feel comfortable with Graphene anymore, doubly so as someone publicly posting here.

1 Like

Very valid, all personal preference for sure when it comes to trust. I would say that this is definitely a difficult time as there’s been very little information shared to the public. So it’s probably worth waiting until the ‘transition’ is complete, who will take over, etc. Which are IMO important questions to be asking regardless of the project, and regardless of the history.

If I randomly announced I was stepping down from Techlore I would hope people would be hesitant to continue trusting Techlore until all the details were made public and I did an adequate job of transitioning Techlore to someone in a way the community would trust.

It doesn’t matter if Google has 1000 people working on it and GrapheneOS has 1 if updates are close to stock OS and in some cases, GrapheneOS is ahead which is paired with an excellent track record.

I would like him to prove with real-life evidence that Google having more people on it make a difference.

That’s why I specifically said that it’s for me and most GrapheneOS users. Currently, nothing comes close to Apple in terms of secure and convenient backups. But I really hope that GrapheneOS’s new backup implementation will be on par or better than Apple’s.

Some places have a list of which apps work on GrapheneOS and which don’t so users don’t have to go in blindly.

I was talking about coming after the GrapheneOS project just because of the lead developer’s beef with others. This is like coming after Brave because CEO is homophobic. I don’t like these kinds of things and I would rather stick with technical discussions. Either way lead developer stepped down to get some rest and help and prevent his beef from hurting the project.

Discussing new leadership is perfectly fine and valid. I have nothing against that, you just misunderstood what I’m talking about.

This is not the project’s fault. That’s all I have to say.

1 Like

Just throwing in my minor opinion.
I am aware of this whole situation about Rossman, Micay and “harassment” thing and his reaction to it. I don’t really side with anybody in this, but i’ll just say that i would use GrapheneOS regardless if it’s lead developer is an asshole to anyone in particular or in general or whatnot. To me the principles of the project and it’s open-source nature outweigh any dev’s personality as it can’t undermine the trust that they provide.


All I’ll add here is it doesn’t (currently) seem to be the case, contributions were just made today, and have been made nearly every day: thestinger (Daniel Micay) · GitHub

I’m really wanting to see better transparency over this, because as far as I can tell:

  • Developer is still contributing
  • Developer is still active on social media
  • No announcements have been made over who’s taking over

This ‘step down’ has resulted in 0 change to the project’s leadership. Again, at least at the time of writing this. Unless there’s information I haven’t seen yet regarding this.


I don’t support either side too. What matters is being united as a privacy community instead of fighting each other. We should fight for freedom and privacy, not fight each other.