The Ultimate GrapheneOS Guide: Perfect for Beginners

I am thrilled to announce the release of “Welcome to GrapheneOS: A Complete Guide for New Users”. This guide is a meticulously crafted resource that aims to enhance the understanding and utilization of GrapheneOS, a prominent privacy and security-focused mobile operating system. Perfect for newcomers, this is your go-to resource for all things GrapheneOS.

What sets this guide apart is that it has been reviewed by a core team member of GrapheneOS, ensuring the accuracy and reliability of the information provided.

The guide offers clear and actionable tips for:

1. Comparing GrapheneOS with other popular Android ROMs
2. Installing and setting up GrapheneOS on your device
3. Navigating app compatibility and discovering recommended alternatives
4. Implementing essential privacy and security best practices
5. Understanding the future plans and development roadmap of the project

Project link here: Welcome to GrapheneOS: A Complete Guide for New Users - GitHub

I am excited to hear your thoughts and experiences regarding the guide. Your feedback is not only welcomed but also essential in improving and developing this resource. If you find it helpful, please feel free to share it with others who may benefit, and consider showing your support by starring the repository on GitHub.

Let’s continue to support and grow the GrapheneOS project together, promoting a more secure and privacy-focused mobile experience for everyone!

Disclaimer: While the guide was reviewed for accuracy by a GrapheneOS moderator, GrapheneOS does not officially endorse the guide and cannot vouch for its continued accuracy.

I think you should probably replace the Google Play row with something more along the lines of:

Otherwise you ignore the fact that other systems (i.e. Divest) sandbox these dependencies as well.

And you should fix the long-term support row, which is extremely inaccurate. You need to decide whether it means:

1. Years of support after the device is EOL

   • in which case, GrapheneOS is actually more like 1-2 years, not 5

2. or, years of support since the device launch date

   • in which case, CalyxOS is actually more like 5-7 years, not 1-3

You’re currently using the first definition for CalyxOS and the second definition for GrapheneOS, which obviously makes GrapheneOS look unrealistically better. It probably goes without saying that DivestOS blows both of them out of the water in terms of post-EOL updates, but I’m not sure that’s very clear in your table either.

Here’s some feedback:

• MicroG is not a suitable alternative for GrapheneOS users, as it requires privileged installation to function properly.

This isn’t entirely true, DivestOS has unprivileged microG.

I also don’t think there is enough warning given to installing the optional Google Play Services, it’s pretty invasive to install Google Play Services on your device even if it is Sandboxed. You are sending quite a lot of info about your device to Google, such as the apps you have installed, IP address, device type, etc etc.

The verified boot part of the table is misleading, it makes it seem like the other ROMs don’t support verified boot, they do they just don’t include system app updates.

I apologize for any inaccuracies. I will update it asap with accurate information and redirect users to the main source.

GrapheneOS moderator here, I thought I’d chime in with some thoughts.

I agree that the “simplified” table in this guide leads to a lot of incomplete conclusions. I generally already consider a table to be a bad way to convey information about complex topics with a lot of nuance, but Eylenburg’s table at the very least includes more along with tooltips for descriptions and explanations, links etc.

In my opinion, that section of the page should just link to Eylenburg’s existing table rather than trying to simplify it which can lead to more confusion than just referring to that.

This isn’t entirely true, DivestOS has unprivileged microG.

This is true, however, implementing microG in this way requires OS work which GrapheneOS doesn’t include, so microG doesn’t make sense for GrapheneOS users. Someone can install the microG app on an OS as a regular sandboxed app, but there’s a lot it won’t do (most functionality, really) without special integration to some degree, so for a GrapheneOS user, there doesn’t really seem to be a case in which it would make sense to opt for that.

I also don’t think there is enough warning given to installing the optional Google Play Services, it’s pretty invasive to install Google Play Services on your device even if it is Sandboxed. You are sending quite a lot of info about your device to Google, such as the apps you have installed, IP address, device type, etc etc.

It is not clear how sandboxed Google Play is more invasive than installing other apps that run Google Play code and libraries, given that they’re both constrained in the same app sandbox. Apps which are going to use Google Play contain Google Play libraries which does have the same access as sandboxed apps which includes allowing it to see what other apps you have installed, your IP address, etc.

The entire approach of sandboxed Google Play is that it’s not giving things more access over any other app.

I do agree that the very simplistic way it’s portrayed in the table doesn’t help people understand the difference between the various options but it is important to mention that there is a pretty significant difference. If I am not mistaken, AOSP is taking steps upstream that will hopefully bring Android closer to what GrapheneOS does, which is good to see.

• Transaction Anonymity: Ensure the transaction remains anonymous to prevent the phone’s IMEI from being linked to your identity.

For many (arguably most) use cases, purchasing the Pixel phone anonymously is not important.

Thanks for your lengthy response @mbananasynergy I agree with most of the stuff here but some small things:

You’re right that any app utilising Google Play libraries will have some degree of Google code running on the device. However, there are a few key points to consider:

• Scope: Sandboxed Google Play Services has broader access by its very nature. It serves as a hub for these libraries, potentially centralising the data collection process. This is especially true if the user has logged into their Google Account.
• Background Activity: Even with sandboxing, Play Services operates continuously in the background more persistently than a single, purpose-built app.

Maybe there should be some sort of disclaimer idk

Absolutely I agree with everything that you are saying, it’s not really going to work on GrapheneOS, but what was written in the guide is incorrect, it doesn’t require privileged installation to function properly.

It’s important to note that someone doesn’t need to login to Google Play for sandboxed Google Play to work. It’s required if they want to use the Play Store, though that’s optional. You also don’t have to use your main Google account to sign in, but can make a throwaway purpose-specific one. Hell, because sandboxed Google Play works just like any other app, you can have multiple instances of it across profiles (of which you can have over 30 on GrapheneOS) each logged in with a different Google account, or not at all. I also don’t agree about it “centralizing” the data collection process. As mentioned in my previous post, not only do apps use Google libraries with the same amount of access, but the ones relevant to this don’t require sandboxed Google Play (think analytics, ads SDK, etc.). Doing away with sandboxed Google Play while using apps that freely use Google libraries is the wrong approach. A better approach is deciding what data you want to trust an app with, and only granting them access to that. GrapheneOS has features like storage and contact scopes, the sensor permission etc. to help reduce that to a minimum, with more similar features coming in the future.

microG is running in the background too, and it does communicate with Google services, which makes sense of course, cause how else would it be able to provide FCM functionality etc. On GrapheneOS, you can end the session of any user profile you want so that profile isn’t running at all. You can choose when a profile runs. You can also disable all user-installed apps so that they’re not running. The choice is up to the user.

I’m happy to be corrected here, but while DivestOS does provide sandboxed microG (which to be fair still requires doing stuff like signature spoofing), it isn’t able to provide the same functionality as “full-fat” microG. I might be wrong on this point, though.

This is a really nice guide, great work!

It is worth noting that from the Pixel 6 series and up, there will be no extended support by GrapheneOS.

Pixel 4 and 5 series still have extended support because they only had 3 years of software updates from the release, and extended support is just a harm reduction before people move to secure devices that receive full updates.

I see long extended support as a bad thing and not a good thing because it gives people a false sense of security even though they aren’t receiving firmware and driver security updates, etc.

Totally not running GOS on a Pixel 4… couldn’t be me… nothing to see here…

Great guide. Maybe discussed already but, why emphasize an anon purchase then use your home wifi for set up?