GrapheneOS now officially supports Pixel 9, 9 Pro, and 9 Pro XL | GrapheneOS is a private, secure mobile operating system with Android app compatibility, developed as a non-profit open source project
And it still doesn't support anything that isn't a Pixel phone.
I respect GrapheneOS very much. But the fact that you need a Google phone to install a deGoogled Android ROM is one contradiction I just can't get past. I hate Google and I'm never going to buy their hardware and give them money for the privilege of escaping the Google corporate surveillance.
I'm aware of the technical reason why GrapheneOS only supports Pixel phones, but that irony is just too rich for me. So I use CalyxOS on a very much non-Google FairPhone4, and while it's formally slightly less secure than GrapheneOS, at least Google got none of my money and that's a lot more important than security to me.
It is quite ironic. "I don't like Google, let me free myself from all of Google. But to do that first let me buy that $500-$1,000 phone made by Google to then get rid of all the Google software on it".
Their hardware requirements are pretty clear. Samsung is the only one with comparably secure devices, but they use nonstandard tools like Odin and lock down many security features to the stock OS only.
Other companies are supposedly not making anything as secure.
Also, only Google can really ship updates that quickly and fully, as Android is literally their OS. They are also a huge company, so yeah they have way more resources than a random other company you might prefer.
Example Fairphone, which has horrible update schedules
Example Fairphone, which has horrible update schedules
Fairphone's release schedule and Calix' release schedules are two different things. CalyxOS is updated less often than GrapheneOS for sure, but it's updated a lot more often than Fairphone OS.
Not every threat model requires the security level GrapheneOS provides. My threat model ends with Google and other big corporation shouldn't spy on me and if I lose my phone anyone finding it shouldn't get in and be able to steal my identity. I think DivestOS and CalyxOS do a fine job with that.
Someone bought the phone the first time and gave their money to Google, and you reimbursed part of that money to that buyer. In the end, Google gets your money. Maybe not full brand-new retail price, but what you paid for your second-hand phone goes indirectly into Google's coffers.
Buying anything Google, second-hand or not, supports Google's business. Given the choice, I refuse to support Google in any way, shape or form.
It would be nice if the GrapheneOS dev would work it out with the FairPhone folks to make a device that could be supported. I don’t know why any company would hesitate to work with him, he is obviously doing good stuff, but I agree, Pixel only is kind of a turn off because it doesn’t seem like a long term path to building something sustainable in terms of both hardware and software. It’s a workaround.
I think GrapheneOS should come with a no-compromise-security branch that only supports Google Pixel phones and an "ordinary security" branch that supports a wide variety of less-secure but non-Google hardware for people who can't stomach the idea of buying a Google phone.
GrapheneOS would reach a much wider audience, and not everybody needs perfect security. I for instance am a low-value target and I have no need for GrapheneOS-level security.
I hear you. And it is ironic, I agree. The way I deal with it in my head is:
I use nothing google in my life. (Except for YouTube via NewPipe).
And I purchase a Pixel pro used from eBay when it is 1 year old, and keep it until I feel the need to upgrade. New pixel pro's here in the UK sell for £900-£1000, but you can pick up a used one on eBay only 1 year old for £300, and the money does not go directly to google. So my contribution to google is tiny compared to most people.
If GrapheneOS ever do support another flagship phone with good cameras then I will gladly swap. But for now I don't see an option where I can have it all. There has to be a compromise somewhere. But I applaud your anti-googleism!