> GrapheneOS has officially confirmed a major new hardware partnership—one that marks the end of its long-standing Pixel exclusivity. According to the team, work with a major Android OEM began in June and is now moving toward the development of a next-generation smartphone built to meet GrapheneOS’ strict privacy and security standards.
Why was it that in the early PC days, IBM was unable to keep a lid on 'IBM compatible', allowing for the PC interoperability explosion, yet today, almost every phone has closed drivers, closed and locked bootloaders, and almost complete corporate control over our devices? Why are there not yet a plethora of phones on the market that allow anyone to install their OS of choice?
> Why are there not yet a plethora of phones on the market that allow anyone to install their OS of choice?
There are technical reasons, but as ever the real underlying causes are incentives. Companies realized that the OS is a profit center, something they can use to influence user behavior to their benefit. Before the goal was to be a hardware company and offer the best hardware possible for cost. Now the goal is to own as large a slice of your life as possible. It's more of a social shift than a technological one. So why would a company, in this new environment, invest resources in making their hardware compatible with competing software environments? They'd be undercutting themselves.
That's not to say that attempts to build interoperability don't exist, just that they happen due to what are essentially activist efforts, the human factor, acting in spite of and against market forces. That doesn't tend to win out, except (rarely) in the political realm.
i.e. if you want interoperable mobile hardware you need a law, the market's not going to save you one this one.
They have partnership an OEM who provides them with sources.
Currently they're only permitted to release binaries of the patches due to the embargo, this is why these patches are in the parallel stream/optional (so people unhappy with being unable to see the sources won't have them shoved down their throats).
I don't have URLs at hand at the moment but all these questions have been asked many times and explained extensively on their discussion forum.
I, for one, feel safe. I was patched since late October (IIRC) for the vulnerabilities that Android-related outlets were warning about in early December.
It's quite surreal how unsafe the standard Android is. And how Google and the big companies pretend old devices (these running Android 11, 12, 13, not updated for several years) are safe and secure. While all it takes is the user stumbling upon one malicious we page or getting a WhatsApp message they won't even see.
Graphene OS provides advanced security capabilities and a thorough defense-in-depth approach including a hardened supply chain. GOS aims to provide mechanisms to protect against 0day attacks. For example Celebrite can not open up GOS. GOS relys on hardware support provided by Pixels. Graphene OS works on getting their developments upstream.
GrapheneOS wants to make a FOSS Android with the security model that makes it hard for any bad party to break into the phone.
LineageOS wants to make a FOSS Android that respects user's privacy first and foremost - it implements security as best as it can but the level of security protections differs on different supported devices.
Good news is that if you have a boot passphrase, it's security is somewhat close to GrapheneOS - differing in that third parties with local access to the device can still brute-force their access whereas with GrapheneOS they can't - unless they have access to hardware level attacks.
If neither of the two major players can make an open, secure, _simple_, easy-to-understand, bloat-free OS, then we somehow need another player.
Presently (and I confess, my bias to seek non-state solutions may show here), it seems that a non-trivial part of the duopoly stems from regulatory capture insofar as the duopoly isn't merely software, but extends all the way to TSMC and Qualcomm, whose operations seem to be completely subject to state dictates, both economic/regulatory and of the darker surveillance/statecraft variety (and of those, presumably some are classified).
I'm reminded of the server market 20ish years ago, where, although there were more than two players, the array of simple, flexible linux distros that are dominant today were somewhere between poorly documented and unavailable. I remember my university still running windows servers in ~2008 or so.
What do we need to do to achieve the same evolution that the last 2-3 decades of server OS's have seen? Is there presently a mobile linux OS that's worth jumping on? Is there simple hardware to go with it?
https://tbot.substack.com/p/grapheneos-new-oem-partnership
> GrapheneOS has officially confirmed a major new hardware partnership—one that marks the end of its long-standing Pixel exclusivity. According to the team, work with a major Android OEM began in June and is now moving toward the development of a next-generation smartphone built to meet GrapheneOS’ strict privacy and security standards.
Why was it that in the early PC days, IBM was unable to keep a lid on 'IBM compatible', allowing for the PC interoperability explosion, yet today, almost every phone has closed drivers, closed and locked bootloaders, and almost complete corporate control over our devices? Why are there not yet a plethora of phones on the market that allow anyone to install their OS of choice?
> Why are there not yet a plethora of phones on the market that allow anyone to install their OS of choice?
There are technical reasons, but as ever the real underlying causes are incentives. Companies realized that the OS is a profit center, something they can use to influence user behavior to their benefit. Before the goal was to be a hardware company and offer the best hardware possible for cost. Now the goal is to own as large a slice of your life as possible. It's more of a social shift than a technological one. So why would a company, in this new environment, invest resources in making their hardware compatible with competing software environments? They'd be undercutting themselves.
That's not to say that attempts to build interoperability don't exist, just that they happen due to what are essentially activist efforts, the human factor, acting in spite of and against market forces. That doesn't tend to win out, except (rarely) in the political realm.
i.e. if you want interoperable mobile hardware you need a law, the market's not going to save you one this one.
> may i ask how you obtain the source? Are you registered as an OEM at Google?
Same question, how does Graphene get patches?
They have partnership an OEM who provides them with sources.
Currently they're only permitted to release binaries of the patches due to the embargo, this is why these patches are in the parallel stream/optional (so people unhappy with being unable to see the sources won't have them shoved down their throats).
I don't have URLs at hand at the moment but all these questions have been asked many times and explained extensively on their discussion forum.
I, for one, feel safe. I was patched since late October (IIRC) for the vulnerabilities that Android-related outlets were warning about in early December.
It's quite surreal how unsafe the standard Android is. And how Google and the big companies pretend old devices (these running Android 11, 12, 13, not updated for several years) are safe and secure. While all it takes is the user stumbling upon one malicious we page or getting a WhatsApp message they won't even see.
Yes. They've parterned with an OEM. In fact, they are making an official GOS phone with that OEM.
Here's the discussion forum post going over it: https://discuss.grapheneos.org/d/27068-grapheneos-security-p...
As a LineageOS user, I'd be interested in the disparity between GrapheneOS and LineageOS.
Graphene OS provides advanced security capabilities and a thorough defense-in-depth approach including a hardened supply chain. GOS aims to provide mechanisms to protect against 0day attacks. For example Celebrite can not open up GOS. GOS relys on hardware support provided by Pixels. Graphene OS works on getting their developments upstream.
For a list of security features see here [0].
[0] https://grapheneos.org/features
They have different goals:
GrapheneOS wants to make a FOSS Android with the security model that makes it hard for any bad party to break into the phone.
LineageOS wants to make a FOSS Android that respects user's privacy first and foremost - it implements security as best as it can but the level of security protections differs on different supported devices.
Good news is that if you have a boot passphrase, it's security is somewhat close to GrapheneOS - differing in that third parties with local access to the device can still brute-force their access whereas with GrapheneOS they can't - unless they have access to hardware level attacks.
https://eylenburg.github.io/android_comparison.htm
This is a great resource! Thanks
If you care about security above all else and you have a Pixel, GrapheneOS should really be your only consideration.
LineageOS has a place for those who care less about security and more about features, "freedom", compatibility, community etc...
I was a LOS user and maintained my own forks for devices, but switching to GrapheneOS was a good decision and I don't really miss anything.
Obviously this situation can't go on.
If neither of the two major players can make an open, secure, _simple_, easy-to-understand, bloat-free OS, then we somehow need another player.
Presently (and I confess, my bias to seek non-state solutions may show here), it seems that a non-trivial part of the duopoly stems from regulatory capture insofar as the duopoly isn't merely software, but extends all the way to TSMC and Qualcomm, whose operations seem to be completely subject to state dictates, both economic/regulatory and of the darker surveillance/statecraft variety (and of those, presumably some are classified).
I'm reminded of the server market 20ish years ago, where, although there were more than two players, the array of simple, flexible linux distros that are dominant today were somewhere between poorly documented and unavailable. I remember my university still running windows servers in ~2008 or so.
What do we need to do to achieve the same evolution that the last 2-3 decades of server OS's have seen? Is there presently a mobile linux OS that's worth jumping on? Is there simple hardware to go with it?