[checkyoursudo]

I have been a long-time iPhone user, but my daily driver is Linux. Once, a long time ago, I had high hopes for a Linux phone.

TFA mentions Lineage and Graphene. Are these the only realistic alternatives these days? Why would one choose one over the other?

[_heimdall]

CalyxOS is another option, though I haven't tried it personally.

If you need Google services and just want an OS closer to ASOP, I'd recommend Lineage. If you want a de-Googled device and are okay with the limitations that comes with, go with Graphene.

I've been using Graphene for a few years now and have always been happy with it.

[mab122]

Honestly except occasional location service/embedded maps not working in some app that only implemented google maps APIs - I have like one app that actually doesn't work (is not usable) and I am using grapheneOS as daily driver for at least 3 years now.

[seanw444]

Been using it for almost 2 years myself, and I can say the same. Everything just works pretty much. For the couple Play Store things I need, I just get them via Aurora Store. So the actual Play Store app isn't even installed on my phone.

On the maps topic: other than finding locations via address, OsmAnd+ is better than Google Maps in my opinion. Even tells you what lanes to be in ahead of time when driving. I'm pleasantly surprised by it. Sure, you also lose out on the traffic heatmaps, but that's an acceptable loss to me as it means my phone isn't part of a spyware botnet anymore. Plus my state runs its own traffic heatmap website. If I need to see it, I can go there.

[e12e]

I guess it depends a bit on your definition of "phone" and "realistic". I have a pine64 phone I mean to revisit - probably with a version of https://postmarketos.org/ .

I think we might get there unless fuchsia and google abandon the Linux kernel completely - for a more apple like lockdown - but I don't think we're there yet.

[fsflover]

https://news.ycombinator.com/item?id=41356567

[codethief]

I used CyanogenMod/LineageOS for the better part of a decade and switched to GrapheneOS a couple years ago and haven't looked back.

When it comes to security (and privacy), GrapheneOS blows LineageOS out of the water in pretty much every way, e.g.:

  - Arbitrary-length encryption passphrases
  - General security hardening: Memory hardening, sandbox hardening etc.
  - Non-rooted (i.e. much higher security barriers for malicious apps to take over control over your phone) 
  - No userdebug mode (LineageOS ROMs are often development builds which weaken the security of the OS, see e.g. https://github.com/GrapheneOS/os-issue-tracker/issues/284#issuecomment-690417436 )
  - Fully secured boot chain (in other words: A thief won't be able to do much with your phone)
  - Sandboxing of Google services (*if* you want to use them), i.e. Google no longer has admin access to your phone
  - Being able to restrict internet access for certain apps (that's a huge one in my book)
  - Being able to grant apps access only to select contacts from your contact list (contact scopes), and only select files/folders (storage scopes)

See https://grapheneos.org/features for a much longer list.

Now that I'm thinking about it, some of the above features have become so natural to me, that I find it wild that other AOSP-based ROMs (including Google's) don't have them. Moving away from GrapheneOS would be incredibly painful for me.

[josephcsible]

Not being able to have root on your own device is a downside of GrapheneOS, not a benefit.

[codethief]

Depends on where you stand. I could always build GrapheneOS myself and enable root again but I just don't have any need for it and prefer the stronger security guarantees disabling root comes with.

[e44858]

You absolutely can root GrapheneOS, just use the standard Magisk process. I think the only downside is that rooting disables secure boot.