[fisian]

GrapheneOS on a Pixel is probably the most polished and secure experience. I have installed it (and enabled sandboxed Google services) on my mom's phone (she's pretty non-technical) and she had no bigger problems in the last years.

[yonatan8070]

I got a Pixel 8 to run GrapheneOS just last week, I installed it right after I got the phone after all the recommendations I read online.

Before that I was using crDroid on a Poco F3 (I switched because the camera was quite awful and the battery got drained rather fast), and I was expecting some of crDroid's features that were just missing. A shortcut to the flashlight via power button long press, battery charge limit/smart charging, bandwidth display on the status bar, the option to add more columns to the quick settings, just to name a few.

I ended up running crDroid on the Pixel as well, overall it's a decent experience, but not nearly as polished, it turns out I had to manually grant Google Play Services the location permission via ADB so apps would know where I am (missed a train to that one).

I'd love it if there was some ROM that combined the security and sandboxing from GrapheneOS with all the neat little features in crDroid... or an actually good Linux phone.

[aftbit]

Graphene's team takes a fairly hostile view towards feature creep, possibly for very good reasons. They basically only add features that improve security & privacy. Everything else is stock AOSP.

My personal hill to die on is that the launcher uses lil tiny icons and text, which I find hard to read, and alternative launchers are a bit of a privacy and security disaster. They refuse to add anything to the built in launcher to adjust this, and suggest either raising all of the sizes (with accessibility, which affects all apps) or use an alternative launcher.

Alas it is still a very nice operating system.

[ParetoOptimal]

The thing that kills me is no shake gesture or power button hold for flashlight.

Someone with a threat model that GrapheneOS addresses could always use access to a quick flashlight.

[aftbit]

I miss this from my old Motorola Android phones, along with the squeeze feature on IIRC the Nexus. It would definitely be nice to have for me.

However I've found that flashlight is still relatively accessible. It's three actions - press power, drag finger down from top of screen, tap Flashlight. Not too bad, but not possible from muscle memory or with gloves on. Good for looking under the seat for your keys at a movie, bad for quick reactions.

When I'm traveling or outside at night, I tend to carry a dedicated flashlight, but I'm odd like that.

[NotPractical]

Is there still the issue of third party Android launchers being treated as second-class, not allowed access to features like gesture navigation? I haven't used one in a while.

[morserer]

Nope! Third party launchers work just fine in GOS and other custom roms, with gesture navigation as well. The tough thing is that animations don't work well, at least in my experience. Most of the very slick "return to home" animations break on non-stock launchers, and it introduces stuttering on returning to home unless you're using 3-button navigation.

[NotPractical]

I probably wouldn't use an alternative launcher with those caveats attached. It seems the awkward animation thing may be a consequence of an Android security feature:

> Why is the recent screen buggy?

> Unfortunately, it is because the system launcher handles the Recents screen. Therefore, if you change the default launcher, weird things can happen [...] The only way to fix this is by having a Magisk module called QuickSwitch.

https://lawnchair.app/faq/#why-is-the-recent-screen-buggy

(Can't vouch for the accuracy of this information as of $CURRENT_ANDROID_VERSION.)

[jpk]

Would you mind talking a little bit about the threat model that would lead you to using Graphine on a new device? IIUC, you have to unlock the bootloader to use a custom ROM, which makes the device vulnerable to physical access in cases like theft, confiscation, etc. So you have to trade that for whatever the custom ROM gives you?

[yjftsjthsd-h]

Graphene only supports the pixel line, and part of the reason is because that's one of the very few (if not the only?) phones that let you relock the bootloader after installing a replacement ROM

[prmoustache]

The bootloader is only unlocked for the first install, then locked again.

[yonatan8070]

I don't think I have some crazy threat model, I just highly dislike giving Google more access to my own phone than I have. Although at the end I gave up on that due to the lack of features in GrapheneOS, and went back to crDroid with regular Google services installed as system apps.

[slashtab]

To add to other replies GrapheneOS also provides USB-C exploit protection at hardware level.

[aussieguy1234]

I've been using it for the past year and it works well.

With one exception. The couple of times I've called emergency services, they were not able to detect my location since GrapheneOS does not support the protocol for this. So, I had to waste time giving directions. It's a tradeoff for privacy vs safety.

It might be something to think about before, say, putting this on someone's phone who has a medical condition or is elderly.

https://github.com/GrapheneOS/os-issue-tracker/issues/1174

[evolving-silica]

I wouldn't say most polished. Out of the box LineageOS comes with better stock apps like gallery, dialler or SMS app.

Some shown here: https://lineageos.org/Changelog-28/

[dsr_]

+1 for Graphene -- installation is easy, documentation is not bad, and it's really easy on the battery.

[fmajid]

Probably the most secure mobile OS available to the public right now.