As much as I like graphene it is literary running on google hardware (atm) and uses asop. Even if it is a really good option is you want to run degoogled and secure android.
You don't need any Google stuff on it. Isolated Play Services is an option, so is Play Store. It's not installed ootb. I don't get why you'd prefer to run less secure options on hardware that isn't on par with Pixels or iPhones and expect to get a secure OS.
I mean.... Android is aosp. And if you want to run degoogled GrapheneOS you just don't install Google services. Out of the box it does NOT contain any - but /e/OS ships with the privileged microG, which means that Android Auto or Google Play Store have privileged access to the phone.
So I'm not sure how can you suggest GOS is less "degoogled" while not shipping anything but allowing to install sandboxed / constrained play services, while comparing it to /e/OS which ships with a privileged plug.
Also, if you want to run a secure android, that's not /e/OS either.
That privileged plug in /e/os makes push notifications work, and you can enable just those and leave Android Auto, G Play Store and whatnot disabled. Not much privacy risk - I think?
On the other hand, while GOS is running Google services sandboxed, they are still running and have access to internet. If you try enabling them only when you need push notifications, they will break - notifications stop coming.
Neither system is optimal - can we please get microG sandboxed on GOS, pretty please?
Ehm, microG on /e/OS is talking to Google all the time. They also use proprietary Google blobs for passing basic Play Integrity. /e/OS also gives a bunch of Google apps (including Google Maps and Android Auto) privileged access (you can find the signing key fingerprints in the source code of the /e/OS microG fork).
No Google Maps or Android Auto on my phones, so I don't care much about privileged access - they have none anyway.
No, microG is definitely not talking to Google all the time, NetGuard would warn me if it did. I would assume it is not even running when I disable it (which is easily done, as opposed to stopping Google Services in GrapheneOS) - but to be fair I didn't actually validate that.
I kind of like GrapheneOS otherwise, this is by far my biggest gripe. I can even survive the icons. But avoiding Google (and other big tech) is the reason I am not on a cheaper and more convenient phone with regular Android, so if GrapheneOS refuses to support an alternative to Google Play Services, I'm not too happy about it. If there are real problems with microG then I'm sure the authors would be interested in a better solution too.
>No Google Maps or Android Auto on my phones, so I don't care much about privileged access - they have none anyway.
You don't seem to understand how play service / MicroG work. Maps or Auto Apps aren't the ones having the privilaged access but Play Service and MicroG.
>NetGuard would warn me if it did. I would assume it is not even running when I disable it
Since play services/microg have higher privileges than NetGuard they could just bypass it.
>But avoiding Google (and other big tech) is the reason I am not on a cheaper and more convenient phone with regular Android, so if GrapheneOS refuses to support an alternative to Google Play Services, I'm not too happy about it. If there are real problems with microG then I'm sure the authors would be interested in a better solution too.
That doesn't make any sense at all. GrapheneOS by default has _0_ Google connections unlike LineageOS, /E/ or any other AOSP fork. MicroG is not an alternative to not using play services at all = actually avoiding Google, but a open source reimplementation that still has all the privacy and security issues of regular play services. GrapheneOS sandboxes Google play services only have the privacy issues since just like with MicroG you still connect to Google = not actually avoiding Google.
The issue with no notification without play services can be easily fixed by not using privacy hostile apps which only work with them.
You are missing the point. MicroG allows me to disable it when I want to, and push notifications still work when I (rarely) need to enable it.
It's not about security, it is about privacy. While MicroG in theory could bypass NetGuard, I very much doubt that anyone would bother. My privacy is not that precious.
But as I said, neither solution is great. How about sandboxing MicroG too?
When I tested /e/OS a few months back, I found the same.
(which is easily done, as opposed to stopping Google Services in GrapheneOS)
This is incorrect. By default, GrapheneOS does not even have Google Play Services, it is something you have to install explicitly through the GrapheneOS App Store.
I can even survive the icons.
What is the problem with the icons? Only their own icons are black/white. If you install other apps, they'll just have their standard icons.
if GrapheneOS refuses to support an alternative to Google Play Services, I'm not too happy about it
As I mentioned, you can use it without Play Services, it is not even installed by default. But if I have to choose between sandboxed Play Services or privileged microG which loads Google binary blobs into that privileged process (for SafetyNet), I will pick sandboxed Play any day.
That's besides them doing many other weird things. Like their App Lounge does not install F-Droid apps directly from F-Droid, but through middle-man proxy that they do not want to reveal the owner of (cleanapk.org). That combined with Android's TOFU security model makes it a vector for rolling out backdoored applications or intentionally delaying app security updates.
Either they are incompetent or they are malicious.
If there are real problems with microG then I'm sure the authors would be interested in a better solution too.
/e/OS does not use vanilla microG, but their own fork of it.
We are talking about different threat models. I trust Google not to hack my phone, but I don't trust them not to spy on me. So yes, running a Google binary blob in privileged mode occasionally is preferred to running non-privileged Google binary blob all the time (otherwise push notifications do not work on GrapheneOS, IME).
I never used App Lounge but always F-Droid directly, or Aurora Store, so I can't comment on that.
But more importantly, you seem to confuse my rant against GrapheneOS not supporting MicroG as an endorsement of /e/OS. I know they have their set of problems, some of which you outlined. However if my goal is to limit communication of my device with Google as much as possible, then they (/LineageOS) still win. Which is a pity, I like GrapheneOS security focus otherwise, but my primary priority is degoogling my phone as much as possible (and no, it is not possible to do it completely without serious tradeoffs I am not willing to make).