I'm considering the switch to GrapheneOS, so I watched this interview with one of the members of the GrapheneOS team, and honestly, I feel it was a great general introduction to it and touched on common features and misconceptions.
For those who don't know, it's one of the most secure and private mobile operating systems out there. Some things that I took away:
-
They touched upon MAC randomization. I researched a bit on my own about what the need for it is. Apparently, it's standard practice to randomize MAC addresses when scanning WiFi connections. However, GrapheneOS (and Pixel firmware) are even better at this, as they make sure they don't leak any other identifiers when doing so. They also allow you to get a new random MAC for every connection that you make (not sure whether this is very useful, as this can cause problems). On a related note, even when WiFi/Bluetooth are "off," stock Android can still scan in the background to improve location accuracy (by matching visible networks/devices against Google's database). So basically, even with WiFi/Bluetooth off, Google still knows where you are. In GrapheneOS, this option is off by default.
-
They have their own reverse proxies that they use to talk to Google on your behalf when needed.
-
Apparently, in the USA you can be compelled to provide a fingerprint or Face ID. Courts have ruled this doesn't violate the 5th Amendment because it's physical, not testimonial. BUT you cannot be compelled to provide a password/PIN. That's considered testimonial evidence, protected by the 5th Amendment. GrapheneOS has a two-factor system where, after using your fingerprint, you still need to enter a PIN, so it helps with this. They also have a BFU state after reboot, which is the safest and requires you to enter your full passphrase.
The only thing I missed when switching to GrapheneOS from Android was Google Pay, and that wasn't that big of a loss.
You have to install GrapheneOS' Google Play (sandboxed) and services for banking and government apps. And you can install Google Play with stock Graphene, it is very easy.
In my country everything is built around this 2FA app that requires Google Play Services. But a phone with GrapheneOS and sandboxed google play should be better in total than just running stock android I guess? I wish I didn't need google play services, but currently I do.
Yes. The top comment says Google Pay, not Google Play. The sandboxed play API has worked well for me personally.
The threat level for google play services is different in graphene as it runs in what they call an "appbox," which basically means Google Play is just another app that's sandboxed like everything else.
Would there be any benefit in running google play services in a private space, or does the sandboxing already provide that separation?
I don't think so. From what I gathered, the only thing Play Services can see on GrapheneOS is the list of other apps you have installed. That's it. They can't see anything else unless you grant access to it. You're not giving Google root access to your phone, you're just installing an app that happens to be made by Google, and it's locked down like everything else.