GrapheneOS has some very strict requirements which basically means they will refuse to support anything except Pixel phones. Fairphone isn’t in the business of making their own (security) chips so I doubt the Graphene team will ever consider them.
CalyxOS, arguably the next best thing, did have support for earlier Fairphones but that project is sort of in limbo now.
The Graphene team has also been very outspoken about how much they dislike Fairphone for this very reason.
I use /e/OS on my Fairphone 5. It’s not a Graphene alternative as it’s not a hardened OS, it’s just Android without Google. Good enough for me, I’m not afraid of secret agents stealing my phone to extract data or whatever, I just don’t want American big tech anywhere near my phone.
Yeah, this is true. They just seem to have a specific beef against Fairphone and /e/OS because it’s presented as a privacy alternative (due to no big tech tracking), and the Graphene team believes they are the only ones with the security features to ensure true privacy (because of their… hardened malloc?).
Same. Like, I can tolerate hackers more than big tech. What is the deal with the security chips? I don’t want some shitty fuse or anything in my phone.
They (Graphene) have very strong ideas about security, and argue that Google Pixel devices are the only ones that can truly be unhackable enough because of some feature of hardware design. I have read it a bunch of times and I still don’t understand, but I’m sure there’s a valid point there somewhere. It has nothing to do with security as in safety, but relates to some sort of local hacking that requires access to the device I believe.
Really nothing to worry about unless you have very specific needs, in my opinion. But there are some people who feel very strongly about it, though without ever being able to clearly express their precise concerns in a coherent way.
There’s a blog post on contactless payments in /e/OS here, which talks about options without Google Pay. It’s written by the guy who started /e/OS, so it should be a decent source.
My guess would be that Google Wallet is so embedded in Google dependencies that you’d pretty much be back at stock Android by the time you get it working. But I have no personal experience, sorry.
Yeah, I ran Calyx for a while - it was… not a great user experience. If I am forced to change at some point, I’ll reconsider it. That said, Graphene’s trying to move off of the Pixel platform. I just haven’t looked to see if there are any updates since that piece of info reached me.
TPM chips are not a mythical thing that only Google makes.
STM makes the ST33 series of TPM that I would trust a hell of a lot more than google to not have a dozen government backdoors.
Microchip, Analog Devices, Infineon, NXP, and onsemi also make TPM chips of varying security levels. Infineon is the premium TPM maker with the highest security if I remember right, a German company.
The issue is they are 3-10€ for the chip alone, which is a significant BOM cost, and it takes a lot of very specific knowledge in firmware and software to actually implement and google probably keeps the android integration methods very hidden. It is very much an intentional vendor lock out.
People want Grapheneos on insecure phones, made by OEMs with a poor history of security patches, with an unlocked bootloader, and root. I personally say those people should use LineageOS because fundamentally that’s not GrapheneOS is. The second you water it down from software that can’t be hacked by any state actor to just another OS but marginally more secure the name becomes just another brand.
Im gonna be honest I don’t see how that would help if anything it would only make things more confusing. That would require the GrapheneOS devs to maintain a separate and significantly less secure OS for what reason?
When will it support GrapheneOS? I’m going to keep using last-gen used Pixels until another company comes up with an alternative.
GrapheneOS has some very strict requirements which basically means they will refuse to support anything except Pixel phones. Fairphone isn’t in the business of making their own (security) chips so I doubt the Graphene team will ever consider them.
CalyxOS, arguably the next best thing, did have support for earlier Fairphones but that project is sort of in limbo now.
The Graphene team has also been very outspoken about how much they dislike Fairphone for this very reason.
I use /e/OS on my Fairphone 5. It’s not a Graphene alternative as it’s not a hardened OS, it’s just Android without Google. Good enough for me, I’m not afraid of secret agents stealing my phone to extract data or whatever, I just don’t want American big tech anywhere near my phone.
to be fair I don’t think they like anything besides Google Pixel.
Yeah, this is true. They just seem to have a specific beef against Fairphone and /e/OS because it’s presented as a privacy alternative (due to no big tech tracking), and the Graphene team believes they are the only ones with the security features to ensure true privacy (because of their… hardened malloc?).
Last time I heard they were working with someone to produce a phone with the needed features, but hadn’t revealed who.
Same. Like, I can tolerate hackers more than big tech. What is the deal with the security chips? I don’t want some shitty fuse or anything in my phone.
They (Graphene) have very strong ideas about security, and argue that Google Pixel devices are the only ones that can truly be unhackable enough because of some feature of hardware design. I have read it a bunch of times and I still don’t understand, but I’m sure there’s a valid point there somewhere. It has nothing to do with security as in safety, but relates to some sort of local hacking that requires access to the device I believe.
Really nothing to worry about unless you have very specific needs, in my opinion. But there are some people who feel very strongly about it, though without ever being able to clearly express their precise concerns in a coherent way.
Can tou use google wallet?
There’s a blog post on contactless payments in /e/OS here, which talks about options without Google Pay. It’s written by the guy who started /e/OS, so it should be a decent source.
My guess would be that Google Wallet is so embedded in Google dependencies that you’d pretty much be back at stock Android by the time you get it working. But I have no personal experience, sorry.
Yeah, I ran Calyx for a while - it was… not a great user experience. If I am forced to change at some point, I’ll reconsider it. That said, Graphene’s trying to move off of the Pixel platform. I just haven’t looked to see if there are any updates since that piece of info reached me.
What was the problem?
TPM chips are not a mythical thing that only Google makes.
STM makes the ST33 series of TPM that I would trust a hell of a lot more than google to not have a dozen government backdoors.
Microchip, Analog Devices, Infineon, NXP, and onsemi also make TPM chips of varying security levels. Infineon is the premium TPM maker with the highest security if I remember right, a German company.
The issue is they are 3-10€ for the chip alone, which is a significant BOM cost, and it takes a lot of very specific knowledge in firmware and software to actually implement and google probably keeps the android integration methods very hidden. It is very much an intentional vendor lock out.
This is a graphene problem.
Gos is not suitable until they leave the pixel series.
Written on my pixel 10 that I had Gos on. I never wanted a pixel just a good camera and locked down environment.
I was about to say the same thing!
I’m coming at the same desire from the other end, using my fairphone until I can jump ship for graphene.
People want Grapheneos on insecure phones, made by OEMs with a poor history of security patches, with an unlocked bootloader, and root. I personally say those people should use LineageOS because fundamentally that’s not GrapheneOS is. The second you water it down from software that can’t be hacked by any state actor to just another OS but marginally more secure the name becomes just another brand.
Im gonna be honest I don’t see how that would help if anything it would only make things more confusing. That would require the GrapheneOS devs to maintain a separate and significantly less secure OS for what reason?