• General
  • General usage: short how-to's and quick tips

Battery Share

Starting from the 2022062200 release of GrapheneOS, a cool feature has been implemented - reverse wireless charging for devices supporting it. This includes Pixel 5, 6, and 6 Pro.

To turn on Battery Share:
1. Open your phone's Settings app.
2. Tap Battery and then Battery Share.
Tip: You can also add Battery Share to your Quick Settings.

Battery Share turns off when your phone:

  • Starts wireless charging, like when on a Pixel Stand.
  • Doesn’t notice that it’s charging another device after 30 seconds.
  • Knows the receiving device is fully charged.
  • Reaches a high temperature.
  • Senses power transmission isn’t going well due to poor placement, a thick case, or other issues.
  • Turns on Battery Saver.
akc3n stickied the discussion .
akc3n changed the title to General usage: short how-to's and quick tips .
3 months later

Multi-user setup: Tidy Owner

There are many different ways how one can utilize Multiple Users feature on Android. There is no single "recommended" way of using user profiles. Everyone has different needs and different use cases. It is completely up to you how you want to use your phone and how to set it up.

Whichever the way you end up using (or not using) Multiple Users feature, remember to secure each user profile with a PIN or a Password.

To learn more about user profiles please read:

The idea behind the "Tidy Owner" setup is to keep the owner profile as "tidy" as possible. In this context, "tidy" profile means zero user installed apps, no photos, no videos, almost no user data, and all settings kept at their default values.

Here's how to set it up:

  1. (eSIM) If you want to use an eSIM, set it up on Stock OS or GrapheneOS before proceeding further.
  2. Start from a freshly installed GrapheneOS (don't forget to disable OEM unlocking) or factory reset an existing one.
  3. (Biometrics) Depending on your threat model it might be a good idea to not use any biometric unlock options for the owner profile.
  4. Verify the installation by checking verified boot key hash (only for 6, 6 Pro, 6a) and by using the Auditor.
  5. (Optional) Set up regularly scheduled remote verification via the remote attestation service.
  6. Go to Settings ➔ System ➔ Multiple users and turn it on. Here you can create and manage your secondary user profiles.

Some information that is shared between profiles

THIS POST IS A WORK-IN-PROGRESS
Stay tuned

    a month later

    adelina

    • You can put your data at rest quickly and easily without rebooting
    • Don't need to erase your phone to erase data. Just delete profiles with sensitive data.
    • after a reboot, personal data is behind two passwords/PINs
    • a very easy way to do battery saving if a personal profile has VPN or Google Play Services running all the time, taking up battery
    • sensitive global system settings are in the owner profile. If the owner profile only accepts a password/PIN, no biometrics, the phone would be a little safer

    There might be more advantages I didn't think of.

    I do this, personally. I find only one drawback to this method, which is it's a bit of a nuisance to switch back and forth sometimes when I need to make changes to system settings. However, I find it worth the extra effort.

      unwat Amazing information! Thank you very much for this! I already thought of these reasons, but it's good to confirm. Also, the owner profile needs to be unlocked before I can unlock a secondary user profile, right? That way I could use biometric unlocking methods for convenience, but an attacker would need my password for the owner profile first, which is a different thing in some jurisdictions (police access). Is this correct?

        adelina Also, the owner profile needs to be unlocked before I can unlock a secondary user profile, right

        Yes. The owner profile holds system settings, so it has to be active for the phone to operate.

        I keep my owner profile locked with a password. So, for example, if I'm in the US and I hear the cops breaking down my door I could end whichever secondary profile is running and they can't access anything.

          21 days later

          unwat I feel like this scenario is not really the one GrapheneOS is designed for. This is not really a privacy issue any more at the point the cops are breaking down a door. Most likely, they and/or prosecutors are going to be able to manipulate you into giving them access to the phone.

          If this is actually the scenario GrapheneOS is designed for, then it seems like they need an emergency wipe protocol--like, in a couple taps plus a password, I can start a process that either (a) deletes a secondary user profile, or (b) does a factory reset on the phone.

            • [deleted]

            unwat what would be system settings?

            Cigurd If law enforcement executes a no knock warrant and breaks into your home, you have much bigger things to worry about than wiping your phone, such as being shot dead. Unfortunately, no knock warrants (at least in the USA), originally intended to be only be used in the case of heavily armed drug dealers, terrorists, and other similar suspects, are being issued by judges with increasing frequency, against people with no criminal records. I know cause it happened to me, but that's not something I care to share in more detail.

            Also, standard operating procedure is for all electronic devices to be placed in Faraday Bags, which would prevent remote wiping. To overcome this type of situation, you would really need some type of app or for there to be a GOS setting whereby if you did not enter a pin within a certain period of time (say every 4 hours), yhe phone would automatically wipe itself. Risky, in the event you have a couple of drinks and oversleep, but it would nevertheless keep your data safe.

            I am not recommending this type of protocol as a practice to anyone but the 0.1% of us that require such, and everything you keep on your phone is truly disposable, but if you have an extreme threat model, it might be viable.

            unwat a very easy way to do battery saving if a personal profile has VPN or Google Play Services running all the time, taking up battery

            I don't follow.

            1. Why would Play Services drain more battery? Aren't they supposed to preserve battery thanks to centralized push notifications?
            2. Even if they did drain extra battery, and you offloaded them to a user profile, wouldn't they still drain that same amount?

              juicer

              You're right about both points.

              My point was that if the owner profile has nothing installed and you have a secondary profile for most day to day use, if you want to save battery you can easily terminate the profile's session. Google Play Services does use battery. Not too much, but more than an empty owner profile.

              Like sometimes I'll just end all sessions and leave my phone on owner. My idle battery usage is way lower that way. Like maybe 3 times less usage while the phone is sitting idle.

              Cigurd

              You're right. I was just using that as an example that I think is kind of funny. If that thing were to actually happen to me I'm sure I'd be too busy freaking out to end my profile's session.

              In all seriousness, I like that I can put my data to sleep without a reboot. It's very convenient.

              TTS synthesising text into audible speech

              To listen web pages in Vanadium, there is the open source app TTS util, with RHVoice or any text-to-speech engine app.

              8 days later
              • [deleted]

              Hulk not to be pushy but would love to see more! :)

              @Hulk, what are the benefits of setting an eSIM in Stock Android versus setting it up in GOS with sandbox Google Play and them removing Google Play once it is set?

              • [deleted]

              Hulk

              So the benefits of the tidy profile system relate to physical exfil and tampering, right? I've wondered if there could also be some benefit from a remote hacking perspective.

              At first I thought that, similarly to making your main Linux user a non-root secondary user so that you can always escalate yourself to admin and regain control when your daily user inevitably gets hacked or aquires a virus, the GOS user spaces could prevent malware and hackers from escalating and infecting other users (and their data). Someone at GOS has since clarified that user spaces don't provide additional sandboxing, however.

              But couldn't we still leverage user spaces to monitor and rule out malicious persistence?

              An essentially bare main user profile suspended in carbonite would be easy to monitor for any changes, and as none should be expected, they would indicate tampering or unsolicited downloads with some confidence. Tertiary user spaces can be locked down in settings so that no new downloads occur (but presumably app data can still populate and function dynamically).

              So maybe an extension to the attestation app (comparing our own encrypted system snapshots) could help us monitor user-state for any changes and work like an anti-evil-maid to confirm things are as expected in the OS user space?

              What do you all think? Seems like a really long winded and pretentious way of saying compare to backups really, doesn't it....

              6 days later
              akc3n unstickied the discussion .