• Off Topic
  • Are there any security risks by using an alternative launcher?

Hey there folks,
I have a very bad habit of using my phone too damn much and want to actively go against that by removing as much 'bling' from my phone as possible. I found unlauncher on Fdroid which still lets you use your phone like normal, but keeps it fairly minimal.
I was wondering if there's any potential security risks that may arise from not using the Graphene Launcher, or if I can just use it without worrying about anything.
Thanks in advance!

Hi there! At the end of the day, a launcher is just another app you install on your device. Whether it's advisable to use an alternative one depends on what permissions that launcher requires/requests, whether it's up to date etc., same as other apps.

If you're after a minimal launcher to use, you can also take a look at these options, which seem to be far more up to date than the one you mentioned:

https://github.com/tanujnotes/Olauncher
https://github.com/OlauncherCF/OlauncherCF

The latter seems to request less permissions, but probably has less functionality as a result. Not suggesting either or saying that either options are better than the one you're looking into, but I would suggest always going for up to date and maintained apps in general.

Good luck!

In my simple-minded way of reasoning, everything added is a potential problem.

I guess I don’t understand why folks can’t use GrapheneOS as it is, and for what it is, rather than trying to make it into what it isn’t.

    Blastoidea There are layers to that. In some respects, I agree, especially if the solution to what someone wants to do affects the security model etc.

    That said, again, the launcher is just another app. The same could be said about replacing the keyboard, the gallery app, or installing any other apps.

    All of those things "could be a problem" and turn GrapheneOS into something it isn't by default, but they are all valid use cases, otherwise we'd all be using GrapheneOS with the default apps and nothing else.

    I think that again, launchers get a bad rep cause it feels like you're changing something that's integrated into the system, but the reality is that launchers are apps specifically so you can change them. Not all launchers are going to be equal, and I wouldn't really recommend changing it unless you have a very specific use case like OP here. but launchers are fundamentally meant to be something you can change.

      Blastoidea Not necessarily, but it really depends on your use case. It would mean that you're making calls/texts via carrier instead of using an end to end encrypted method like Signal.

      People can install as many or as little apps as they need. GrapheneOS will take care of them the best it can either way. The only notion I'm trying to dispell (which is something I've seen quite often), is people's tendency to think of GrapheneOS as a holy temple that they must not defile by installing the apps they want/need. GrapheneOS is the private and secure base you need to get your work done. If GrapheneOS isn't helping you do what you need to do, its usefulness greatly diminishes, so I always encourage people to use GrapheneOS to its fullest (provided that they're not altering/destroying the Android security model), so long as they understand their choices.

      That's just my 2 cents!

      Blastoidea
      "Rather than trying to make it what it isn't"

      Android gives users the option to change launchers. It's perfectly valid for a user to want to do this.

      Echoing the first part of the post from Blastoidea I try very much to avoid adding any new apps to GOS.
      Yes, new apps enjoy the increased security of GOS compared to stock Android, but if they can be reasonably avoided, I do so. Complexity, and expanded attack surface is simply to be avoided - especially when adding an app that has NOT been reviewed by the GOS geeks, and has not been compiled with GOS software.