tl;dr
Graphene newbie thinks it's really cool and acknowledges some benefits of using it over iOS, but chronicles their struggles with messaging with iPhone users, sending RCS messages, and getting Google apps usable outside of the Owner profile. Seeks opinions on using Owner profile as daily driver with all this Google crap on it, as it is the only setup they've found to reliably get messages from iPhone users and use Google apps.
Fresh Graphene user here. After being curious about Graphene for years, I found myself with a little extra money to go ahead and experiment with crossing over. Got myself a Pixel 10, and nervously went through the web installation. The web installer was a breeze, overall.
I've spent most of the past few days poring over the Graphene discussion board, learning about how people customize their setup to ensure security and/or privacy. Initially, I thought I would try and go all FOSS and try to de-Google completely, but I'm now coming around to the idea that sacrificing some degree of privacy is perhaps worth the increased security and functionality that comes with using some of the features of Google like installing apps from the Play Store instead of F-Droid or Aurora.
Perhaps my biggest struggle so far has been with messaging. While I would love to only use Signal or Molly, I think it's unrealistic to ask every single one of my contacts to use those instead of their usual messaging app. So, I was fine having most of my messaging come from SMS or RCS. However, I realized soon after moving my eSIM to the pixel that I was not receiving any messages from iPhone users. I switched off iMessage and Facetime from my old phone. No go. I deregistered my number with iMessage on the web. Still nothing. So, I followed some advice on the Usage instructions on Graphene and from the discussion boards, and wound up giving Google Play Services permissions for SMS and Phone, along with Network which was already permitted at the time. I also switched to using Google Messages, which currently has all permissions granted except Location and Sensors. And though my carrier says RCS is connected, it looks like I'm still just sending SMS/MMS. Oh well. At least I'm getting messages now, but I wish I didn't have to get so invested in Google for it.
I also wanted to try and setup a Google profile where I would push non-essential Google Apps like Sheets or Maps to. I had a nightmare of a time trying to log in to Google on the profile because of 2FA and Google's singular desire to only accept the second factor being interaction with my Owner profile, which I could not do unless I switched out from the Google Profile. Unfortunately, that makes the login process start all over. So I wound up switching off 2FA so I could in on this new profile, but now I've got a new problem. I log in successfully, my account is added, but everytime I try to open Sheets, it asks for me to log in again. And when I enter my email, it says something like "account already logged in," but I cannot actually get into sheets. Permissions problem with Google Play Services on that account, where I only have Network and Sensors? Doesn't seem like it should be, but I'm getting pretty tired of trying to work it out.
So, mostly I'm running everything except for some financial apps and work apps on my Owner account. And sure, sandboxed Google Play stuff is great, but I wonder how much benefit to privacy I'm really getting out of this setup, in contrast to using iOS.
Love having a real, functional file system so far. Love having the feeling that I exert some control over my phone. Love the ability to tinker with settings, though I'm getting fatigued at this point. But if I HAVE to let some big tech company track some of my data, I guess I trust Apple more than Google. So far, I haven't been able to set up Graphene yet to use Google products in a separate profile nor been able to use messaging without enabling permissions I'd rather not have to.
Any opinions or advice from the community about running pretty much everything out of my Owner profile? I know there's often some tradeoff between security and privacy, and I'm not looking for perfect privacy, though I do value trading as little of it as I can get away with. I'm PROBABLY going to stick with Graphene and continue to learn how I can better my security and privacy.