Why does GrapehenOS use Google Splashscreen on Boot?

JacksWendel

The following text IS NOT criticism. It is a genuine question coming from curiosity.

I wonder if grapheneos is truly private. sure, i believe it is but who really knows.
reason im saying this is just the simple fact that each time i boot up the phone i see this google splashscreen as you know.
if graphene had the campabilities to replace the google splashscreen with their own why wouldnt they do that? make me thing they cant.
so fact of the matter is, first comes the google splashscreen and only after that comes the graphene logo.
obviously i dont know crap about the technicals, but thinking about it seeing google before graphene gives me that strange feeling that google still has the upper hand. its google hardware. the splashscreen is software. software is what graphene does, they make their os.
how come they either dont care to, or are incapable of removing or replacing the google splashscreen?
logical explanation would be that the splashscreen is part of the boot process, but even if thats the case why not change it to graphene, if they cant program the most secure mobile os on the planet how can they not replace the google splashscreen?

Developer-Dude

JacksWendel I believe its because the Google logo is the phones "brand" so of course the manufacturer is going to display their brand and getting rid of it either wouldn't be possible or isn't allowed for like trademarked products or whatever. I'm assuming that the Motorola phones will have the Motorola screen at startup. Point is, it can't be removed and it's nothing to worry about at all.

userofgos

JacksWendel there is a long thread about the Yellow boot screen, Google Logo, and GrapheneOS logo which answers your questions. Hear are a few quotes: https://discuss.grapheneos.org/d/4335-remove-your-phone-is-loading-different-os-remove-google-logo-in-startup/3

This is not possible. The screen that tells you you're using a different OS is part of verified boot. It being there with the proper yellow screen is a good thing, it tells you that everything is working as intended. It's not possible to remove the Google logo either.

And here: https://discuss.grapheneos.org/d/4335-remove-your-phone-is-loading-different-os-remove-google-logo-in-startup/6

The issue is just removing the logo won't do much if someone who knows what they're doing really takes a look at the phone. Before booting, a hash is displayed and it's not hard to determine the OS is GrapheneOS. If they get into recovery, the name "GrapheneOS" shows up instead of generic "Android" (I haven't checked, but saw it was rebranded on GitHub, so I think I should be right about this part). If someone either gets the phone while it's unlocked, or can unlock it somehow, figuring out the OS is very simple because of preinstalled apps, features, etc.

Novaliss

JacksWendel
And these
https://discuss.grapheneos.org/d/2519-any-way-to-remove-or-replace-the-google-splash-screen
https://discuss.grapheneos.org/d/6073-google-logo

de0u

JacksWendel if graphene had the campabilities to replace the google splashscreen with their own why wouldnt they do that?

The short answer is that the first-stage bootloader (which can't be replaced) won't launch a second-stage bootloader that isn't signed by Google, so GrapheneOS can't replace either of them. These restrictions are in place so that attackers can't replace the legitimate bootloader chain with malware. The Google logo is displayed by Google's bootloader.

inffy

You cannot touch the google logo

ClickClickDrone

inffy
I interpreted that way too literally...

JacksWendel

userofgos Got it, thanks.

JacksWendel

de0u Is the google bootloader opensource? I heared they are cracking down on android now.
Googles dont be evil must have been the worst joke in human history, that aside if the bootloader isnt opensource how could anyone ever trust that google isn't spying?
I would preffer a bootloader coming from grapheneos.
Btw does grapheneos modify the kernel or recovery, or is it just the OS?

Also, if the google bootloader is opensource, i mean if google claims that it is opensource and they publish the sourcecode, how do we the users or the develeopers from grapheneos know that the sourcecode which google publishes for their bootloader does infact match the bootloader which is running on our devices? How do we know that?

de0u

JacksWendel

To be clear, the GrapheneOS project can't replace:

the bootloader
the cellular modem firmware
the Wi-Fi firmware
the Bluetooth firmware
the NFC firmware
the GPU firmware
the fingerprint-scanner firmware
the TEE firmware
the secure element firmware
maybe I missed some

It would be great if there were modern smartphones with open-source firmware, but not so far... and there are market reasons why it's not likely to happen soon.

JacksWendel

de0u Thanks for that. Thats quiet alot of firmware, is there potential for spying with any of that or does grapeheneos shield from it?

raccoondad

de0u It would be great if there were modern smartphones with open-source firmware

Open source would be fine, but disagree on flashable. I don't really want unsigned firmware on my device. Its very hard to find a company willing to do either now a days however

de0u

de0u It would be great if there were modern smartphones with open-source firmware [...]

raccoondad Open source would be fine, but disagree on flashable.

95% of the firmware on Pixels is flashable. The later-stage bootloader and GPU firmware are updated with some frequency.

raccoondad I don't really want unsigned firmware on my device.

Anybody running GrapheneOS is running a system image that is unsigned by Google, but signed by the GrapheneOS project.

JacksWendel

de0u Do the various linux-phones also come with closedsource firmware?

nologo

JacksWendel I heared they are cracking down on android now.

Please don't spread alarmist FUD. Google no longer publishes the device trees for Pixels, but AOSP is still as open as it always was and Google themselves have never suggested they are planning to 'lock it down'.

de0u

JacksWendel Is the google bootloader opensource?

I don't believe so.

JacksWendel I would preffer a bootloader coming from grapheneos.

Sure, me too, but that's not really possible at present. Perhaps the Motorola partnership will include GrapheneOS review of some components that are typically closed-source, but perhaps not. We'll have to wait and see (and in the meantime questions on the forum won't reduce the waiting time: we'll have to wait and see).

JacksWendel Btw does grapheneos modify the kernel or recovery, or is it just the OS?

GrapheneOS modifies both the kernel and Recovery. This is why there isn't a GSI release (source). Users who are interested in what GrapheneOS does/doesn't do may benefit from reading the material on the web site, including the FAQ and the usage guide.

JacksWendel Googles dont be evil must have been the worst joke in human history, that aside if the bootloader isnt opensource how could anyone ever trust that google isn't spying?

It is possible to analyze binaries without source code! Security experts do reverse-engineer closed-source components. There has even been some reporting on the Titan M2 firmware.

Also, if "spying" involves transmitting information to Google, the information must be sent on a network, and people (including security experts) monitor networks for unexplained traffic.

That said, if a fear of Google is one's most-firmly-held position on computer security, at present many people believe that the main competitor with GrapheneOS in terms of security, on generally-available devices, is Apple, which is very firmly closed-source.

Novaliss

JacksWendel
Read if not done already:
https://grapheneos.org/features#exploit-protection
https://grapheneos.org/faq#security-and-privacy

JacksWendel

nologo
Visiting f-droid.org gives another impression.

raccoondad

JacksWendel obviously i dont know crap about the technicals

And yet you made an entire post making an accusation 💔

JacksWendel

raccoondad no i didnt. i asked a question.

raccoondad

de0u signed by the GrapheneOS project.

Yes but that's my point, I'm fine with giving trust to GrapheneOS as a key signer its just I don't want non-trust. I.e 3rd party signers is fine, its actually required for dev work, its just I wouldn't trust a phone that had no verification 3rd party or otherwise (pinephone for example)

mar2112

The Google logo coming up is equivalent to the manufactures logo appearing when you power up your monitor or TV.

de0u

raccoondad Well, there are a lot of different categories. I wrote "open source" and you wrote that you "disagree with flashable", though I hadn't mentioned that at all, and "flashable" is pretty much a necessity for modern devices.

"Open source" doesn't mean "flashable" (they are independent). "Flashable" doesn't mean "unsigned" (those are independent also). "Signed" doesn't mean "multiple signers are possible". I think the original poster's question was about open-source firmware, not anything about flashing firmware or signing firmware.

I think lots of people would want "signed firmware, signed OS, with multiple OS signers possible, without features disabled when a third-party signature is used". In the phone arena at the moment, there aren't a lot of devices like that. Basically Google Pixel devices, plus a few niche devices, many of which are far behind on security. Hopefully the Motorola collaboration will result in more options in that space.

But I would not expect, not for quite some time, that the Motorola collaboration will exceed the Pixel situation by open-sourcing all of the firmware.