Remove your phone is loading different os + remove google logo in startup

[deleted] Explain your threat model and why you want to hide the fact that you're using GrapheneOS (it's not possible to hide it) autostart is set to 18h by default, it should never automatically restart in a normal situation where you use your phone at least 2 times a day for even 30 seconds. As written above, privacy should be normalized, not stigmatized.

Xtreix My auto reboot time isn't anyones buisness. I can say it's not set 18h (default). Anyone telling me that i cannot hide the fact i am using GrapheneOS is right. But why give it away for spying eyes and cameras?

mmmm Youre right, i should't take even more precautions. Its not a must have feature no.

[deleted] But why give it away for spying eyes and cameras?

Which eyes and which spy cameras? If you think that using GrapheneOS can harm you then there's a much more serious problem to consider here, the only advice I can give you is to use a VPN and then use Google's standard servers for connection checks so that your device appears as a regular Android device and blends in with the billions of other Android devices.

[deleted] but it would open up directed targeted exploitation and cause suspection.

You're not basing your opinion on facts, and GrapheneOS protects itself very well against physical and remote exploitation.

It seems that you should first study what a threat model is :

https://www.privacyguides.org/en/basics/threat-modeling/
https://ssd.eff.org/module/your-security-plan
https://privsec.dev/posts/knowledge/threat-modeling/

Xtreix If someone knows i am using GrapheneOS they can make attacks based on that knowledge. Using a secure operating system is causing suspection. What have u missed? Straight facts.

Assumptions and suppositions are no facts.
I'd say that this discussion has run out of juice.

Stephan-P

"run out of juice" you should have used that in op's thread about removing the usb port.

Since neither the boot splash screen nor the google logo nor the yellow message is removed, this discussion is hypothetical and leads to nothing

It's not possible to hide this because the key fingerprint will still be shown at boot. There's no point in changing this. You're talking about a very sophisticated attacker with advanced exploits benefits from knowing the device uses GrapheneOS. You're talking about an attacker more sophisticated than Cellebrite. However, at the same time, you're saying they can't tell that the screen shown at boot with a key fingerprint indicates it uses GrapheneOS. They could also simply read the OS images from the SSD which show it's using GrapheneOS. The OS data partition has all blocks encrypted but the OS images are publicly available so there's no point hiding parts of them, and it's what implements the encryption so it can't be hidden that it's GrapheneOS installed on the SSD. There are multiple other ways to see that it's GrapheneOS including how it behaves in various ways including quick settings restrictions while locked, auto-reboot, USB-C being disabled at a hardware level, etc.

yore I have seen People in China getting Problems for much more than that...

Very interesting topic to read. Thanks for all of your insight ! From my understanding, there is no point to hide the graphene logo or the alert in the beginning. No threat model would really need that, and if there was then rewrite yourself grapheneOS and find a way to modify Google boot sequence to not show that warning. (Idk how technically but nothing is impossible assuming you have enough time and dedication.)
A dodgy solution would be to implement a physical switch in your Google phone to have your screen shutdown whenever it restart and also have any usb or peripheral off until it's fully operational. As you would have re-written grapheneOS you would have modified as much data that would lead people thinking it's the original grapheneOS. They might think it's a fork or just something unknown.
An other "dumb" solution if you care about people not watching you screen, is removing a layer of the screen managing the polarisation of the light. For normal people if would look like a blank screen, for you, if you have the same polarised screen on sunglasses it would just work fine. (Add a privacy filter for a specific angle for your screen to be seen and your officially paranoid, jk)
You will then have a kernel & os modified Google phone that have no alert showing up (idk how it could be technically done but it was on Samsung and other phone) that doesn't show anything up until finished boot sequence, with no ability to see the screen for other except if they have polarised sunglasses.

Very extreme. Totally overkilled, likely undoable. Entirely fictional. Yet fun to think of.

If this answer your threat model. Then wow. Hide.

(Remove any over the top solution and """just""" rewrite the os & learn/find a way to modify the boot sequence to just hide the alert & grapheneOS logo)

KentuckyGuy the alert in the beginning

Note that the alert message is here because of the verified boot, otherwise you won't know if the alternative operating system you're running is compromised.

Yellow : Good
Orange : Bootloader unlocked
Red : Compromised, device cannot execute it

Hi,

Was forwarded here from the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread.

Regarding:

other8026
Before booting, a hash is displayed and it's not hard to determine the OS is GrapheneOS.

Can someone clarify how it would be not hard (aka trivial) to determine that a device is using GOS just from looking at that 8 digit/character hex-number?

How would it be determined in the first place? And:

other8026
If they get into recovery, the name "GrapheneOS" shows up instead of generic "Android" (I haven't checked, but saw it was rebranded on GitHub, so I think I should be right about this part).

Which GitHub commit states this?

Just checked and neither the Recovery mode nor the Fastboot mode show any GOS branding, at least not on a pre-Tensor device.

GrapheneOS
It's not possible to hide this because the key fingerprint will still be shown at boot.

That fingerprint is not the same as the boot animation, i.e. the boot animation could still be changed.

As already suggested on the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread, can the @GrapheneOS team consider to replace the GOS boot animation with the vanilla AOSP boot animation with the next GOS release(s)?

Otherwise it would continue to be immediately obvious that a device is using GOS when it boots.

Regarding:

GrapheneOS
They could also simply read the OS images from the SSD which show it's using GrapheneOS. The OS data partition has all blocks encrypted but the OS images are publicly available so there's no point hiding parts of them, and it's what implements the encryption so it can't be hidden that it's GrapheneOS installed on the SSD.

Can someone clarify how it would be "simple" to access any unencrypted contents of a device flash storage when the flash storage is soldered onto the device's mainboard and when the device has its bootloader locked?

DeletedUser130 Can someone clarify how it would be not hard (aka trivial) to determine that a device is using GOS just from looking at that 8 digit/character hex-number?

That image is a sample, and it's obsolete. Modern Pixel devices display the full hash of the signing key. The key is unique to GrapheneOS on each device type (see list). So every Pixel 9 Pro running GrapheneOS will display
f729cab861da1b83fdfab402fc9480758f2ae78ee0b61c1f2137dd1ab7076e86 and no other OS will display that. A simple web search for the string shows it's a GrapheneOS signing key hash.

DeletedUser130 Just checked and neither the Recovery mode nor the Fastboot mode show any GOS branding, at least not on a pre-Tensor device.

As @other8026 indicated, Recovery identifies itself as "GrapheneOS Recovery" (just checked on a 6a running GrapheneOS).