Remove your phone is loading different os + remove google logo in startup

Xtreix My auto reboot time isn't anyones buisness. I can say it's not set 18h (default). Anyone telling me that i cannot hide the fact i am using GrapheneOS is right. But why give it away for spying eyes and cameras?

mmmm Youre right, i should't take even more precautions. Its not a must have feature no.

[deleted] But why give it away for spying eyes and cameras?

Which eyes and which spy cameras? If you think that using GrapheneOS can harm you then there's a much more serious problem to consider here, the only advice I can give you is to use a VPN and then use Google's standard servers for connection checks so that your device appears as a regular Android device and blends in with the billions of other Android devices.

[deleted] but it would open up directed targeted exploitation and cause suspection.

You're not basing your opinion on facts, and GrapheneOS protects itself very well against physical and remote exploitation.

It seems that you should first study what a threat model is :

https://www.privacyguides.org/en/basics/threat-modeling/
https://ssd.eff.org/module/your-security-plan
https://privsec.dev/posts/knowledge/threat-modeling/

Xtreix If someone knows i am using GrapheneOS they can make attacks based on that knowledge. Using a secure operating system is causing suspection. What have u missed? Straight facts.

Assumptions and suppositions are no facts.
I'd say that this discussion has run out of juice.

Stephan-P

"run out of juice" you should have used that in op's thread about removing the usb port.

[deleted] If someone knows i am using GrapheneOS they can make attacks based on that knowledge.

Why? Are you being actively targeted by a government agency or organization that wants to exploit specifically your phone? To my knowledge, no GrapheneOS user or any custom phone OS user has ever been targeted simply for using a custom OS. Then again, maybe you really are as big of a target so as to have exploits made against you because someone saw a GrapheneOS boot splash screen that displays for a few seconds.

If you're not protecting yourself from an actual threat, you have no threat. I would suggest developing a threat model for your use case as you seem to be entering "privacy paranoia." There needs to be a credible and realistic threat to protect yourself from, and no toggle or switch will apply to any or all threat models.

Since neither the boot splash screen nor the google logo nor the yellow message is removed, this discussion is hypothetical and leads to nothing

yore I have seen People in China getting Problems for much more than that...

Very interesting topic to read. Thanks for all of your insight ! From my understanding, there is no point to hide the graphene logo or the alert in the beginning. No threat model would really need that, and if there was then rewrite yourself grapheneOS and find a way to modify Google boot sequence to not show that warning. (Idk how technically but nothing is impossible assuming you have enough time and dedication.)
A dodgy solution would be to implement a physical switch in your Google phone to have your screen shutdown whenever it restart and also have any usb or peripheral off until it's fully operational. As you would have re-written grapheneOS you would have modified as much data that would lead people thinking it's the original grapheneOS. They might think it's a fork or just something unknown.
An other "dumb" solution if you care about people not watching you screen, is removing a layer of the screen managing the polarisation of the light. For normal people if would look like a blank screen, for you, if you have the same polarised screen on sunglasses it would just work fine. (Add a privacy filter for a specific angle for your screen to be seen and your officially paranoid, jk)
You will then have a kernel & os modified Google phone that have no alert showing up (idk how it could be technically done but it was on Samsung and other phone) that doesn't show anything up until finished boot sequence, with no ability to see the screen for other except if they have polarised sunglasses.

Very extreme. Totally overkilled, likely undoable. Entirely fictional. Yet fun to think of.

If this answer your threat model. Then wow. Hide.

(Remove any over the top solution and """just""" rewrite the os & learn/find a way to modify the boot sequence to just hide the alert & grapheneOS logo)

KentuckyGuy the alert in the beginning

Note that the alert message is here because of the verified boot, otherwise you won't know if the alternative operating system you're running is compromised.

Yellow : Good
Orange : Bootloader unlocked
Red : Compromised, device cannot execute it

Hi,

Was forwarded here from the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread.

Regarding:

other8026
Before booting, a hash is displayed and it's not hard to determine the OS is GrapheneOS.

Can someone clarify how it would be not hard (aka trivial) to determine that a device is using GOS just from looking at that 8 digit/character hex-number?

How would it be determined in the first place? And:

other8026
If they get into recovery, the name "GrapheneOS" shows up instead of generic "Android" (I haven't checked, but saw it was rebranded on GitHub, so I think I should be right about this part).

Which GitHub commit states this?

Just checked and neither the Recovery mode nor the Fastboot mode show any GOS branding, at least not on a pre-Tensor device.

GrapheneOS
It's not possible to hide this because the key fingerprint will still be shown at boot.

That fingerprint is not the same as the boot animation, i.e. the boot animation could still be changed.

As already suggested on the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread, can the @GrapheneOS team consider to replace the GOS boot animation with the vanilla AOSP boot animation with the next GOS release(s)?

Otherwise it would continue to be immediately obvious that a device is using GOS when it boots.

Regarding:

GrapheneOS
They could also simply read the OS images from the SSD which show it's using GrapheneOS. The OS data partition has all blocks encrypted but the OS images are publicly available so there's no point hiding parts of them, and it's what implements the encryption so it can't be hidden that it's GrapheneOS installed on the SSD.

Can someone clarify how it would be "simple" to access any unencrypted contents of a device flash storage when the flash storage is soldered onto the device's mainboard and when the device has its bootloader locked?

DeletedUser130 Can someone clarify how it would be not hard (aka trivial) to determine that a device is using GOS just from looking at that 8 digit/character hex-number?

That image is a sample, and it's obsolete. Modern Pixel devices display the full hash of the signing key. The key is unique to GrapheneOS on each device type (see list). So every Pixel 9 Pro running GrapheneOS will display
f729cab861da1b83fdfab402fc9480758f2ae78ee0b61c1f2137dd1ab7076e86 and no other OS will display that. A simple web search for the string shows it's a GrapheneOS signing key hash.

DeletedUser130 Just checked and neither the Recovery mode nor the Fastboot mode show any GOS branding, at least not on a pre-Tensor device.

As @other8026 indicated, Recovery identifies itself as "GrapheneOS Recovery" (just checked on a 6a running GrapheneOS).

DeletedUser130 Can someone link to the source for that statement?

De0u already did https://grapheneos.org/install/web#verified-boot-key-hash

Its the verified boot key hash. The security of the OS relies upon the verified boot key being unique, otherwise its possible for someone to make malicious OS updates.

While I get what you are suggesting could be considered a potential method to achieve some potential harm reduction it could alternatively be argued that its not really useful. During the booting of the OS, before you see the boot screen, you get the yellow warning screen, where its clearly displayed that the phone is running an alternative operating system.

In the scenario where someone would receive additional unwanted attention for running GrapheneOS there is reasonable likelihood they would anyway receive that attention for running any alternative OS.

While you clearly think this is very important that is apparently not a view that is widely held. As you are aware the projects position on this has already been [stated] (https://discuss.grapheneos.org/d/4335-remove-your-phone-is-loading-different-os-remove-google-logo-in-startup/27). I dont think you are bringing anything new to the conversation.

DeletedUser130 Which GitHub commit states this?

https://github.com/GrapheneOS/platform_bootable_recovery/commit/b27829778e8c532666644989b0399edd9466c134

I never actually looked to see if I see the changes on my phone. I just saw this commit once and knew it happened somewhere, so thanks to de0u for actually checking!

DeletedUser130 Can this be fixed?

If by "fixed" you mean "changed back," then you'd have to change the values in the above commit back to the original ones, then build GrapheneOS yourself.

If you look at this from another perspective, some people are sometimes confused about how things work. We've been asked if factory resets reset the phone back to the stock OS. If Recovery says "Android," then people may wonder the same thing. If it says "GrapheneOS," then fewer people may have that question. So, I think there's nothing here to "fix." Changing the wording to "GrapheneOS" makes sense.

DeletedUser130 i.e. the boot animation could still be changed.

Yes. It has already been changed a couple of times that I know of.

DeletedUser130 can the @GrapheneOS team consider to replace the GOS boot animation with the vanilla AOSP boot animation with the next GOS release(s)?

I don't speak for the developers or the project, but I don't think they'll consider this at all. Well, I guess I know they won't because this isn't the first time someone has requested this sort of change. Developers, moderators, and community members have all pointed out that it's obvious that the phone is at the very least running an OS other than the stock OS. The very obvious screen that pops up before the OS starts booting makes that fact impossible to miss, which is kind of the whole point of that screen. After that, using the boot key hash, it's not hard to figure out which OS is on the phone all without ever unlocking it.

So, given how easy it is to figure out an alternate OS is installed and how easy it is to figure out which OS it is, then what's the point in changing back to a generic boot animation? I'd bet that there are a lot of GrapheneOS users who would absolutely hate it if the boot animation was changed to some generic AOSP thing or something that tries to mimic the stock OS's boot animation.

DeletedUser130 Having to manually read a 64 character string displayed in tiny font on a smallish display and then having to manually type that into a search engine on a separate device and then having to manually analyze the search results would still be much harder (and would probably require physical access) and would be much less obvious than simply looking at the large branded boot animation (which would not necessarily require physical access but would essentially only require being in the proximity of a device while it boots).

Why does this matter? If the phone is in your possession, just flip it over or direct the screen away from people, or don't reboot it. It's not like it's a screensaver that pops up anytime the phone isn't in use.

Based on what you've said here, I get the feeling you're trying to hide the OS you're using from anyone who may get a glance at your phone while it's booting up. Sure, changing the boot animation would help in that specific situation, but there are ways to work around that. If you ask me, the pros of keeping the boot animation as-is outweigh the cons.