I made a website for french people where I talk about privacy and security, you can check it out by going on https://simpleprivacy.fr
You can also check my blog https://samsepi0l.dev
Some people considering GrapheneOS are maybe afraid switching to GrapheneOS fearing that their banking apps may not work.
However for my case I use many different banking apps and they do not cause troubles. I am based in Switzerland. I think the issue is overrated. But of course you may have bad luck.
samsepi0l The problem with EU/France, they love making new law proposals for Internet world. Like, hey, tell the user it's mandatory to give their complete ID to porn websites so we can check their are adults (fun fact: only top porn websites were targeted btw, what a great idea). Or let's give their complete ID to social networks so we can know who said what. That's completely impossible at this scale. I remember a video a of a french congressman, he showed to the assembly that he could just connect to a VPN and be in a germany in seconds to show that this law would be impossible to apply in the country.
That's exactly it, I followed all his hilarious legislative proposals on Next INpact and we had a good laugh (or not), then I got tired of reading them.
@wovensash There are a huge number of unpatched, critical severity exploitable issues for end-of-life devices particularly 3rd generation Pixels which have been end-of-life for around 2 years now. That means they're missing 2 years of important privacy and security patches regardless of which OS you run on them. Due to our extended support releases, they did receive partial security patches past their end-of-life providing the subset of AOSP patches backported to the older releases but not firmware and most driver or other device support code patches outside the scope of AOSP.
GrapheneOS has made it clear that they're end-of-life and that the extended support we provided for a long time did not make them secure. The patch level that's set in Settings > About phone for them is accurately set to the last obtainable patch level rather than inaccurately increasing it in the extended support updates they received. Many of the unpatched vulnerabilities are actively exploited in the wild. Many have proof of concepts publicly available. It's not something where your threat model is relevant.
Spreading misinformation encouraging people to use highly insecure end-of-life devices with no option for decent privacy and security is against the rules and will be taken very seriously as something which is incredibly harmful to people misled by it. It's not hard to look at the Android Security Bulletins and Pixel Security Bulletins from the past 2 years and see all the High/Critical severity patches you're missing including many firmware and driver patches unavailable via an alternate OS based on the latest AOSP. GrapheneOS is not intended to be a highly insecure OS on highly insecure devices so we phase out end-of-life devices after harm reduction extended support releases. Extended support releases are highly insecure and exist for harm reduction. Our extended support are a better option than anything else available until they stop, but they shouldn't be used. The main form of harm reduction they provide is stopping people moving to an OS with a fake patch level which misleads users about the provided patches, downplays the importance of the missing patches and misleads them about the fact that decent privacy/security can't be achieved without them.
We provide extended support for the flagship devices which had 3 years of support from launch to provide harm reduction until they're around 4 years old. We may provide legacy extended support until they're around 5 years old. The mid-range devices launched later but share a platform generation so it's not as long for them.
Pixel 6 and later have 5 years of support from launch so it has obsoleted our extended support approach. Pixel 8 and later have 7 years of support from launch, so even a 3 year old used Pixel 8 will still have 4 years of support remaining. Extended support was a stopgap that has been replaced.
This guide will be revised with the latest changes shortly. (Jan 26, 2025, 17:40 Pacific)
Purpose: Utilize as a reference permalink for consistent citing on duplicates across platforms. e.g.
December 1, 2023 – Compatibility of Banking Apps with GrapheneOS
If you receive a warning from your banking app indicating that your device may be insecure, jailbroken, or rooted, this is usually due to the SafetyNet/Play Integrity API. Specifically, your device fails to pass MEETS_DEVICE_INTEGRITY or MEETS_STRONG_INTEGRITY.
As of now, there are no direct solutions available to users. However, you can help by contacting your bank. Inform them of this issue and suggest they refer to the GrapheneOS Attestation Compatibility Guide for their developers, available here: Attestation Compatibility Guide.
To submit, view, and/or track international banking apps compatibility with GrapheneOS, please use this issue-tracker.
A 3rd party community-sourced effort containing banking app compatibility information is maintained by PrivSec.dev. GrapheneOS does not make any guarantees regarding the list's validity.
Allow the app to make use of native code debugging. Launch app.
If unsuccessful, proceed to step 2.
Settings ➔ Apps ➔ App in question ➔ Exploit protection ➔ Native code debugging
Enable the per-app exploit protection compatibility mode. Launch app.
If unsuccessful, proceed to step 3 for testing only.
Settings ➔ Apps ➔ App in question ➔ Exploit protection ➔ Exploit protection compatibility mode
Turning on the exploit protection compatibility toggle reduces system security but may allow the application to run without crashing. The app crashed because GrapheneOS detected a memory corruption bug that may be exploitable by an attacker.
3.1 - Temporarily disable secure app spawning.
Settings ➔ Security & privacy ➔ Exploit protection ➔ Secure app spawning
3.2 - Disable the exploit protection compatibility mode as described in step 2.
3.3 - Restart device. Launch app to see if this GrapheneOS feature caused the compatibility issue. The app may be refusing to run if it detects a different spawning mechanism.
Significant security loss and directly affecting some privacy using Zygote
3.4 - Revert to secure spawning by enabling it again and restart device.
See step 3.1 above.
Potential use of an unofficial/alternative Google Play Store frontend client may be problematic for misguided apps:
General recommendation: Install Sandboxed Google Play. Optionally use a throwaway account.
Search the forum, os-issue-tracker, and/or within the community for keyword(s) specific to the app name.
If unsuccessful with finding a solution, only than proceed to step 6.
6.1 - To view the specific app's logs, go to Settings ➔ Apps ➔ All apps ➔ APP ➔ View logs.
Note: With the release of 2024011300, GrapheneOS developers have introduced a log viewer, accessible via Settings ➔ System ➔ View logs. This LogViewer avoids the need for developer options to create useful bug reports and inspect the device for issues.
6.2 - Attempt to reproduce the issue by capturing a 'Bug report' using the feature in Developer options if you still run into the app aborting at launch.
Enable Developer option by tapping the 'Build number' 7 times.
Settings ➔ About phone ➔ Device identifiers ➔ Build number
Capture a bug report.
Settings ➔ System ➔ Developer options ➔ Bug Report ➔ Interactive report ➔ REPORT
Note: If you are doing a bug report, the .zip file can contain sensitive info.
6.3 - Alternatively, using logcat.
Example:
adb logcat -c to clear previous logsadb logcat -d > issue.log to dump the logs in a file named issue.log6.4 - Disable the developer options.
Settings ➔ System ➔ Developer options ➔ Use developer options
We recommend disabling developer options as a whole for a device that's not being used for app or OS development.
Open a new issue, provide a description and make contact via the appropriate channels with a similar message like "Bug report capture for issue #104". in order to submit the bug report capture zip privately. (Replace the issue # number).
It's plausible that this is app-related, rather than a compatibility issue with GrapheneOS - acknowledging this factor must be considered. (Ref. 2568#issuecomment-1766887298)
Due to the deprecation of SafetyNet attestations, there is increasing changes among some apps on the Play Store to switch over to the new Play Integrity API. Consequently, some of these apps are known to set themselves as unavailable for devices that do not pass Play Integrity checks at various levels.
See View and restrict your app's compatible devices and Store listing visibility
Turn on integrity checks for your store listing so that Google Play can check that devices pass integrity checks before making your store listing visible to users.
This feature is primarily intended for use only by apps using the Play Integrity API. It aims to prevent users from encountering a poor experience by installing these apps, only to find they do not function properly on their devices.
Please see the Attestation compatibility guide on using remote attestation in a way that's compatible with GrapheneOS and how you can help.
GrapheneOS users are strongly encouraged to share this documentation with app developers enforcing only being able to use the stock OS. Send an email to the developers and leave a review of the app with a link to this information. Share it with other users and create pressure to support GrapheneOS rather than locking users into the stock OS without a valid security reason. GrapheneOS not only upholds the app security model but substantially reinforces it, so it cannot be justified with reasoning based on security, anti-fraud, etc.
A message for Grapos developers. whats your recomendation?
Please don't direct questions specifically to GrapheneOS or GrapheneOS project members going forward. If you post a question on Matrix or the discussion forum, you need to accept that anyone can answer. Project members do look at a lot of the content that's posted even if they don't reply. Egregious cases of misinformation are often corrected by project members if it wasn't dealt with by the community. It turns into a moderation issue if people are repeatedly lowering the quality of discussion by inaccurate claims, particularly if it's harmful advice leading people to do things in a poor way.
We try to maintain a decent quality of discussion and information on these platforms. We haven't been achieving that with the discussion forum recently and some cleanup is going to need to be done. Please try to support these efforts to maintain a high level of quality here because many people use it as a source of information. This is a collaborative effort. If you aren't sure about something, posting a response is fine, but then try to avoid stating it as fact.
so many different app-store's that have their own pros and cons when it comes to privacy and security.
Yes.
some people even say that all these stores are not safe to use and the only safest is google app store.
For obtaining a specific app, such as Element, the sandboxed Play Store is one of the best options. You need to make sure it's the genuine app from the developers, ideally by opening a link from their site. Play Store isn't a very good way to discover new apps if you care about privacy and security, but that's a hard topic in general. Open source also doesn't mean private and secure, but comparing open source to proprietary apps on average, they do tend to have better privacy, but not necessarily better security.
But that is from google... not good for privacy and google says: "Developers add malware to apps from Play Store afterwards"
This can happen anywhere, and can happen with open source apps too. Open source doesn't mean a developer adding malicious or unwanted behavior is going to be somehow caught and prevented before you get it. F-Droid doesn't provide any protection from this beyond scanning for binary blobs, etc. It will not protect you from a developer adding malicious source code, particularly when 'malicious' is hard to define and these things can be done in a subtle, well hidden way. It has regularly happened that open source libraries and applications have clear cut malicious code inserted. It's extremely common for these libraries and apps to make privacy unfriendly changes like adding invasive analytics too. All you get from F-Droid is knowing that the developer adding a closed source third party library will likely get detected and the app won't get updated, but in exchange you're trusting people to build/sign the apps who have shown consistent untrustworthy behavior. You're also getting significantly delayed updated in many cases.
i don't want discussions, i want advice from the pro's that really have the knowledge of this stuff.
You created a thread on the discussion forum about it, so discussion is what's going to happen.
i wondering what the developers from Grapheneos himself advise to his costumers.
Why don't grapheneos give instructions about this.
instructions about what the best source to download apps and where not, and how you can best deal with apps in your phone (cutting them of from the internet so the apps can't do any harm or something like that) and be done with it.
GrapheneOS includes our own app repository client which provides a way to install the sandboxed Play Store. There is no advice for this fitting everyone's preferences because all of the available options other than our own app repository currently only used for our own apps have major flaws.
just tell me what to do.
If you're using sandboxed Google Play in the profile for broad app compatibility, you might as well use the sandboxed Play Store to install and update apps since that won't give them additional information if you do it properly compared to simply using sandboxed Google Play without using it to install apps. Create a single-purpose Google account without personal information to use with sandboxed Google Play in a single profile. Don't use the same account for anything but sandboxed Google Play, and use a separate account for separate profiles.
If you aren't using sandboxed Google Play in the profile, there is no best answer. You aren't going to get any perfect answer and can't expect one.
Ixirup The developers sign their apk expressly for obtainium?
No.
Ixirup Obtainium checks the sources?
Obtanium does not check the 'source code', It only checks for APKs via many sources:
Currently supported App sources:
GitHub
GitLab
Codeberg
F-Droid
IzzyOnDroid
Mullvad
Signal
SourceForge
SourceHut
APKMirror (Track-Only)
APKPure
Third Party F-Droid Repos
Jenkins Jobs
Steam
Telegram App
VLC
Neutron Code
"HTML" (Fallback)
Any other URL that returns an HTML page with links to APK files (if multiple, the last file alphabetically is picked)
For more info, Read https://github.com/ImranR98/Obtainium/blob/main/README.md
samsepi0l In that case it is in fact carrier dependent on whether you need Carrier Services or not then. The terms for Jibe say it could be and/or but don't give specific examples.
Allowing Play services Phone + SMS permission is all I needed to activate/verify my phone number and make sure you have the Play Store installed. The Carrier Services app shouldn't be required and it is not clear whether it even works on GrapheneOS since it is usually a privileged app on stock OS. The activation process may take some time if it's your first time.
After Chat features were ready, I revoked the Phone and SMS permissions from Play services and it seems to continue to work, so it may only be needed for the initial activation process. However, I have not tested this long enough to confirm if it will continue to work this way.
samsepi0l Hi! I was in this exact same predicament earlier this week. What I ended up doing to make Google Messages work as native with RCS was: 1) enabled the three core services from "Apps" (Play Services, Play Services Framework and Google Play Store). 2) Downloaded Google Messages and Carrier Services from Google Play Store (should work from Aurora Store too if you don't want Google Play Store). 3) As for permissions, Messages has been using Contacts, Music and audio, Phone, Photos and videos and SMS. The rest I have disabled. And as for Carrier Services I only have Network and Sensors enabled. The experience on Google Messages is far superior to the other FOSS alternatives for now so just roll with it and you won't be disappointed.
GrapheneOS community members are committed to preserving and fostering a diverse, welcoming society. Below is our community code of conduct, which applies to our forums, chat rooms, issue trackers, and any other GrapheneOS-supported communication group, as well as any private communication initiated in the context of these spaces. Simply put, community discussions should be the following:
Treat everyone with respect. Build on each other's ideas. Each of us has the right to enjoy our experience and participate without fear of harassment, discrimination, or condescension, whether blatant or subtle. Remember that GrapheneOS project is a geographically distributed community and that you may not be communicating with someone in their primary language. We all get frustrated when working on hard problems, but we cannot allow that frustration to turn into personal attacks.
Participants warned to stop any harassing behavior are expected to comply immediately. Failure to do so will result in an escalation of consequences.
This Code of Conduct is adapted from the Chromium Code of Conduct, based on the Geek Feminism Code of Conduct, the Django Code of Conduct, and the Geek Feminism Wiki "Effective codes of conduct" guide.
