zlacker

[return to "Graphene OS: a security-enhanced Android build"]
1. jrexil+LE[view] [source] 2025-07-25 03:17:46
>>madars+(OP)
I just installed Graphene on a new pixel. I've only used it for two days, but I got that same feeling of "finding buried treasure in your backyard" I got when I first installed Linux in 1999. I can't believe this amazing software is free in all senses of the word. It is a TON of work and they got so much right. The security and usability settings give all the grainular control I've known was possible and wanted for a long time.

I see some core team on this thread, so just wanted to say THANK YOU! Awesome job! Keep fighting for the users!

I'm totally the wrong person to offer recommendations on mobile, but so far it works very well for me, but then, I use almost no third party apps, and none of them are Play store only. My only complaint is the hardware (outside of their control).

◧◩
2. 1024co+sK[view] [source] 2025-07-25 04:22:54
>>jrexil+LE
Where do you get the apps from? Google's App Store?
◧◩◪
3. mikae1+wR[view] [source] 2025-07-25 05:58:41
>>1024co+sK
Obtanium[1], F-Droid[2], Aurora Store[3] and FFUpdater[4] are some options. Signal self updates from the APK download[6].

I recommend putting proprietary Play Store apps grabbed with Aurora Store in the work profile with Shelter[5].

[1] https://obtainium.imranr.dev/

[2] https://f-droid.org/

[3] https://f-droid.org/packages/com.aurora.store/

[4] https://f-droid.org/packages/de.marmaro.krt.ffupdater/

[5] https://f-droid.org/packages/net.typeblog.shelter/

[6] https://signal.org/android/apk/

◧◩◪◨
4. rkrisz+u61[view] [source] 2025-07-25 08:25:24
>>mikae1+wR
On the GrapheneOS forum you will see a lot of bad opinions about F-Droid, for example this:

> It doesn't matter that the app is trustworthy, because F-Droid are extremely incompetent with security and the apps you install from F-Droid are signed by F-Droid rather than the developer.

https://discuss.grapheneos.org/d/20212-f-droid-security-in-s... https://discuss.grapheneos.org/d/18731-f-droid-vulnerability...

They also say, if you use F-Droid, at least use F-Droid Basic:

> Dont use the main F-Droid client. Android is pretty strict about SDK versions and as F-Droid targets legacy devices, it is very outdated.

https://discuss.grapheneos.org/d/11439-f-droid-vsor-droid-if...

> If the app is only available on F-Droid / third party F-Droid repo, use F-Droid Basic and use the third party repo rather than the main repo if available. > > If the app is available on Github then install the APK first from Github then auto-update it using Obtanium. Be sure to check the hash using AppVerifier which can be installed from Accrescent (available on the GrapheneOS app store).

https://discuss.grapheneos.org/d/16589-obtainium-f-droid-bas...

By the way, while GrapheneOS recommends Accrescent, I don't use it anymore because they can't even add apps like CoMaps, while some of the apps they actually added are proprietary.

◧◩◪◨⬒
5. prmous+se1[view] [source] 2025-07-25 09:54:34
>>rkrisz+u61
>the apps you install from F-Droid are signed by F-Droid rather than the developer.

That doesn't seem like a con if you take into account the context: F-droid is not shipping pre-build binaries from the developper, it asks for a buildable project from the developper.

If the source repo of the upstream dev are compromised, so will be hid own binaries anyway.

[go to top]