As I noted in my last post covering the fiasco that is today’s Apple, I ordered a Pixel 4a with the intention of flashing GrapheneOS on it. For those of you who are unfamiliar with GrapheneOS, it is an Android Open Source Project (AOSP) operating system that focuses on security. The list of security features included in GrapheneOS is quite long so instead of trying to summarize it, I’ll point you to the project’s feature list.
GrapheneOS only runs on Pixel devices. This is because Pixel devices implement several hardware security features including the Titan M security chip (a similar idea to Apple’s Secure Enclave). Pixel devices also support Android Verified Boot (AVB) 2.0 with third-party signing keys. AVB 2.0 cryptographically verifies that the operating system you’re booting hasn’t been altered. When properly setup, this allows non-Google firmware to boot from a locked boot loader. GrapheneOS supports AVB 2.0 and relocking the boot loader is actually part of the installation process. This is a GrapheneOS advantage since most AOSP operating systems can only boot from an unlocked boot loader. An unlocked boot loader is a majority security weakness.
Installing GrapheneOS is about as easy as installing a third-party operating system on a phone can be. There are two supported methods: a web based installer and a command line based installer. I chose the latter. Both are made straight forward by the step-by-step guides. When you boot GrapheneOS the first time, you’re greeted with a bare bones installation. I prefer minimal operating system installations so I consider the bare bones nature of the default GrapheneOS is a plus.
I installed the same applications on this device as I installed on my Teracube 2e. GrapheneOS doesn’t include a calendar application so I installed Etar, which is the calendar application included in LineageOS.
One of the notable features of the Pixel 4a is the camera. However, you probably won’t be terribly impressed by pictures taken with the camera application included with GrapheneOS. This is because the high quality pictures you see in Pixel 4a reviews requires a combination of hardware and software. The software is Google Camera. Google Camera applies software enhancements to improve the quality of pictures taken with Pixel hardware. Not surprisingly it requires Google Play Services. A recent addition to GrapheneOS is support for fully sandboxed Google Play Services. This allows you to install Google Play Services without granting permissions greater than any other app (normally Google Play Services enjoys additional privileges). If you need Google Play Services, I believe this is a better solution than microG, an alternative used by a number of AOSP operating systems.
I wanted Google Camera without all the additional Google cruft so instead of installing Google Play Services I installed Gcam Services Provider. Gcam Services Provider is a shim that implements just enough of Google Play Services to run Google Camera. GrapheneOS with Gcam Services Provider isn’t enough to run Google Camera though. Launching Google Camera with this configuration will only result in a black screen (information about this behavior can be found here. I resorted to installing a modded versions of Google Camera of which there are quite a few. I settled on this version because it works with Gcam Services Provider and allows me to use a gallery application other than Google Photos (the official Google Camera application is hard coded to display recently taken pictures with Google Photos and I have no interest in installing that).
The installation process for Google Camera that I just described is the only thing on my setup that feels hacky. GrapheneOS is polished. It actually feels like a first-party operating system on the Pixel 4a. It is a major improvement over the user experience of LineageOS on a Teracube 2e (because the version of LineageOS for the Teracube 2e is still unofficial, I didn’t expect a polished user experience, I’m just noting the comparison here because it’s the only baseline I have). I will go so far as to say that GrapheneOS offers a user experience comparable to iOS on an iPhone (and probably the stock firmware on the Pixel 4a, but I didn’t spend any time using that) with the caveat that applications that rely on Google Play Services may not work if you don’t install Google Play Services (thanks to sandboxing doing so isn’t as dangerous on GrapheneOS as it is on other AOSP operating systems). The user experience is so good that my wife, who is not a technical user, is happy with it.
GrapheneOS is a great option for iOS users wanting to flee the panopticon that Apple is dead set on inflicting on iOS users (and probably macOS users).
Wonderful thoughts that I wholeheartedly embrace! I’ve been keeping an eye on GrapheneOS for several months now, ever since I came across a tweet from the legend Ed Snowden himself. My old phone was still rocking, so I had no intention of switching soon. When it suddenly broke on me, I knew I was headed for only one direction.
I’ve been using LineageOS and its predecessor CyanogenMod for the better part of the last 8 years, with only a small interruption by iOS which was mostly due to curiosity. Being an IT admin however, I never took kindly to the Apple approach. I need as much control over my operating systems as I can get.
Considering my urge for control paired with the usual privacy concerns of someone who actually takes the issue of privacy seriously, I view LineageOS as a decent alternative to any stock Android with Google Play Services. However, the necessity of an unlocked bootloader has always somewhat troubled me. The fact that GrapheneOS supports verified boot, along with other brilliant privacy enhancements, like the ability to disable Network and Sensors permissions for an individual app with the press of a button, makes it my first choice and recommendation to anyone who is looking for a way to break free from the claws of Google and Apple.
I’ve just installed GrapheneOS a couple of days ago and are still in the exploring stages. I absolutely share your notion about a minimalist operating system, and love the bare bones experience. Still I was a little surprised not to find a calendar app, but of course that is taken care of easily. I didn’t know that Etar was the default on LineageOS, I thought they just used the AOSP calendar. Currently I’m trying out Simple Calender Pro, which, despite the misleading name, is a FOSS app available on F-Droid.
Now I have to admit that, despite my contempt for Google, I was very tempted to try out the sandboxed Google Play Services, just to get that supposedly awesome Google Camera app to work. I am so grateful that I did some research first, and thereby came across this brilliant post. When I saw you mention GCam Services Provider, which I had no idea existed, plus a list of modded GCam apks, I became ecstatic! This is exactly what I was looking for, thank you so much for sharing your insight.
So far I’ve tried two of the GCam mods from your link (not really sure which one to pick for my Pixel 3 XL), and both seem to be working well, with one exception. When I tap the preview of the last taken photo in the bottom right corner, it shows the photo only for a split second before switching to black. I can continue to use the app normally, and it’s not a big deal of course. The most important thing is that it runs without Play Services and is not tied to Google Photos. I’m just curious whether this behavior is by design, or if there’s anything I can do about it. I’m currently using the stock Gallery app from GrapheneOS.
This can be corrected in the modded Gcam application to which I linked by going to Settings -> Advanced and enabling the “Use a third-party gallery” option. The black screen you encounter is a result of Google Camera being hard coded to use Google Photos as a gallery application.