So likely no existing Motorola phones are good enough and only new ones, developed in collaboration with GrapheneOS developers, will be suitable.

> We're collaborating on future devices

https://grapheneos.social/@GrapheneOS/116159602850585685

Samsung had something as ambitious years ago, but it went nowhere https://www.xda-developers.com/samsung-promised-make-old-pho...

Stay tuned

European tech is in shambles and everyone else is barely holding it together outside of tech.

This might be true, but the priorities are depressing.

Motorola has such great quality/price ratio and the user experience is decent. There's still some nagging and such but overall it's much better than the competition.

But I still can't get over my old iPhone 6. That phone size was just perfect. Easy to hold and do everything with one hand, easy to fit into any pocket.

I really want an Android like that. I don't need 3 cameras and bunch of other nonsense.

It's the smallest phone available with a real telephoto lens. I think it was only available in India, but I got one on eBay because it has those two features (not huge with telephoto) I was looking for. I moved to it from a Pixel 6a because I refuse to go any bigger in physical size.

(y’all know this one https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa... )

I’m seeing enthusiasts go out of their way to get vivos and xiaomis now that they are surpassing the western counterparts based solely on that.

I think it’s doable, pixels did it with meh hardware for years. But I’m not sure if there’s enough overlap between people who care about selfie quality and open source enthusiasts.

* https://www.youtube.com/watch?v=iR9zBsKELVs * https://www.youtube.com/watch?v=vZdbbN3FCzE Not about small form factor, rather enthusiast phones don't last

Currently running a Sony Xperia 5 V which farm factor is acceptable, and still will get a number of months of updates. And the winning point is that the bootloader can be unlocked and is supported by LineageOS.

Pine64 has targeted a very different market around extensibility and hacker/maker mindset. However while their phones have a lot of potential, security measures are half baked (microphone cutoff switch doesn't actually cut off the microphone), performance mediocre, and demand missing. While I love my pinephone pro, its not a dailiable device. A phone that cannot access common services like your bank account are non viable for 99% of users.

For Motorola to partner with one of the Linux phone projects, someone would have to invest significant resources in mainlining the drivers, replacing blobs with open source drivers where feasible, and maintaining that code when new upstream firmware and drivers make it downstream with patches and fixes. Looking at postmarketOS, you can see it takes years of community effort to port a device to the point of becoming useful. Once the software is done, the hardware is outdated enough that Motorola won't be making any money on sales any more.

In theory all of this would be a lot easier if Qualcomm, MediaTek, and the other SoC manufacturers would take the burden of mainlining drivers upon themselves the way Intel and AMD do. With the recent high-end Qualcomm chips, the company does seem to put in some effort, but these companies simply don't care about Linux support.

GrapheneOS is an Android fork so of course they're partnering with an Android company. They also don't have the capacity to maintain their own kernel + security patches + drivers, which is why they rely on upstream maintenance (from Google, historically) with their own Android-level improvements to remain secure.

If they distributed rooted versions, then banks and the likes would not be willing to trust them.

[1]: https://grapheneos.org/articles/attestation-compatibility-gu...

The question for Motorola is: "given the cost of meeting GrapheneOS' requirements, how many more devices will we sell?". Hundreds of thousands of devices is not nothing, I guess. Plus they get free consulting from the team building the most secure phone OS out there.

I really don't understand why smaller smartphone manufacturers didn't fight before for that. Say Fairphone: I don't know about today, but a few years ago they finally got profitable by selling something like 200 thousands units a year. If they had designed a phone to be supported by GrapheneOS, that would surely have increased their sales quite a bit. Now that ship has sailed, GrapheneOS will be focused on Motorola for a few years.

Mr. Rich Guy sells me his personal device he used in the previous year because he wants new shiny phone, but he may have the very slightest chance of being a super evil genius? The government selling tampered phones on ebay, when they could just.. go directly to vendors and put their backdoors directly into new phones/software?

Sorry for the light snark, but this attack vector seems way too complicated for not much benefit. Unless you are some very VIP person being personally targeted.

An acquaintance at a local hackerspace has no laptop, just a Fairphone 5 and a device that looks like a laptop but is really just an external screen and keyboard. He connects his Ubuntu Touch phone and uses that as a laptop, developing software on it etc.

It's not perfect as a phone (Android apps work rather well from what I've seen (I think the emulator is called Waydroid), but e.g. passing through Bluetooth is an issue so there are limitations) but maybe that's an interesting option for you as well

Their most advanced phone is based on a >10 year old SoC, that wasn't even that good when it was first released.

The only solution would be an emulation layer.

And for the gaming aspect, there is a huge market for mobile gaming, specially in Asia, so having a manufacturer like Motorola adopting GrapheneOS as a first class citizen will improve the chances that high performance applications will have better performance in such OSes which is a big win.

For now having Android-type OS on a daily driver is a must, but for older devices (thinking of 10 years time) I'd like to explore an OS which doesn't depend of Google open-source drops and delayed security open-source drops, which is the situation for ROMs without an ODM partner.

As for payment apps and other crap that refuses to run if I, the owner and administrator of my own device, don't have admin access, I would just refuse to run it. What's next - websites refusing to work if I have root on my Linux desktop?

First is very comprehensively delivered, second is halfway done, halfway in progress.

Good luck!

Though I'd expect that all efforts focus on the new Android Desktop Mode now, and then Samsung Dex turns into something akin to what OneUI does with Android, instead of being its own thing

The portions of SailfishOS specific to it are largely closed source including the user interface and application layer. It isn't possible to fork the overall operating system. It has much worse privacy and drastically worse security than the Android Open Source Project even without taking the GrapheneOS improvements into account. It's in an entirely different space and this has no connection to it.

Assuming you meant < 6 inches I'm all for it as well, it would be another incredible usp for these devices.

The provider isn't required to support this (they can give me 2 weeks' notice any time) but I use very little of my subscription (the smallest one they have) so I assume they're happy with the deal and don't have to pay the roaming carriers much

I'm also pretty sure rounded corners are stronger on impact.

I wouldn't think this applies to Motorola.

The key point is being able to lock it again after installation.

https://discuss.grapheneos.org/d/27926-per-profile-location-...

Currently there is a Mock Location feature, but it is globally scoped and not what you asked for.

I'd like to have an Option around 6" and 150x70x9mm, which is not really small. Surprisingly the Pixel 8 has a smaller footprint than the Pixel *a variants while having a bigger display.

So my request would be a device around the size of the Pixel 8, having a similar battery size and if possible a headphone jack at a reasonable price point (350 bucks).

I consider the pixel 8 as really solid device for graphene OS.

They don't even need to fix the longpress for headphone remotes... Just a device that is the right size.

Do regular iphones sell well? If so, the small flagship phones are not dead, because iphones are not dead. If iphones are not counted as small phones, then the small android flagship phones are dead long time ago.

All the flagships have huge screens, the big guys would have paid millions on market research, I can't understand why they arent just trying to achieve flagship parity (in terms of specs not price or software). No one is going to say it's unreasonable and they save themselves the market research

Are we really sure "nobody actually wants it"? I need to help my family select the smallest possible phone every time. Meanwhile choices are dwindling and the remaining 2 models are either overpriced or outdated and so I need to tell them it's better to take a (whatever currently goes for) "medium sized" model, which shifts upwards every time I/they need a new one. No wonder that people don't buy small phones anymore if they don't exist

I don't buy this nonsense about small phones being a niche when so many people are actively seeking them out, both online and offline in my practical experience

It's just harder to make, heat dissipation or battery will be restricted, doubly so if you're a niche manufacturer without a big budget, or one who tries to keep it repairable and needs the extra space for screws. So I can understand that Fairphone doesn't release a small model (even if it means I simply cannot use it: I actually put my money down and bought one, but sadly had to sell it onwards after a few weeks of trying) but for Graphenorola I'm not sure that restriction exists. It may just not please everyone if the chip is underclocked for heat and battery efficiency reasons and so they're not likely to. Doesn't mean there's no market for a small variant for any manufacturer that has more than one device on the market

My mom's and my current phone (same model) is what I'd call medium sized (per 2019 standards, when it was new) and the battery life sucks, but I'd buy this model again anyway if it came out with a ≥2025 SoC because I can actually use it unlike nearly any other phone on the market. Not properly reach the top, but at least the left side so that'll have to do

Why it has to be a flagship? Sell them cheap. It's like AAA game makers cry about ballooning costs, and they make 60 hour games that literally nobody plays through....

I also hope that the new GrapheneOS device from Motorola will be in the "smaller" size factor so it actually fits in my (apparently) tiny hands, but to be honest I'm probably getting one regardless, as iOS gets worse and worse every time I update it.

Ill leave you to investigate how != they are

See presentation at DEFCON21 about SIM cards: https://www.youtube.com/watch?v=31D94QOo2gY

Motorola Mobility is largely owned by the Chinese government.

The Chinese government is not gonna share your data with Israel/USA.

https://news.ycombinator.com/item?id=47215079

yeah, clearly nobody buys Samsung Galaxy S series for years, they are like the least popular Android phone model... /s

I'm running Pixel 6a (which was followed bu successors with worse screen:body ratio for years and only now the new Pixels finally matched and slightly improved the ratio, what a progress), but considering all the HW issues (baterries and displays) with Pixels I'd rather avoid it, the worst case will buy as next phone Xiaomi and hopefully somehow unlock it, if there is no suitable Motorola

edit: added HW issues explanation since I am rate limited on comments

Motorola has effectively lost in the Android market and are on downward spiral into irrelevance (already there?), so they have to do something different.

  > You know what would be good for security: Having physical disconnect switches

However to avoid that, removal of the battery is required. A disconnect switch for power would do the same?

I think moving to micro-PCs is the answer, and then having an add-on to get a telco-signal. Why trust Motorola? Start at grass roots where possible. Everything needs to be open-source and based on open standards. No trojans, telemetry or remote overrides.

Maybe the product is an adapter case for a Pi that adds a screen, battery, antenna and whatever else is required to make it a smartphone alternative?

Also, looking forward to Mecha Comet.

If you are not aware, US Mobile offers a Super Carrier package that one account can use all three. https://www.usmobile.com/networks

I don't use them, only read about it on r/nocontract.

You can fit several esims on one of these adapters AIUI.

https://jmp.chat/esim-adapter

Aside: I've noticed over the years that phones die in one of the following ways: - too fast charging (battery dies, charge controller dies) - usb port dies - screen broken - all sorts of falls

A lether folio case, gorilla glass, and a Qi charging adapter solve all of those problems (the charging adapter also limits the current by virtue of being inefficient). It has a magnetic connector (it's a simple two-pin job and it doesn't have any issues) - in the rare occasion I want to charge up real quick, I can still hook up directly via usb c, and meanwhile the port is stuffed with the converter's plug which prevents it from accumulating dirt and fluff.

I'm glad to say that even despite many falls, some directly onto the screen, the phone itself still works very well, even if the case and glass protector are obviously ragged.

I hope once unlockable Moto's come around I'll be able to keep that one for a long while as well.

The US invented it.

makes me feel good about it.

If there were ever any backdoor in some phone, it would have been found. No smartphone company is gonna take that chance that someone will find their backdoor, it will literally kill the company.

How do you do that in graphene os?

GrapheneOS has Contact Scopes and Storage Scopes for pretending all of the contacts, media and storage permissions are granted with the app unable to access any additional user data without the user explicitly adding it on a case-by-case basis. Unlike the recent iOS feature, apps can't see the Contacts permission group isn't granted and it supports giving less data than the whole contact too. It also supports labels for groups of contacts shared between apps.

Mock Location is a standard Android feature. We're working on a per-app Location Scopes replacement. We're also working on Camera Scopes and Microphone Scopes. We plan to continue down that road covering less major permissions too.

Sandboxed Google Play already works near perfectly with close to 100% app compatibility. It's only apps disallowing using a non-stock OS via the Play Integrity API or to a lesser extent certain other methods which aren't compatible. McDonalds is a major example. X forbids password login but you can use Vanadium to login with a passkey and then use that in the app. ~10% of banking apps do it but not most. We've convinced multiple banks to permit GrapheneOS, and that's going to become MUCH easier now.

GrapheneOS, as it ships, is rather bleak but you also need to consider that it is addressing the concerns of a very broad audience. That ranges from people who want to completely get rid of data leaking apps to those who want the apps but expect them to be sandboxed. Shipping two different versions won't really help them. It would only make more work on their end, with the results only reflecting two extremes. You are going to have some people willing to put up with some apps, but not others. You are going to have some people wanting some of those apps feeding fake data, but not others.

It's probably best to think of GrapheneOS as a base system that you build up to serve your personal needs, rather than thinking of them shipping it in a "perfect" state. While a handful of people will be happy with it in its default state, many will install something like F-Droid along with a collection of privacy preserving apps. Many others will install the Google Play Store along with a personally curated list of apps that reflect their needs, providing or denying access to their data as they see fit.

I believe the "build up" approach is the only viable way to handle this situation since we are talking about a group of users who are actively seeking out a third-party OS since they are particular about their needs. This isn't the typical consumer who will (gleefully or begrudgingly) put up with whatever the device vendor feeds them.

People bill it as making a ton of usability compromises in the name of security, but that doesn't match my experience. The only redeeming observation is that your phone _does_ lean towards secure-er and ungoogled defaults, which _does_ break functionality that a lot of people expect to "just work" OOTB. But it's trivial to restore it, and the upfront effort getting things to work is amortized over the lifetime of the device. It's maybe an hour's worth of work.

The counterfactual world where users need to forumcrawl how to get to secure/private defaults seems worse to me. By contrast, it's pretty easy to recognize when an app isn't working.

Graphene does everything you're asking, except for the niche fixed location feature you specifically want, which you're welcome to request, or just implement yourself and make a PR.

I'm going to be a bit snarky here, but I always find the entitlement around features in open source software baffling. This isn't a multi billion dollar corporation selling you something. It's enthusiasts making you something (honestly, incredible), for free, in their spare time, outside of their daily jobs. They're doing their absolute best here.

That said, I think the marketing of GrapheneOS could be better. Every introduction of GrapheneOS I've seen paints the image of Graphene being "Absolute security, no compromises", whereas in reality GrapheneOS is the most "Things need to work, no compromises. Then make the rest as safe as possible" custom ROM that I've used thus far (in particular regarding them allowing you to install Google Play, rather than using MicroG).

I think the issue of small phones is that, while there people saying they would buy if it was available, no one is saying "I would buy one small phone at flagship prices, even if they don't have flagship features".

And still in every phone topic people complain about phones being too big... I'd love to have a smaller affordable smartphone.

Don't banking, security and payment apps detect the unlocked bootloader and prevent them from working on lineageos? At least that's what happened to me after i flashed lineage on my old tablet.

Because then what's the point of a smartphone if it can't do banking, payment, shopping, ticketing, etc? Use it as a gimped pocket web browser and ebook reader? There's not gonna be any mass market adoption for such "smartphones" until they can run all apps out of the box like vanilla androids and IOS phones.

Your average consumer isn't gonna wanna fuck around with signing keys and bootloader relock. Hell, even this tech savvy HN user doesn't want to do that because he has better things to do with his time. The days from my childhood when I always rooted my Android phone, installed custom ROMs with custom kernels, magisk, titanium backup, cerberus to make the phone "my own" are long behind me.

When my current phone dies, I'm basically returning to a dumb phone with a removable battery. Now that Xperia dropped open source, every phone out there is terrible and I just don't want any of them. Anything that would support a ROM has features to make my skin crawl.

I am mainly looking to access my filesystem. Currently a lot of things I want to do (backing up app data, scripting, mounting network drives) are hobbled by the bad wrappers around the same.

I know this might be out of scope, but is there any plan to re-enable direct filesystem access in a more secure way? Even via ADB it would be useful. It just seems like madness to me that a lot of basics tasks are impossible or incredibly convoluted, because everything has to go through weird wrapper interfaces and Java/Kotlin code someone has to write (instead of just using the filesystem and OS which is right there).

Thanks for the great work by the way.

Google is actively locking down the ecosystem in that regard and it would be amazing having a company that caters to people that are savvy AND would like to still be attested for integrity tests (assuming Google would be OK with that, but as mentioned in another comment unlikely)

1. I can direct my consumer-dollars towards the vendors that promise to respect ownership and privacy in general, and they will also have the most to lose if they are caught enabling spying.

2. Defense in depth. Security features generally add to the spying's difficulty, expense, or risk of detection, and that in turn decreases the incentive for abuse.

Example: the EU Digital Identity (EUDI) wallet, discussed in multiple GH issues e.g. https://github.com/eu-digital-identity-wallet/av-doc-technic...

till I got the abomination that was a pixel 6a. fucking overheated - then finally battery exploded. Other pixels suffer the same problems as well - overheating n display being finnicky.

> I'll be forced to go back to dumbphones in the future... along with many others, I guess.

Going back to a dumbphone for me would mean changing my outdoor hobbies (like contributing to openstreetmap), so I'll take my losses and continue on a smartphone, but I share the sentiment. Power to you if you do it!

Stored SIMs/eSIMs is not the same as active SIMs/eSIMs.

Sorry, that's what I meant when I said Modem.

> A disconnect switch for power would do the same?

I would think so. I don't necessarily care about removable batteries because I use a portable power bank. Why carry an extra battery that only works for one device, when I can carry a "battery" that works for many devices?

Stored SIMs/eSIMs is not the same as active SIMs/eSIMs.

I mean, they already have RISC-V.

https://frame.work/se/en/products/deep-computing-risc-v-main...

>Pixels have fantastic camera hardware and software which is fully functional on GrapheneOS which isn't something we need to lose on a Motorola flagship.

This is very interesting to me! Does graphene OS manage to keep google’s processing? How does that work?

I don't get it, it's "less of a secure FOSS OS" to not have root by default, but it's secure to run random apps as root and breaking android's security model? What's the threat model here?

Easy but for missing Step 1 of “Colocate with friends and business partners”

  I think moving to micro-PCs is the answer

I don't think the smaller Galaxy S models are what people generally mean when they talk about small phones, those are still much bigger than the iPhone Mini was.

https://www.phonearena.com/phones/size/Samsung-Galaxy-S26,Ap...

Fwiw, besides people that crack the screen I have not seen any of the failures you've mentioned. The only phone I saw someone replace, for reasons other than software support, was myself because the gnss chip was cooked after 3 years (would track me perfectly, like if I step to the right it would notice, but with an offset of hundreds of metres so I'm in another town). All other phones I've owned are still perfectly functioning (the oldest Android phone I have, 2012, has a more reliable battery than my daily driver!), I don't use any case or screen protector. They're just software-wise obsolete because no updates and developers require the newer android apis

Or think of friends and family. When they become the target, you are prepared, you have the knowledge and tools ready, you can be the guide that helps them navigate a hostile digital world.

This is such a low-iq argument I cannot even. Yes, nobody cares about OP, you, me, whatever - until they do. Not to mention general harvesting for profiling and propaganda reasons.

General: What do people in this city/country/region/etc are thinking - This is the main one where the data is used and collected, then grouped. It is extremely powerful information for targeted agenda whichever it might be.

Targeted: Oh, you or someone from your close ones went to a political protest? Too bad we have all this information to put you and your family in jail - This is where suddenly they will care about you, even when it is NOT YOU but someone from your close circles were the ones upsetting them.

The US government is known to spy on anti ICE protestors.

If you have an opinion your government doesn't like, or a potential future government doesn't like, there's a good chance you have or will be spied on.

Perhaps you lack a single opinion worth caring about, but most people do not.

And your second paragraph seems to go on the premise that the average person care if there is a backdoor.

I don't know why you wouldn't take security seriously, when even the US government is telling everyone to be careful where they supply their devices because of spying. Just don't trust them to point the finger the right way.

Apple seems to basically do privacy-related things to an 80% level but not bothering with getting it totally correct. This makes business sense because the extra 20% is way more difficult, but it's great to see GrapheneOS going all the way.

> People bill it as making a ton of usability compromises in the name of security, but that doesn't match my experience.

When you are talking about something like GrapheneOS, most of the people who are talking about usability compromises aren't worth listening to since they are looking for something that is pretty much the exact opposite of what GrapheneOS is trying to provide. While there are likely some legitimate criticisms in the mix, the compromises required for "works by default, for everyone" are pretty much the opposite of what GrapheneOS is.

The root cause is that the phone is not a primary device for me. It's what I use when bringing a PC is too much trouble.

GrapheneOS is already non-certified, for most apps that care, because it can't pass STRONG_INTEGRITY with play protect.

Doing this has a non negligible political cost. They would only do it for a high value target. If you're that person, you're presumably aware.

"While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists."[0]

Information these they can be much as powerful as a bomb, for example, I could learn more about your calls and discover that you do something immoral but not illegal and use it to blackmail you.

0.https://en.wikipedia.org/wiki/Pegasus_(spyware)

> The latter even has most of the modem software freed.

Pinephones have entirely closed source baseband firmware. They use a highly unusual cellular radio which includes both an incredibly outdated Qualcomm baseband processor with atrocious updates and security combined with an extremely outdated proprietary fork of Android running on an extra CPU core which isn't present in any mainstream smartphone. It's only replacing the unusual extra OS which has been done. That whole component doesn't exist on other smartphones and the only reason it's possible to replace it is because the whole radio has absolutely atrocious security. The radio is connected via a far higher attack surface USB connection providing far less isolation for the OS and the USB connection can be used to flash the proprietary Android OS via the fastboot protocol. The baseband firmware itself doesn't have any replacement available.

I did not know that. That is very interesting.

On that topic, an honest question: what is the killer feature of banking apps that everyone is so hot on? Are we talking like retail banking or money transmitters? I am not using any bespoke banking apps, and I don't feel like I'm missing out, but maybe I just don't know what I'm missing.

What does detract from my GrapheneOS experience is the keyboard. It's just ok. I need swipe typing though, and I haven't found anything even close to gboard glide.

https://news.ycombinator.com/item?id=42536302

Their lack of device support means I am still running Google's Android and will continue to be until a GraphineOS-supported device that meets my needs becomes available. This means I'm not just lacking in security, but I'm also stuck with Google and all of their anti-consumer practices.

Running GraphineOS without all the security features they want would be better for me than what I currently have.

For me, I want to be able to operate the phone with one hand, and the large screen makes it difficult to reach all the spots on the screen even with large hands. I do operate my Fairphone 5 with one hand, but it is super awkward and at some point, the phone will fall into a gully because I cannot hold it tight while navigating.

And I wouldn't mind 2mm more thickness if this means the cameras are flush with the back and the battery is larger.

And how can they find out how well it meets that need other than receiving (respectful!) feedback?

The other option is the Samsung S2x line, which you can apply the same strategy to.

I have a perfectly good phone whose bootloader can be unlocked and I can install LineageOS or other AOSP installations there but all I'm aware of and I've researched come short on the sandboxing and permissions. I'd be willing to use GrapheneOS without support for specific security hardware (if only they supported that configuration) just for the features mentioned but Pixel phones are just too expensive. I've always been more than happy with a decent low-tier phone and I don't see a technical reason to change that. Nothing wrong with my phone.

Why not a smartphone with the jack, microsd, and a hardware kill switch for camera?

The biggest issue is that there is a different way to do this for every device, so most custom ROMs don't bother. It's relatively simple and automatable for Pixel devices, so the GrapheneOS installer takes care of it. e/OS/, which is based on Lineage, allows this for some devices, iirc.

funnily enough my banking app works but the mcdonalds app doesn't, lol

Good enough quality screen for solid video media performance, generally, would be an absolute must I imagine.

https://grapheneos.org/usage#pixel-camera

That's what I do to get `adb root` and full file system access.

If I would be to place a bet I would place it on mass propaganda targeting people below average - it might be simpler, easier and cost effective. So lots of this talk about "encryption", "privacy" might be in fact great for those "actors": smart people worry about their precious technology and principles, while "they" talk to "the masses".

Used to be anyways. (My office was a floor below in the mart)

The key quote in this article is:

"Israel has a long record of getting U.S. military technology to China. "

My friend the GrapheneOS supported devices list is nothing but pixels, including the very latest models. It'll be good to have more supported devices.

https://grapheneos.org/faq#supported-devices

here you have filtered Android phones since 2020 under 71mm with OIS camera

https://www.gsmarena.com/results.php3?nYearMin=2020&nWidthMa...

it's basically just Samsung S series, Pixels, overpriced bad value Sony and few exotic/abandoned phones (Asus is done with phones, they had always horrible SW, Xiaomi only model 12 many years ago, Meizu not available outside China)

It's really a bummer that Google probably won't certify pre-rooted devices. It would obviously only do harm to them and not fit into the scheme of our big tech companies pushing anti-circumvention laws, but some high-spirited side inside of me still has hope.

- Backing up all app data via Neo Backup. Android has an auto-backup feature that backs up app data to the user's Google Drive, but unfortunately the app developer can simply opt out of this, and the user cannot do anything about it. This means that app data may be lost when migrating to a new phone, as the app data is stored in directories that are not accessible in the filesystem without root.

- High-quality call recording via Call Recorder. For some reason, some (most?) phones do not allow apps to access the raw incoming audio stream. Non-root apps have to rely on capturing the other end through the microphone, which is horrible.

- /etc/hosts-based ad blocking while using a VPN via AdAway. DNS-based ad blocking is possible via apps like AdGuard, which use a local VPN to accomplish this. Unfortunately, Android only allows one VPN connection at a time, which means that without root I would not be able to use a VPN for any other purpose while simultaneously blocking ads.

---

I have no experience with GrapheneOS, so I'd be interested to hear if these features are possible on it without rooting. If not, can I request these features somewhere?

I read that a lot, and I agree that I want to own my device. But that does not mean that I should have root access on the OS I choose to install on it.

Owning my device means that I should be able to install whatever OS I want. It does not mean at all that OS developers must do whatever I tell you to do.

> long term patern cross licensing

> israel

> pegasus

Basically lots of judgment based off of superficial facts with little understanding of implications and the actual consequences of those facts.

https://www.aliexpress.com/item/1005005575993915.html

I'm not so fond of it because it has a fan. But if you could use it at home, and then had a "phone conversion housing" you could attach it to a belt and have a smartphone. Run wired earbuds out it. Have a trackpoint nub.

Here is a $15 screen. https://medium.com/@lee.harding/building-a-real-time-hn-disp...

There's something elegant about only requiring 1 computing device for everything. Even put it in the car!

It's what Steve Jobs would want.

It's not about Google, it's about OP's personal values

* I only recall one news report of this happening years ago.

A recent court case investigating spying on 37 elected representatives [1] (including the prime minister, three ministers, and regional politicians) had to be closed in 2023 and again in 2026 “for lack of cooperation of the Israeli government”.

[1] https://www.rtve.es/noticias/20220510/pegasus-espiados-sanch... (spanish) [2] https://www.rtve.es/noticias/20260122/juez-archiva-caso-pega... (spanish)

> Running GraphineOS without all the security features they want would be better for me than what I currently have.

But then it would be like running LineageOS, which is a great (but different) project. Why not using LineageOS?

Whenever I see this when talking about small phones, I'm reminded of the stats, where the iPhone minis were a small proportion of iPhone sales but still by themselves outsold most manufacturers.

https://news.ycombinator.com/item?id=39104057

> Yes, but do these enthusiasts care at all if it meets some need for the users? ... And how can they find out how well it meets that need other than receiving (respectful!) feedback?

What makes you think they don't? Can you point to any instances of them ignoring the community at large?

You can open an issue in any of the open source repositories and request a feature. Others can vote and comment on it. Or you can discuss it in the very lively forum. All methods used to steer the project towards the desires of the users.

In case you can't find them: https://github.com/GrapheneOS https://discuss.grapheneos.org/

This whole conversation just feels weird and specious to me.

You're free to fork it to adapt it to your device.

The expectation that the entire project brand must be diluted (by lowering the security) to support you specifically, or you feel wronged, is a little, my apologies -- absurd.

If we want to use banking app we have to use a non-rooted/leased device. That is what is really messed up. Personally I only use bank now that has website for banking. If they don't have a web site only app, then it is a red alert for the company.

There's just too much hacking going on, malicious behaviour, to allow uneducated masses to have root on a phone. I've seen so many people just not understanding the outcome of their actions. You'd get people rooting because some shady app lied about why, and just wanted control.

And we don't need more botnets. And it's why banks sometimes throw a fit.

So if a recompile does the trick, and no downside, then it'd be fine.

But the whole idea of GrapheneOS is the reason why it (currently) only runs on Pixels. On other phones you can run anything based on LineageOS...

I don't want GrapheneOS to compromise on that: if I didn't care about it, I would use any other alternative. To me it's a bit like saying "I would be using Linux if it was a lot more like Windows" (that's something I often understand when Windows users explain what it would take for them to use Linux). But I, as a Linux user, really don't want Linux to look a lot more like Windows.

Most phone aux support microphones and acting as an antenna for FM radio reception. I don't see how either could be used for a security exploit however.

No electric circuit is unidirectional. Beyond the pause/play and volume commands that it supports (edit: and mic as mentioned in a sibling comment), Graphene would probably reason it's an easy way to externally read voltage levels and so an unnamed entity can mount side channel attacks with backdoored headphones

That said, my banking and credit card apps work fine on GrapheneOS.

If I said "I buy new phones regularly, but I sell them in second hand, for the environment". Would you consider I actually make an effort for the environment?

> The baseband firmware itself doesn't have any replacement available.

Same with the Google Pixels and their Samsung Exynos modem. Neither you nor GrapheneOS users have any idea at all what's going on in their cellular transceivers. What will it be for the upcoming Motorola phone?

https://grapheneos.org/features#sandboxed-google-play

For me, the killer "feature" is that I need to generate an auth code on my bank's app to be able to log in to my account and make transfers via my browser (or I can use the app directly). In other words, it's considerably more difficult to actually do (retail) banking without my bank's app.

* A wallet for QR-code based payments backed by a national standard for their content and by the money in your bank account;

* A software implementation of an NFC-enabled credit or debit card, or sometimes with a magnetic strip emulation in addition to that;

* An interface to transfer money to other bank accounts in the same country or abroad, or to convert between local and foreign currency if you have a foreign currency bank account;

* A way to pay common utility bills - in some cases, by scanning the QR code on the bill;

* A way to manage banking and investment accounts - e.g., if you want an extra savings account in Japanese yen with a new debit card attached to it, tap a few times and it's there;

* A chat with bank representatives - for example, to provide supporting documents by photographing them, without ever visiting the bank;

* A second factor (as in 2FA) to approve money transfers initiated from the desktop web browser, meeting the bank standards where TOTP can't meet them (e.g., due to the legal requirement to say what transaction the code is for).

The real problem is that many banks are deprecating their browser-based interfaces and are turning app-only.

https://f-droid.org/packages/helium314.keyboard/

That's not it. The concept is "if you choose to install this particular OS on the device you own, then it comes with this particular security model". That's totally fine. If you own your device, you can run Linux on it and you'll have root access.

"Not owning your device" means "not being able to install the OS you want on it". I want to own my device, obviously. But it does not mean that I own the developers of every OS in the world and that they should do whatever I tell them to do, for free.

As for the camera, a webcam sticker seems much more convenient than needing to mess with the hardware internals

It's water under the bridge. You're NEVER getting a Graphene phone that supports a microsd. It won't happen. The AUX jack, you will biligerently be told to get a USB DAC or otherwise you are an old man yelling at clouds.

Graphene and Motorola will work together by happy accident. Tell ya what though, if they make a GrapheneOS phone with 3.5mm, dual sim, microsd, and >no notch or hole punch< and I will buy it. I won't even care how much it costs. All the Xperias I've owned were among the most expensive phones on the market.

I can run banking apps like that, corporate apps like that, but I can't show a QR code to order happy meal.

> Backing up all app data via Neo Backup

GrapheneOS includes Seedvault by default. https://grapheneos.org/features#encrypted-backups

> High-quality call recording via Call Recorder

Call recording is built into the Dialer app on GrapheneOS. https://grapheneos.org/features#encrypted-backups:~:text=Cal....

> DNS-based ad blocking is possible via apps like AdGuard

DNS-based blocking can also be accomplished by using Android's native Private DNS feature with a resolver that blocks ads. You could even host your own on a VPS if you are more comfortable running name resolution and DNS-level adblocking on infrastructure you control.

The RethinkDNS app also lets you use DNS-level adblocking and a VPN at the same time. https://grapheneos.org/faq#ad-blocking-apps

> I have no experience with GrapheneOS, so I'd be interested to hear if these features are possible on it without rooting.

I recommend giving https://grapheneos.org/features a read.

> If not, can I request these features somewhere?

Check out the issue tracker on GitHub: https://github.com/GrapheneOS/os-issue-tracker/issues

> It very directly harms the security model

What do you mean by this? You mean that it is a "god permission" that bypasses other permissions? If so then yes, with great power comes great responsibility and it shouldn't be used lightly.

> and is not a good approach to implementing any of the features hacked together through it.

Maybe not, but is there an alternative? What is your recommended way to access all files of any app? This is my primary use case. Modification would also be valuable but I would be ok with read-only access.

> Giving root access to a huge portion of the OS harms security even if you never use the feature.

Can you explain why root access must be given to a huge portion of the OS? Why can't it be limited to specific apps or features (like ADB shell)?

> It does not mean you can't do it, we only recommend you don't.

Of course. It is your right to recommend whatever you want :)

Not your keys, not your speech!

It's one phone's worth of demand either way.

normies use consoles, sometimes PCs

my personal beef, after a camera that gets decent photos in low light, would be an accurate GPS that doesn't crap out after half an hour

Anytime I need a "simple" utility, I check f-droid first to get the one-trick-pony app over spyware from the play store.

Other utilities I use are: WorkTimer: pomodoro app DiskUsage: self explanatory Http Request Shortcuts: setup home screen app shortcuts that run http requests

By rooting your device you can access the app data directories as you wish.

What bank does that? If my bank did that, I would find a new bank immediately. That is not OK.

Pixel has an IOMMU - are you implying that’s being defeated, or that you weren’t aware of it?

Because when someone says "buy used" they're obviously telling you to buy the antiques your grandma used to love back in the day on an annual basis. Anything newer than that especially from the last year or two would be new and insane to consider, especially if you keep it more than a year. You really owned me with the flawless argument there.

Doesn't help with the current situation though but I hope the partnering between Motorola and GrapheneOS is still up and going in a few years when I'll next have to replace my phone.

In comparison the Burger King app works without problems and is very fast.

In public transport I see almost as many people playing games on their phones as those watching videos.

https://www.cnbc.com/amp/2018/06/05/apple-one-of-the-biggest...

It's what makes computers so wonderful and powerful, you can just have it do whatever you want. Turning that into "whatever google decides i should be allowed to do" is not gonna lead us to a bright future.

There's first-world, upper-middle-class affordable (~$500) and then there's global affordable (<$250).

Why such a restriction?

> or ones with a chipset that would have been considered fast in 2018

https://puri.sm/posts/the-danger-of-focusing-on-specs/

> webcam sticker seems much more convenient

Except there is also a microphone.

> than needing to mess with the hardware internals

What do you mean? My phone has a convenient, external hardware kill switch. No messing with internals is necessary.

> and Graphene is under no obligation to provide anything to anyone.

And here I thought it felt repetitive between (sub) threads

I think it is important, because I read a lot of comments that imply that "owning their device" means "owning the developers". And that's a wrong fight.

The real fight is that it should be illegal to prevent me from installing my preferred OS on a general-purpose computer.

So an application of course can use other android services if it declared that, that's why it can see whether it's running or not. But you are in full control whether google play services is installed, and what it can use.

Of course this may break certain apps (Google maps location sharing will probably not work with the location permission denied for play services), which may or may not degrade gracefully.

I was merely pointing out that "buying used" is not necessarily better than "buying new but keeping for 8 years". Many people "buy used" but often.

It was likely their management doing random shit to fix it. Instead of fixing real problem, which was bogus campaign rules. Reddit was full of people abusing their app discounts and ordering insane amount of food for free. It was well described.

None of that was due to app security holes. It was an issue in their promotional campaign. It was still working after those "secure" app limitations appeared.

Former Mossad Chief Yosi Cohen bragged about having booby trapped and otherwise compromised devices in pretty much every country. [1]

[1] https://the307.substack.com/p/former-mossad-chief-brags-that...

Sorry, that wasn't clear: I meant any phone that I can purchase as of 2025. I was looking for several months and made a decision about 2 months ago. A second-hand Pixel was a big compromise but I don't see another option

> https://puri.sm/posts/the-danger-of-focusing-on-specs/

Do you also have thoughts to add or am I supposed to read and respond to 2000 words of material here?

The reason I'm looking at specs is not because I have no idea what I need. Not sure if there's another possible reading or if the link insinuates that. The software I use (e.g.: OsmAnd) is noticeably faster on more modern systems and was downright sluggish on my previous phone. I could buy my current chipset again, it's doable for now, but neither fluent nor future-proof. The chip's inefficiency also means it's completely empty after 2.5 hours of use (while I'm out mapping, taking notes, recording positions and sometimes pictures, listening to music... I ask a lot of the battery), whereas newer chips can do the same work with less energy

I also need a modern chipset for accurate GNSS. The phone I get from work has dual-frequency GNSS and makes razor sharp traces which are much more usable for my mapping hobby, especially in urban or forested areas or behind coated windows like trains or cars (car navigation isn't that niche, my current phone does a pretty poor job at that)

But yeah, let's not focus on specs. Who cares about any of this right? That's what I'd say if I sold a really basic phone

> Except there is also a microphone.

Respond to the person above. Hardware toggles wasn't my argument but theirs. Great that your librem has this but the thread is about GrapheneOS

Edit: lol that was yourself. You posted about a camera toggle, not me or anyone else

What of it?

I also don't include a root account in my container images, but you probably have a root account on the sever that runs them in case you need to debug something. But you can probably also build and deploy a new container. At the end of the day you almost always want some last-resort way to access the data stored in case something goes very wrong. Whether that is for backups, "hostile" data export or for other reasons it is important to me.

The idea is that relatively low specs do not necessarily mean low performance. It depends on the software a lot. For example, SXMo provides a smooth experience with maps and Youtube even on a Pinephone. The battery life may be a problem though.

> the thread is about GrapheneOS

The subthread you started is about a phone "with a headphone jack that I can actually use more conveniently than a tablet", so I thought I could intervene with some other options. I might be wrong though.