The main things I miss are (1) when I'm entering text I can't swipe left and right on the space bar to scroll the cursor left and right, and (2) the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Anyway, I looked at Google's Android 17 blog and yikes:
"With deep integration between hardware, software and AI, we’re transforming Android from an operating system to an intelligence system. It's about delivering new helpful experiences that anticipate user needs, and it brings more opportunities for engagement with your apps."
https://android-developers.googleblog.com/2026/06/Android-17...
Asking as an A11 user who will probably soon need to switch to a new device. I haven't noticed anything on other people's phones that isn't available on mine, including on my work phone that runs an up-to-date GrapheneOS (but I don't need to do much more than calling and 2FA, so I might just not be seeing it). Anything you guys are excited for, or any protips of things to check out that were released recently?
No love for 9 or 9a? I guess it's still coming eventually.
- A 9a owner running GrapheneOS
The biggest hurdles for me were - should I use separate profiles and how to get apps. Initially, I started with a separate profile for google stuff (like play store/services and apps downloaded from there, like Viber), but eventually I moved everything to the owner profile (and took a bit of a privacy and battery hit in the matter of convenience). Still, being able to control many app permissions, gives me a good state of mind that apps are not doing more then I expect.
Just looked at what android 17 brings to the table and I'm mildly excited - especially improving performance and adding more permissions (like ACCESS_LOCAL_NETWORK)
Many apps that work on microG don't work in GrapheneOS without installing Google services anyway. I'm by no means across the full privacy implications, but my feeling is microG balances privacy and usability better for me.
I've since switched back to LineageOS+microG and am happy with it. Just my experience.
Is this an antithesis to Don't Be Evil?
This should have the full list; it's not a ton of changes, which speaks to how perfected Android has become.
https://android-developers.googleblog.com/2026/06/Android-17...
>Those are just the devices we initially tested it on which mainly has to do with which devices were available to the people working on the port.
>To clarify the 2nd paragraph, we've ported GrapheneOS to Android 17 for all of the supported devices. That's a list of the devices we already built and tested it. Our initial public release will be available for all the supported devices and we'll have tested it on each by then.
As an iPhone user, I really like what Oppo is doing with their ColorOS: https://www.oppo.com/nz/coloros16/
They've ported the patches to work on top of the latest release.
not sure about downloads specifically, but app installs are slow because grapheneos forces AOT compilation (JIT is disabled), presumably for security reasons.
Buying a used Pixel is economical, environmental, and likely doesn't support Google. Pixels are the only secure and open android devices that could work for the project and meet the extensive requirements[2]. This is because GrapheneOS takes real steps to protect user privacy and security, not features that degrade security and don't increase privacy. You are going to be doing much more against Google by using GrapheneOS because it comes with 0 google services by default and takes advanced steps to protect you from all apps and services you install.
If you are still not willing or able to purchase a Pixel, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[3].
[1] Privacy and security on computing devices need to become far stronger to protect people from pervasive violations of their rights. https://xcancel.com/GrapheneOS/status/2044440381803069778#m
[2] https://grapheneos.org/faq#future-devices
[3] https://xcancel.com/GrapheneOS/status/2028448871374803007#m
I still don't want a pixel, so I went with a used ebay phone and installed lineageos.
So I jumped straight to GrapheneOS, which was way easier and less extreme than I had been warned. So beautifully minimal, with no crap. Now my phone feels like a simple Linux (Void/Arch) PC. So wonderful.
My understanding is that even with pseudo-D2D (device-to-device) transfers Seedvault doesn't backup everything[1].
Are there more-functional, non-root, local (non-cloud) alternatives?
[1]: https://github.com/seedvault-app/seedvault/wiki/FAQ#why-do-s...
I was sad that I had to go through the OOBE setup on the stock image to unlock the bootloader. At least it doesn't force an internet connection and login, unlike Windows.
However, some apps that I need for work, like Microsoft Authenticator, no longer work under GrapheneOS.
https://www.theregister.com/on-prem/2026/03/10/microsoft-tig...
My understanding is that it is impossible to unlock the bootloader on a new recent (Android 7+ at least; possiblt earlier) Android phone until it has connected to the Internet. After that, the ability to unlock the bootloader is permanent.
*It doesn't actually wipe your data; it just destroys the symmetric key, making the data permanently unreadable.
Maybe you can try installing another SMS app for problem (2)? Much like the stock keyboard, the stock Messaging app is just the AOSP app. Honestly it works fine for me so I don't have a recommendation.
My single (minor) issue with GrapheneOS is the adaptive screen brightness. On the stock Android OS on a Pixel I'd mess around with the sliders for a week or two on a new phone and then it learned what I liked. Now it has a few set values, one of which is always too dim for me in darker conditions so I have to mess with the slider each and every time. I don't believe there's a way of fixing that.
Other than that I'm glad I switched, especially when I read about new "features" they add that I know I'd hate.
Edit: not discontinued but 'merge with Android' https://en.wikipedia.org/wiki/ChromeOS
You can change any apps to different apps meaning the keyboard, homescreen/launcher, messaging app. The launcher is a primary UI thing which is different from iOS and is totally customizable by just installing a new app.
So you can change the look of anything that depends on an app, but stuff like the control center, lock screen, volume sliders, connectivity icons, notifications afaict can't be changed.
https://niagaralauncher.com is a cool looking launcher that I used to use.
It's a little confusing but I'll say there's nothing ugly like the stock GOS apps that can't be changed and tha unchangeably UI elements match the Pixel UI.
Here's a comparison which will show both the unchangable stuff like control center, but also the Pixel launcher, which you can swap out.
https://www.youtube.com/watch?v=lwNicPJk4lY
I switched from iPhone and once I installed good looking apps I really prefer the look to iOS because it's a lot faster and smoother.
lineageos has built-in firewall for years now. no need for afwall.
That said, Google's hardware is behind their competitors and they've had a lot of problems in the past few years. The Pixel 8 Pro has hardware WiFi problems, the 9 and 10 are both minor updates with prices that are far too high, the 10 is eSIM only, etc.
I'm not looking to fully de-Google but I want Google as apps and not my OS.
Still boggles my mind the fact Google doesn't sell their phones worldwide. Obtaining a Pixel has proven to be quite difficult for me.
GrapheneOS is compatible with the vast, vast majority of Android apps, so you can use GBoard or FUTO keyboard (which I recently switched to from GBoard), to get the ideal experience.
FUTO recently revamped their swipe to type model and it's now more accurate than GBoard in their testing. I am a huge swipe type person, so this is what held me in GBoard's clutches, but now I'm free.
The dataset is open source and anyone can add to it if you're on a mobile device here: https://swipe.futo.org
And you can learn about it here: https://swipe.futo.tech
> the texting app doesn't just attach reaction emojis to a message -- it quotes the whole message and prefixes it with something like "Marty like blahblahblah". When there is a whole family text chain it isn't uncommon to see the same message 7 times as various people react to the original message.
Google messages, the experience you get on PixelOS, is also compatible with GrapheneOS, but you will have to afford network access to sandboxed google play, among other things. I couldn't tell you specifically, but it will work out of the box before you restrict anything. Many people choose to use this setup because it opportunistically adds e2ee for chats between iPhones and other Androids using Google messages.
There's also other SMS apps, but I focused on switching people to Signal so I barely ever use SMS.
Once I replaced the default apps, GrapheneOS became a premium phone experience.
RCS is different, which you can sometimes get working by installing Google Messages¹, which is essentially the only app that supports RCS any more. Google runs essentially all the servers too.
---
1: There are no third-party RCS apps² because, unlike SMS which has an API and a shared database on the device, RCS is extremely locked down and it's literally impossible to create one in stock Android. This is also why it's only "sometimes" on GOS, the details are very complicated and rather enraging.
2: Samsung had one, but they're shutting it down in favor of Google Messages. A tiny number of other devices / telecoms have their own too, but they're rapidly shutting down as well. RCS is very nearly fully controlled and implemented by Google now, except for iMessage as a client only, for now, and there's no encryption between iMessage<->Google Messages last I checked (but there apparently is between Google Messages... but no normal person can really verify that because it's Just Google Everywhere).
The point is, I'd like to be able to set up services, configuration, and run tasks on my phone this way too, ideally offline. If this system integration is what gives me programmatic control of my most personal computer and the ability to finally set up decent automated tasks and workflows then so be it.
I don't really see the appeal of contactless payment, pulling a card out really doesn't take much time.
The Owner profile itself doesn't run Google Play Services, so when that Private Space is locked and dormant it's effectively a degoogled stack.
Some will invariably argue that an old pocket-sized Linux PC with a cellular modem is a superior experience, and for some specific things it may well be, but GrapheneOS is the only viable option for someone looking for a user-respecting modern phone with very few limitations.
You can install nonprivileged google stuff on the main account.
Alternatively you can setup a private space (accessible to the main user but mostly separate from the main system) with a few clicks in the settings.
If you prefer more friction / isolation you can setup a separate user where you can install the google stuff.
Which is not to say that's not enough for most people, but why highlight them? It doesn't seem comparable to the laser-focus GrapheneOS has on security
The voice recognition is built on Whisper, and is amazing. You can speak conversationally for a long time and it gets everything right, with smart decisions based on context.
My stupid thumbs text no more.
I've found graphene's keyboard far more error-prone than the stock android keyboard, but I also don't care to learn swipe to type.
The feature I'm missing is simply that rubbing my finger left or right on the spacebar in text mode causes the cursor insertion point to move left or right on in the text I'm entering. It makes it sooo much easier to correct typos.
I had installed graphene os on a pixel but after a couple months and a couple loops between lineage, stock, and graphene, I eventually settled on stock android. I have group messages with family and some of the family are on apple, some on android, and RCS only works with google messages and google services installed.
It's infuriating that I can't send RCS messages unless google allows me to. I want to go back to email or MMS. Supposedly after a month (!!) RCS group chats will fall back to MMS, but that was not my experience. Also, if you turn RCS on/off you may get kicked out of group messages [0].
[0] https://support.google.com/messages/answer/7189714?hl=en
> Attention required!
> Sorry, you have been blocked
> The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
Thanks cloudflare *handshake* garmin. I suppose I'll stay with chip and pin for now
I've used mine daily since it came out, and it's a great experience. I'd recommend picking it up for anyone who wants GOS on a larger screen. An iPad it isn't, but my iPad Pros have sat almost totally dormant since I got it years ago.
It lacks horsepower compared to the latest Pixel Pros, but that hasn't been a practical concern in anything I've done with it so far.
The prime difference between P8 pro and P9 pro is that the newer one is nearly a usable size (just about fits in a pocket now). The battery also got substantially better in two ways: on mobile data (when you're on someone's WiFi, odds are you're also near a charger) you get 33% longer use time on all variants of the P9 and 55% on the P10 and P10p (9 to 12 and 14 hours, respectively), and hours of use per 30 minutes of charging went up from 4.6 for the P8 to 6.3 for the P9(p) and 6.2 or 7 for the P10 and P10p, respectively
The rest is indeed relatively minor but it's not an unwelcome upgrade. Prices didn't change much when buying second-hand 1.5 years after release, when the newest devices are out and nobody cares about the generation-before-last despite >5 years of updates remaining (plus however long you think it's fine without updates)
> If you are still not willing to purchase a Pixel for whatever reason, GrapheneOS has a partnership with Motorola to help them create compatible devices which will be available soon[2].
Ok? Wake me up when that happens.
This is entirely possible as other posters have explained. But I think it kind of defeats the point of Graphene, at least somewhat. Google is already profiling every aspect of your life by reading your emails, files, calendar, location, etc? In that case, OS access becomes moot.
I think that GrapheneOS makes most sense as part of a broader move towards privacy-respecting alternatives. I see the sandboxed Play Services as something useful perhaps in a secondary user profile, for the odd commercial app required and only available from the Play Store.
Biggest caveats that I've encountered: tap to pay via Google Wallet is a no go, Android Auto can be flaky, MDM managed work profiles don't work at the moment, and some apps that use the Google Play integrity API fail to validate and refuse to work (I've only encountered one app that fails, and plenty others that work.)
In general, I'm moving towards a de-Googled life and GrapheneOS is a great entrypoint towards that.
I'm hopeful that an OEM Motorola device will get certified for Google Pay.
Why would we expect the same company to exhibit a completely opposite philosophy as they add LLM features?
Initially there were some promising details planned, but much of it hasn't panned out, and plus now it's Just Google™. Like, roughly everyone has heard that RCS brings E2EE privacy, right? Would it surprise you to learn that it was only added to the spec around a year ago, and nobody has it implemented yet? Google has their own thing between Google users, Apple has their own iMessage-only thing, and they both drop crypto when you cross the streams because it isn't in the spec. And neither is practically auditable (allowing auditing is part of the spec btw - have you seen that UI?).
And that's before even touching on the utterly massive amount of the spec that's clearly designed for businesses only, to send you highly customizable interactive UI. Which you can't use as a person. Or build your own app for. https://developers.google.com/business-communications/rcs-bu... / https://rcsforbusiness.google/
It just does not smell good. It's not in our best interests to let it win.
Okay, see, that's an important thing to add to your original post. Saves everyone a lot of time.
If they don't sell them in your country, it's not "no thank you" as you said, it's "this doesn't apply to me".
Maybe for cars Google is better but I don't use those. But even there I see really detailed stats.
OSMAnd is a really great full featured mapping app. A real tool that you can configure in detail. And Organic maps is more simple and quick like Google maps.
There's just two things I still need Google for: most businesses don't bother keeping their opening hours etc updated on other mapping services, and in my city they have live data on the public transport network. This should really be mandated to be offered to open street map too.
https://www.here.com/products/wego
Edit: Apparently that's Europe only? I'm in Europe so yeah. I didn't know that.
What other phone would you pick?
Unfortunately Google revived it but it's a very poor standard for interoperability. Not only because the lack of true E2EE in the open spec but also because you need to be a blessed party to run an RCS server and communicate with others. You can't run your own or choose a party you trust. It's either your carrier if they bother to run one, or Google.
It's just another power grab. Don't fall for its 'open' guise. They want you to use it so they can make you dependent and lock you in again. There's nothing open about it. If you want privacy, use signal. If you also want an open and federated network, use matrix or xmpp with OMEMO.
Commercially, this makes sense.
I am surprised that most nations of the whole world are fine with every citizen relying on one of two american companies for their lifestyle interactions though. I would have thought more nations would legislate their banks must support other options for sheer sovereign resilience.
I actually find that it blows Google Maps out of the water for cycling (which is why/how I discovered it). I haven't really used it for driving much because my own car has a builtin nav, so can't really comment on that.
YMMV of course.
I definitely use one of those wallets. They're quite convenient too.
Graphene adds many privacy features on top of regular AOSP. But it only works on phones that has good security features that are not woefully outdated or completely closed-off. Google has complete control over Pixel supply chain and they can make their phones with all bells and whistles for their ends and they behave a bit benevolently and expose the interfaces to the user too.
Most Android phones use Qualcomm which doesn't give a flying fuck about giving control or privacy to the users.
Does it though? The people in this thread are like "just use a card". Well I've done that for years and had my card skimmed, lost, and stolen over the years. The cost wasn't trivial either. The credit card company knocked it off my balance but also lost on sales when I didn't have my card while they issued me a new one. It cost the credit card company actual money in both lost sales and in dealing with the fraudulent transactions.
Now if I was allowed to use my rooted Android phone during those years? It would have been locked down tighter than the vast majority of Windows boxes.
People forget that one of the value-adds of credit cards in the first place is that suddenly you didn't have to walk around with a big wad of cash. Credit cards gave you that extra level of security. Even if someone stole it, it's useless to them as soon as you make a phone call to the CC company. We can verify a transaction with a yubikey-like secret store on your device that never shares the private key with the operating system and which generates a virtual credit card on the fly. That's literally how Apple Pay and Google Pay already work. So whether a device is rooted or whatever literally doesn't matter.
> ... Android 17 expands the capabilities of AppFunctions, a platform API with a corresponding Jetpack library. It allows you to contribute your app's unique capabilities as orchestratable "tools" for Android MCP, the on-device equivalent of the Model Context Protocol. AI agents and assistants (like Google Gemini) can discover and execute AppFunctions to perform workflows on behalf of the user with direct access to the app's local state.
Is that implemented in GOS? How is that done securely - giving LLMs power to control some apps?
So I still use gboard but block its internet access.
1) What's a reasonable Pixel phone to buy to try out GrapheneOS? Is a 128GB Pixel 7 "good enough" or will I get a significantly better experience with a newer phone and/or more storage?
2) Is there a Graphene alternative that would let me de-google an Samsung A12? Back in the day I had some Galaxy S3 and S4 phones that I installed Lineage on, I have no idea if that's compatible to Graphene and/or still a going thing?
GrapheneOS has some hardening in this phase, which as I understand, essentially has to rebuild all apps without cache.
And as I have a ton of apps, I was parked for 30 minutes waiting my phone to boot up.
And because of this app optimization thing, I always delayed OS update finalizations, which probably isn't the best thing.
Unfortunately, GrapheneOS recommendation to this was to have fewer apps. Had to let it go after that.
I've got almost everything working the way I want. There were a few non-essential banking apps that won't install. The most annoying problem I had is when I tried to install Strava, which I cannot get working. The app installs, but it will not let me sign in. I guess I need a replacement, because I use that app a lot.
If I try Graphene what do I lose? Similar to how if you use something like icefox or icewolf one of those very secure browser, lots of normie websites like banking just straight up don't work. What would I lose by moving away from samsung's default to this more private OS?
There are some apps I can't do without like ReThink DNS, NewPipe and other open source apps which I use regularly. All would get blocked under Googles new regime.
Interesting. What do you think are reasons for google to run Pixel then?
Not being sarcastic here, but what links you shared (thank you) say imply there are almost no benefits for Google to run Pixels and as we all know, Google is not a company doing charities.
Checking which phones are supported by Lineage and Graphene can be done by everyone in a matter of minutes.
I can also recommend Gadgetbridge for BLE smartwatch integration.
it ships with Memory Tagging Extensions (armv9 security feature) and two more years of support than previous generations; pixel 7 might be eol in oct 2027 https://grapheneos.org/faq#device-lifetime
official recommendation page: https://grapheneos.org/faq#recommended-devices
2) there is no real graphene alternative for other devices. I would say DivestOS at least made sane compromises to support less secure devices, but it's unfortunately defunct now. Yes lineage is still around and still the go-to clean 'ROM' but far from security focused. just avoid stuff like /e/ os
GOS has much better battery than stock pixel ui because of less services and telemetry.
If you've confirmed your banking app won't work on GOS, have you considered accessing your bank's website through your phone's browser instead?
Sounds like spyware, to be honest.
If you wish so you can gain root privileges on your own in your own build or with modifying GrapheneOS existing builds. It wont be compatible with GrapheneOS provided updates because of signature mismatch
In the USA, I think most people can easily afford a Pixel 9a at $56/year of device support starting from today. Calculator checks yearly cost based on device support: (https://ibb.co/xq82YQCw)
Sources for device lifetime from calculator: (https://grapheneos.org/faq#device-lifetime)
I used a New+Unlocked+Pixel+X on eBay to find a rough price of the phone.
Most people get scammed by their carrier and pay $25-45 per month just for their wireless subscription, and many more get caught up in the device bundles which gets you the "latest and greatest", at a huge price. So people are paying, per month, what you can pay, per year for a Pixel.
Get millions of users using their services. The average person who buys a Pixel will likely go all in with the Google ecosystem giving Google every word they type, every message to a loved one, every search. It's a data gold mine.
I doubt they sell Pixels at a loss, but even if they did they could make up for it like how Amazon does with kindles.
https://www.forbes.com/sites/zakdoffman/2026/04/28/price-of-...
I think they also use pixels for testing android and such which is why they keep it secure and open.
https://play.google.com/store/apps/details?id=com.celzero.br...
See https://grapheneos.org/faq#recommended-devices for the device recommendations. There are going to be Motorola devices with GrapheneOS support within a year too.
<https://redirect.invidious.io/watch?v=aNgupWEV13M>
Visually, it generally looks much like stock Android in terms of capabilities, though a stock install generally has far fewer apps installed.
And trust me you'll like it ;)
Sounds reasonable. People tend to install way too many apps on their phones and than blame the phone about short battery life or too many notifications.
That’s why I have two phones. One runs GrapheneOS and is my daily driver; the other (considerably less private and secure) stays at home connected to my server so I can always scrcpy into it.
Fairphone cant be supported because it does not keep up with Android updates and in particular Linux kernel updates. Currently supported Fairphone’s have EOL (outdated, not supported) Linux kernel version. They are bad in terms of other aspects like lack of MTE, lack of USB port(s) control from software level on hardware level (Pixel 6 and newer have that), etc. You cant have privacy without security
But in 2027 this may change due to Motorola and GrapheneOS partnership
Android also takes permissions away from apps after they haven't been used in a while anyway.
So most of the battery consumption will be from the apps that you actively need and use. Android's battery usage screen backs this up.
The metro app I installed when I was on a trip in Istanbul is still on my phone, but it's dormant. Yes, I should definitely uninstall it, but I really can't be bothered to do this all the time. On stock Android, phone takes care of this for me. On GrapheneOS, either I take that responsibility or face the consequences - which I don't really want.
Few questions if you dont mind answering: - do you have to keep the phone screen switched on? - Do you access via VNC? - Can you access it from another phone? is it usable?
Thanks!
It's not one of the main issues with their devices but Fairphone has had a lot of issues with verified boot including using publicly available sample private keys for signing firmware and OS images across multiple device generations. It's not a strength of their devices.
I've seen payments being another problem - but Garmin watch handles it for me. And paying with a watch becomes a conversation starter with merchants for some reason.
https://news.ycombinator.com/item?id=48571526I suspect this is an attempt to prevent folks from spinning up many new accounts to get these deals.
That device, and the Debian derivative it runs, are not private or secure.
Besides doing many other shady things, like putting a proxy between their App Louge and F-Droid (cleanapk.org), while simultaneously not wanting to reveal who owns/controls that proxy? Remember that Android relies on trust on first use. Or running Google proprietary DroidGuard blobs in a privileged process for Play Integrity/SafetyNet? Or giving certain Google Apps elevated privileges when you install them?
I could go on for a while.
(I made the mistake of installing /e/OS on a phone once and then started poking around and it really has many security issues, questionable choices, etc.)
However Wallet didn't like this setup. Tokens expired at varying delays, sometimes a day, sometimes a week or payment failed without reasons.
Nowadays, I just use my bank's app which work fine on GOS.
For example, McDonald's has a long running campaign, 99¢ for coffee. Any size, iced or hot.
Well I am genuinely interested so I am all for continuing that discussions in details. I am happy to finally meet someone who had a real look and isn't just repeating things read online. So if you have time to share the result of your investigation I'm super interested. But here is not the good place I imagine, where can we continue that discussion?
There's also been some discussion of spoofing MEETS_DEVICE_INTEGRITY, since before Android 13 it didn't rely on a TPM, and many apps don't want to lock out older devices, but it's been decided against it [0].
[0] https://github.com/GrapheneOS/os-issue-tracker/issues/1986
Freedom of computing on Librem 5 doesn't end with the root account. It also allows to natively run any desktop software and develop it in any language, without reliance on Google's decision on how one must use the phone, how your OS must evolve and when you may get your updates. Or install a completely different OS from different developers, because there is no reliance on anything proprietary at all.
How you can call a device with a ton of opaque binary blobs more private and secure without mentioning this fact is beyond me. I do not call Librem 5 more secure. But its security depends on what I choose to run on it. And I only run trusted software, so it can be secure.
I was actually very surprised Garmin supported the country I'm in. They don't even support the language script, I get squiggles, but payments - better than Google Wallet.
My bootloader is locked, because I re-locked it after installing GrapheneOS. The app runs, but refuses to let me log in. I even tried (temporarily) using a browser to login, and let the browser switch to the app in the process. Nada.
It's ridiculous that Google bills their "DEVICE INTEGRITY" initiative as a security feature, when GrapheneOS, which is a more secure platform, cannot use it.
The protection is achieved through security. The major goal of something like GrapheneOS is privacy, which needs solid security as a prerequisite.
The blobs, while proprietary, are not opaque. They are able to be examined and they are.
The security of a device should not be dependent on what you choose to run on it. You should trust and be able to verify that the platform on which you are running the software prevents something malicious from accessing data which doesn't belong to it or otherwise violates the rules set by the platform (OS).
In this respect, the Librem 5 would do a horrible job compared to even stock AOSP. Thinking that you are secure because you only run "trusted" software on an insecure platform is cope.
[0] https://developer.android.com/google/play/integrity/verdicts