GrapheneOS

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

GrapheneOS
GrapheneOS Logo.svg
DeveloperGrapheneOS team led by Daniel Micay
OS familyAndroid (Linux)
Working stateCurrent
Source modelOpen source
Initial releaseApril 2019; 3 years ago (2019-04)
Latest release2022072000[1] Edit this on Wikidata / 21 July 2022
Repository
Marketing targetPrivacy/Security-focused smartphones
Update methodOver-the-air (OTA) or locally
Package managerAPK-based
Kernel typeMonolithic (Linux)
LicenseMIT, Apache License, various permissive open-source
Official websitegrapheneos.org Edit this at Wikidata

GrapheneOS (formerly Android Hardening) is an Android-based, open source, privacy and security-focused mobile operating system[2] for selected Google Pixel smartphones.

History[edit]

The main developer, Daniel Micay, originally worked on CopperheadOS, until a schism over software licensing between the co-founders of Copperhead Limited led to Micay's dismissal from the company in 2018.[3][4][5] After the incident, Micay continued working on the Android Hardening project,[3][6] which was renamed as GrapheneOS[6] and announced in April 2019.[3]

According to Damien Wilde of 9to5Google, sourced to GrapheneOS Twitter, in March 2022, GrapheneOS released Android 12L for Pixels before Google did.[7] According to Skanda Hazarika of XDA Developers, sourced to GrapheneOS Twitter, GrapheneOS applications Secure Camera and Secure PDF Viewer (based on pdf.js) were released to the Google Play Store and GitHub.[8]

Features[edit]

GrapheneOS includes the following notable[weasel words] features.

Compatibility[edit]

As of March 2022, GrapheneOS only supports smartphone models in the Google Pixel product line.[10] GrapheneOS supports certain end-of-life devices through extended support releases,[weasel words] but they will not receive comprehensive[weasel words] security updates.[15] Older devices are no longer supported.

Controversies and security incidents[edit]

ANOM sting operation[edit]

According to Joseph Cox of Vice Motherboard in July 2021, Pixel 3 or Pixel 4 series phones with GrapheneOS or a fork may have been involved in the ANOM FBI honeypot, sting operation; however, it is not known for certain.[16]

Dirty Pipe security exploit[edit]

In February 2022, a high-severity security exploit named "Dirty Pipe" (CVE-2022-0847) was disclosed in the Linux kernel by researcher Max Kellermann of Ionos, also affecting Android-based distributions based on a vulnerable Linux kernel version.[17] Google fixed the vulnerability in the Android codebase on 23 February, and "many third-party ROMs like GrapheneOS"[b] reportedly applied the patch in early March 2022.[18][c]

Reception[edit]

In 2019, Georg Pichler of Der Standard, and other news sources, quoted Edward Snowden saying on Twitter, "If I were configuring a smartphone today, I'd use Daniel Micay's GrapheneOS as the base operating system."[20][21][22] In discussing why services should not force users to install proprietary apps, Lennart Mühlenmeier of netzpolitik.org suggested GrapheneOS as an alternative to Apple or Google.[23] Svět Mobilně and Webtekno repeated the suggestions that GrapheneOS is a good security- and privacy-oriented replacement for standard Android.[24][11] In a detailed review of GrapheneOS for Golem.de, Moritz Tremmel and Sebastian Grüner said they were able to use GrapheneOS similarly to other Android, but enjoying more freedom from Google, without noticing differences from "additional memory protection, but that's the way it should be." They concluded GrapheneOS cannot change how "Android devices become garbage after three years at the latest", but "It can better secure the devices during their remaining life while protecting privacy."[3]

In June 2021, reviews of GrapheneOS, KaiOS, AliOS, and Tizen OS, were published in Cellular News. The review of GrapheneOS called it "arguably the best mobile operating system in terms of privacy and security," however, they criticized GrapheneOS for its inconvenience to users, saying "GrapheneOS is completely de-Googled and will stay that way forever—at least according to the developers." They also noticed a "slight performance decrease" and said "it might take two full seconds for an app—even if it’s just the Settings app—to fully load."[25]

In March 2022, writing for How-To Geek Joe Fedewa said, unlike standard versions of Android, Google apps were not included due to concerns over privacy, and GrapheneOS also did not include a default app store. Instead, Fedewa suggested, F-Droid could be used.[10] In a review of GrapheneOS installed on a Pixel 3, after a week of use, Jonathan Lamont of MobileSyrup opined GrapheneOS demonstrated Android's reliance on Google. He called GrapheneOS install process "straightforward" and concluded to like GrapheneOS overall, but criticized the post-install as "often not a seamless experience like using an unmodified Pixel or an iPhone", attributing his experience to his "over-reliance on Google apps" and the absence of some "smart" features in GrapheneOS default keyboard and camera apps, in comparison to software from Google.[9] In his initial impressions post a week prior, Lamont said after an easy install there were issues with permissions for Google's Messages app, and difficulty importing contacts; Lamont then concluded, "Anyone looking for a straightforward experience may want to avoid GrapheneOS or other privacy-oriented Android experiences since the privacy gains often come at the expense of convenience and ease of use."[15]

See also[edit]

References[edit]

  1. ^ "Releases". Retrieved 25 July 2022.
  2. ^ "Doing these 6 difficult things may make your smartphone 'hack proof'". The Times of India. 23 September 2019. Retrieved 30 September 2019.
  3. ^ a b c d e f Tremmel, Moritz; Grüner, Sebastian (11 December 2019). "GrapheneOS: Ein gehärtetes Android ohne Google, bitte" [GrapheneOS: A hardened Android without Google, please]. Golem.de (in German). pp. 1–3. Archived from the original on 15 November 2021. Retrieved 20 July 2022.{{cite web}}: CS1 maint: unfit URL (link)
  4. ^ Chua, Vaughn (3 April 2019). "GrapheneOS is a security and privacy focused mobile operating system". YugaTech. Retrieved 3 October 2019.
  5. ^ Perrone, Alessandro (12 June 2018). "CopperheadOS potrebbe non avere un futuro" [CopperheadOS may have no future]. Tuttoandroid (in Italian). Retrieved 1 August 2022.
  6. ^ a b Baader, Hans-Joachim (9 April 2019). "Android Hardening wird zu GrapheneOS" [Android Hardening becomes GrapheneOS]. Pro-Linux (in German). Retrieved 17 September 2019.
  7. ^ Wilde, Damien (11 March 2022). "Privacy-focused GrapheneOS based upon Android 12L comes to Pixel 6 in latest beta". 9to5Google. Retrieved 28 June 2022. After news that custom ROM project ProtonAOSP offers Pixel 6 owners the opportunity to run Android 12L ahead of the official stable release, GrapheneOS is the second such ROM to offer the latest build ahead of Google.
  8. ^ Hazarika, Skanda (4 March 2022). "GrapheneOS brings its camera and PDF viewer apps to the Play Store". XDA. Retrieved 22 June 2022.
  9. ^ a b c d e Lamont, Jonathan (20 March 2022). "A week with GrapheneOS exposed my over-reliance on Google". MobileSyrup. Blue Ant Media. Retrieved 6 July 2022.
  10. ^ a b c d e Fedewa, Joe. "What Is GrapheneOS, and How Does It Make Android More Private?". How-To Geek. Retrieved 4 July 2022.
  11. ^ a b c Kalelioğlu, Eray (3 April 2019). "Android Tabanlı İşletim Sistemi 'GrapheneOS' ile Tanışın" [Meet the GrapheneOS Android-Based Operating System]. Webtekno (in Turkish). Retrieved 17 September 2019.
  12. ^ By (18 November 2021). "Privacy Report: What Android Does In The Background". Hackaday. Retrieved 5 August 2022.
  13. ^ Valeri, Vitor (17 June 2022). "O que é o GrapheneOS? Como ele aumenta a segurança e a privacidade do celular?". Oficina da Net (in Brazilian Portuguese). Retrieved 5 August 2022.
  14. ^ "MAC Randomization Behavior". Android Open Source Project. 6 June 2022. Archived from the original on 25 July 2022. Retrieved 25 July 2022.
  15. ^ a b Lamont, Jonathan (13 March 2022). "I replaced Android on a Pixel 3 with an Android-based privacy OS". MobileSyrup. Blue Ant Media. Retrieved 6 July 2022.
  16. ^ Cox, Joseph (8 July 2021). "We Got the Phone the FBI Secretly Sold to Criminals". VICE. Retrieved 3 August 2022.
  17. ^ Goodin, Dan (7 March 2022). "Linux has been bitten by its most high-severity vulnerability in years". Ars Technica. pp. 1–2. Archived from the original on 8 March 2022. Retrieved 29 July 2022.
  18. ^ Amadeo, Ron (5 April 2022). "Fixing Dirty Pipe: Samsung rolls out Google code faster than Google". Ars Technica. Retrieved 25 July 2022. So where is the patch? It hit the Android codebase on February 23 and then didn't ship in the March security update. That would have been a fast turnaround time, but the April security update is now out, and Dirty Pipe, CVE-2022-0847, still isn't anywhere to be found on Google's security bulletin. [...] Once the fix hit the codebase in late February, many third-party ROMs like GrapheneOS were able to integrate the patch in early March.
  19. ^ Amadeo, Ron (3 May 2022). "Pixel 6 finally getting a Dirty Pipe patch, one month after the Galaxy S22". Ars Technica. Retrieved 25 July 2022.
  20. ^ Pichler, Georg (24 September 2019). "Wie Edward Snowden sein Smartphone einrichten würde" [How Edward Snowden would set up his smartphone]. Der Standard (in Austrian German). Retrieved 29 October 2019.
  21. ^ "Edward Snowden da a conocer las condiciones de seguridad para usar su smartphone" [Edward Snowden reveals the security conditions to use his smartphone]. La República (in Spanish). 2 October 2019. Retrieved 29 October 2019.
  22. ^ Rall, Philipp (23 June 2022). "„Ich würde zu Hause kein WiFi benutzen": Edward Snowden empfiehlt Alternativen" ["I wouldn't use WiFi at home": Edward Snowden recommends alternatives]. Futurezone (in German). Retrieved 3 August 2022.
  23. ^ Mühlenmeier, Lennart (19 July 2019). "Warum Post, Bank und Co. ihre Kunden nicht zwingen sollten, Apps zu benutzen" [Why Post, Bank and Co. shouldn't force their customers to use apps]. netzpolitik.org (in German). Retrieved 18 November 2019.
  24. ^ Šlik, Jáchym (6 April 2019). "GrapheneOS chce napravit bezpečnostní prohřešky Androidu" [GrapheneOS wants to fix Android security violations]. Svět Mobilně (in Czech). Retrieved 17 September 2019.
  25. ^ Diane (28 June 2021). "GrapheneOS: A Hardened Android Alternative (Review)". CellularNews. Retrieved 4 July 2022.

Notes[edit]

  1. ^ In comparison to AOSP, devices running Android 10 or Android 11 use a persistent randomized MAC address by default. As of Android 12, persistent randomization is used by default but non-persistent randomization is used in specific scenarios; non-persistent randomization can also be enabled from a developer options screen by users on devices running Android 11 or Android 12.[14]
  2. ^ According to Joe Fedewa of How-To Geek, GrapheneOS is not technically a ROM residing in the read-only memory of the device, but more accurately an "operating system". Fedewa claims third-party Android operating systems have been historically labelled as ROMs in the "Android community", which Fedewa says is the reason for the label.[10]
  3. ^ Samsung and Google released Android updates for affected devices later in April and May 2022 respectively.[19]

External links[edit]