I have not any prior experience with installing custom ROMs, but after trying it out (and getting stuck, and googling and finding answers) I successfully did it. Below is my home screen if anybody is curious:
I use OpenBoard for my keyboard. Unfortunately I am still dependent on Play Store since some of the apps I need can only be found there. Sometimes it feels meaningless committing to this whole thing because I’m not perfectly private; then I think this is better than using a regular iPhone or Android phone.
So far I’m liking it. I am naturally inclined to feel hesitant about using this as my main phone and plugging in a SIM since it’s custom, but I’m slowly making the transition.
Feel free to share any beginners advice or your own experience using GOS for the first time. Cheers!
Checkout Heliboard, it’s a fork of the discontinued Openboard which fixes a lot of it’s bugs and adds new features and improvements:
https://github.com/Helium314/HeliBoard
It’s avaible on F-Droid and IzzyOnDroid
Welcome! My experience has been seamless, I think most of the idiosyncrasies have been covered in other comments already but Ive had zero issues with base functionality “out the box”
I’m still waiting on LineageOS being ported on my phone (SM-A536B).
You are welcome to work on it. However, Samsung devices are a absolute pain to work with.
Yes, I know that, and I tried porting it to PostmarketOS, but the build failed miserably.
You need to mainline the kernel for Linux systems. That is a very difficult job
Even if apps you use depend on play store one of the things you can do on GrapheneOS is temporarily disable it and only turn it back on when apps refuse to run, another option is just keeping those apps in a separate work profile.
all android phones can temporarily disable an app until you turn it back on.
No, that only applies to (some, not all) system apps. GrapheneOS allows this for all (including user-installed apps): https://grapheneos.org/features#user-installed-apps-can-be-disabled
adb shell pm disable-user PACKAGE_NAME
worked for me with Signal on a stock pixel
Sure you can do it through adb, but Graphene exposes this option in the settings. They also recommend against enabling developer settings and using adb for security reasons.
But you said “no” before… I was just showing that it is indeed possible with non-system apps.
Yeah you’re right, I didn’t think of adb while writing that comment. It’s not possible through the settings is what I meant.
Not all of them can disable google play service apps
I would argue you shouldn’t be using those apps in the first place since they all contain proprietary blobs (yes that includes Signal, see Molly-FOSS for a non-blobbed fork).
Absolutely, my suggestion was just for folks who have apps that still require play services, not everyone can avoid it, but you can minimize usage if you do need them.
Molly also includes other useful features like database encryption and UnifiedPush support.
Yes but for me it is a non-starter for legal reasons because screenshots do not work with fingerprint lock turned on. I don’t understand why the user cannot choose to enable this or not like other apps can (including Signal).
Not google services
What are your concerns regarding using your SIM card?
It’s actually nothing but beginner paranoia. Will it work properly even on a custom ROM, is the main question spinning in my head.
No reason it wouldn’t as far as I know, assuming your hardware is compatible.
Works for me on Verizon and has for 5+ years. Google Fi even works as I’ve tried that with a different phone on GrapheneOS.
When I last used Graphene, it was on a pixel 4 XL, and I used a Google Fi sim card just fine. Texting, specifically MMS was borked, group chats would just be massive sentences of spaghetti letters. Other than that though, issue free.
Same issues here. I love GOS but I need basic things like SMS/MMS/RCS to work, and right now they just don’t.
Damn, not even RCS works?! I’m back to stock Android on a 6 Pro because I don’t have the energy, and can’t be fucked to deal with tech problems that often.
RCS works with my Pixel 7
Some people apparently got it to work. Maybe check this thread on the Graphene forum: https://discuss.grapheneos.org/d/1353-using-rcs-with-google-messages-on-grapheneos/81
Thank you! It was interesting skimming that thread.
Aurora store is also pretty cool. You can download from there without a google account.
Been using that for a few days now, I’ll never go back to AOSP, gboard, helio, nor anything else. Saw a video of who I think is the head of futo, giving a no fucks given presentation, says he’s tired of non google keyboards that make it feel like your typing drunk. Website has a QR code to add the Futo repo to fdroid, ez pz.
What don’t you like about HeliBoard? I have it and FUTO both installed, but I prefer HeliBoard due to its ‘hold space bar to move cursor’ option. Then I use FUTO for the occasional SpeechToText.
Futo also has the hold space bar to move cursor by default. I just wish it had single hand mode.
OMG thank you I didn’t know that!
I kept pressing and holding and got annoyed that the change keyboard dialog would pop up. Pressing and moving is the secret!
I didn’t dislike Heli, just my accuracy to hit the correct key felt immediately better using Futo.
Ooh in that case I may try using it for typing again. My typing accuracy on Heliboard is abysmal.
Can confirm I had the exact same experience moving from Heli to Futo. Immediately noticed I was way more accurate, better swipe and predictions too.
Good to know it wasn’t placebo! 😅
Unfortunately not FOSS
Source available is not the same as FOSS. Being able to access the source code is only a precondition to software being considered free. Their licence is not a FOSS licence.
I wasn’t meaning to conflate the two, as I see your point. I didn’t claim it was FOSS, just that the source was available.
I know for me, I don’t mind using software that is licensed so that it doesn’t directly fall under FOSS. I just like the availability to view the source vs closed source software being a total black box.
I have no plans to monetize their work, nor fork it, only use it.
Well that’s the difference between source-available software, open source software and free software. FUTO’s license may be source-available, but it’s not open source.
FOSS stands for Free & Open Source Software. FUTO is neither free software nor open source.
You can set up multiple user profile and install the play services in only 1 profile if you want to jeep other profile more private
I have been using lots of the different private keyboards that have been out for a while but FUTO just came out with a amazing Keyboard that has better then Google Voice typing.
Sorry for the noob question, but are you able to access your banking apps with GrapheneOS? If so, how?
Most apps should work with no issues. There’s a compatibility list at https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
For me, going into the app info and enabling “Exploit protection compatibility mode” worked for banking.
I’ve used four different banking apps (admittedly banks which may not operate in your country, but they’re popular enough in my country) on GrapheneOS no problems. I currently don’t have a banking app installed because I don’t need one and it’s probably spyware. I just do my digital banking in my web browser. But if you want to install a banking app, it should work completely fine, save for notifications—a lot of proprietary apps seem to rely on Play services for notifications 🤷♀️
Look into the user profiles feature to further isolate any play store apps you still use. I have one profile called gshit and thats the only one I install anything non-opensource on from the Aurora store.
This prevents any playstore apps from accessing say photos, contacts, messages, etc on your main profile.
PS. If you don’t like the stock launcher either you should check out KISS launcher (minimal mode)
Didn’t the Aurora store get their anonymous profiles killed? You still need to login right?
Hmmm nope I just updated some apps yesterday. I had to uninstall and reinstall Aurora store cause it wasnt showing the anonymous option anymore, but after that it popped up and worked like normal, no sign in.
No issues here.
No, anonymous logins work fine.
Logging in via Aurora can get your Google account banned.
Only read about it once or twice, so take that warning with a grain of salt.
I’d love to try out GrapheneOS (or another OS), but I can’t afford a second phone, and there’s no way I’m gonna dive head-first into something entirely unfamiliar to me when it’s my only method for telephony.
It does function just like any other phone so far I’ve tested. No app that simply doesn’t work. And if it doesn’t, you can simply exploit the GOS hardening in settings to improve compatibility. You overall have more control over any app, which I like
One of my biggest concern is banking apps not working. Is that still an issue with Custom ROMs?Edit: Nevermind, answerd belowI can add that ive also had 100% success with that setting, but I’ve only needed it 2 or 3 times.
It is really similar to stock android in terms of functionality. It’s just degoogled and hardened. It’s designed to be user-friendly and not for tech-savvy people (though tech-savvy-friendly—which is part of being user-friendly imo). I promise you you can use it out of the box once installed just like a stock android install. The only thing to be aware of is to install some kind of package manager like fdroid or aurora store, or even grapheneos’s unprivileged google play store, to get apps, unless you just want to use the stock apps it comes with i guess in which case you probably shouldn’t waste money on a smartphone.
Really? That’s awesome! I think I’ll check it out. :)
Edit: …Seriously? They only support Pixel devices? Wow. Fuck this.
Yes, only Pixels are officially supported. If you want to add support for other devices, it’s a foss project and you’re welcome to write the code yourself. For other devices there are other degoogled OSes you can use. Graphene is generally considered the most secure but if you have another phone you can install one of the other AOSP forks or turn it into a linux phone or something
Its also worth noting Graphene’s focus on pixel devices stems from those devices having more easily secured hardware. Which android fork you decide to use will depend on your particular use case. I wound up going with a Pixel and Graphene for android auto. But if you’re someone with existing hardware that you want to set up with a degoogled os, there’s e/os, lineageos, CalyxOS, iodé, and, if you wanna get really weird, postmarket os. Having done a deep dive into this I can honestly day there’s no single OSFA answer to this.
I did not realize there were other forks besides Graphene and LineageOS.
In any case, thanks for the info. I guess I’ll have to shop around.
I feel the same. If I try to install a different ROM and it falls I could be without a phone for a bit.
Gos installation can’tbe easier, they have WebUI installation
I was shocked to find out that the hardest part of the installation was finding a Chromium based browser on PC lol
All you have to do to install GrapheneOS is press one button in the WebUI. No other ‘ROM’ has been easier to install.
You can also use a Chromium-based browser on another Android device
Exactly.
Ironically it was when the stock android upgrade on my pixel 7 completely bricked my phone (due to the multiple user profiles bug) that I decided to jump in to Graphene head first.
Compared to my experience running random ROMs on Samsungs back in the era of galaxy note 1 to 4, Graphene installer was so easy!
OpenBoard is no longer maintained. Heliboard is a good alternative.
Thanks for the heads-up!
As someone who has a profile only for Whatsapp (used to also be Instagram), a profile for banking & finances, a profile for some stuff that needs play services, and a profile for most other stuff (main profile)…don’t use profiles unless you’re only creating one more at the most, and you’re absolutely certain there’s no need to share information between the profiles.
Graphene has had a long-standing bug from upstream AOSP, if I recall correctly, where it’ll always ask for your pin when changing profiles, and only sometimes will it allow you to use your fingerprint or alternative methods to get into your profiles. I almost never get the fingerprint option for my main profile, and have to tap back from the pin input on other profiles to get the option to use fingerprint, and not always. They do sometimes push something that loosely resembles a fix, but it’ll go back to not working after another update.
Regarding communicating between profiles, that’s hard to pull off. The curveball of having to send screenshots from banking apps, say, confirming transactions, it’s made a lot worse with profiles. I’m currently relying on my nextcloud instance to upload screenshots from finances, then downloading those screenshots from nextcloud into my WhatsApp profile, just to send a proof of transfer to someone. I’m definitely not keeping my phone like this for much longer.
All else considered, however, I’m not going back to a ROM that doesn’t respect me as the owner of my device. I’m happy to have switched to graphene and I am here to stay.
Thank you for sharing this. Honestly, right now, I simply don’t feel a need to use profiles for my apps. I understand some people claim I probably should considering I use both FOSS and Google apps, but I’m just getting started with this whole privacy thing and I don’t feel like rushing. Using only one profile probably isn’t the absolute worst thing you could do, eh?
I use Gboard with network permissions toggled off
Unfortunately it is very crippling to completely avoid Google on Android.
Tbh if you don’t do mobile gaming, I think this is entirely doable. I say this as someone who uses Aurora Store for about 3 or 4 odd apps. I could live without them on my phone, but I just choose not to for the convenience of having a mobile client for some proprietary services I use. And I don’t have Google Play services at all.
Openboard updated for me recently. When did they stop maintaining it?
https://github.com/openboard-team/openboard
Last commit is two years ago. I’d recommend checking what you have installed. A quick search on GPlay finds what appears to be a clone that may or may not leak user data.
version 1.4.5
org.dslul.openboard.inputmethod.latin versionCode 19
targetSdk 31 minSdk 19
Installed: May 8, 2024; 3:17 PM Updated: May 8, 2024; 3:17 PM
Is this an AHH SHIT moment or I’m good? Lol
So I don’t want to tell you to panic but I can’t find anything about “dslul” or their version of openboard. The questions I have are as follows:
- How did you acquire this apk? (F-Droid, play store, obtainium, regular download?)
- Do you have hypatia installed? If not, can you install it and run a device scan to see if there’s any known malicious blobs on your device?
- Please take a look at heliboard. I know its weird to tell people they’re safer going with the most popular options, but legitimately we’re a pack animal. We do better when we look out for each other and this may be a case where it’s best to go to the version of this project that has the most eyes on it
I use heliboard now downloaded today and deleted open board. I acquired openboard from Fdroid. Both times. I’ve never heard of hapatia. I will check it out momentarily.
So I don’t want to tell you to panic but I can’t find anything about “dslul” or their version of openboard.
It’s the app id from F-droid, so I would assume it is legit: https://f-droid.org/packages/org.dslul.openboard.inputmethod.latin/
1.4.5 is the latest—and last—OpenBoard version, released 8/8/22 per app on F-Droid.
Did you fresh install it? Your log makes it look like you just installed it.
Yes I forgot I did. My phone bugged out one day about it. I don’t know why. Whats a good FLOSS alternative?
Heliboard is recently restarted sucessor
Futo is another option, I am not sure if it is Foss Lois rossmann backs it though
I am not sure if it is Foss
It is not, just source-available:
https://gitlab.futo.org/keyboard/latinime/-/blob/master/LICENSE.md
I found a separate profile with google play was too much of a pain in the ass unfortunatly.
I’m using a work profile for Google Play. It was surprisingly easy to setup and there are few guides around. But basically you install Shelter, then clone Apps to the work profile. Open up Apps on the work profile and install google play services normally.
I just keep Play store installed with all permissions disabled, including network, and use Aurora store instead.
What is the main difference between using Play Store and Aurora store (logged in with your Google account)?
Aurora is a foss wrapper with fewer anti-features like ads. You could trust the client more ig if you’re using Aurora. I use F-Droid for most things and then Aurora for like 3 apps I’m not willing to give up and have no foss alternatives. I mostly just use Aurora out of principle for the apps I can’t get from F-Droid, but also I guess out of a lack of trust for Google (which I suppose is related to the principle of not using proprietary software anyway)
Aurora store has a cleaner interface with no ads and can be used without a google account.
I’m more curious about the privacy aspect of using Aurora over Play, especially considering since I will be logged into my G account.
Just dont use your personal g acc (obviously), and its fine.
Excuse my ignorance, but why not use your own G account?
By not using your own g account I meant not using account that is assigned to your identity or account that you use for official things.
Unless you have some purchases on there and you want to use these, but you shouldnt use your own account for that in the first place.
When starting Aurora, you can choose between an anonymous account or your own. You can still use the anonymous option even if you are logged in to other services with google. If you go logged on anyways, I guess Google will not know your every tap with Aurora? I would think logged in, google play store and aurora would be comparable (not private).
Do you know if it’s safe to download banking apps from third party stores (in this case Aurora)?
It does download from google (servers), so it is safe enough
I have heard Aurora is more insecure and you can risk getting your Google account blacklisted or banned using it. Do you have any experience with this or know how common it is?
I recommend you use GrapheneOS as your daily driver. There’s not really any reason not to. I have been for years and never had trouble.