In the age of creeping surveillance, busybody governments and corporations, and wealth-carrying crypto wallets, it pays heed to take an extra step to fortify your smartphone. While the 'smart' part makes it more flexible and usable, it also makes it more vulnerable.
The lowest common denominator of your smartphone is the stock ROM, the firmware that manufacturers developed under Google's Android guidelines. Unfortunately, besides allowing your phone to install new apps, stock firmware also comes with bloatware and poor security settings by default.
As a custom ROM focused on privacy and resistance to hacking, GrapheneOS represents a viable alternative to the default gruel.
What Makes GrapheneOS Stand Out From Other Custom ROMs
Hailed as one of the top-notch custom ROMs on the market, GrapheneOS became so under heavy pressure. Daniel Micay started the project in 2014 as a way to fortify Android's security toolset. To help with the project, a Canadian firm Copperhead made an agreement with Micay, leading to CopperheadOS.
Unfortunately, Copperhead broke one of the terms of the agreement relating to Micay's independent role, eventually leading to a hostile takeover attempt in 2018. After many legal troubles, the project continued as AndroidHardening and ultimately made a full circle in March 2019 by regaining its original GrapheneOS name.
Because of this perseverance and insistence on keeping GrapheneOS independent and open-source, both Micay and the custom ROM have justifiably earned the reputation one would expect from a firmware that cherishes transparency and privacy. Such a legacy continues to this day, as GrapheneOS is entirely funded by community donations.
How Secure Is GrapheneOS?
GraphneOS is known for its security features. The ROM builds this in several ways:
- It has its own hardened memory allocator (Malloc), preventing memory corruption while removing sensitive data from transient memory.
- Freely available metadata in a stock ROM is segregated into a separate memory region without having addressable space between the regions.
- Hardened filesystem to prevent unauthorized access alongside full-disk encryption.
- Disabled optional features by default (NFC, Bluetooth), so there are fewer opportunities for proximity-based attacks.
- Clear microphone/camera usage indicator alongside location UX (user experience).
- PIN scrambling.
- Permission toggle for all sensors on your smartphone, from camera and GPS to accelerometer, as well as communication chips on a hardware level.
- Removal of all Google spyware, either in the form of services or apps.
GrapheneOS has taken dozens of other security measures to make your smartphone into a military-grade mobile fortress. At the same time, it includes only essential apps which speed up your phone's performance.
One of the more popular open-source apps that come bundled with GrapheneOS is GrapheneOS Camera, replacing the stock AOSP one. It is built on Android's CameraX extensive library, with all the functionality one should expect: QR scanning, photo and video recording with a few intuitive swipes and taps. Moreover, the GrapheneOS Camera app is packed with features that are commonly reserved for paid apps.
In the same vein, GrapheneOS uses a hardened PDF viewer, delivering content into a sandboxed WebView, isolating it from other files. When it comes to updating GrapheneOS, it uses authenticated encryption of all services, and none of them are proprietary. After ten days, all logs are purged, and the logging requirement is kept at a minimum, which is in stark contrast with modern operating systems like Windows 10/11.
Altogether, the thriving GrapheneOS open-source community is always looking to improve, add and patch up missed privacy and security holes. Such a development model instills confidence as opposed to a corporate one in which you never know whether a back door has been left open and for what purpose.
Pegasus Makes It Clear Why GrapheneOS Is Necessary
As you may have heard, Israel developed a Pegasus spyware system, under NSO Group, that is capable of running stealthily on both iOS and Android phones. It had affected at least 50,000 individuals, from journalists and government officials to human rights activists. Apple had already filed a lawsuitagainst the NSO Group in November, while the U.S. government officially banned it.
However, the repercussions are more important than the Pegasus scandal. NSO Group is not a company per se. Rather, it is a manifestation of fusion between the government and Big Tech, as a so-called state-sponsored spyware. Moreover, after finding itself in financial troubles, one should not be surprised when the spyware is employed by the U.S. government itself under a different corporate brand.
The lesson is plain for all to see. If there is a technology to invade people's privacy, it will be deployed to do so, regardless of any existing legal frameworks. Getting caught and publicly admonished simply represents a short delay. Moreover, if there is a back door left open for one purpose, it will be used by a different party for another purpose.
Because Pegasus and Pegasus-like spyware rely on a wide range of exploits, from back doors to memory corruption bugs, GrapheneOS is suited to tackle these attacks head-on. Its customizability alone can prevent attacks. For instance, if GrapheneOS 4G only mode is enabled, vulnerabilities in 2G, 3G, and 5G are halted in their track. Likewise, even if an attacker has gained the ability to execute code on your smartphone, exploitation-hardened GrapheneOS contains it to single components, such as GPU or radio.
What About Custom Smartphones Like Librem or ClearPhone?
The demand for privacy/security has become so urgent that many commercial solutions have stepped up their offering. Case in point, ClearOS/ClearPhone was funded by Kickstarter in 2019 to deliver an Android 10-based phone with proprietary firmware and apps.
Likewise, Librem 5 and Pinephone emerge as ready-to-go packages for privacy-oriented consumers. However, the problem with these solutions is that they rely on commercial funding models. Meaning, they are not open-source in either hardware or software departments.
Who is to say that governments haven't already contacted them to integrate a backdoor, which is then rife for exploitation by third parties, just as it happened with Pegasus spyware? In contrast, the open-source model lowers the barrier to entry so that all developers can audit each other.
Moreover, while the Librem 5 smartphone is based on a Linux PureOS, which is itself open-source, the phone is manufactured by Purism with the company's own take on what should be included and excluded. Additionally, the build of the phone leaves much to be desired, from substandard battery life, slow Wi-Fi to a laggy screen befitting prior generations of smartphones.
In contrast, GrapheneOS is built on open tested and highly rated hardware — the Pixel series.
GrapheneOS Smartphone Support
When the first-gen Pixel phone was released in late 2016, it had received favorable reviews across the board. The same is true for subsequent releases, all the way up to the latest Pixel 6 Pro. Although created by Google, it became the preferred platform for the GrapheneOS privacy-focused community.
Presently, GrapheneOS supports the following Pixel models:
- Pixel 5a (barbet)
- Pixel 5 (redfin)
- Pixel 4a (5G) (bramble)
- Pixel 4a (sunfish)
- Pixel 4 XL (coral)
- Pixel 4 (flame)
- Pixel 3a XL (bonito)
- Pixel 3a (sargo)
The full support for Pixel 6 and 6 Pro is on the way, still lacking GrapheneOS kernel hardening and other key features present in older models. In the upcoming roadmap for Pixel support, specifically for the GrapheneOS Camera app, is the upgraded HDR+ mode that relies on CameraX extensions, as well as Portrait mode and other fancier features.
You may be wondering why would GrapheneOS select a Google platform — Pixel — for a degoogled experience?
This may seem superficially suspect, but not when you consider that Google’s reputation is on the line within an easily auditable open-source ecosystem, the Android Open Source Project (AOSP). After reviewing the hardware options available, Daniel Micay came to the conclusion that Pixel, as a continuation of the Nexus series, provides the best combo of hardware and firmware security.
In contrast, the so-called freedom phone, Librem 5, entirely relies on a proprietary System-on-a-Chip (SoC) and other hardware components. When all is said and done, it is more likely that a ‘freedom phone’ would be akin to ANOM, a novel messenger app developed by the FBI, than an established legacy platform like Google’s AOSP.
Is GrapheneOS Worth It?
Based on current trends, it would be safe to assume that all of your private info is in some way recorded and relayed to third parties. In such a privacy-eroding environment, people often resort to the “nothing to hide” line of reasoning. The problem is, even if that is true and one wholeheartedly trusts the benevolence and honesty of governments, you are still exposed to abuse.
If your privacy is secured, you boost your ability to check the power of the government, as well as prevent criminal elements from leaping into the doors opened by governments. In the end, when the home is unlocked, it inherently introduces a moral hazard, just waiting to be exploited.
For this reason, Pixel and privacy-aligned GrapheneOS have been recommended by Edward Snowden, the first major whistleblower to expose NSA privacy abuses.
If I were configuring a smartphone today, I'd use @DanielMicay's @GrapheneOS as the base operating system. I'd desolder the microphones and keep the radios (cellular, wifi, and bluetooth) turned off when I didn't need them. I would route traffic through the @torproject network.— Edward Snowden (@Snowden) September 21, 2019
In the final analysis, one has to either pay the price in privacy or in convenience. As a custom ROM with countless development hours poured in, GrapheneOS does take some time to get used to. Nonetheless, its across-the-board hardening of browser, memory, and kernel leaves users with a heightened confidence level to go about their business without worrying about potential intrusions.