Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I use Graphene OS and I like it a lot, but 1) I have the feeling that, with Android's Decree coming, they are counting their days left to live. Unfortunately they built an amazing OS on very shaky foundations, it's not their fault, it's the mobile OS ecosystem that sucks. And 2) They (or, better, their benevolent dictator) tend to be very silly when it comes to threat modeling, as in "my way is the only one that makes sense". Personally, I prefer to use a browser like Firefox that allows me to block every annoying ads and to customize my experience as I want, rather than a super-secure fully isolated browser like Vanadium that a) does not replace Chrome anyway for many websites that require strong attestations (e.g. Wise's verification works on GOS with Chrome but not with Vanadium), and b) it's still based on Chromium, so still built on shaky Google foundations. With Mozilla's questionable choices over time, I keep my fingers crossed for Ladybird or Servo, or similar.


> they are counting their days left to live

The Graphene team has seemingly partnered with an OEM, who is releasing binary security patches for them already (with source code available after embargo lifts). Hardware does not seem too far away at this point either.


AFAIK they will still be using Android and Chrome.


Of course, but so will large OEMs like Samsung. Google is not going to nuke either project.


They can nuke small OEMs though?


That OEM phone is literally years away.


They've said it's either next year or year after that (2027).


Have a reference? That would be awesome. Would like to bookmark/subscribe


While I don't disagree that Google are going to be targetting GrapheneOS and other OSes, the decree you're referring to only applies to "certified Android devices" - devices which run a Google-vetted version of Android and that come with Google Play pre-installed. OSes like GrapheneOS are not currently affected by this, as any device running it is not a "certified Android device" by definition.

This is not a reason to sit idly back, of course. GrapheneOS is in danger, as you say - it's just not necessarily from this particular decree.


Given that their OS requires a pixel phone and google is not releasing a) updated drivers b) updated source code for the latest release

their days are indeed numbered.

As for not being a certified android device and being unaffected. That is not true. There will be chilling effects that result in much less FOSS app development for Android, and whether or not an OS is certified is irrelevant in that regard.


by "decree" do you mean developer verification, or something else? because verification won't affect them (or any other fork) even slightly


If google is doing something as drastic as intervening in the installation of all apps, they're not likely to sell phones with unlocked bootloaders - the pixels that GrapheneOS currently depends on 100% - much longer.


Don't other vendors still sell unlockable phones? I first encountered Motorola back when they were assholes (pre Google digestion) but I thought their new devices were easily unlockable (if you vs carriers own them). Has that changed? My wife had a Motorola previously (she's went Apple recently and hates it) but Motorola post-Google seemed pretty nice.


a fairly large number can be unlocked, yes. Google's devices have just generally been the most visible because they've always been easy to target, and they have the biggest possible name behind them.

for a lower bound, check a reasonably popular alternate ROM like: https://wiki.lineageos.org/devices/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: