GrapheneOS is a new operating system designed to make Android more private. It uses a unique security model that separates user data from the operating system itself. This makes it harder for hackers to access your personal information. ..
Using a modern smartphone comes with some privacy and security concerns. GrapheneOS aims to solve some of those problems. It’s a custom version of Android that puts privacy and security above all else.
Custom ROMs are not as prevalent in the Android world as they used to be, but there are still some solid ones kicking around. GrapheneOS is one such ROM. Let’s look at this privacy and security-focused take on Android.
What Is a Custom ROM?
Before we get started on GrapheneOS, let’s talk briefly about custom ROMs. A “ROM” is essentially just the operating system on your device. “ROM” stands for “read-only memory,” which is where the operating system is stored on your device.
However, GrapheneOS is not technically a ROM. In fact, most custom ROMs are not strictly speaking ROMs. They don’t live primarily in the read-only memory of the device. A more accurate term would simply be “operating system.” The Android community has referred to these projects as ROMs for many years, which is why GrapheneOS and other projects still have the label.
Your Android device comes with an operating system developed by Google, Samsung, or whichever company manufacturers the device. A “Custom ROM” is an operating system that was developed by a third party. In the case of GrapheneOS, it was started by a developer named Daniel Micay. Today, GrapheneOS has a small team of full-time and part-time developers working on the project.
RELATED: 5 Reasons to Install a Custom Android ROM (and Why You Might Not Want To)
Android De-Googled
GrapheneOS bills itself as a “privacy and security-focused mobile OS with Android app compatibility.” That’s a very accurate description.
At the core, GrapheneOS is built on the Android Open Source Project (AOSP). This is the foundation that all Android skins are created on. It’s Android at its most basic. There’s no Google Play Store or any Google apps included.
From there, the GrapheneOS team has focused on building in better privacy and security rather than a bunch of insecure and unnecessary features. The most visible example of this is the aforementioned absence of Google apps.
Google certainly has a plethora of great, useful apps and services, but they come with some pretty big privacy trade-offs. It’s no secret that Google keeps a lot of information about you and tracks your activity. To make matters worse, you essentially have no choice but to use these apps if you have an Android device.
Removing Google from Android immediately makes it more private and secure. For example, it’s very difficult to fully stop Google from tracking your location on Android. Even if you turn off the location permission in the Camera app and Google Photos, a rough location will be attached based on Wi-Fi and other variables.
However, there are some standard Android features you may miss without Google Play Services. Some apps will have issues with location and push notifications. This isn’t as much of an issue if you stick with open-source apps (more on that below).
RELATED: What Are Android Skins?
Privacy & Security Features
Privacy and security is what GrapheneOS is all about, so there’s a lot to talk about here. Right away, you’ll notice this is different than the majority of operating systems. You don’t need an account during the initial set-up process.
After set-up, you’ll notice there’s no default app store or many apps in general. You start with just a basic messaging app, camera app, a special privacy-enhanced Chromium-based browser, and a few other utilities.
Actually using GrapheneOS feels very similar to other Android versions, but there’s a lot going on behind the scenes. GrapheneOS greatly beefs up the security around the Android runtime and apps that run on it.
One example of this is the GrapheneOS app sandbox. Apps that run on GrapheneOS’ version of Android are much more restricted in what they can access from the operating system. You can even fully revoke network access for any app, which is something you can’t do on Android devices with Google Play Services or even iPhones.
A big security advantage of GrapheneOS is software and security updates without needing remote access. The update server only knows the IP address used to connect to it and the version being upgraded from. This makes it considerably more difficult for cyberattacks and malware to get access to your device.
In short, GrapheneOS is like Android with all of the privacy and security features cranked up to 11.
RELATED: What Is the Privacy Dashboard on Android?
Where Do I Get Apps for GrapheneOS?
As mentioned, GrapheneOS doesn’t include any sort of app store by default. Technically, you could install the Google Play Store yourself, but that defeats the purpose of many of the privacy enhancements. Instead, you can use F-Droid.
F-Droid is a free and open-source app “store” for Android devices. All of the apps and games available in F-Droid are also free and open-source. Apps and games that feature ads, tracking, or in-app purchases are clearly labeled in F-Droid.
Like GrapheneOS, you don’t need an account to download anything from F-Droid. Since it’s only free and open-source apps, the selection is much smaller than the Google Play Store. There are over 3,500 apps in F-Droid, while the Play Store boasts over three million.
Of course, GrapheneOS is just like any other Android operating system. You can sideload apps and games from places like APKMirror.
RELATED: How to Sideload Apps on Android
What Phones Can Install GrapheneOS?
We’ve talked about how the Play Store and Google apps are privacy problems. Oddly enough, Google’s own Pixel smartphones have the most secure hardware features. That’s why GrapheneOS only officially supports Pixel devices.
At the time of writing in March 2022, the Pixel 6 Pro and Pixel 6 are the best phones for GrapheneOS. You’ll get five years of security updates. The other officially supported Pixel devices are listed below (device codenames in parenthesis).
Pixel 6 Pro (raven) Pixel 6 (oriole) Pixel 5a (barbet) Pixel 5 (redfin) Pixel 4a (5G) (bramble) Pixel 4a (sunfish) Pixel 4 XL (coral) Pixel 4 (flame) Pixel 3a XL (bonito) Pixel 3a (sargo)
The majority of Android devices are capable of running GrapheneOS on a technical level. However, that would rely on other developers creating custom builds for those devices. Your best bet if you want to run GrapheneOS is to use a Pixel.
That’s all there is to GrapheneOS. It’s a stripped-down version of Android without all the privacy and security trade-offs that come with most modern smartphones. You are certainly sacrificing some convenience, but the benefit is more control over your data and information. For some people, that’s a worthwhile endeavor.