We tested GrapheneOS, the security-focused operating system without Google services



Talking about ROMs on Android is comparing a very broad scenario. LineageOS, Paranoid Android, Pixel ROM, ports of the most popular customization layers, etc. However, for a long time there has been an Android fork that has been ringing for a long time: GrapheneOS.



Its creators define it as "a mobile operating system focused on privacy and security, compatible with Android applications, developed as a non-profit open source project". Basically is AOSP with extra security measures and without Google services, so we have ventured to test it to see what it offers.






The GrapheneOS interface (UI)



Grapheneos Copy


GrapheneOS is the ultimate expression provide Android with what is just and necessary so much so that, for not having, does not even have wallpaper, beyond a black image. It only has 13 pre-installed applications, most of them just and necessary for the system to work.



  • Settings

  • Records

  • Auditor

  • Calculator

  • Calendar

  • Camera

  • Contacts

  • Gallery

  • Messages

  • PDF reader

  • Watch

  • Telephone

  • Vanadium (seeker)

The basic apps are those built into AOSP. Vanadium is the search engine for GrapheneOS: a privacy-enhanced variant of Chromium and that mainly uses the Android webview. The PDF reader also comes from GrapheneOS, with a sanbox to reinforce security.



GrapheneOS is an AOSP mod with extra security in practically every possible point







Seven tricks to master the Xposed Framework





Regarding Auditor, it is an app that tries to verify that there has been no modification to the device or any manipulation of the operating system. Basically, it is a tool to verify that everything is in order and that there have been no attempts to access it.



As for the rest of the interface, we are before AOSP, without customizations or too many additions in the menus, although there are some interesting points. For example, in the network and internet section, in which GrapheneOS improves network connection checks through different endpoints, although we will talk about the benefits provided by this ROM later.



The bottom line is that using GrapheneOS is to use AOSP, no add-ons, with a simple launcher, without a trace of third-party apps and with the basic apps to work.



You will live without Google services



GrapheneOS


GrapheneOS is focused on privacy, so Google, the web's main data collector, doesn't have much of a place. About living without Google services we have already written, so the server will not be extended. In my personal opinion relying on third-party stores is a hassle, since neither are all the applications (in my case necessary, for professional use without going any further) nor any store is at the level of the Play Store.



As you do not have Google services, it will be necessary to install an alternative store. In my case I have used Aurora Store



During these days of use with GrapheneOS I have opted for the Aurora Store, although occasionally it has given me problems with the server. If you are a fan of privacy, not having Google apps will be a positive point, since it is what is mainly sought with this ROM.



What GrapheneOS wants to contribute



The main purpose of GrapheneOS is offer a more secure ROM. Therefore, the vast majority of its features are not visible to the user, but they are there to protect their security. GrapheneOS has a hardened memory allocator against vulnerabilities, a better sandbox, additional protection measures for accessing system files, blocking connections such as NFC or Bluetooth when the mobile is idle, MAC randomization, encrypted backups , etc.



Every point of the system that could be more secure has been reinforced in GrapheneOS, to make it more difficult for attackers in case they want to access our information. As usual, it will be a large part of our responsibility to control what we install on our device, but the ROM does everything possible to respect the privacy of the user.



GrapheneOS requirements and installation



Tg Image 4061071546


The GrapheneOS requirements as of today are that let's have a Google Pixel. Currently the ROM works for all Pixels from 3, not being open to other devices at the moment. On the website of the ROM we have the instructions for a completely safe installation by verifying each of the files that we install and unzip.



In the case of a server, I have taken the fast track and installed it as I install any other ROM, downloading the file, connecting the mobile to the command console and executing the .bat file of the ROM that executes all the instructions in Terminal. One point in favor of GrapheneOS is that updates by its own OTA channel, so we do not have to wait for new ones to come out build to install them.



Is it worth installing?



If installing a custom ROM is already something "niche", betting on GrapheneOS is an alternative for an even more specific audience. It is a system created by and to reinforce the security of your phone, giving up on the way to Google and the user experience that a Pixel can give.



If you're just concerned with Google, you can always install more customizable alternatives, like LineageOS or Paranoid Android. If security is your top priority, GrapheneOS may be a good choice



In the case of a server, I would bet on alternatives such as LineageOS, which can be installed without Google services and are much more customizable. In case you want the mobile for very basic use and security is your top priority, it can be an alternative to shuffling.