this post was submitted on 19 Feb 2026
806 points (99.3% liked)

Technology

81534 readers
4451 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
806
Android will become a locked-down platform in 194 days (keepandroidopen.org)
submitted 1 day ago* (last edited 1 day ago) by FirmDistribution@lemmy.world to c/technology@lemmy.world
204 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] FauxLiving@lemmy.world 10 points 17 hours ago (2 children)

It's Android with all of the Google removed where possible and sandboxed where not. You can choose to install the Google Play services and use it like any other Android phone or use it without any Google software.

Some things won't work, namely things like some banking applications and NFC payments, because they require on hardware attestation that Google will not allow Graphene to pass. Essentially everything that isn't banking/payment related works exactly like any other Android phone.

It is just a secure phone (though you can still install Facebook on it if you want) that is designed around mitigating attacks that could violate your privacy and security.

Very easy to install, you just buy a Pixel directly from Google (don't buy from the carriers, they'll be locked). Enable OEM Unlocking in the Developer menu and then plug it into USB and you can install it directly from the Graphene site via WebUSB. It takes about 5-10 minutes, then your phone will reboot (It'll give you a scary looking screen about not running a Google OS that you'll see every time it reboots but it's just informational, it doesn't affect anything and the system will boot into GrapheneOS in a second or two).

The more complete instructions and WebUSB install process:

https://grapheneos.org/install/

[–] asdfasdfasdf@lemmy.world 1 points 3 hours ago (1 children)

Why do banks need a hardware attestation, out of curiosity? I'd assume that banking apps are just clients so all that matters is if they have creds or not.

[–] FauxLiving@lemmy.world 1 points 1 hour ago

The banks don't want their payment systems being accessed by devices that are compromised by malicious actors.

The attestation chain allows for Google to tell the apps 'Yep, this system is running a known safe image that has been crytographically verified using the secure hardware on the device'. The apps will only allow their payment systems to be accessed (like, to send an NFC payment).

If you want technical details: https://developers.home.google.com/matter/primer/attestation

They don't NEED it for NFC payments to work, this is a way of limiting attack vectors on their payment infrastructure (or, cynically, a way for Google to ensure that no competing OS can exist because people would rather give Google all of their privacy so they can pull a phone out of their pocket rather than a credit card.

[–] froh42@lemmy.world 9 points 17 hours ago (2 children)

What really bugs me about it: The first step from "how to ungoogle your phone" is "go, give money to Google" by buying their hardware.

[–] FauxLiving@lemmy.world 9 points 16 hours ago* (last edited 16 hours ago)

It bugs me also.

My thinking is that the part of Google that I think is bad is their advertising and algorithmic recommendation systems which are built on private data that I no longer wish to divulge.

The Pixel is made by a company that used to be called HTC before they were consumed by Alphabet. That company produced good hardware that was smartly designed and innovative. That legacy continues with the device that Google has sells as the Pixel.

There are a few things about the phone that Alphabet has tainted, such as the inability to use NFC payments because hardware running GrapheneOS isn't allowed into their secure hardware attestation chain. Not for any real technical reason, only because it allows Alphabet to disincentivize people away from a competitor by abusing their many monopoly powers.

GrapheneOS takes advantage of the excellently designed HTC hardware to create an operating system that is designed from the ground up to be secure. It then leverages the complete control over your hardware to put Alphabet's other software inside of a little box where it constantly lies to the software in a way that lets your applications work without them actually being able to access everything on your device.

Yes, it is technically an Alphabet product and giving them money can feel distasteful. However, in this case by buying their hardware you can cut off their software, which is the actual thing that is negatively affecting everything.

I'd buy any other phone that fully supported GrapheneOS's requirements for future devices.

Until then, I'm less worried about giving HTC money than I am about having a device that I know is under my control and that works to protect my privacy.

[–] eleitl@lemmy.zip 2 points 15 hours ago

Buy refurbished. GOS support will be coming to a (yet unnamed) OEM.