Andromxda
And deal with all the bloatware, all the proprietary nonsense that sends your data to Google who then sell it to like a million other companies and give it to the government whenever they ask for it
Any reasons for that?
which kind of kills half the point of using GrapheneOS in the first place
Absolutely not. Google Play services are much less invasive on GrapheneOS compared to other ROMs or the stock OS, since they run in the normal Android app sandbox, just like any other app you install. You can control all permissions, and uninstall them at any time. They do not get any special privileges, as it would be the case when running stock Android. You can also confine Play services in a separate user profile or in a work profile through an app like Shelter (user profiles offer better isolation).
If you’re not (e.g. you install via Aurora), then it’s incredibly unlikely your bank will work.
As I said, it highly depends on your specific bank. My bank in Germany works totally fine on GrapheneOS without Play Services. YMMV. That's why I linked to that list.
I wouldn't give such a general statement. It really depends on your bank. There's a very handy list at https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
I vaguely remember using it like 10 years ago when it got pre-loaded on a Samsung Tablet I bought… fun times…
It seemed to me like a combination of a news app and a social network
It still uses the TPM by default, instead of requireing a passphrase to be typed in on boot to unlock the keys. This still makes it an insecure mess.
https://yewtu.be/watch?v=wTl4vEednkQ
https://github.com/stacksmashing/pico-tpmsniffer
https://github.com/stacksmashing/LPCClocklessAnalyzer
Microsoft NEVER cares about your security. They just do the absolute bare minimum for compliance with stupid standards, and then advertise it as some crazy security improvement. Corporations lie to you all the time. If you want some actual security, you need to start using FOSS software. Most importantly a FOSS, Linux-based OS, and set it up with LUKS passphrase-based encryption.
If you have a Pixel, just put GrapheneOS on it and you won’t ever have to deal with Google’s proprietary bullshit again
What makes you think so? Is there something I completely missed? From my experience in FOSS I'd say 95-98% of software actually works in favor of the user. With proprietary software it might be 5-15% at best. Can you name any examples that prove your claims?
Good for Brazilians I guess