GrapheneOS (CopperheadOS successor)

AbstractConcept · November 23, 2019, 3:53pm

GrapheneOS (previously named the Android Hardening Project) is an Android fork made by the lead developer of CopperheadOS, after he left/was-removed-from the company backing it; as such, I think it is fair/reasonable to call GrapheneOS the successor of CopperheadOS.

Project explained

GrapheneOS claims to be heavily security focused, with patches to its libc, and work on what appears to be remotely verifiable boot. The long term plan sounds very much like a Qubes-style security model, based on Xen, though with the eventual goal of replacing Linux years later with a compatibility layer (the dev here mentions gVisor) running on top of a microkernel.

Regardless of those future aspirations, the main dev’s focus on security has me quite interested. There are currently only builds for the Google Pixel 2, 3, and 3a phones, which while disappointing from the perspective of wanting to re-purpose existing hardware, is somewhat reassuring. “Do it right, or not at all” is the correct approach for a security-focused project, especially one with limited manpower at this time.

Disclaimer and Enthusiasm Reasoning

I should be absolutely clear that I have not looked through the source/patches myself at this time, as I would not know even where to begin; so my enthusiasm here is mainly informed by reading about the project and the main developer’s comments and decisions. I find myself continually thinking, “that makes sense” or at least, “I can understand that decision”.

In the GrapheneOS subreddit, I found a rather fair assessment from the main dev about how he sees a comparison between GrapheneOS, iOS, and the Android ecosystem as a whole:

Lack of Videos/Reviews

You may notice that there is very little in the way of anecdotes/reviews/videos about GrapheneOS, and this appears to be intentional. The main developer has asked the contributors/users/community to avoid making videos of it until (as I understand) the project catches back up to where CopperheadOS was before the quasi-fork.

In fact, the dev became a bit snarky after someone made a video review recently. I can understand the irritation with a new user using the username “GrapheneCommunity” as it can be seen as one person trying to speak on behalf of the entire group without their consultation, but he appears to threaten to not provide builds because of the existence of the video itself, which seems more than a little petulant:

The releases are made available with the understanding that they are a preview of an OS hardening project in an early state. They’ll stop being available for the time being if people treat it as something finished and miss the point behind it. If I need to hold off on public releases until it’s further along, I can do that.

Not providing builds is perfectly understandable, but presenting it as a tool to prevent other people from making videos/reviews seems wrong. Though maybe he was just having a bad day.

Discussion Topic

Does anyone have an experience with Graphene OS, or thoughts about it?

anon46267848 · November 23, 2019, 7:33pm

No thoughts on this particular fork, but Android possibly running on a generic Linux kernel might make things easier for projects like this.

regulareel · November 23, 2019, 8:33pm

The devs risks losing adoption of their software (the whole point of developing a free and open source OS in the first place) if he remains a bit immature about it. Also I don’t think the dev has a firm grasp of how the internet works if the dev is somewhat against internet “reviews”.

AbstractConcept · November 27, 2019, 3:35pm

Adoption is not much of a concern right now though, and the community has consciously decided to try to fly under the public radar for the time being. Right now it sounds like they are mainly looking for developers; developers interested in, and willing to help with the project, are probably not dissuaded by the mere absence of a video.

I can completely understand that intent, to avoid bad “first impressions” or comments of “this is just AOSP; lame!”, but I think it is somewhat unreasonable to expect everyone on the internet to follow your no-video policy.

regulareel · November 27, 2019, 9:27pm

This is a good way to languish and not get any awareness. There is a reason why people spend insane amounts on money on marketing. It gets finances flowing and it gets developers to come over your platform.

How will people perceive your project as interesting or worthwhile if they even lack basic awareness.

AbstractConcept · December 3, 2019, 3:41pm

Awareness and financing are not really relevant here. As I understand, the main dev is primarily working alone, and has recently been burned by the “finances” route when he worked on CopperheadOS.

However, driving developers to the project, while important later, is probably a hindrance right now as Daniel Micay is effectively trying to play catch-up with his work at Copperhead Limited; see Brook’s Law.

AbstractConcept · January 17, 2020, 8:28pm

There is now a thread here about @PhaseLockedLoop experimenting with GrapheneOS:

The self-bettering de-google experience (GrapheneOS) Community Blog

Ever wanted to degoogle and not have it be too much of a pain in the behind? Ever wonder what your loosing by spending too much time on social media? Digital health is important. I think one of the partial solutions to digital health is to degoogle. Let’s examine this but first a link to the rest of community posts on it GEK (no longer with us) Old Snake (historical post) Long off topic discussion of it Wendell Heimdallr Im sure there is more. so without further ado my mobile device is a Google Pixel 3XL. I would say to degoogle you have a ton more choice than you used to. You have OnePlus (great choice for flagships), pinephone (search the forum for content), nexus (older devices but solid ask @Adubs about his nexus 6P), and of course the Pixel line up. The best pixel phone for this operation are the Pixel 3 XL and the Pixel 3a XL. I plan on keeping the 3 XL until 5G is mainstream and they are getting ready to beta test 6G. The way I have done this is I have gotten an armor case and a 5 pack of oleophobic thick tempered glass screen protectors and a camera lens protector. I purchased a wireless charger and wireless IEMs so to minimize the use of my phones port. This phone will remain pristine so long as I have it. (Before the stop being poor comments come. Its not because I cant afford its because I have no need for more.) Untill I can no longer access 4G speeds (which suffice) or can no longer update and exploit mitigate android, there is no need for excess. Its a gorgeous phone with a beautiful camera. It has excellent specs and its the 128 GB version. I will never use that much storage ever. So whats it like to use the botnet (Google). I loved it. I have zero shame admitting the convenience of those features however I have realized their impracticality and I dont really want them spying on me for security and privacy reasons. I want people to know what I tell them and not much more. This isnt to avoid cell tower based tracking as one can neve…

Anyone interested in this thread might want to take a look over there.