I recently acquired a pixel phone and set up gos. Prior to trying gos I was using an iPhone hardened as much as possible based off of recommendations and guides from respected OSINT experts.
It’s only been a week but I’ve found gos extremely frustrating and mostly useless except for web browsing.
I can’t seem to get my Yubikey to work so my 2FA is borked. Works fine on my iPhone.
I’ve previously managed to degoogle my life but now certain apps require me to use sandboxed google apps just to run.
I’m facing the nearly insurmountable task of convincing my friends, family, and colleagues to download and use signal when they are all using encrypted iMessage.
Most of my banking apps just simply do not work. Mobile banking is unfortunately something important that I need in my occupation. A part of the appeal of gos was being able to have an isolated dedicated profile for banking.
There’s also a few features that I’m assuming are iPhone exclusive that it really sucks to have without. Double tapping the bottom of the screen to shift everything down so you can reach the top of the screen with your finger when using one hand. Holding down on the space bar to move the text cursor between characters. Maybe these exist on gos though?
I understand most of the issues lay on the shoulders of the app developers. I’m grateful for the devs for creating and working on this project. I’m not bashing anyone here. I’m simply asking for some guidance on how I can break through the hurdles and make this work for me, from the mouth of those who were once in my position.
Hello! I'm sorry to hear you are experiencing issues switching to GrapheneOS. I understand that can be frustrating, especially with how much of a privacy boost it is compared to iOS. I have used iOS my entire life, so I know it inside and out. When I heard about GrapheneOS over a year ago, I decided that I also wanted to switch. I spent multiple months learning everything I could about GrapheneOS and Android, just to give myself an idea of if I might like it. I even bought a $30 test Android phone to get familiarity with Android.
The thing is, I never expected it to be a one-to-one with iOS, and I expected issues to happen. I learned about potential issues and looked for solutions or forums where I can ask about such problems. I also spent that time (very) slowly convincing my friends to use Signal, but some still use iMessage. It's not an easy switch from iOS! With that said, I have a few things that may help you.
-
Don't worry! Switching from iOS to any Android is difficult, and will take more than a week. You have to have the mindset of really making it work and making sacrifices. The thing is, even if it doesn't work, its ok to switch to iOS. Make a threat model. If iOS is what you're comfortable with, that's ok! We don't all have to use GrapheneOS
-
Prepare Make a list of apps you will use once you switch, test out apps on an Android emulator or test phone, and see what works best for you. Not everything has to be open source, and some stuff will require Google. Tinker around and make a map of how you will set things up (apps, profiles, etc.) If you find that there are things you just can't live without, you can either switch back to iOS or have iOS as a secondary phone for those apps.
-
Security keys If your security keys are causing you problems, consider one that acts over USB-C. If that still doesn't work, ask the GrapheneOS community for help at https://discuss.grapheneos.org/ You can still use iOS as a secondary device for logging into the services that you use security keys for.
-
Degoogling Because GrapheneOS has such great sandboxing, using sandboxed Google Play is generally safe. It's still degoogled, but you ensure that any compatibility is met by isolating Google related things. You can even put those apps on a separate profile for further isolation. I know, it's uncomfortable to know something Google related is running in the background, but unfortunately that's the state of things. Some other custom ROMs have their own implementation of Google Play (See here)
-
Contacting others I wasn't able to switch everybody to Signal, and for the ones I couldn't switch you can use a burner phone, MySudo, iOS as a second device, or https://jmp.chat/ to message them. In iOS 18, iPhones will also support RCS, meaning you can contact them with Android without using SMS. Again, this sucks, but you should take care of your own privacy and let them have their own journey.
-
Banking apps Banking apps have been a common issue on GrapheneOS. Without specifics, I can't comment, but I suggest reaching out to their forum at https://discuss.grapheneos.org/ for help. If that doesn't work, use iOS as a second device for banking.
-
iOS-specific features Android is not a one-to-one comparison to iOS, but what it makes up for is that any features you want can be quickly added by anyone. However, because the aim of GrapheneOS is a little different, it might be a while before user experience features are added. As for the keyboard, you can replace the default keyboard with ones that suit your needs. HeliBoard is a good one, although I don't know if it has the specific feature you described. These features may be a sacrifice you have to take, unfortunately.
Again, if GrapheneOS simply doesn't work out for you you can always switch back to iOS. Good luck!
Most helpful comment. Thank you. I’m heavily considering carrying two phones. My biggest hurdle is the Yubikey at this point because it locks me out of my password manager and most of my more important apps.
You mention using the usb-c connection. I tried that but it doesn’t seem to register. I guess I just need to research some more.
Thanks for giving me some hope!
If you want, you can port your Bitwarden passwords over to a different password manager such as KeePassDX, which also supports security keys. I'm not sure if this is a solution you want, but it might work!
-
I'm ngl this is surprising to me, as GOS has always just worked out of the box the way I wanted it to for me.
But:
I’m facing the nearly insurmountable task of convincing my friends, family, and colleagues to download and use signal when they are all using encrypted iMessage.
Anyone who uses Android will experience this. I've never owned an iOS device in my life and I've always used SMS and Signal to talk to people. Have occasionally downloaded WhatsApp when a group of people insists on using it and I need to communicate with those people, but usually WhatsApp is uninstalled when I don't need it. I think most Android users just use WhatsApp though.
Most of my banking apps just simply do not work.
Even with sandboxed Google Play? Again, surprising to me tbh. All the banking apps I've used in the past have worked fine on GOS without any Google Play services, though I don't have any mobile banking apps installed atm. I second the other commenter who suggested switching banks if that's possible for you.
There’s also a few features that I’m assuming are iPhone exclusive that it really sucks to have without. Double tapping the bottom of the screen to shift everything down so you can reach the top of the screen with your finger when using one hand. Holding down on the space bar to move the text cursor between characters. Maybe these exist on gos though?
I'm sure you're not the only person who's switched from iOS to an Android-based system and misses these features. A custom launcher might have the former feature, and there must be an Android keyboard that offers the latter. Maybe ask around on more mainstream Android forums, as they'll probably have the most people switching from iOS to Android.
No clue about Yubikey, sorry. Never used it.
If you want to use an iPhone, you can. You don't have to use GOS. I understand if you've invested heavily in the Apple ecosystem, it's just inconvenient to stop using it all of a sudden. Ironically I sort of experienced something similar in reverse when I tried to daily drive Windows for a brief time because of gaming, and I found it so frustrating to not have access to a lot of the programs I used on Linux, and how things worked so differently (and in ways I thought were much worse) on Windows. Not quite the same since there's definitely no such thing as a "Linux ecosystem" in the same sense as an "Apple ecosystem" (good! I don't want to log into my online Linux account to boot my kernel...), but big changes to your tech workflow will be frustrating as you build up a new system that works the way you like from the ground up. I don't think using GOS as a daily driver is a necessity for everyone. I would like to promote people using degoogled, FOSS, privacy-respecting OSes both mobile and desktop, but ultimately, you are an autonomous human being and can use iPhones if you prefer to do so and are fully aware of the privacy issues.
I use grapheneos. My yubikey 5c works fine for me. I can use it via NFC and when plugged in directly. Have you tried looking at the GOS forums for support?
With your banking apps try enabling the compatibility support mode in app settings. GOS adds additional security to apps which break some of the things bank apps use
Double tapping the bottom of the screen to shift everything down so you can reach the top of the screen with your finger when using one hand.
That's built into android including GOS but its not enabled by default. The gesture is a swipe down as opposed to a double tap.
Holding down on the space bar to move the text cursor between characters. Maybe these exist on gos though?
That's present on multiple keyboard options including heliboard, gboard and others.
My experience so far as a new user, which might be a little redundant but here goes:
- Overall, there is a balance to work out between security, decentralization and FOSS, and anonymity.
- for the average user, using sandboxed google play is pretty much essential. Otherwise you'll spend days trying to figure out why you aren't getting notifications, why certain integrations aren't working, etc. Notifications especially are just painful without google FCM. HOWEVER, I do not believe it is mandatory to sign in to your Google account for notifications to work, so you could in theory avoid signing in at all and still take advantage of FCM.
- multiple profiles don't make sense for my use case (and possibly most people). Graphene does advertise the use case of having banking apps on a separate profile, but after attempting to do just that I believe it is a very niche use case that would actually benefit from it. Obviously a great tool to have for privacy and security, but not something you'll went to use everyday.
- For the move away from Imessage, it is indeed kinda painful and still ongoing. The simple fact is that people are super weird about switching from I message, and honestly going straight to Signal was a no-go for many of my contacts. I've had to settle for WhatsApp, Telegram, and even Discord... I just have had to accept that the transition will take time. I've weighed that privacy issue against the privacy gain of GrapheneOS itself, and the benefits of supporting a 3rd party OS option, and I still believe using Graphene is better overall. And, once people get used to using a 3rd party app vs Imessage, in a couple years the jump to Signal will be no problem at all.
- banking apps are super painful. That being said, here is an opportunity to vote with your wallet... Support apps that don't require invasive system access for "security". For me, the biggest eye opener was that there are NO GENERIC THIRD PARTY TAP TO PAY PROVIDERS IN THE US. It is only Apple Pay, Samsung Pay, or Google Wallet. And, as is pointed out on the Graphene user guide, 3rd party apps are allowed to implement their own NFC payment system, but the extremely vast majority simply choose to use Wallet or Apple Pay. This is obviously rather scary as more and more retailers use these systems, and I've realized I would gladly support and use any alternative at this point. Without Graphene, I would have never even thought about it.
The iMessage issue, use RCS. You can still get messages, reactions, photos and animated gifs. Videos sucks though. Like really bad. Also no Facetime.