this post was submitted on 02 Mar 2026
1504 points (99.5% liked)
Technology
82285 readers
4486 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I think most people here don't really understand what's going on here. Graphene OS is an Android mod with some extra security features designed to run on a hardened hardware. The main goal of Graphene OS is to protect users from some very specific attacks like some devices police uses to unlock phones or some targeted hacks by state actors. Unless you're worried you may be targeted by such an attack and have some date you need to protect from them you don't really need Graphene OS. You can run any of the other deGoogles Android mods on any hardware that supports it. You can already buy phones with pre-installed /e/ of iode ROMs. Many other phones support Lineage OS. Also, let's keep in mind that GrapheneOS only supports Pixel because they don't want to allow people to run their OS on hardware they don't think is secure enough. It's their choice not to support other phones.
Also, Google still controls AOSP so this does not solve any of the bigger Android issues. Motorola forking AOSP and providing the resourced needed to keep the development going would be amazing news. This is just one phone maker promising to fulfill the security requirements of Graphene OS. It's basically like Dell offering Ubuntu laptops. Good news but it will not have a big impact on the ecosystem.
Reproducible builds and lack of telemetry, plus hardening against compromise (by any actors) is my personal use case. I only run free/libre infrastructure privately, and hope to move on to open/libre hardware in future.
But how is that significantly more secure than LineageOS? I have read through countless blog posts from GrapheneOS developers and have not yet encountered an explanation that is sufficiently convincing. Outside of additional security hardening, which is definitely a big pro, GrapheneOS doesn't have many things that LineageOS doesn't. LineageOS is fully FOSS and telemetry-free. They introduced the "Trust" control panel for managing all sorts of privacy and security matters. They have PIN scramble.
The only major, obvious security vulnerability lies in the proprietary driver blobs from the device vendors / OEMs. But AFAIK Google Pixels also have those, right? So outside of doubtlessly valuable measures like restricting malicious reprogramming / access through the USB port, in what ways is GrapheneOS actually more secure than LineageOS?
In many ways. This document provides a detailed overview of Graphene's unique features, and is worth a skim even if you're unfamiliar with some of the jargon.
My very reductive summary is that Lineage is primarily focused on reviving and bringing modern features to old devices, whereas Graphene is focused on hardening the security of AOSP as much as possible.
Both are de-Googled. Lineage is good for e-waste prevention, but not security. You will never be able to secure a device that can't receive kernel updates because the OEM abandoned it, and "state actors" are certainly not the only people who can exploit those vulnerabilities.