Graphene isn’t the best choice for everything. It doesn’t have good backup solutions nor device to device backup or anything solid for complete snapshots and when restoring your so called backups you’ll realize what all it truly lacks.
It’s hardened and has a lot of security and privacy features but none of that matters if your opsec is bad, or it’s feature set doesn’t match your threat model. I am not knocking it at all. It just isn’t the white knight for every case.
I agree. Seedvault works but if you really use the project and its features as intended you’ll see problems I listed above which is not complete I’m just tired there are plenty more.
You’ll start to see the problems and the lack of value add from graphene. I’d feel much safer on a Linux machine and correct backups, under most threat models and opsecs, even without all the advanced security features than stuck locked into graphene as a half baked project. Which is saying something, and why I said it depends on your opsec and threat model I wasn’t bashing the project it just is not the end all be all right now.
The year of Linux is upon us. Soonish*
Its had more dev time across the board which is why I would choose it first and foremost. What it lacks in certain features its fundamentally more complete. Regardless of distro mostly.
Seedvault works, I’ve restored from backups multiple times.
However there are still many parts of overall data that aren’t fully backed up.
Certain app data doesn’t get saved.
Settings are but not in entirety requiring manual rechecks of all settings and reconfiguration if needed. Which saves no time because then you cannot trust it fully for what was and was not altered meaning you then must asses everything which took away the total value, and adds a layer of distrust.
Profiles must be backed up individually which creates a giant hassle to restore/maintain consistent backups, which also requires different drives for each profile to be recognized correctly.
App lists are impartial requiring a wrote down list or some form of rememberance that’s not reliant on the backup list of installed apps.
I can go on with more its late in my time zone and I have to sleep so. It’s a good project and has merit. It is just not where it should be to really be useful at scale. I am aware of the experimental setting to create a more comprehensive backup. Even with it checked on the backups are not complete. Thus the use of Graphene while a great project has definite major flaws. If they implement device to device backups it would be a game changer. Not high up on their list of to dos though.
Thanks for the info. I have not really tested Seedvault myself so this is all good to know.
Ironically, one of the main reasons I switched to GrapheneOS was because Google’s backups were so frustrating and I was hoping Seedvault would be more comprehensive.
The project has sort of silo’d itself into security which is only one part of the equation. Rather than overall completeness, functionality, maintainability. It’s lacking major fundamental feature sets. Thus its more of a tails meets whonix/Qubes right now not a all in one bow wrapped package to save the day for its consumer base. Many many other issues/bugs I didnt list. Perhaps I’ll add more tomorrow. If everyone wants.
And that’s exactly what it should be IMO. I prefer a project with narrow goals to one that does everything, but poorly.
If I want backups, I can use something like Syncthing. When moving to a new device, I prefer to install everything from scratch because I generally don’t use most of the apps I have anyway. I don’t put anything critical on it, so why would I need to restore from a snapshot?
If you want those features, it’s not the ROM for you.
I just want a simple device with a long support cycle and no spyware, and GrapheneOS delivers. I have Google Play Services on a sperate profile, and my main profile is completely free of that crap. I want a Linux phone, but every phone has serious limitations, like missing audio, sketchy calls, or completely broken camera. GrapheneOS is the closest experience I have to that.
The biggest downside of Fairphone IMO is that they don’t maintain their hardware support in LineageOS and for the retail product then branch development off, add a bit of custom branding and adapt whatever Google requires these days. It would greatly improve custom ROM support in general.
Shame there is no Graphene OS support for it
Graphene isn’t the best choice for everything. It doesn’t have good backup solutions nor device to device backup or anything solid for complete snapshots and when restoring your so called backups you’ll realize what all it truly lacks.
It’s hardened and has a lot of security and privacy features but none of that matters if your opsec is bad, or it’s feature set doesn’t match your threat model. I am not knocking it at all. It just isn’t the white knight for every case.
Seedvault worked fine for me when I moved phones last year.
I agree. Seedvault works but if you really use the project and its features as intended you’ll see problems I listed above which is not complete I’m just tired there are plenty more.
You’ll start to see the problems and the lack of value add from graphene. I’d feel much safer on a Linux machine and correct backups, under most threat models and opsecs, even without all the advanced security features than stuck locked into graphene as a half baked project. Which is saying something, and why I said it depends on your opsec and threat model I wasn’t bashing the project it just is not the end all be all right now.
The year of Linux is upon us. Soonish*
Its had more dev time across the board which is why I would choose it first and foremost. What it lacks in certain features its fundamentally more complete. Regardless of distro mostly.
What’s wrong with Seedvault?
Seedvault works, I’ve restored from backups multiple times.
However there are still many parts of overall data that aren’t fully backed up.
Certain app data doesn’t get saved.
Settings are but not in entirety requiring manual rechecks of all settings and reconfiguration if needed. Which saves no time because then you cannot trust it fully for what was and was not altered meaning you then must asses everything which took away the total value, and adds a layer of distrust.
Profiles must be backed up individually which creates a giant hassle to restore/maintain consistent backups, which also requires different drives for each profile to be recognized correctly.
App lists are impartial requiring a wrote down list or some form of rememberance that’s not reliant on the backup list of installed apps.
I can go on with more its late in my time zone and I have to sleep so. It’s a good project and has merit. It is just not where it should be to really be useful at scale. I am aware of the experimental setting to create a more comprehensive backup. Even with it checked on the backups are not complete. Thus the use of Graphene while a great project has definite major flaws. If they implement device to device backups it would be a game changer. Not high up on their list of to dos though.
Thanks for the info. I have not really tested Seedvault myself so this is all good to know.
Ironically, one of the main reasons I switched to GrapheneOS was because Google’s backups were so frustrating and I was hoping Seedvault would be more comprehensive.
Agreed.
That said, it would be awesome to have an alternative to Pixel devices if you do want GrapheneOS.
The project has sort of silo’d itself into security which is only one part of the equation. Rather than overall completeness, functionality, maintainability. It’s lacking major fundamental feature sets. Thus its more of a tails meets whonix/Qubes right now not a all in one bow wrapped package to save the day for its consumer base. Many many other issues/bugs I didnt list. Perhaps I’ll add more tomorrow. If everyone wants.
And that’s exactly what it should be IMO. I prefer a project with narrow goals to one that does everything, but poorly.
If I want backups, I can use something like Syncthing. When moving to a new device, I prefer to install everything from scratch because I generally don’t use most of the apps I have anyway. I don’t put anything critical on it, so why would I need to restore from a snapshot?
If you want those features, it’s not the ROM for you.
I just want a simple device with a long support cycle and no spyware, and GrapheneOS delivers. I have Google Play Services on a sperate profile, and my main profile is completely free of that crap. I want a Linux phone, but every phone has serious limitations, like missing audio, sketchy calls, or completely broken camera. GrapheneOS is the closest experience I have to that.
The biggest downside of Fairphone IMO is that they don’t maintain their hardware support in LineageOS and for the retail product then branch development off, add a bit of custom branding and adapt whatever Google requires these days. It would greatly improve custom ROM support in general.
Was thinking the same thing. Not Graphenes fault though but a failing of OEMs to provide what’s necessary.
And it doesn’t support US bands for TMobile
You could always go for /e/os though
/e/os is a security dumpster fire. It’s even worse than stock Android. Stay away from it.
Can you explain?
Every other version of Android gets security updates out within a couple weeks of release at most.
/e/OS users are lucky if they get them within a couple months.
Thanks for the answer. How does it compare against other Android forks in terms of security update speed?
Also, isn’t Fairphone once also criticised for falling behind on Android security updates or was I misremembering this?
It’s literally the worst.
Also correct, though I am not particularly familiar with Fairphone. Seems like they are down to bimonthly updates, if that.