Graphene isn’t the best choice for everything. It doesn’t have good backup solutions nor device to device backup or anything solid for complete snapshots and when restoring your so called backups you’ll realize what all it truly lacks.
It’s hardened and has a lot of security and privacy features but none of that matters if your opsec is bad, or it’s feature set doesn’t match your threat model. I am not knocking it at all. It just isn’t the white knight for every case.
I’m being bugged by Seedvault caring for apps that have a ‘don’t backup app data’ flag.
I could live with that being a default setting, which can be manually overwritten in the Seedvault settings for these apps.
Apps not allowing (in case of Seedvault: encrypted) full backups while offering no or bad built-in backups is just cumbersome when trying to have current backups.
Seedvault works, I’ve restored from backups multiple times.
However there are still many parts of overall data that aren’t fully backed up.
Certain app data doesn’t get saved.
Settings are but not in entirety requiring manual rechecks of all settings and reconfiguration if needed. Which saves no time because then you cannot trust it fully for what was and was not altered meaning you then must asses everything which took away the total value, and adds a layer of distrust.
Profiles must be backed up individually which creates a giant hassle to restore/maintain consistent backups, which also requires different drives for each profile to be recognized correctly.
App lists are impartial requiring a wrote down list or some form of rememberance that’s not reliant on the backup list of installed apps.
I can go on with more its late in my time zone and I have to sleep so. It’s a good project and has merit. It is just not where it should be to really be useful at scale. I am aware of the experimental setting to create a more comprehensive backup. Even with it checked on the backups are not complete. Thus the use of Graphene while a great project has definite major flaws. If they implement device to device backups it would be a game changer. Not high up on their list of to dos though.
Thanks for the info. I have not really tested Seedvault myself so this is all good to know.
Ironically, one of the main reasons I switched to GrapheneOS was because Google’s backups were so frustrating and I was hoping Seedvault would be more comprehensive.
I agree. Seedvault works but if you really use the project and its features as intended you’ll see problems I listed above which is not complete I’m just tired there are plenty more.
You’ll start to see the problems and the lack of value add from graphene. I’d feel much safer on a Linux machine and correct backups, under most threat models and opsecs, even without all the advanced security features than stuck locked into graphene as a half baked project. Which is saying something, and why I said it depends on your opsec and threat model I wasn’t bashing the project it just is not the end all be all right now.
The year of Linux is upon us. Soonish*
Its had more dev time across the board which is why I would choose it first and foremost. What it lacks in certain features its fundamentally more complete. Regardless of distro mostly.
The project has sort of silo’d itself into security which is only one part of the equation. Rather than overall completeness, functionality, maintainability. It’s lacking major fundamental feature sets. Thus its more of a tails meets whonix/Qubes right now not a all in one bow wrapped package to save the day for its consumer base. Many many other issues/bugs I didnt list. Perhaps I’ll add more tomorrow. If everyone wants.
And that’s exactly what it should be IMO. I prefer a project with narrow goals to one that does everything, but poorly.
If I want backups, I can use something like Syncthing. When moving to a new device, I prefer to install everything from scratch because I generally don’t use most of the apps I have anyway. I don’t put anything critical on it, so why would I need to restore from a snapshot?
If you want those features, it’s not the ROM for you.
I just want a simple device with a long support cycle and no spyware, and GrapheneOS delivers. I have Google Play Services on a sperate profile, and my main profile is completely free of that crap. I want a Linux phone, but every phone has serious limitations, like missing audio, sketchy calls, or completely broken camera. GrapheneOS is the closest experience I have to that.
Graphene isn’t the best choice for everything. It doesn’t have good backup solutions nor device to device backup or anything solid for complete snapshots and when restoring your so called backups you’ll realize what all it truly lacks.
It’s hardened and has a lot of security and privacy features but none of that matters if your opsec is bad, or it’s feature set doesn’t match your threat model. I am not knocking it at all. It just isn’t the white knight for every case.
What’s wrong with Seedvault?
I’m being bugged by Seedvault caring for apps that have a ‘don’t backup app data’ flag.
I could live with that being a default setting, which can be manually overwritten in the Seedvault settings for these apps.
Apps not allowing (in case of Seedvault: encrypted) full backups while offering no or bad built-in backups is just cumbersome when trying to have current backups.
Seedvault works, I’ve restored from backups multiple times.
However there are still many parts of overall data that aren’t fully backed up.
Certain app data doesn’t get saved.
Settings are but not in entirety requiring manual rechecks of all settings and reconfiguration if needed. Which saves no time because then you cannot trust it fully for what was and was not altered meaning you then must asses everything which took away the total value, and adds a layer of distrust.
Profiles must be backed up individually which creates a giant hassle to restore/maintain consistent backups, which also requires different drives for each profile to be recognized correctly.
App lists are impartial requiring a wrote down list or some form of rememberance that’s not reliant on the backup list of installed apps.
I can go on with more its late in my time zone and I have to sleep so. It’s a good project and has merit. It is just not where it should be to really be useful at scale. I am aware of the experimental setting to create a more comprehensive backup. Even with it checked on the backups are not complete. Thus the use of Graphene while a great project has definite major flaws. If they implement device to device backups it would be a game changer. Not high up on their list of to dos though.
Thanks for the info. I have not really tested Seedvault myself so this is all good to know.
Ironically, one of the main reasons I switched to GrapheneOS was because Google’s backups were so frustrating and I was hoping Seedvault would be more comprehensive.
Seedvault worked fine for me when I moved phones last year.
I agree. Seedvault works but if you really use the project and its features as intended you’ll see problems I listed above which is not complete I’m just tired there are plenty more.
You’ll start to see the problems and the lack of value add from graphene. I’d feel much safer on a Linux machine and correct backups, under most threat models and opsecs, even without all the advanced security features than stuck locked into graphene as a half baked project. Which is saying something, and why I said it depends on your opsec and threat model I wasn’t bashing the project it just is not the end all be all right now.
The year of Linux is upon us. Soonish*
Its had more dev time across the board which is why I would choose it first and foremost. What it lacks in certain features its fundamentally more complete. Regardless of distro mostly.
Agreed.
That said, it would be awesome to have an alternative to Pixel devices if you do want GrapheneOS.
The project has sort of silo’d itself into security which is only one part of the equation. Rather than overall completeness, functionality, maintainability. It’s lacking major fundamental feature sets. Thus its more of a tails meets whonix/Qubes right now not a all in one bow wrapped package to save the day for its consumer base. Many many other issues/bugs I didnt list. Perhaps I’ll add more tomorrow. If everyone wants.
And that’s exactly what it should be IMO. I prefer a project with narrow goals to one that does everything, but poorly.
If I want backups, I can use something like Syncthing. When moving to a new device, I prefer to install everything from scratch because I generally don’t use most of the apps I have anyway. I don’t put anything critical on it, so why would I need to restore from a snapshot?
If you want those features, it’s not the ROM for you.
I just want a simple device with a long support cycle and no spyware, and GrapheneOS delivers. I have Google Play Services on a sperate profile, and my main profile is completely free of that crap. I want a Linux phone, but every phone has serious limitations, like missing audio, sketchy calls, or completely broken camera. GrapheneOS is the closest experience I have to that.