Search results for

All search results
Best daily deals
4K dash cam for just $99 - Check it out before Prime Day ends

Affiliate links on Android Authority may earn us a commission. Learn more.

Cops say criminals use a Google Pixel with GrapheneOS β€” I say that’s freedom

GrapheneOS makes your Pixel so private, you might become chief suspect. But is that such a bad thing?
grapheneos boot animation
Calvin Wankhede / Android Authority

Police in Spain have reportedly started profiling people based on their phones; specifically, and surprisingly, those carrying Google Pixel devices. Law enforcement officials in Catalonia say they associate Pixels with crime because drug traffickers are increasingly turning to these phones. But it’s not Google’s secure Titan M2 chip that has criminals favoring the Pixel β€” instead, it’s GrapheneOS, a privacy-focused alternative to the default Pixel OS.

As someone who has used a Pixel phone with GrapheneOS, I find this assumption a bit unsettling. I have plenty of reasons to use GrapheneOS, and avoiding law enforcement isn’t on the list at all. In fact, I think many Pixel users would benefit from switching to GrapheneOS over the default Android operating system. And no, my reasons don’t have anything to do with criminal activity.

Why I use and recommend GrapheneOS

A privacy-focused operating system may seem more trouble than it’s worth. But when I replaced Google’s Pixel OS with GrapheneOS, I found it to be a transformative experience. For one, the installation was painless, and I didn’t lose any modern software features. Installing aftermarket operating systems used to equal a compromised smartphone experience, but I didn’t find that to be true in the case of GrapheneOS.

Case in point: even though GrapheneOS doesn’t include any Google services, I was surprised to find that you can install the Play Store with relative ease and almost all apps work flawlessly β€” even most banking ones.

This is impressive for any open-source fork of Android, but GrapheneOS goes above and beyond in that it also has some major privacy and security benefits. Primarily, it locks down various parts of Android to reduce the number of attack vectors and enforces stricter sandboxing to ensure that apps remain isolated from each other.

GrapheneOS just works, with almost no feature or usability compromises.

Take Google apps as an example. On almost all Android phones sold outside China, Google has far-reaching and system-level access to everything: your precise location, contacts, app usage, network activity, and a load of other data. You cannot do anything to stop it, whether you’d like to or not. However, you can with GrapheneOS because it treats Google apps like any other piece of unknown software. This means Google apps are forced to run in a sandbox where they have limited access to your data.

GrapheneOS’ sandboxing extends to invasive apps like Google Play Services and the Play Store. You can explicitly disable each and every permission for these apps manually β€” in fact, most permissions are disabled by default. Even better, you can create different user profiles to isolate apps that require lots of permissions. GrapheneOS can forward notifications to the primary user profile, unlike stock Android.

GrapheneOS limits Google's reach into your phone more than any other flavor of Android.

On the subject of app permissions, GrapheneOS builds on that, too. For example, you can stop apps from accessing the internet and reading your device’s sensors β€” stock Android doesn’t expose such granular control. And while Android permissions often take the all-or-nothing approach, GrapheneOS lets you select only the exact contacts, photos, or files that you want visible to an app.

Finally, my favorite GrapheneOS feature is the ability to set a duress PIN. When entered, this secondary PIN will initiate a permanent deletion of all data on the phone, including installed eSIMs. If I’m ever forced to give up my phone’s password, I can take solace in the fact that the attacker will not have access to my data.

If you have nothing to hide…

You might be wondering: if I don’t have anything to hide, why should I bother using GrapheneOS? That’s a fair question, but it misses the point. I don’t use GrapheneOS because I have something to hide β€” I use it to exercise control over the device I own. I find it comforting that Google cannot collect data to nearly the same extent if I use GrapheneOS instead of Pixel OS.

The benefits of using GrapheneOS extend far beyond just hiding from Google, though, and it’s why the project has landed under the scanner of law enforcement. I believe that GrapheneOS catching attention from law enforcement just proves how much it raises the bar on privacy.

GrapheneOS has built a number of app isolation-based safeguards to ensure that your phone cannot be infected remotely. The technical details are longer than I can list, but in essence, the developers stripped out parts of Android’s code that could be exploited by bad actors. Some security improvements have even been suggested and incorporated into AOSP, meaning GrapheneOS’ efforts have made all of our devices a tiny bit more secure.

Does GrapheneOS take privacy and security too far?

the signal app on a smartphone screen
Megan Ellis / Android Authority

GrapheneOS is one of many tools that now face suspicion and political pressure simply for making surveillance harder.

Take the Signal app as another example. The encrypted messaging app has been repeatedly targeted by EU lawmakers in recent years. Specifically, a proposed β€œChat Control” legislation would compel secure messaging platforms to scan all communication β€” including those protected by end-to-end encryption β€” for illegal content such as Child Sexual Assault Material.

Messaging apps in the EU would be required to scan private communications before they’re encrypted, on the user’s device, and report anything that looks suspicious. While encryption itself wouldn’t be banned, Signal’s developers have rightly pointed out that mandatory on-device scanning essentially equals a backdoor. A rogue government could misuse these privileges to spy on dissenting citizens or political opponents, while hackers might be able to steal financial information.

Regulators have long asked privacy apps to compromise on their singular mission: privacy.

There’s a bitter irony here, too, as GrapheneOS recently pointed out in a tweet. The Spanish region of Catalonia was at the center of the massive Pegasus spyware scandal in 2019.

Pegasus, a sophisticated surveillance tool sold exclusively to governments, was reportedly used to hack phones belonging to Members of the European Parliament and eavesdrop on their communications. Yet, police in this very region are now scrutinizing savvy Pixel and GrapheneOS users for hardening their devices against unlawful surveillance and other attack vectors.

Open source developers cannot control what their software is used for, and that’s true for GrapheneOS and Signal. Sure, some criminals will naturally want to take advantage of the privacy and security tools the rest of us use.

One could say the same thing about matchboxes being used for arson and cash being used for money laundering, but no one’s calling on regulators to outlaw either. In fact, law enforcement profiling is frowned upon by most of us. So, if I use GrapheneOS on my Pixel to keep my data away from Big Tech, potential hackers, or even eavesdropping governments, that alone should not put me in the same league as drug dealers. But if it does, so be it.

Google Weekly
Calling all Android users: Stay in the know about your operating system with news from Google.

By signing up, you agree to our Privacy Policy and European users agree to the data transfer policy.

Follow

Conversation

|

All Comments

    1. Comment by 6gcrunch.

      Will the GrapheneOS operate on a Galaxy s20?

      • Comment by Christopher Carr.

        I'm glad it exists for people who actually need it, but the majority of people who use GrapheneOS just have delusions of importance.

        • Comment by dohgee.

          Thank you always learning

          • Comment by ccie6966.

            Entering a pin that deletes all the data right before surrendering a phone, or provided to authorities as a data bomb after surrendering is probably going to be considered destroying evidence. Hope that's better than what's on your phone.

            Better just to do a Pixel lockdown. For the innocent of course.

            • Comment by djscotec.

              Google locked down the source code again in Android 16 on pixels. GrapheneOS might be obsolete soon or they will have to adapt it to Android 15 source code only. I bet the same people that want it discontinued reached out to Google to lock it from reverse engineering. The only part of the code that is accessible is the framework portion. Low level code is no longer open source.

              • Reply by spockers.

                Who do they think they are, Apple?

            • Comment by penneraustin48.

              This is singlehandedly the strongest marketing for grapheneOS I've ever seen. Frustration from law enforcement due to lack of backdoor access is literally what average citizens want. Privacy. Apple regularly advertises privacy in ad campaigns. Citizens don't sympathize with government agencies. They do however understand the desire for privacy.

              • Comment by h2barabai.

                EU with their obsession for control

                • Comment by Steven Savage.

                  I’d call most EU governments some type of socialist nanny-state types. If memory serves, England just forced back doors on their citizens as well.

                  • Reply by benji.geez.

                    Sometimes I think that we are becoming the bad guys.

                  • Reply by parrella20.

                    I'd be hard pressed to find a government that doesn't spy on their own citizens, and as scary as it is these tactics are still so mild compared to Russia, China, Iran, and North Korea's level of paranoia and spying on their own people, literally executing people for having WhatsApp or foreign media on their devices.

                • Comment by cre8teq.

                  Hasn't GrapheneOS been, effectively, killed off by Google now? I thought they'd pledged, recently, to stop open-sourcing everything for their Pixel devices? So Google, has hobbled a USP of Pixels, albeit for a minority of us. Honestly when, for instance, Google's find my device, started working, even with the phone off, did userland, think it was out of convenience for them? What Police don't like about GrapheneOS, is probably the one-button kill switch & wipe, from the lock screen, as it makes them, forensically unreadable, even by experts and specialist software...

                  • Comment by tehicas857.

                    I use OnePlus phones πŸ˜ΈπŸ‘

                    • Reply by mercerjaiden000.

                      ???

                  Advertisement