Bought a second-hand Pixel 9a and installed @GrapheneOS on it. Very smooth process. Going to see if this can be my daily driver without any of the Play stuff installed...

@toke the first few weeks might feel strange, but worth it to gain more control. Do not hesitate to ask if you feel there are some annoying or missing things 😉

@toke @GrapheneOS never really used a different system on my phone besides Android, but I imagine that Whatsapp and telegram is a problem then, right? At least telegram is available on flatpak, but I'm not sure about whatsapp in this case... What's your experience so far?

@mpdesouza @toke No, those apps work fine on GrapheneOS as do the vast majority of Android apps. Both of those can even be used without sandboxed Google Play with some functionality unavailable. Very few apps are unavailable on GrapheneOS.

@GrapheneOS @toke good to know! I've been thinking about moving out of Android but was afraid that would have issues with some android apps. Thanks a lot for clarifying!

@toke there is a 99.8% chance you'll have no issues daily driving @GrapheneOS

@mpdesouza @GrapheneOS @toke GrapheneOS is still Android, but without Google (and many other modifications). It is different from a "Linux OS" like postmarketOS, etc.

@matttbe @mpdesouza @toke GrapheneOS is a Linux distribution, as is the Android Open Source Project and other distributions based on it. Linux does not mean using systemd, glibc, GNOME, etc. It means using the Linux kernel, which we do. We have branches of the 6.12, 6.6 and 6.1 Linux kernels without hardening improvements. Android runs fine with an unmodified mainline or LTS branch Linux kernel, but it's not what is used in practice on real hardware because of out-of-tree drivers.

@matttbe @mpdesouza @toke Alpine Linux is itself different from a traditional Linux distribution due to using musl instead of glibc and BusyBox instead of coreutils. It's much less of a GNU/Linux distribution than a traditional one. If they used LLVM for compiling everything including the kernel as Android does instead of GCC/binutils, that would be another step away from GNU/Linux. libc++ instead of libstdc++ similarly to Android would be another. Linux doesn't include any of that stuff.

@jawsh @GrapheneOS yup, looking good so far. There are a few apps with missing functionality, and some that crash entirely due to the lack of play services. But none that are essential so far. I may end up installing the sandboxed play services in a secondary profile if it gets to be too annoying, but want to see if I can do without even that :)

@matttbe thanks! I was already on LineageOS with micro-g, so I do have some experience with non-stock Android. The biggest hurdle initially was figuring out how to install the non-foss apps I use. A bit annoying, but a mix of Aptoide, and a couple of manual downloads from apkmirror, have me all set so far :)

@toke @jawsh A small number of apps have memory corruption bugs which can be worked around with the per-app exploit protection compatibility mode or the finer grained toggles. However, that's relatively uncommon and most of these apps likely just need sandboxed Google Play to work.

@GrapheneOS @jawsh ohh, hadn't thought about the exploit mitigation thing, will check that out - thanks!

@toke I think the recommended way is to install their "Sandboxed Google Play" (which includes the Play Store): https://grapheneos.org/usage#sandboxed-google-play-limitations

If the non foss app doesn't depend on Google Play Service, you can use the Aurora Store I suppose 🙂

@toke @jawsh We keep the protections which actually break compatibility off by default for user installed apps (dynamic code loading blocking / disallowing ptrace) and also hardware memory tagging for most user installed apps because it finds far too many bugs. We do have our baseline hardened allocator and the larger address space turned on by default though, which breaks a small number of buggy apps. We recommend enabling memory tagging for user installed apps but it does tend to find bugs.