GrapheneOS is ready to break free from Pixels

Original Article ↗ Hacker News Discussion ↗

Speculation on the OEM and device class

  • Commenters guess the “major OEM” is likely a big Android brand (OnePlus, Motorola/Lenovo, Sony, maybe Xiaomi), with Samsung and small “enthusiast” vendors (Nothing, Fairphone, HMD) generally considered unlikely.
  • GrapheneOS participants say the partner will ship Snapdragon flagships using Gunyah virtualization, with 5–7 years of firmware/driver updates, and that small ethical brands can’t currently meet those requirements.
  • Pricing “similar to Pixels” is interpreted by most as flagship-level (~$1000), disappointing those hoping for midrange devices.

Why getting off Pixels matters

  • Many welcome this as Pixels are disliked for Tensor performance, VoLTE/5G provisioning problems outside official markets, limited regional availability, and Google’s recent hostility to custom ROMs (e.g., no device trees).
  • People in regions without official Pixels see this as a way to get a secure, de-Googled phone at all.
  • Some see it as strategically important for countering upcoming EU app-based age-verification schemes that risk hard‑locking citizens to Apple/Google platforms.

Security model, virtualization, and baseband

  • GrapheneOS expects the Snapdragon+Gunyah stack to reach parity with Pixel+pKVM for virtualization uses (Android VMs, potentially Windows guests).
  • Qualcomm basebands are viewed as reasonably strong; security is often degraded by OEM integration rather than the SoC itself.
  • GrapheneOS stresses strict requirements: modern kernels, full monthly patching, long-term support, and no closed-source kernel modules.

Banking apps, Play Integrity, and VoLTE

  • Banking/payment compatibility is a major concern. Some users report all their banking apps work; others have seen apps blocked for dev mode, accessibility, or non‑stock ROMs.
  • Play Integrity is described as the main barrier: it lets apps demand a Google-certified OS and locked bootloader. Some banks explicitly whitelist GrapheneOS via hardware attestation, but this is ad‑hoc and fragile.
  • Several argue real fixes must be regulatory: requiring banks to accept secure alternative OSes, rather than letting Google’s APIs define “allowed” devices.
  • GrapheneOS recently added UI toggles to force VoLTE/VoNR/5G/VoWiFi on Pixels after Google blocked prior ADB-based workarounds.

Usability, bundled apps, and backups

  • Users appreciate GrapheneOS’s hardening but some find it “barebones AOSP” and wish for better default apps (calendar, email, media) and a robust backup/restore story.
  • Others argue the project should stay narrowly focused on security/privacy, leaving UX polish and extras to downstream projects or third‑party apps.
  • There is debate over alternatives like /e/ OS and LineageOS; GrapheneOS voices strong criticism of their update lag and security posture, while some readers find the tone combative.

Economics, ethics, and long-term support

  • Skeptics doubt a pricey privacy phone can sustain volume, referencing Blackphone and Fairphone’s struggles and the fact that “almost nobody cares about privacy” in buying decisions.
  • Others counter that GrapheneOS isn’t launching its own phone but certifying mainstream devices, reducing commercial risk.
  • Some want more ethical hardware (e.g., removable batteries, Fairphone‑style sourcing), but GrapheneOS argues that devices marketed as ethical while shipping years behind on patches are not truly ethical from a security/sustainability standpoint.