GrapheneOS will remain usable by anyone without requiring personal information

Original Article ↗ Hacker News Discussion ↗

GrapheneOS stance and legal context

  • Thread centers on GrapheneOS’ commitment to remain usable without tying devices to personal identity or age‑verification.
  • Several comments see recent and proposed laws (California age‑range signaling at OS level, Texas/Utah “commercially reasonable” age checks, Canadian S‑209, Brazilian Felca law) as steps toward mandatory identification and remote attestation.
  • Some argue California’s approach seems weaker than ID scans, others stress it still creates broad liability and incentives for invasive age checks (face/ID scans) and globalized censorship.

Banking, e‑ID systems, and remote attestation

  • Nordic users highlight how deeply BankID/Swish‑style national e‑ID and payments are tied to smartphones, making alternative OSes a practical problem.
  • Multiple reports that Swedish (and some Norwegian) banking and ID apps work fine on GrapheneOS today; some keep a second phone as backup.
  • Technical discussion of Play Integrity vs hardware attestation: GrapheneOS only passes “basic integrity”, so some banks may block unless they explicitly support GrapheneOS keys.
  • A Brazilian commenter reports major banks now blocking GrapheneOS after an age‑verification law, even with Google services installed.

Device support and Motorola partnership

  • Debate over GrapheneOS’ new Motorola partnership: seen as good diversification beyond Pixels but also a possible regulatory target if preloaded devices become common.
  • Some expect workarounds (sell stock ROM, let users flash GrapheneOS; relocate jurisdiction; use third‑party sellers), but this is speculative within the thread.
  • Pixels are described as unusually open for custom keys, but this is seen as contingent on Google’s future choices.

User migration experiences and app ecosystem

  • Shared migration patterns: GrapheneOS as main OS plus a cheap stock‑Android phone for banking/ID, or separate user profiles/private spaces with sandboxed Play Services.
  • A linked iOS→GrapheneOS guide is criticized as outdated and blaming Android‑wide issues on GrapheneOS; others say the guide’s annoyance list convinced them not to switch.
  • Conflicting reports on UX: some mention issues like media handling, UI quirks, audio volume, and lockscreen behavior; others say these problems don’t occur for them.

Privacy vs usability trade‑offs

  • Many praise GrapheneOS hardening, sandboxed Play, and the ability to tightly restrict Google and other apps, while still using mainstream software.
  • Others object to lack of root access, arguing that it gives OS vendors more control than users and hampers deep inspection/monitoring.
  • Discussion of app sources: Play Store seen as simplest; Aurora Store and F‑Droid mentioned, with caveats about security and reliability.

Emergency alerts and government control

  • Canadians and others complain about unskippable, misused emergency/Amber alerts, especially at night.
  • GrapheneOS’ ability to disable “presidential”/overriding alerts is highlighted as a concrete advantage, contrasted with stock Android and regional abuses.

Custom ROMs, regional restrictions, and trust

  • Broader examples of region‑based restrictions (call recording bans, mandatory camera shutter sounds in Japan, BeiDou geofencing in the US) show how firmware/OS enforce policy.
  • Some build their own ROMs to bypass such restrictions.
  • A few express concern about trusting a project whose build pipeline is run by pseudonymous maintainers, though others note all OS projects have similar trust issues.