I am more confused than ever because I was going to redo my Samsung Note10+ 5G but then I saw this article and it makes it sound like only GrapheneOS was secure enough and mentioned numerous security vulnerabilities in others - do I need to be concerned before I do this?


LineageOS is not at all as secure as stock G OS. The builds are userdebug builds which expose tons of debugging APIs, weakened SELinux policies, and adb root. It even has the ability to disable SELinux which is one of the big pillars of Android security. LineageOS does not sign their builds so you cannot lock the bootloader. Bootloader locking enforces verified boot and integrity checks for majority of the OS. It can do error correction and it eliminates persistence for malware. LineageOS doesn’t ship firmware updates and relies on the user to update it themselves and uses a misleading security patch level for only AOSP security patches and not both AOSP and firmware/vendor patches. This leaves many people with critical vulnerabilities that can be trivially exploited by script kiddies. Having an unlocked bootloader fails SafetyNet basicIntegrity check and spoofing SafetyNet is extremely fragile and a losing battle as more and more apps are starting to migrate to hardware attestation, and hardware attestation works perfectly fine and passes on GrapheneOS. Hardware attestation would fail on unlocked bootloaders and you cannot spoof hardware attestation as easily as SafetyNet.

CalyxOS took the easy way out and integrated microG which has numerous security and privacy issues and threatre. microG is a very poor compatibility layer that intercepts signature-enforced requests and APIs. microG being integrated into the OS breaks the security model and app sandbox. It does not have broad app compatibility and is extremely prone to breakage. microG doesn’t subvert contacting Google in any way. Apps can talk to Google without microG or Play services installed. It’s how apps can show you ads even without Play services by implementing the Ads SDK themselves. Apps can very well operate without Play services and integrate Google Play SDKs themselves. Most may just need privileged integration. microG has full invasive privileged integration with far weaker SELinux policies You can read more here: Android | Madaidan's Insecurities and

Along with CalyxOS having substantial security and privacy downgrades like them integrating and enabling the invasive privileged Google eSIM apps by default, the invasive system integration of microG, using the default Google NTP servers, using the default Google DNS servers, the Mozilla Location Provider which works the exact same way as Google’s location accuracy (both are network location providers and send precise location data and Wi-Fi and Bluetooth addresses), and the F-Droid privileged extension which is a UserManager and Device Manager vulnerability that bypasses restrictions on app installation and can be assisted in exploitation by bypassing restrictions; CalyxOS has engaged in severe targeted harassment and bullying towards GrapheneOS developers and its community with many threats, raids, and even doxxing people and sending physical mail to these people (which is just the tip of the iceberg here). They receive government grants and other large sources of funding out of band. They work with LineageOS, Techlore, Copperhead (James Donaldson), and Guardian Project on producing content to defame, getting the community to harass and raid us, brigade all GrapheneOS threads with misinformation and attacks on the GrapheneOS folks, and far worse.

GrapheneOS is the most secure option, endorsed by Edward Snowden. Entirely funded by donations and run by Daniel Micay, who is extremely passionate about privacy and security. The OS is updated and patched more often than G does with every conceivable method of hardening possible. They now have a sandboxed Google Play service that has the broadest app compatibility. Privileged API calls are redirected to unprivileged APIs. It has zero privileged integration and the default helper app (which is not privileged, it’s a normal user app) is only activated if sandboxed Google Play is installed. They don’t spoof anything, integrate any kind of privileged apps, make any security or privacy compromises, and the apps are fully confined to the standard normal app sandbox. They aren’t special apps and you can limit the data you give them by the standard app permission model. These apps do not have access to persistent hardware identifiers where as microG has access to them. Many banking apps, payment apps (except for Google Pay), games, and streaming services work just fine with sandboxed Google Play. GrapheneOS passes SafetyNet basicIntegrity and that is usually more than enough for apps. Majority of apps work just fine and include things like their own camera app, app store which will soon start including hardened builds of 3rd-party apps, their own secure PDF viewer, and soon more. Snowden recommends desoldering microphones, keeping on the radios off when unused, and routing internet traffic thru the Tor network. You, however, likely don’t have 5 eyes after you, so this is a bit overkill. Pick a good VPN (ExpressVPN, ProtonVPN, etc, not NordVPN), and audit the permissions of each app you have installed.

I believe Lineage is the only option I have at the moment - are the vulnerabilities a concern for a normal user, that the state doesn’t care about?


Hey Dave
First off I want to give a big “Thumbs Up” to you Folks in AZ… Good Job!!
I read the same article when I was going thru the process with my Pixel… and at the time was leaning towards the Lineageos … like you, I was very confused. Seems like ever new thing I read pushed me in a different direction. I can offer no good advice as to your Samsung, as I chose the pixel for ease of completion and did go to GrapheneOS because at the time microG was having major outages and other complications. At the time the big scare about Graphene was “how can you trust a distro named after a sHoTz InGEedEnT” … Well to date … after I got-er-going, I’m happy to say I’ve only received three spam phone calls all of which were of a language I didn’t savvy …so auto-block and one message from my carrier wanting to know why I wasn’t using any data …May be you can install lineage without going thru microG, as I recall, that was where the concern was … anyway hopefully someone with better knowledgeable skills about phone will be along soon …
Wish I could offer more that just encouragement, Sir…