Disappointed to learn about Fairphone lagging behind in terms of security… I really wanted to get one. But still good news I guess.
Not really a ‘Fairphone issue’ and more a general ‘smartphone issue’. The vast majority of OEMs don’t invest into security and just use random parts with mostly stock Android. Sometimes they actually make it worse by replacing AOSP apps with their less secure ones. Which sadly will become more common with Google abandoning AOSP.
Fairphone simply isn’t focused on security. Should that change? Are Fairphone users interested in improved security?
I’m not saying the information about Fairphone is wrong, but you shouldn’t assume it’s all as bad as they made it out to be. You’re reading a marketing pitch from one group that works with one vendor saying why another vendor isn’t that good.
Not too surprising as they don’t have the same company size, it’s hard to keep up.
There aren’t too many OEMs that sell worldwide. So that would be one of Samsung, Sony, Moto, OnePlus.
Not certain Sony counts as worldwide anymore since they seem to have retreated from the US.
My money is on Motorola.
Oh man, please. My current Motorola could use replacing, official Graphene support would be fantastic
That would make sense as Motorola is fairly supportive of custom roms
I agree, Motorola is owned by Lenovo. They have found middling success with the return of their Razr line and with phones in the lower to mid tier range. But they really want something super flagship. Something like the Think Phone would have probably sold really well with a Graphene option.
The only way a graphene is phone gets major adaptation is if you could use pay with it.
I think people overestimate that feature. Where I live you still have to hand your card to the teller most of the time and nobody is handing their phone over for tap to pay.
hmm how bout round the world?
Like Germans prefer cash but tons go all digital—yuge in China for example, Apple Pay’s big stateside (USA)…
Curious your region btw to expand my knowledge on this
I live in the US and I also just got back from a 10 day trip that had me in 6 different airports around the US and saw basically nobody using their phones to pay. I saw a bunch of people using the translate app, the camera, FaceTime, Apple wallet for boarding passes, but no tap to pay.
I think it’s because the places that use it also have their own apps, like Starbucks. You can order and pay in the app and if you are likely to setup Apple Pay you are probably fine going all the way with the app too. The same is true of Walmart and other major retailers who also specifically don’t take Apple or Google pay because they want you to use their app.
It’s heavily used everywhere else in the world, the US is well-known to lag behind on payment technology. It’s like travelling back in time when you go there.
I pay with my phone literally everywhere in Canada, haven’t opened my wallet in months. I was in the US last year and they didn’t have mobile payment terminals at restaurants so you always had to pay for sit down service at a counter, always wanted me to sign for tap, kept calling it Apple Pay instead of tap or contactless, had places that would only swipe a physical card which isn’t even allowed in other countries anymore, it’s crazy.
Walmart takes tap in Canada, they were one of the last holdouts. The “individual app for each service” thing is very American, even American companies abroad don’t do it because they’ll lose business. It’s the same thing with cash transfers. There are 100 different private ways to send money in the US. PayPal, CashApp, Facebook Pay, Apple Pay, Venmo, etc.
None of those exist in Canada because we just have Interac e-transfers. Hard to compete with free & automatic support by every bank account in the country. Other countries have similar systems. The US has Zelle but as far as I know that was implemented way later and doesn’t have the mindshare.
So random that the USA is lagging behind in this regard, travelled Europe - everyone using phone pay, and in Australia my home country, it’s pretty much the only way people pay nowadays.
I think you underestimate it. Where I live, 39% of card transactions used a mobile wallet last year.
I pay with a normal card but I’d say the majority of people around me pay with their phone.
Also, I need to use my bank app to pay for things online. I scan a QR code and confirm the payment with a pin or fingerprint. Correct me if I’m wrong but I think many bank apps also don’t work properly with graphene.
Edit: maybe I’m getting confused, I thought bank apps normally needed google play services and that because of that they don’t work on grapheneOS, but I don’t know if that’s correct
Not really. The kind of people this ROM caters to are exactly the kind of people who don’t use Google Pay to begin with.
There’s other pay features in the world like Wero and MobilePay
I can pay with NFC and my GrapheneOS phone.
Where is this/ what app do you use?
I’m in the UK and use Curve. I’ve used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
There are several supported apps, such as Curve Pay, PayPal, and banking apps that have their own tap-to-pay implementation.
https://shkspr.mobi/blog/2025/06/contactless-payments-with-grapheneos/
https://grapheneos.social/@GrapheneOS/115295538501760765
You can also use the
contactless payments supportedtag when searching the GrapheneOS banking app compatibility list on GitHub. https://github.com/PrivSec-dev/banking-apps-compat-report/issues?q=is%3Aissue+label%3A"contactless+payments+supported"Not OP, but my (German) bank supports the Digitales Bezahlen App with GrapheneOS. I used it exactly twice, both times because I forgot my wallet at home.
We need details please
I’m in the UK and use Curve. I’ve used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
Device hardware, firmware, and software are integrated to protect your most sensitive data from mobile threats. With Moto KeySafe, PINs, passwords, and cryptographic keys are isolated from other device data for an added layer of high-level security.
Yeah this sounds like what Graphene insists on.
That sounds like a fancy speak for a Trusted Platform Module. Isn’t some kind of TPM mandatory to obtain a google certification for a new device?
Yeah, a TPM or secure element. I don’t think it’s required.
It (unfortunately) isn’t required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.
Are you sure there’s no rate limiting? My phone definitely does rate limit the on-boot disk decryption prompt. Do you mean there’s no rate limiting if someone detaches the NAND and brute-forces it off-device?
It’s not going to be a Chinese company.
I wouldn’t bet on it. Lenovo is used across North American corporations, banks and government institutions.
What makes you think so? This (admittedly pretty vague) response indicates quite the opposite: https://grapheneos.social/@GrapheneOS/115118480213473033
How come? I’d bet they’d be the most easiest “oem” to get started with.
All western ones will be on the mercy of google licencing, so I’d guess no one wants to burn bridges.
I’m quite sure no one would consider Chinese company as safe option for privacy and clearly security focused phone.
Also as Sony already has the Sailfish support the company is likely going to be Sony.
Ooh yeah let’s get a 6" 2025 take on the OG Motorola Droid with the slide out keyboard, to make it more linux-phone-y.
How repairable are Motorola smartphones?
I have had several versions of the Moto G family and they’re pretty easy to repair. Usually under $30 for a screen. Trickiest part is glueing the back panel back on.
Samsung doesn’t really rely on Snapdragon too much, so that might be out.
The US-based flagships do.
Yeah, but European ones don’t (or at least last time I checked). I guess that would be a hassle for them to keep compatibility.
Samsung is also a synonym for useless bloat, locked boatloaders, intrusive ads, and every other hostile feature ever. They are the last one to open up their phones.
True. But my S3 ran like a young racehorse when I installed Cyanogen back in the third age, when the orcs still roamed Rohan.
I hope Sony simply because I want a headphone jack and an MicroSD card reader. Their phones are already pretty bloat free and their custom apps, usually focused on the camera system, would mesh very well with GrapheneOS. Would be a great way for them to become relevant again.
How repairable are Sony smartphones?
Hot take, but no alt phone will reach critical mass without those features. They need support from even the most stubborn users
If the Graphene phone wants to presents itself as a consumer-first phone, I agree.
About fucking time.
According to details shared on Reddit, the partnered manufacturer will offer GrapheneOS support on future versions of their existing models, priced similarly to Pixels. These initial devices will feature flagship Snapdragon processors, which GrapheneOS notes provide significantly better CPU and GPU performance compared to Google’s Tensor chips. The Snapdragon platform also bundles high-quality wireless connectivity, eSIM support, and decent image processing capabilities directly into the system-on-chip.
Oh thank you. Let’s hope for something nice for a change.
This might be it. This might be the alt phone to defeat all others. Flagship chip + graphineOS features and long term support is a killer killer deal.
So who do we think? It’s not Fair phone and it sounds like it’s not oneplus. I’ll be needing a new phone within the next couple of years, if they roll it out soonish
I mean those are the first two I’d suspect too. Maybe Sony or Pico? They’re both pretty dev friendly.
I hope it’s Sony
Praying from this end of my Sony xperia
Sony is sooooo expensive though…
They said it’d be on par with a Pixel, so either a reasonable Sony or not Sony…
The Sony xperia 10 VII has a micro SD slot and a 3.5mm port so I’m hoping Sony too.
Edit: looks like the OEM selected doesn’t have compatible phones today but would in 26’
I’ve completely forgotten that Sony makes phones also, but this phone is great on paper. So much so that, next year, when I will be switching back to Android from an unfortunate ios hiatus, I will definitely consider one (maybe viii? ). Thanks for reminding me.
Yeah, but the cpu sucks…. How can I justify to myself going from an iPhone 11 to something with a worse cpu
I’d love an HTC again
I hope Nokia
I actually think this could be it. Nokia has always been a little adventurous with their operating systems, and I think they are eager to claw back their old reputation.
It’s not.
Have a friend who works at a decently high position here in Finland and they actually are considering exiting the smartphone market all together because the margins are too small and they make easy more money on other things, like 5G equipment. They kind of want to move past being associated with phones basically.
They are called HMD now.
It’d be so awesome if Fairphone made a deal for Fairphone 7
I thought the exclusivity was because of Googles superior chip security?
So far all I have seen them say is that the new device meets their requirements. Considering that this company has a lot of power over them I would be very tight-lipped about details in case they start throwing curveballs
Partially. It’s more that Google’s overall architecture was better for security, inclusive of many different features.
You can find a big ass list here: https://grapheneos.org/faq#future-devices
Lol wut
took their time
Genuinely wish it’s a Chinese OEM, I’d love to run Graphene on something like the Xiaomi 17 Pro
Chinese phone cameras are far superior than anything else. It would be cool tbf
I wonder if this will have a significant negative impact on Pixel sales.
I can’t see how it would. Techies are the only people who know what GrapheneOS is, and even then it’s a small percentage of us. The average person still asks if you have an iPhone or a Samsung.
I hope it takes off, but even if it does the dent will be small.
I would assume it will, if the SoC performance is in the same ballpark. Pixels have good NPU specs but their CPU, GPU and RAM feel like mid range options compared to snapdragons. So I don’t think that’s a high bar to hit. I don’t run graphene because I’m not buying a google phone, but I would consider running it on something else.
Yes it well. Their chips are pathetic and they seem to have no motivation to do anything about it.
I want to try GrapheneOS. But my current Samsung phone still works. If I ever do switch, I would be looking for a Pixel on the local resale market so as to avoid giving Google money, anyway.
Used Pixels are cheap.
I have three, paid about $120 for each one.
It’s what I did. I bought a used pixel 8 and only regretted it after the recent strong of Google shenanigans. I’m still looking for a proper Linux phone solution in the meantime. I’d rather not have to be reliant on anything Google does in the future.
The only reason I bought a Pixel is for GrapheneOS and the only reason my SO has one is also GrapheneOS.
Whats that?
A HW manufacturer (aka OEM) will share specs and interfaces with the GrapheneOS team, who will develop an official port for the hardware, with support and everything. The OEM will allow bootloader unlocking and maybe even ship some of these phones with Graphene preinstalled, depending on what their contract with Google allows. To this day, only Pixels have officially received GrapheneOS releases because Google has documented their hardware interfaces in AOSP. Now, AOSP is no longer developed with the Pixel as a target but a virtual device, putting the future of GrapheneOS on Pixels into question (the team refuses to use reverse-engineered hardware interfaces, which may result in bugs).
Thanks for the detailed explanation.
thank you for explaining
Thx
the team refuses to use reverse-engineered hardware interfaces
Small correction: Current and future GrapheneOS releases for Pixels are produced by reverse-engineering Pixel OS releases. adevtool was developed together with the developer of ProtonAOSP back then, to automate extracing several components from the stock Pixel OS.
my hot take: while this is good for users in short term, in long term it just prolongs non-copyleft android OS hold for google.
my only hope for grapheneos is that they pointed that they may move from android too.
That’s the long-term plan, yeah. Moving from Linux entirely actually, as they mentioned a future microkernel project
as I said in last post, I only see copyleft as a viable alternative. too many dev efforts forked and privatized. android should have been a warning. but many devs just think open source is enough. and they still think getting adapted by big corporation will not change the direction of projects.
I am personally going in the direction of testing and helping only copyleft projects. so I skipped RedoxOS. even-though I like rust and new microkernel OSes.
If I am going to give my time to a project (small as it is) I don’t want it to end up like android.
I completely agree, and a strong copyleft licence is something that GPLv3 does much better than its predecessor, which is unfortunately why it has not been adopted by the Linux kernel. I foolishly assumed that GrapheneOS, given the values it professes, would be distributed under the GPLv3 licence, but I have now discovered that this is not the case, in a move that I frankly cannot understand. Hope that changes in the near future, but it’s not very likely to happen I guess
But if google goes on with locking out the app store with the developer verification bs, how would would this play into that? If Aurora won’t install the app or the app won’t run, then we’ve accomplished little in that area. I’m really hoping I’m missing something.
Custom ROMs should be able to disable the checks. My bigger concern is what it does to the open app ecosystem as a whole.
TBH I would actually expect GrapheneOS not to disable these checks. GrapheneOS devs pride themselves to have the best implementation of the official Android security model, and enforcing signature checks is likely part of that…
They might add additional certificates I guess, to allow their own apps, and maybe a selected few others.
This is incorrect. The sideloading checks are implemented in Play Protect, which needs elevated privileges to function. On GrapheneOS, Google Play services run with normal privileges, just like any other user-installed app. This means, there are no Play Protect checks in GrapheneOS, and there will never be. It would only be possible on ROMs, such as LineageOS with Gapps, where Play services are installed as system apps, running with higher privileges than all other apps.
Well, good to know.
I was thinking more about the way of Android security models, and that it would make sense for GOS to restrict available storefronts to stay consistent with their way to implement them. But good to know that it will not automatically happen just by updating the google services.
And I would also think that people would likely complain if they where to implement it in a different way.
Except this ‘signing’ is more of a control feature than a security feature. Just because Google markets it as a security feature doesn’t mean it is.
Well… The Android security model, as it is implemented in stock android and GOS, is about top down control, the full trust is given to the system vendors, not the end users. No rooting for instance. From this perspective not allowing installation of apps that cannot be blocked by the system vendor, fits well with that model.
TBH, I am not a fan of that security model. And this is my critique of GOS. It doesn’t allow the user full access to their device, so that they can check and control what each application is storing or sending to third-party servers. Instead it is on full security and allows apps to store and transfer information to which the user has no access to.
But the system vendor/developers would have that access, because they control the whole base system.
The focus of the Android security model and in turn of GOS is on security, at the cost of privacy or freedom.
Please be Motorola and put it on my Razr+…
deleted by creator
deleted by creator
Yah, a guy can dream though, can’t he?
Add Nokia, Brax, and other smaller phone companies that actually value privacy, open-source, repairability, linux, and consumer-friendly then we got a deal
Brax?? Lol
Hey I don’t know a whole lot about it but it seems kinda interesting
Some are saying dude is a snake-oil saleperson. Idk always felt a bad vibe about that youtube channel.
Hope for Motorola but for some reason I want to put a guess in for LG
oops all Xiaomi!
largest market share outside of Samsung and Apple.
LG who exited the smartphone market in 2021?
FR?
Yeah mate, long gone. Real shame that, loved their V-series.
I’ll hold off on a new phone to watch for this. Android could be great without Google’s nonsense. An OS that has high end hardware support and continues to work on convergence with desktop Linux both by the communities development and Google’s
Exactly. Google is evil, and I don’t want Google-related things on my phone.
