Software:GrapheneOS

From HandWiki
GrapheneOS
The GrapheneOS logo with a hexagonal lattice
GrapheneOS home screen
GrapheneOS home screen
DeveloperGrapheneOS Foundation[lower-alpha 1] and contributors
OS familyAndroid (Linux)
Working stateCurrent
Source modelOpen source
Initial releaseApril 2019; 7 years ago (2019-04)
Repositoryhttps://github.com/grapheneos
Marketing targetPrivacy- and security-focused operating system
Update methodOver-the-air (OTA) or via USB (ADB sideloading)
Package managerAPK-based
Kernel typeMonolithic (Linux/Android kernel)
LicenseMIT, Apache License, various permissive open-source
GrapheneOS Foundation
FormationMarch 17, 2023; 3 years ago (2023-03-17)
Registration no.1485757-7 [2]
Legal statusNonprofit corporation
HeadquartersToronto, Ontario, Canada
Directors
  • Khalykbek Yelshibekov
  • Daniel Micay
  • Dmytro Mukhomor
[2]
Website{{{1}}}

GrapheneOS[lower-alpha 2] is a free and open-source, privacy- and security-focused, Android-based operating system for Google Pixel and future Motorola devices.[4] GrapheneOS is built on the Android Open Source Project. It focuses on researching and improving the privacy and security of Android. GrapheneOS is developed by the GrapheneOS Foundation, a Canadian nonprofit corporation.

History

The main developer, Daniel Micay, co-founded and originally worked on CopperheadOS, until a schism over software licensing between the co-founders of Copperhead Limited led to Micay's dismissal from the company in 2018.[5] Micay continued working on the Android Hardening project, which was renamed to GrapheneOS and announced in April 2019 as the "true successor" to CopperheadOS, with a goal of restoring the same functions.[5][6] The project's website states that CopperheadOS was renamed to GrapheneOS.[7]

In March 2022, two GrapheneOS apps, "Secure Camera" and "Secure PDF Viewer", were released on the Google Play Store.[8]

Also in March 2022, GrapheneOS released Android 12L for Google Pixel devices before Google did, second to ProtonAOSP.[9]

In May 2023, Micay announced he would step down as lead developer of GrapheneOS and would be replaced as the GrapheneOS Foundation director.[10] As of December 2025, the GrapheneOS Foundation's Federal Corporation Information lists Micay as one of its directors.[2]

In March 2026, Motorola and the GrapheneOS Foundation announced a partnership to engineer future Motorola devices with GrapheneOS compatibility.[11]

Features

GrapheneOS' default "App Store" (formerly known as just "Apps"[12])

Sandboxed Google Play

By default Google apps are not present on GrapheneOS,[4][13] but users can install a sandboxed version of Google Play Services from the pre-installed "App Store".[13] The sandboxed Google Play Services implementation allows access to the Google Play Store and apps dependent on it, along with features including push notifications (Firebase Cloud Messaging) and in-app payments.[13]

This differs from most other custom Android distributions, such as LineageOS, CalyxOS, iodéOS or /e/OS, that replace Google Play Services with microG. According to some analysts, the microG implementation is problematic because it can log users out of the Play Store and not allow them to download more apps.[14]

In December 2023, Android Auto support was added to GrapheneOS, allowing users to install it via the App Store.[15] The Sandboxed Google Play compatibility layer settings adds a new permission menu with 4 toggles for granting the minimal access required for wired Android Auto, wireless Android Auto, audio routing and phone calls.[16]

Security and privacy features

GrapheneOS introduces revocable network access and sensors permission toggles for each installed app.[4][17] GrapheneOS also introduces a PIN scrambling option for the lock screen as well as a feature called Duress password which will wipe on-device personal data when entered on lock screen instead of a regular PIN/password.[18][19]

GrapheneOS randomly generates a new MAC address every time a Wi-Fi connection is established, instead of the default Android behavior of randomizing the address per Wi-Fi network.[5][20]

GrapheneOS includes automatic phone reboot when not in use, automatic Wi-Fi and Bluetooth disabling, along with software and hardware level disabling of the USB-C port and pogo pins (as found on the Pixel Tablet). GrapheneOS can also disable the microphone, camera, and sensors for apps. Additionally, it offers the Contact and Storage Scopes feature, which allows users to select which specific contacts or files/folders an app can access.[21]

A hardened Chromium-based web browser and WebView implementation known as Vanadium, is developed by GrapheneOS and included as the default web browser and system WebView.[17] It includes automatic updates, process and site-level sandboxing, disabling the V8 JavaScript just-in-time (JIT) compiler by default for attack surface reduction and built-in ad and tracker blocking.[22]

Auditor, a hardware-based attestation app, developed by GrapheneOS, which "provide strong hardware-based verification of the authenticity and integrity of the firmware/software on the device" is also included.[21] The app also includes an optional, scheduled remote verification feature, which runs in the background and performs regular verifications against the GrapheneOS attestation service. It can alert users via email if the device fails to provide valid attestations in time. The remote attestation interval and permitted time before an alert can be configured by the user using the web portal.[23] Both the Auditor app and the AttestationServer backend are open source and permissively licensed under the MIT license.[24]

Apps like Secure Camera and Secure PDF Viewer offer features such as automatic removal of Exif metadata and protection against malicious code in PDF files by opening them within a sandboxed PDF.js environment in the hardened Vanadium WebView.[25]

GrapheneOS also includes a hardened memory allocator (hardened_malloc) intended to provide substantial defenses against common classes of vulnerabilities such as heap memory corruption. In addition, its Chromium-based browser/WebView (Vanadium) enables further exploit mitigations beyond upstream defaults (e.g., type-based control-flow integrity (CFI), stronger stack-smashing protection (SSP), zero-init of variables).[26][27]

Installation

GrapheneOS currently is only compatible with Google Pixel devices,[28] due to specific requirements that GrapheneOS has for adding support for a new device, including an unlockable bootloader and proper implementation of verified boot.[29][30] In October 2025, GrapheneOS said that it was working with a "major" Android OEM on future devices that would support the OS on Qualcomm Snapdragon platforms,[31][32] and that they will be the flagship devices, expected to appear in Q4 2026 or Q1 2027. In March 2026, it was revealed that this partner is Motorola Mobility, and a device list will be released some time later that year.[11]

The operating system can be installed from various platforms, including Windows, macOS, Linux, and Android devices. Two installation methods are available: a WebUSB-based installer, recommended for most users, and a command-line based installer, intended for more experienced users.[33]

Reception

In 2019, Georg Pichler of Der Standard, and other news sources, quoted Edward Snowden saying on Twitter, "If I were configuring a smartphone today, I'd use Daniel Micay's GrapheneOS as the base operating system."[34]

In discussing why services should not force users to install proprietary apps, Lennart Mühlenmeier of netzpolitik.org suggested GrapheneOS as an alternative to Apple or Google.[35]

Svět Mobilně and Webtekno repeated the suggestions that GrapheneOS is a good security- and privacy-oriented replacement for standard Android.[36][37]

In a detailed review of GrapheneOS for Golem.de, Moritz Tremmel and Sebastian Grüner said they were able to use GrapheneOS similarly to other Android systems, while enjoying more freedom from Google, without noticing differences from "additional memory protection, but that's the way it should be." They concluded GrapheneOS cannot change how "Android devices become garbage after three years at the latest", but "it can better secure the devices during their remaining life while protecting privacy."[5]

In June 2021, reviews of GrapheneOS, KaiOS, AliOS, and Tizen OS, were published in Cellular News. The review of GrapheneOS called it "arguably the best mobile operating system in terms of privacy and security." However, they criticized GrapheneOS for its inconvenience to users, saying "GrapheneOS is completely de-Googled and will stay that way forever—at least according to the developers." They also noticed a "slight performance decrease" and said "it might take two full seconds for an app—even if it's just the Settings app—to fully load."[38]

Louis Rossmann, activist and repairman who often talks about privacy-related topics, in September 2022 published a video recommending GrapheneOS as an operating system for daily use, discussing the OS's implementation of sandboxed Google Play Services.[39]

In March 2022, writing for How-To Geek Joe Fedewa said that Google apps were not included due to concerns over privacy, and GrapheneOS also did not include a default app store. Instead, Fedewa suggested, F-Droid could be used.[4]

In 2022, Jonathan Lamont of MobileSyrup reviewed GrapheneOS installed on a Pixel 3, after one week of use. He called GrapheneOS install process "straightforward" and concluded that he liked GrapheneOS overall, but criticized the post-install as "often not a seamless experience like using an unmodified Pixel or an iPhone", attributing his experience to his "over-reliance on Google apps" and the absence of some "smart" features in GrapheneOS default keyboard and camera apps, in comparison to software from Google.[13]

In his initial impressions post a week prior, Lamont said that after an easy install there were issues with permissions for Google's Messages app, and difficulty importing contacts; Lamont then concluded, "Anyone looking for a straightforward experience may want to avoid GrapheneOS or other privacy-oriented Android experiences since the privacy gains often come at the expense of convenience and ease of use."[40]

In July 2022, Charlie Osborne of ZDNET suggested that individuals who suspect a Pegasus infection use a secondary device with GrapheneOS for secure communication.[41]

In January 2023, a Swiss startup company, Apostrophy AG, announced AphyOS, which is a subscription fee-based Android operating system and services "built atop" GrapheneOS.[42][43] The GrapheneOS team dismissed the project being based on GrapheneOS as misleading marketing due to AphyOS being based on an earlier version of Android, using the LineageOS update client and other inconsistencies.[44]

In late 2025, GrapheneOS moved its infrastructure away from servers hosted by French provider OVHcloud over privacy and security concerns.[45][46] This applies to both servers located inside France, as well as Canadian servers owned by the company. The project stated, "France isn't a safe country for open source privacy projects. They expect backdoors in encryption and for device access too. Secure devices and services are not going to be allowed (in France)."
France voted in favor of a proposed, controversial EU measure commonly referred to as Chat Control which could require providers to create and open a backdoor to their services to enable authorities to scan user content.[47][48]

GrapheneOS gained attention in the media in March 2026 after stating the project would not comply with planned and heavily criticized age verification laws such as the California Digital Age Assurance Act (Assembly Bill 1043) or Brazil's Digital Statute for Children and Adolescents (Law No. 15,211/2025), even if it meant that future Motorola devices that will come with the OS preinstalled couldn't be sold in these regions.[49]

See also

References and notes

  1. "Frequently Asked Questions – GrapheneOS" (in en-US). https://grapheneos.org/faq#copyright-and-licensing. 
  2. 2.0 2.1 2.2 2.3 "Federal Corporation Information – 1485757-7". Government of Canada. 2025-12-09. https://ised-isde.canada.ca/cc/lgcy/fdrlCrpDtls.html?p=0&corpId=14857577. 
  3. "History – GrapheneOS" (in en-US). https://grapheneos.org/history. 
  4. 4.0 4.1 4.2 4.3 Fedewa, Joe (23 March 2022). "What Is GrapheneOS, and How Does It Make Android More Private?" (in en-US). https://www.howtogeek.com/790266/what-is-grapheneos-and-how-does-it-make-android-more-private/. 
  5. 5.0 5.1 5.2 5.3 Tremmel, Moritz; Grüner, Sebastian (11 December 2019). "GrapheneOS: Ein gehärtetes Android ohne Google, bitte" (in de-DE). pp. 1–3. https://www.golem.de/news/grapheneos-ein-gehaertetes-android-ohne-google-bitte-1912-145383.html. 
  6. Baader, Hans-Joachim (9 April 2019). "Android Hardening wird zu GrapheneOS" (in de). https://www.pro-linux.de/news/1/26955/android-hardening-wird-zu-grapheneos.html. 
  7. De Rentiis, Katharina; Geus, Julian; Freiling, Felix (March 1, 2026). "The investigator's friend and foe: A forensic analysis of GrapheneOS". Forensic Science International: Digital Investigation. DFRWS EU 2026 – Selected Papers from the 13th Annual Digital Forensics Research Conference Europe 56. doi:10.1016/j.fsidi.2026.302048. ISSN 2666-2817. https://www.sciencedirect.com/science/article/pii/S2666281726000053. 
  8. Hazarika, Skanda (4 March 2022). "GrapheneOS brings its camera and PDF viewer apps to the Play Store" (in en-US). https://www.xda-developers.com/grapheneos-camera-pdf-viewer-google-play-store/. 
  9. Wilde, Damien (11 March 2022). "Privacy-focused GrapheneOS based upon Android 12L comes to Pixel 6 in latest beta" (in en-US). https://9to5google.com/2022/03/11/privacy-focused-grapheneos-based-upon-android-12l-comes-to-pixel-6-in-latest-beta/. 
  10. "Daniel Micay (@DanielMicay)" (in en). May 26, 2023. https://twitter.com/DanielMicay/status/1662212227561308160. ""I've stepped down as lead developer of GrapheneOS and will be replaced as a GrapheneOS Foundation director. I'll be ending my use of public social media. I'm unable to handle the escalating level of harassment including recent swatting attacks. There will be a smooth migration."" 
  11. 11.0 11.1 marreroc (2026-03-02). "Motorola News | Motorola's new partnership with GrapheneOS" (in en-US). https://motorolanews.com/motorola-three-new-b2b-solutions-at-mwc-2026/. 
  12. "GrapheneOS/AppStore Version 24 Release" (in en-US). 18 July 2024. https://github.com/GrapheneOS/AppStore/releases/tag/24. 
  13. 13.0 13.1 13.2 13.3 Lamont, Jonathan (20 March 2022). "A week with GrapheneOS exposed my over-reliance on Google". Blue Ant Media. https://mobilesyrup.com/2022/03/20/using-grapheneos-for-one-week/. 
  14. Name; Milano, Matt (2025-02-28). "GrapheneOS Review: The Most Private and Secure Android OS" (in en). https://www.webpronews.com/grapheneos-review-the-most-private-and-secure-android-os/. 
  15. Schoon, Ben (2024-01-03). "GrapheneOS, a privacy-focused version of Android, is adding Android Auto support" (in en-US). https://9to5google.com/2024/01/03/graphene-os-android-auto/. 
  16. "2023123000 – Releases" (in en). https://grapheneos.org/releases#2023123000. 
  17. 17.0 17.1 Mascellino, Alessandro (2022-06-16). "What is GrapheneOS and how does it improve privacy and security?" (in en-US). https://www.androidpolice.com/what-is-graphene-os/. 
  18. Speight, Adam (29 Sep 2021). "This is why James Bond doesn't use an iPhone" (in en-GB). Wired UK. ISSN 1357-0978. https://www.wired.co.uk/article/james-bond-no-time-to-die-tech. Retrieved 2022-08-17. 
  19. Wankhede, Calvin (2025-08-10). "I use a duress PIN to protect my data — here's how it works and why everyone needs one" (in en). https://www.androidauthority.com/grapheneos-duress-pin-3584795/. 
  20. Valeri, Vitor (17 June 2022). "O que é o GrapheneOS? Como ele aumenta a segurança e a privacidade do celular?" (in pt-BR). https://www.oficinadanet.com.br/smartphones/41188-o-que-e-grapheneos. 
  21. 21.0 21.1 "Features overview" (in en-US). GrapheneOS. https://grapheneos.org/features. 
  22. Goodwin, Richard (2024-04-04). "GrapheneOS 101: What You Need To Know" (in en-GB). https://www.knowyourmobile.com/phones/operating-systems/grapheneos-101-what-you-need-to-know/. 
  23. "Tutorial | attestation.app" (in en). https://attestation.app/tutorial. 
  24. "Source | attestation.app" (in en). https://attestation.app/source. 
  25. Wilde, Damien (16 April 2024). "GrapheneOS review: De-Googled goodness [Video"]. https://9to5google.com/2024/04/16/grapheneos-review-de-googled-goodness-video/. 
  26. "Features". https://grapheneos.org/features. 
  27. "Usage guide". https://grapheneos.org/usage. 
  28. "Which devices are supported? – Frequently Asked Questions" (in en-US). https://grapheneos.org/faq#supported-devices. 
  29. Perkins, Stephen (2022-06-16). "GrapheneOS: Everything you need to know about the privacy-focused Android fork" (in en). https://www.androidpolice.com/grapheneos-guide/. 
  30. "Which devices will be supported in the future? – Frequently Asked Questions" (in en-US). https://grapheneos.org/faq#future-devices. 
  31. Cubbins, Dwayne (2025-10-13). "GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal" (in en-US). https://piunikaweb.com/2025/10/13/grapheneos-ending-pixel-exclusivity-new-oem/. 
  32. Sharma, Adamya (2025-10-14). "GrapheneOS is finally ready to break free from Pixels, and it may never look back" (in en). https://www.androidauthority.com/graphene-os-major-android-oem-partnership-3606853/. 
  33. Perkins, Stephen (2022-06-16). "How to install GrapheneOS" (in en). https://www.androidpolice.com/how-to-install-graphene-os/. 
  34. Snowden, Edward (21 September 2019). "If I were configuring a smartphone today, I'd use @DanielMicay's @GrapheneOS as the base operating system. I'd desolder the microphones and keep the radios (cellular, wifi, and bluetooth) turned off when I didn't need them. I would route traffic through the @torproject network." (in en-US). https://twitter.com/Snowden/status/1175430722733129729. 
  35. Mühlenmeier, Lennart (19 July 2019). "Warum Post, Bank und Co. ihre Kunden nicht zwingen sollten, Apps zu benutzen" (in de-DE). https://netzpolitik.org/2019/warum-post-bank-und-co-ihre-kunden-nicht-zwingen-sollten-apps-zu-benutzen/. 
  36. Šlik, Jáchym (6 April 2019). "GrapheneOS chce napravit bezpečnostní prohřešky Androidu" (in cs). https://www.svetmobilne.cz/grapheneos-chce-napravit-bezpecnostni-prohresky-androidu/7510. 
  37. Kalelioğlu, Eray (3 April 2019). "Android Tabanlı İşletim Sistemi 'GrapheneOS' ile Tanışın" (in tr). https://www.webtekno.com/android-tabanli-isletim-sistemi-grapheneos-h66023.html. 
  38. Diane (2021-06-28). "GrapheneOS: A Hardened Android Alternative (Review)" (in en-US). https://cellularnews.com/mobile-operating-systems/grapheneos-review/. 
  39. Louis Rossmann (2022-09-22). GrapheneOS; the greatest mobile OS of all time. Common usability misconceptions DEBUNKED!. Retrieved 2025-11-12 – via YouTube.
  40. Lamont, Jonathan (13 March 2022). "I replaced Android on a Pixel 3 with an Android-based privacy OS". Blue Ant Media. https://mobilesyrup.com/2022/03/13/replacing-android-with-grapheneos/. 
  41. Osborne, Charlie (May 30, 2024). "How to find and remove spyware from your phone". in Windsor, Alyson (in en). https://www.zdnet.com/article/how-to-find-and-remove-spyware-from-your-phone/. 
  42. Savov, Vlad (2023-01-16). "Swiss Startup Takes On Apple and Google With Privacy-First OS" (in en). Bloomberg News. https://www.bloomberg.com/news/articles/2023-01-16/apostrophy-and-aphyos-swiss-startup-takes-on-apple-and-google. 
  43. Savov, Vlad (17 January 2023). "Swiss startup takes on Apple and Google with privacy-first OS" (in en). https://www.thestar.com.my/tech/tech-news/2023/01/17/swiss-startup-takes-on-apple-and-google-with-privacy-first-os. 
  44. "Apostrophy mobile system, Punkt MC02". https://discuss.grapheneos.org/d/18216-apostrophy-mobile-system-punkt-mc02/3. 
  45. "GrapheneOS exits France after threats and smear campaign – The Nordic Times" (in en-US). 2025-11-25. https://nordictimes.com/tech/grapheneos-exits-france-after-threats-and-smear-campaign/. 
  46. Butler, Georgia (2026-03-20). "GrapheneOS migrates workloads off of OVH, cites issues with France's digital privacy policy" (in en). https://www.datacenterdynamics.com/en/news/grapheneos-migrates-workloads-off-of-ovh-cites-issues-with-frances-digital-privacy-policy/. 
  47. Speed, Richard (28 Nov 2025). "GrapheneOS bails on OVHcloud over France's privacy stance". https://www.theregister.com/2025/11/28/grapheneos_ovhcloud/. 
  48. Thierry, Gabriel (2025-11-26). ""Pays de plus en plus autoritaire", GrapheneOS coupe les ponts avec la France après une polémique explosive" (in fr-FR). https://www.zdnet.fr/actualites/pays-de-plus-en-plus-autoritaire-grapheneos-coupe-les-ponts-avec-la-france-apres-une-polemique-explosive-485493.htm. 
  49. "GrapheneOS (@GrapheneOS@grapheneos.social)" (in en). 2026-03-20. https://grapheneos.social/@GrapheneOS/116261301913660830. 
  1. The developers have been referred to as the "GrapheneOS developers" or the "GrapheneOS project" on GrapheneOS' frequently asked questions page.[1] The Canadian nonprofit organization "GrapheneOS Foundation"[2] was created "in March 2023 to handle the intake and distribution of donations".[3]
  2. Briefly known by the working title Android Hardening or AndroidHardening during development



Retrieved from "https://handwiki.org/wiki/index.php?title=Software:GrapheneOS&oldid=4344516"