I tried GrapheneOS recently and switched back just because I lost my automatic backups. The backup solution and syncing should have been solved before some of the other design choices IMO. I was also disappointed to see that there is no way to prevent the warning message on each boot, which seems to delay the startup (or at least none that I could find).
Other than that, I could be content with it.. it may not be perfect, but it felt good to know that I wasn't tied into the Google eco system. I liked their contacts and location sandboxing.
I've heard some complaints about GrapheneOS's choices and wish that there was more communication from the lead developers about their design choices, just to understand them a bit better. However, I do think some users are just reactionary overall to some things. They hear Chromium and just assume it is worse, but honestly have no clue from a development perspective. All your complaints sound legit though and I too would like to know the answers, because you bring up very valid points.
There has been some drama in the F-Droid community, and I too tried alternatives, but in the end... my favorite apps all recommend F-Droid, and I find using F-Droid 10x easier than the alternative of managing apps from random locations. I believe the biggest complaint with F-Droid is that it is a single-point of failure or compromise since they sign the packages and updates can get delayed, however, in reality adding random Git repos to Obtanium or whatever is just as insecure. I believe Fdroid even does some security scanning too, but I could be wrong... which is an added bonus.
Most of the GrapheneOS information you might be interested in is in a few different places (Reddit, Twitter, Discord) but quite predictably they have become unworkable for searching especially if you don't have an account on those platforms. GrapheneOS also has their forum for that purpose but it is quite young compared to the project.
>I was also disappointed to see that there is no way to prevent the warning message on each boot
That bit is part of Android https://android.googlesource.com/platform/external/avb/+/mas... and would be the same on any device following the same implementation model (most of the Android world although some don't do it properly). They have been looking into a hardware company partnership though, which could potentially mean a device that boots GrapheneOS without such a warning.
>All your complaints sound legit though and I too would like to know the answers, because you bring up very valid points.
Some of the points raised might be argued by community members but that does not mean they are representative of the GrapheneOS project's positions. I would stick to the official GrapheneOS accounts on social media if you want the project opinion. The founder is also a fully public development member of the team so you can look to their posts for official positions as well.
>in reality adding random Git repos to Obtanium or whatever is just as insecure.
Yep, I believe this also isn't officially recommended by GrapheneOS either anyway. GrapheneOS had always been clear that one of the big benefits to basing on AOSP is the massive ecosystem of open source Android apps. They also integrated F-Droid and collaborated with the project in the past. Their requirements for app stores have developed in line with their project goals over the years so there is a lot they are looking for now in an app repo that F-Droid does not provide.
Other than that, I could be content with it.. it may not be perfect, but it felt good to know that I wasn't tied into the Google eco system. I liked their contacts and location sandboxing.
I've heard some complaints about GrapheneOS's choices and wish that there was more communication from the lead developers about their design choices, just to understand them a bit better. However, I do think some users are just reactionary overall to some things. They hear Chromium and just assume it is worse, but honestly have no clue from a development perspective. All your complaints sound legit though and I too would like to know the answers, because you bring up very valid points.
There has been some drama in the F-Droid community, and I too tried alternatives, but in the end... my favorite apps all recommend F-Droid, and I find using F-Droid 10x easier than the alternative of managing apps from random locations. I believe the biggest complaint with F-Droid is that it is a single-point of failure or compromise since they sign the packages and updates can get delayed, however, in reality adding random Git repos to Obtanium or whatever is just as insecure. I believe Fdroid even does some security scanning too, but I could be wrong... which is an added bonus.