Introduction

Imagine throwing your smartphone overboard – an act of rebellion in the vast ocean of digital surveillance.

Why? In an age, where iPhones and Android devices have become extensions of our personalities, we pay a high price: the loss of our privacy.

When you use an Android device, your identity is closely tied to your Google account. Everything you do, every app you use, every message you send, every place you visit-becomes part of your digital profile, meticulously compiled by Google. It’s like having a spy in your pocket, logging every detail of your life and sending it to massive server farms.

And Apple? While iPhones are often seen as bastions of security, they are not without risk. Your Apple ID can also be used to map your digital life, much like Google does.

It’s clear that if you take your privacy seriously, you have to be willing to take a bold step. It’s time to make a critical choice – to weigh the convenience of modern technology against the freedom of your data.

A year ago, my journey led me to a radical solution: switching to a privacy-first smartphone powered by GrapheneOS, an open-source operating system built on the principles of digital freedom and security.

This journey is more than a technological shift; it’s a rebellion against the establishment, a decision to reclaim control over our personal data, a fight against the pervasive surveillance that defines our modern world. It’s a call to embrace digital empowerment and choose a life where technology serves us – not the other way around.

Getting Ready

If you’re looking for a “privacy phone” that prioritizes privacy and security, there are three alternatives to the established operating systems from Apple and Google:

  • Custom ROMs based on Android: These modified versions of Android offer enhanced privacy features. GrapheneOS, a leading custom ROM, optimizes privacy by removing Google services and adding security features. It offers regular updates and a strong focus on security.
  • Mobile Linux versions: Systems like Ubuntu Touch offer a privacy-oriented alternative, but often suffer from compatibility issues and limited application support. Their development communities are smaller, which limits support.
  • Jailbroken iPhones: While jailbreaking allows for deep system customization, it weakens Apple’s entrenched security mechanisms, increases vulnerability to malware, and can lead to update issues.

Why GrapheneOS?

Considering the limitations of mobile Linux systems and the security risks of jailbroken iPhones, GrapheneOS currently stands out as the superior choice. It combines ease-of-use with strong privacy protection and comprehensive security features, such as:

  • MAC address randomization: Increases anonymity and protects against network tracking.
  • Google Sandbox compatibility: Allows access to Google Play without compromising security.
  • Advanced security features: Goes beyond  standard Android security, with enhanced permission controls and hardened memory management.

Hardware?

Interestingly, GrapheneOS is primarily supported only on Google Pixel devices, starting with the Pixel 5. While it may seem paradoxical to use a Google device for a privacy phone, Pixel smartphones offer ideal conditions: excellent hardware, fast updates, and open developer support. These factors facilitate the adaptation of GrapheneOS to the latest Android standards, contributing to its security and efficiency.

Phone installation

Installing the phone was not easy, but not impossible either. Step by step, I followed the detailed instructions on the GrapheneOS website to unlock the bootloader, download the latest GrapheneOS image, and carefully install the operating system. Each step was a small victory on the road to a more secure mobile experience. Here is David Bomabals GrapheneOS step-by-step installation.

Getting Started

The first boot of GrapheneOS was a moment of relief and curiosity. The interface, while minimalist, is fully functional. It was an adjustment from an iPhone to an Android phone. But this is a free Android, not controlled by Google.

To detail the first steps with GrapheneOS, let’s divide the guide into four main sections: basic configuration, installing apps, using advanced app permissions, app recommendations from the CloudPirat BaseCamp and an advise on how to sync calendars and contacts, along with installing apps from the Google Play Store anonymously via the Aurora Store.

Basic Configuration

The first boot of GrapheneOS is a crucial step towards a privacy-oriented digital life. The interface may seem minimalist, but it is fully functional and offers a fresh perspective on Android, free from Google’s surveillance. The initial setup guides you through basic steps, including configuring Wi-Fi, screen lock, and system settings, all in an intuitive and user-friendly way.

App Installation

With GrapheneOS gives you several options for installing applications:

  • Use the F-Droid Store to access a unique universe of open source and privacy focused apps. This store, while not very user-friendly, has been improved by skilled developers who have created the F-Droid Clone Neo-Store.
  • To install apps, including those on my recommended list, you may need access to the Google Play Store. There is Aurora, a store that can access the Google Store anonymously and for paid applications with the option to download.
  • GrapheneOS provides a compatibility layer that allows you to download official app versions directly from Google Play. These apps are installed and used within a secure area (the sandbox) of GrapheneOS, preventing Google from gaining any special privileges or access to the smartphone.
    Anonymous installation of paid apps through the Aurora Store

Anonymous Installation of Paid Apps via Aurora Store

The Aurora Store allows you to download apps from the Google Play Store anonymously. Aurora acts as a proxy, allowing you to download most apps without creating a Google Account. For paid apps with special license verifications, you can also use a “Google install account” within Aurora.

Note: Even when using a Google account, the Aurora Store provides additional anonymization, such as a privacy layer between you and Google and masking your IP address.

Use Advanced App Permissions

GrapheneOS greatly enhances control over app permissions, allowing users to tightly manage app access to sensitive data. This feature enhances privacy by allowing you to tailor permissions to your needs. You can configure permissions for each app individually, ensuring that only necessary data access is granted, minimizing the risk of data leakage.

Use Apps that Are Your Allies

From the CloudPirate BaseCamp, I recommend the following apps or providers for your GrapheneOS smartphone. Most of these apps are open source, and the providers are trustworthy and work without tracking you:

  • Bitwarden for password management
  • Mullvad for VPN
  • Brave for web browser and search engine
  • Signal for messenger and face-to-face video conferencing
  • OSM and Maps or Magic Earth (Offline) for navigation
  • K-9 Mail or FairEmail – GrapheneOS does not include a native email application, but you can use either of the open source email clients available on Neo. If you’re a Proton Mail user, you can also use their apps on GrapheneOS.

Syncing Calendar and Contacts

Syncing contacts and calendar data might can be a challenge at first. However, you can use third-party apps such as DAVx⁵ (Aurora Store) to sync your contacts and calendars using CalDAV and CardDAV compatible services. Another excellent product is EteSync (Neo Store) , which provides secure synchronization of your personal data without compromising your privacy.

Although GrapheneOS comes with a contact manager, it lacks a native calendar application. I had a good experience with the open source calendar application Etar (Neo Store).

Passionate About Privacy?

Hardware Modifications

Some privacy enthusiasts go as far as making hardware modifications. You can buy a GrapheneOS/Pixel phone with the microphone, cameras or sensors removed from Nitrokey.

Do you know Faraday bags?

A Faraday bag, also known as a signal-blocking bag, is a type of pouch made from a material that blocks electromagnetic fields. It’s designed to prevent any signals from reaching devices stored inside, such as mobile phones, tablets, and GPS units. This means that when a device is inside a Faraday bag, it cannot receive or transmit any signals, including calls, texts, GPS, Wi-Fi, and Bluetooth signals.

Play it save and get you one. I like the ones from GoDark and SLNT.

My One Year Conclusion

Switching from iOS to GrapheneOS was not just a change of operating system, but a reorientation of my digital habits. Although I occasionally missed the seamless integration and convenience of iOS, the compromises were worth the increased control and security I gained.

Moving to a smartphone running GrapheneOS, especially on a Google Pixel device, offers an exciting opportunity to achieve greater privacy and security. It doesn’t significantly compromise usability or compatibility with common applications and services. It represents a significant step toward a “freedom phone” that puts control of personal data back in the hands of the user.

Sources, Tips and Links for Further Reading

Thank for the title picture created by DALL·E 2024-03-02 00.07.45 “Create a black and white image depicting a scene on a concrete wall, where a pirate, distinguished by a vivid red scarf, is throwing his iPhone into thr sea.”