TIL of RestlessOS, fork of GrapheneOS - GrapheneOS Discussion Forum
discuss.grapheneos.org
GrapheneOS discussion forum

I Installed a Graphene-Based OS on Non-Pixel Phones… Here’s the Catch

https://www.youtube.com/watch?v=-RjGjqBAAgQ

"I was watching youtube(Invidious) and notied RestlessOS . Have you heard of this and are there people actually tried this on non-pixel phone?

“RestlessOS is an unofficial, unaffiliated fork of GrapheneOS packaged as a Generic System Image (GSI) for Project Treble devices. It is not endorsed by, sponsored by, or in any way connected to the GrapheneOS project or its developers.”

https://github.com/cawilliamson/treble_restlessos

I’m very hesitant to give money to Google pixel so I’m going to experiment on this one."

  • tapdattl@lemmy.world
    29·
    12 days ago

    Looks like they put in a ton of effort to make this compatible with generic devices, but I have to ask, with all the features removed, why choose this over any other ROM?

    Features removed

    hardened_malloc — causes boot loops on devices with 39-bit virtual address space. replaced with AOSP Scudo.

    Auditor — requires hardware attestation which > doesn’t work on GSI

    mtectrl / misctrl — Pixel-specific memory tagging control; breaks vendor TEE drivers

    USB protection — the low-level USB port controls rely on Pixel-specific hardware and are non-functional on other devices

    native debugging protection — not ported; breaks compatibility with root solutions and vendor debugging tools

    Features disabled by default

    These can be re-enabled in TrebleApp → Hardening or Settings → Exploit protection.

    MTE/TBI for vendor processes — memory tagging breaks some vendor drivers

    hardened thread stacks — non-standard memory layout breaks some vendor drivers

    secure (exec-based) app spawning — breaks root solutions (Magisk / KernelSU)

    • monovergent@lemmy.ml
      4·
      12 days ago

      Minimalism. Compared to AOSP, Google components and pings removed. Compared to other privacy GSI ROMs, no weird, quirky, or flashy functions or themes the author decided to bake in.

    • slacktoid@lemmy.mlEnglish
      3·
      12 days ago

      Still better than nothing? And more privacy centric options out there are better as it gives people a way to figure out how it can fit into their life vs the all private where nothing works and you need to know tech to get around or nothing private but at least things work, world people are in.

  • whatiswrongwithyou@lemmy.ml
    71·
    12 days ago

    There’s a really good chance that a person running this would incorrectly assume they have some level of security and safety approaching graphene.

    It uses vendor kernels and relies on the user to monitor update channels and perform patches.

    If you need security and will not buy a pixel, you are most likely best served by switching to ios.

    That’s not because I feel that a person who will not buy a pixel is somehow less-than or stupid, but because ios is very secure when hardened and kept up to date.