Mobile Guide
In this chapter we will discuss the proper ways to use a mobile device. Keep in mind mobile devices ARE NOT RECOMMENDED In terms of OpSec they are the lowest, and should only be used in extreme circumstances. You are still always safer using a operating system like Tails, or Whonix. PGP, XMR, and other basic tools are all still needed which you will have to setup yourself. There is currently not any chapters written for using them.
What is GrapheneOS?
For this guide we will be using Grapthene OS. GrapheneOS is a mobile OS focused on privacy and security, with an Android app compatibility layer. Its primarily focused on the research and development of privacy and security technologies. These technologies include sandboxing, exploit mitigation, and a permission model.
How does GrapheneOS work?
Graphene improves security and privacy from the ground up by deploying various technologies to mitigate entire classes of vulnerabilities. This makes exploiting common sources of vulnerabilities more difficult and less sustainable. These improvements better the security of the operating system and apps running on it. The system will also never ship with any google apps or services to further increase security.
How can I run GrapheneOS?
Graphene is exclusively built for Google Pixel devices, however many other devices are supported at a source level and can be built for them without modifications to the existing GrapheneOS source tree. Most cases beyond that will require substancial work to reach the same standards; For most devices hardware and firmware will prevent providing a reasonably secure device regardless of work put into device support. At the time of writing the following devices are officially supported.
Supported Devices
- Pixel 7 Pro (cheetah) — experimental
- Pixel 7 (panther) — experimental
- Pixel 6a (bluejay)
- Pixel 6 Pro (raven)
- Pixel 6 (oriole)
- Pixel 5a (barbet)
- Pixel 5 (redfin)
- Pixel 4a (5G) (bramble)
- Pixel 4a (sunfish)
- Pixel 4 XL (coral)
- Pixel 4 (flame)
What makes GrapheneOS secure?
Security and privacy are deeply rooted in the foundations of the Graphene operating system. Completely de-googled and de-bloated, Graphene takes advantage of all existing android security features with numerous additions on top. Disk encryption, clipboard security, hardware identifier protection, IOMMU baseband isolation, and a system integrated firewall with custom rulings keep Graphene protected from adversaries.