How is the experience nowadays on the os?
Is it stable?
How are the apps?
How is LTE performance?
It is built on regular Android which is okay secure. Then they add microG which is less secure than the Google Play services as they leave out checks, and dont have such a secure connection to the servers.
Also microG is Google code. Less code, but with full access to your device, no isolation at all. This includes personal information and permanent unchangeable device IDs.
MicroG may also be a vector for Pegasus etc, just like Play Services, at least I assume that.
MicroG is not privacy friendly, as all apps that depend on Google stuff already include the Google Play Libraries and SDK themselves. They could already do many things without any Play services installed.
Just that with microG they get privileged access to the device, while with sandboxed Play services they dont get any more than they already have.
I dont even know what Browser they preinstall, but they stated to use Bromite as Webview, which is unmaintained.
Also they ship QKSMS, an overly complex app that is also not maintained anymore.
In general if they bundle in tons of apps installed in the system partition (not sure if they do but if they are preinstalled this implies that). But that would give them full access to your stuff.
System apps cannot be uninstalled, while sandboxed Play can be installed, disabled, removed etc how you want. And it is not installed by default.
MicroG is also highly unreliable. Apps may need more Google stuff to work, which is not included. Google might increase security requirements, and microG may completely stop working.
MicroG is sandboxed on DivestOS, which is still less secure/reliable than sandboxed Play though. The app needs to fake Signatures to work, which is privileged access and only works when the security level of such verification is very low. (There is for example SafetyNetFix which also supports the Play Integrity simply by disabling hardware authentication, which is really insecure.)
They dont implement any of GrapheneOSses security features
- hardened malloc
- secure app spawning
- hardened webview and browser
- device auditor to check if you got a Virus etc.
- …
Dont get me wrong, I am sure Murena is a good company. And shipping microG (often needing to be manually flashed) on LineageOS which people install on their own, is tolerable. But its very unreliable software, and as soon as you sell a device you are responsible for that. It is extremely irresponsible of Murena to ship such an OS.
Some links as I am just parroting what smarter people told me:
- grapheneos.org
- sandboxed microG forum discussion (this one is kept, there are more but got locked for centralisation)
- unofficial GrapheneOS community Wiki
Your arguments are right, indeed, though they are rendered a bit moot when we’re in a thread discussing Ubuntu Touch, which is like, 10 times more insecure than any custom Android ROM, since it uses a desktop Linux security model pretty much.
