GrapheneOS cannot be fully trusted because it runs on Google's proprietary hardware stack, which remains a critical vulnerability. While GrapheneOS markets itself as a privacy-focused alternative, its security is undermined by the fact that it operates on devices like Google's Pixel smartphones—hardware designed and controlled entirely by Google. Unlike other OEMs, Google does not merely integrate off-the-shelf components; it designs its own processors (e.g., Tensor chips) and develops the closed-source firmware and software that power them. Other manufacturers receive binary blobs from chipmakers, which they cannot modify, but Google retains unilateral authority to embed hidden functionalities or surveillance mechanisms directly into the hardware-software ecosystem.
This means Google could inject malicious code into the processor’s firmware—code that operates independently of Android (and thus independently of GrapheneOS itself). Such malware would run at the hardware level, bypassing the operating system entirely and evading detection. If Google exploits this capability in its proprietary GApps, the same logic applies to the foundational software controlling its processors. Since GrapheneOS cannot audit or modify these closed-source components, users are left exposed to potential backdoors.
If you trust GrapheneOS on Pixel devices, you must also trust Google’s closed-source hardware stack—the very same infrastructure that could enable pervasive surveillance. In that case, there is no meaningful distinction between GrapheneOS and stock Android; both rely on Google’s opaque technology. Conversely, if you reject GApps and Google’s data harvesting, you cannot reconcile that distrust with reliance on Google’s hardware. To truly deGoogle, you must abandon devices where the manufacturer controls the silicon itself.
>>30546The critique isn’t about misunderstanding hardware/software; it’s about Google’s total control over closed-source firmware for its own chips (e.g., Tensor), which no one can audit. Even if firmware is technically software, if Google writes the code running directly on its hardware (e.g., bootloaders, DSPs, Secure Enclaves) and keeps it secret, a critical security gap remains,one that no operating system, including GrapheneOS, can close.
GrapheneOS may harden Android, but it has zero control over Google’s proprietary firmware powering components like sensors, modems, or AI cores. These modules can operate independently of the OS, collecting or transmitting data without Android’s knowledge. For example: A closed-source firmware module could silently route microphone data to Google, bypassing the OS entirely.
Dismissing this as a ‘hardware/software misunderstanding’ misses the core issue: Trust requires transparency and control across all technology layers. Google provides neither. If you use Pixel devices, you’re not just trusting GrapheneOS, you’re trusting Google’s firmware, the same company that embeds tracking mechanisms in GApps. This isn’t a technical flaw in reasoning; it’s a logical conclusion. If you distrust Google at the software level, you MUST distrust the hardware it controls. There’s no firewall between the two.
>it designs its own processors (e.g., Tensor chips)>Other manufacturers receive binary blobs from chipmakers, which they cannot modify,This is not true. The Tensor chips are put together from "off-the-shelf" designs from Arm where they can fiddle with the parameters a little but can't significantly modify, like most other manufacturers:
https://en.wikichip.org/wiki/google#ModelsFew companies make their own Arm processors from scratch. For that they need to buy an "architecture license":
https://en.wikipedia.org/wiki/ARM_architecture_family#Architectural_licence >>30548 (me)
>>30558tbh even the line of thought that "it's the hardware I already have" falls flat with how thouroughly insecure the hardware is. It's hard to tell where harm is reduced and where harm is hidden. I think graphene just extinguishes the sense of urgency.
>>30562>>30564this vid is a half truth. uyghas acting like glowies are omniscient yet all those organizations deemed terrorists are still running rampant
>inb4 its intentionallol sure
>>30567thats the thing, for
>>30564 to happen to you youd have to in the fbi's top 5 or some shit, its not data thats passively tracked about everyone 24/7, and where it is, it can be somewhat easily circumvented (chances are youd still be painting a target on your back by doing this but its still not something absolutely impossible yknow)
>>30590That arguement was already in the thread, you're dodging the fact that you're hiding behind AI to make an arguement you were too lazy to substantiate yourself, as well as too lazy to ensure it hadn't already been brought up by someone else.
My take on the matter was "just get a pinephone, if google hardware is all you have for some reason then graphene is a bandaid on an amputated limb." I didn't need to ask Grok to come up with that like you did.
>>30597If you'd link to things you're posting screenshots that would answer itself, assuming this isn't more AIshit.
A lot of privacy frontend shit tends to get maintainers with megalomania. Perhaps the graphene devs literally believe that and don't understand the hardware issue.
>>30597>Then who is spreading these fake newsSome retard starving for attention. GrapheneOS is an open project with multiple organizations and developers raising potential issues and submitting fixes, you can fucking look up things yourself instead of relying on chinese chatbots and meme images, unless you're retarded, in which case your phone OS is the least of your concerns
(e.g. From the FAQs
https://github.com/GrapheneOS/hardened_malloc/issues/133)
>>30545>GrapheneOS cannot be fully trusted because it runs on Google's proprietary hardware stack, which remains a critical vulnerability. Yeah whats up with that? and LineageOS only works on a handful of phones.
Are there other alternatives? Back in my day I think they had ones that worked for most of the phones but maybe I just got lucky and they worked on all my hardware.
>>30609>Yeah whats up with that? and LineageOS only works on a handful of phones. It's the fault of third party OEMs that have proprietary firmware and/or locked bootloaders, back in the day most phones would have some means to root and unlock your bootloader and put AOSP on it, or at least some flavor of AOSP.
> Are there other alternatives?Pretty sure Huawei comes ungoogled by default lmfao but not for security reasons. Also there's a somewhat booming scene of custom ROMs for xiaomi because indians and ruskies want to extract every drop of juice out of their shitphones (and also xiaomi offers some convoluted means to "officially" unlock the bootloader), but that scene is fucking sketchy as hell lol and only exists in telegram. Forget about places like xda developers, that shit is dead. There's also pinephones, and fairphones but I believe they lack shit like IOMMU on their SoCs, which makes them incompatible with GrapheneOS, but their bootloader can be unlocked. Fairphones also ship degoogled on their latest versions I believe.
tl;dr grapheneOS works on pixel devices because 1) can have their bootloaders unlocked with simple ADB commands 2) are fully compatible with AOSP because they're first party devices 3) have all the hardware security bells and whistles because they don't have shitty SoCs
Unique IPs: 21