I’m not a security expert. But I am very interested in the subject and like to experiment, so I thought I would start a blog series discussing and showing off some of what I’ve done. I began by writing one long blog post, but realising it became to long for me to finish in a reasonable time, I thought I would start of sharing my journey with Graphene OS.

For most of my life I’ve been an iPhone user. That is for the pure reason that my parents where and I’ve either inherited there old phones or gotten one as a present. That’s until last year when I bought myself a Google Pixel 7a. How is a Google phone secure you may ask? While they do come with some actually great security features, the reason I chose it was because of its compatibility with the Graphene OS project.

Graphene OS is an alternative operating system for Google Pixel phones, replacing the already existing android operating system. It brands itself as “the private and secure mobile operating system”. It has great Android Play Store support, even though it would probably be more “secure” to use the Auora store; and great security features; and over paranoid security features.

In my quest to improve my security, I choose to always default to the overly paranoid version, try to live with it, and then disable the things that’s a bit too annoying. Starting off, I enable “auto disable Wi-Fi” and “auto disable BL”, which automatically disables Wi-Fi/Bluetooth after some time disconnected in order to protect against tracking; I enabled a randomized keypad for login which shuffles the numbers at login (and I do not use the fingerprint reader for login due to recent Swedish laws I should probably write a blog post about); I enabled sim card pin; I enabled automatic reboot every 12 hours. These are the ones I can remember. Out of these, I have only disabled the random keypad. While most of these features do protect against actual attacks, I would think none would actually protect me against anything. I believe the street thief and gangs are too dumb for these vulnerabilities, and even if I were afraid of the cops, they wouldn’t track me via my Bluetooth MAC address. They probably just look at my cell tower connections to get a fairly accurate coordinate; and not having internet all the time, ruining my notifications and alike, I believe is a step to far for me - people need to be able to call me. But it may be worth investigating. The randomised keypad would probably protect against recording my pin, but it was very annoying using and rotating pin every month would come some way there; the automatic reboot would probably protect against the cops getting into my phone.

Coming from IOS, f-droid was a feature I was very excited about - especially since I am somewhat of an FSF fanatic. Having a store of only free-as-in-beer and free-as-in-freedom software seamed like a godsend. And it truly is as great as I hoped. A lot of the software is great, even better than a lot of the play store equivalent apps; and they do not contain any trackers or similar, which not only improves privacy but also battery life. If you use android and haven’t tried f-droid, you should.

While I haven’t done al that much in the mobile security area; just using Graphene OS is a big step forward from my iPhone days. I do think this area is a little bit to convenient, I probably should look further into hardening it so that my life becomes a little bit more cumbersome.

My overall thought on Graphene OS is that it is generally great. It seems stable and fairly easy to use. While I can’t compare to stock android, the battery life has been great and I assume it is partly because of Graphene’s removal of bloat. I would definitely recommend it to anyone willing to experiment with their mobile experience.

Of course, Graphene - like any reasonable OS - allows you to sell your sole to big tech if you so wish. To end this blog post, I’d like to share some of my favorite tips to prevent big tech from taking over your phone:

• OSMAnd~ is an Open Street Maps front end and a great alternative to Google maps for many purposes. If you think you need to use Google Maps, make sure to set geolocation to ask every time as there are many cases where you do not need to share you geolocation to google.
• Aurora store, as an alternative to google play store supporting anonymous login (and download)
• Specific google account for play services. If you wish to use Google Play Store, create a custom google account for play services, using something like a new email from proton mail.
• F-droid store. I can’t state this too much, f-droid store is great and you should use it for any software possible. There is almost always a great alternative to the proprietary spyware on Google Play Store.