Project

General

Profile

Replicant vs GrapheneOS security

Added by 9be42f24d3 cfcedda835 8 months ago

So i'm pretty torn about this. I know the main focus of replicant is freedom. It will not include any proprietary blobs. You can change any aspect of the code, and remain in control of the device. Uses modems that have known good hardware isolation etc. But the fact is, updates are lacking (i know there will be updates released soon). There are wide open security vulnerabilities in the current releases. If a security vulnerability is exploited there will be a big chance the attacker can get in the entire phone, which could also exist in currently used (free) firmware and drivers.

Now i'm looking at GrapheneOS and it has a whole different approach. It has proprietary blobs (firmware and drivers), but it isolates all these with IOMMU groups. This way if the wifi or baseband gets compromised, the attacker has little chance to get into the main OS. It get regular updates. Has support for newer devices that support these isolating capabilities. It hardens the kernel and other aspects of the OS. And the biggest argument for GrapheneOS is that Edward Snowden supports it. If someone knows how powerful backdoors and spying can be, it is him. Why would he support an OS and phone that has backdoors, security and/or privacy issues, when these are very important issues for him?

So, yes, you lose freedom with GrapheneOS. But what about practical security? Is the current release of GrapheneOS on a supported phone more secure than the current replicant release that's running on a supported phone? I'm having a hard time answering this question.

Some sources for this information about GrapheneOS:
https://old.reddit.com/r/GrapheneOS/comments/cjjyd4/graphene_os/evdv0h8/
https://old.reddit.com/r/GrapheneOS/comments/cnk7uf/security_on_pixel_devices_are_great_arguably/ewbanij/
https://mobile.twitter.com/DanielMicay/status/1158869170429333504
https://mobile.twitter.com/Snowden/status/1175419013402374145


Replies (2)

RE: Replicant vs GrapheneOS security - Added by Lianb Lianb 7 months ago

I hope someone answers this as well

RE: Replicant vs GrapheneOS security - Added by Daniel Kulesz 7 days ago

Of course it all depends on your threat model. But at least with the standard s-boot and heimdall widely open Replicant does not protect you from local attackers at the moment. In addition, it also lacks behind in terms of Android security updates. However, it tries to only run code you can (theoretically) audit and trust, while with GrapheneOS you have to trust more than 200 MB of hardly (if at all) auditable binary blobs.

The issues in Replicant are fixable (just require some work) while I don't think you will be able to fix the issues on the devices currently supported by GrapheneOS anytime soon.

I published a small article that touches a bit on this topic a while ago here:

https://www.kulesz.me/post/110-smartphones/

    (1-2/2)