I've used GrapheneOS on a Pixel 3a, 5, 8 and 10 Pro so far and it's worked really well. I couldn't imagine going back.
The only things I'm missing (which don't exist in other OS'es either):
- Being able to configure contact scopes in such a way that the app in question only gets access to the phone numbers of the contacts belonging to the label I specified, e.g. "WhatsApp", nothing more. Yes, one can of course add contacts' phone numbers to the contact scopes "by hand" but 1) there is a limit on the number of contacts/phone numbers configured this way, and 2) AFAIK there is no way to back up that list.
- Being able to install browser extensions in Vanadium.
- Being able to configure multiple VPNs at once, e.g. for Tailscale, ad filtering, blocking HackerNews during times when I should be doing something more productive :) etc., especially since the Vanadium browser doesn't support extensions (see above). I was hoping that the Rethink app might implement something like this (https://github.com/celzero/rethink-app/issues/1047) but it doesn't look like it's coming and it'd probably be much better to do this at the OS level.
> Being able to configure multiple VPNs at once, e.g. for Tailscale, ad filtering, blocking HackerNews during times when I should be doing something more productive
AdAway (in F-Droid) can block with /etc/hosts (no VPN involved) if you have root. The hosts blocking still works even when connected to a VPN. Aside from loading ad domain lists into /etc/hosts, it also allows you to specify custom domains to block - I personally have Reddit and HN in there :)
> AdAway (in F-Droid) can block with /etc/hosts (no VPN involved)
lifts head
> if you have root
Sigh. :)
Sure, on LineageOS back in the day I used to edit /etc/hosts by hand. On GrapheneOS I no longer have root, though (unless I compile it myself), which generally I think is a good idea, weren't it for Linux's absolutely abysmal access control system that requires you to be root for almost everything.
Yes, I already do that but:
- Vanadium is said to be safer.
- The reality is that websites often don't work in Firefox anymore.
- I want to be able to block social media at certain times. (Today I often circumvent such blocking in FF by just opening Vanadium…)
You might want to read my comment again. :) If you use labels, the app will have full access to the associated contacts, not just to their names & phone numbers.
So it's not about labels, but you want the ability to restrict the fields an app has access to rather than an all or nothing – full access to a contact or none at all?
I'm annoyed at everyone who shares my name, phone number and any other details with Meta. I never consented to it. The behavior of their app slurping up your contacts database is despicable.
This doesn't answer your question, but in case it helps for others out there: it's possible to use WhatsApp with no access whatsoever to your contacts and I used it that way for years. Connecting with people is slightly jankier but it still works.
The only things I'm missing (which don't exist in other OS'es either):
- Being able to configure contact scopes in such a way that the app in question only gets access to the phone numbers of the contacts belonging to the label I specified, e.g. "WhatsApp", nothing more. Yes, one can of course add contacts' phone numbers to the contact scopes "by hand" but 1) there is a limit on the number of contacts/phone numbers configured this way, and 2) AFAIK there is no way to back up that list.
- Being able to install browser extensions in Vanadium.
- Being able to configure multiple VPNs at once, e.g. for Tailscale, ad filtering, blocking HackerNews during times when I should be doing something more productive :) etc., especially since the Vanadium browser doesn't support extensions (see above). I was hoping that the Rethink app might implement something like this (https://github.com/celzero/rethink-app/issues/1047) but it doesn't look like it's coming and it'd probably be much better to do this at the OS level.