What would you suggest as a good alternative? Lineage?
Nothing is really a direct alternative to GrapheneOS overall, it leans into security a lot more than other privacy ROMS. However, if you just want to deGoogle your Pixel and improve its privacy, another option is iodéOS which is a fork of LineageOS with some further privacy enhancements and an inbuilt tracker blocker. Updates are a couple of weeks slower than GrapheneOS, but you can lock the bootloader following installation. You can check if the Pixel you want is supported here. There are also community builds for some of the unsupported Pixels. The 9 series hasn’t been added yet beyond a community build, although I’m sure it is coming soon.
I would really love if Lineage OS would start signing builds and disabling debugging so that it could be used with a relocked bootloader.
For now you have 3 options. Either:
Run Lineage OS and be aware of the risks (evil maid)
Use third party tools to make a custom build of Lineage OS with a locked bootloader. You will be in charge of your own keys and you will need a powerful machine.
Use Calyx OS and accept the fact that it isn’t as polished as Lineage OS
I would really like it if Lineage OS supported bootloader relocking on supported devices but I don’t see that happening. Also they are kind of in need of a restructure as the only people really working on it is the same set people that have always have. They are still pretty hostile to new contributors but at least they are trying to do better. I think the community around Lineage OS is better than Graphene but it isn’t perfect.
Yeah I’ve done some digging after your comment and also found the Louis rossman video.
They are indeed quite aggressive. What would you suggest as a good alternative? Lineage?
I try to use only foss apps as well (mostly F Droid).
Nothing is really a direct alternative to GrapheneOS overall, it leans into security a lot more than other privacy ROMS. However, if you just want to deGoogle your Pixel and improve its privacy, another option is iodéOS which is a fork of LineageOS with some further privacy enhancements and an inbuilt tracker blocker. Updates are a couple of weeks slower than GrapheneOS, but you can lock the bootloader following installation. You can check if the Pixel you want is supported here. There are also community builds for some of the unsupported Pixels. The 9 series hasn’t been added yet beyond a community build, although I’m sure it is coming soon.
I would really love if Lineage OS would start signing builds and disabling debugging so that it could be used with a relocked bootloader.
For now you have 3 options. Either:
Run Lineage OS and be aware of the risks (evil maid)
Use third party tools to make a custom build of Lineage OS with a locked bootloader. You will be in charge of your own keys and you will need a powerful machine.
Use Calyx OS and accept the fact that it isn’t as polished as Lineage OS
I would really like it if Lineage OS supported bootloader relocking on supported devices but I don’t see that happening. Also they are kind of in need of a restructure as the only people really working on it is the same set people that have always have. They are still pretty hostile to new contributors but at least they are trying to do better. I think the community around Lineage OS is better than Graphene but it isn’t perfect.