GrapheneOS — the leading, free Android platform — and what you need to know about it.
When it comes to privacy and protection, you get what you pay for. One product, GrapheneOS, which is available for free, is increasingly bundled with phones sold by companies that are making false claims about what their phones deliver using this operating system. So, what exactly is GrapheneOS . . . and what it isn’t?
The Evolution of GrapheneOS
In 2014, software developer Daniel Micay began an open-source project aimed at improving privacy and security with an eye towards hardening Android devices. Around the same time, Micay was the lead developer and Chief Technology Officer at Copperhead, a Toronto based information security company whose CEO was James Donaldson.
Micay’s open-source work was sponsored by Donaldson’s company and became known as the CopperheadOS project. The pair eventually parted ways and had a very public social media feud. Micay rebranded to Android Hardening and later in 2019 changed the name to GrapheneOS, which is now funded by donations, and has a detailed website dedicated to everything about it from the creators’ perspective.
GrapheneOS is extremely successful – in part, because it was endorsed by Edward Snowden – but it is also good at what it does at no cost to users.
With GrapheneOS, you’ll have additional privacy on your device with improved Android encryption, enhanced memory management, extended battery life and greater resistance to malicious apps. It also uses a modified version of Google Chrome called Vandium.
Myntex CEO Geoff Green says, “I commend Micay for creating his privacy solution, in a difficult field, improving the anonymity of users.
Sadly in the last year we’ve noticed an increase of companies reselling google pixels with the GrapheneOS telling clients the phone is fully encrypted.”
Companies that sell GrapheneOS based devices include NitroPhone, Snowphone, Avangard (who openly and falsely claimed they created GrapheneOS), among others. These companies are putting free apps on their phones, including Signal, Wickr, Threema and WhatsApp, then resell the device with a huge mark up. But why? It’s all free and you can do it yourself.
The Limits of GrapheneOS
A phone with GrapheneOS will have better privacy than it had under the factory settings, but it’s crucial to understand the distinction between privacy and security. These smartphone security tips show you how to avoid certain digital vulnerabilities, as you can’t just expect free products like GrapheneOS will make your phone impenetrable.
GrapheneOS offers a considerable improvement in privacy, but it never claims to offer encrypted calling, encrypted messaging, encrypted pictures or other necessary security features. However, those that sell the product on their phones are promising these features without being able to deliver them. Even Signal, which does offer various forms of encryption, relies on the device itself to protect the messages.
“End-to-end encryption” doesn’t mean the device, which is where messages are stored in plain text, is tamper proof. Therefore, running GrapheneOS doesn’t make you immune to the risk of other app developers stealing and selling your data. This leaves you exposed to regular email client attacks such as malware, phishing attacks, virus attacks, identity theft and spam. Just because a platform is better than having nothing at all doesn’t mean it has no shortcomings.
The Risk to Users
Although consumers are free to choose what they use, most are not aware of what they’re getting into as these pop-up companies keep lying to them. Unfortunately, public comprehension is lacking when it comes to the topic of security vulnerabilities.
In practice, advertisers exploit the complexity of security and people’s fears around it. In the end, consumers are duped into believing they are fully protected. We don’t advise using free products, but to pay for a product you can get for free and still have security exposure is simply foolish.
Green worries a wave of business professionals, journalists, activists, lawyers and others will be victims of these knockoff companies and their false claims of being impenetrable. Only the market’s best encrypted phone, on a hardened device that doesn’t support third party apps, can keep your communications totally secure.
Security at the Centre of Our Product
ChatMail phones are protected by integrated, military-grade, end-to-end encryption. Our phones are built from the ground up to safeguard our customer’s data privacy. We include vital security features that transcend what you’ll find on free platforms.
Every detail related to our operating system, network infrastructure, software, data transmission and servers is optimized for security. ChatMail phones are intentionally designed to exclude any third-party applications. You can’t download an app and be isolated from software developed with malicious intent.
Supported by a custom designed data centre, owned and operated out of our Canadian based headquarters, ChatMail has an uptime of 99.9%. The security system guards against DDoS attacks and provides ChatMail with full protection from risks associated with third-party servers hosted in other countries; providing stability and accountability by operating in a democratic country where privacy and human rights are entrenched in our constitution.
Our custom design guarantees that limited information is stored on our servers such as the date of activation and expiry.
ChatMail is based on the philosophy that every single breach and vulnerability is guarded against. Think of our protection like a fortress, with no windows in the walls to look in, guarding against any breach. Our front door has the most secure lock, which you hold the private keys to and there is no backdoor.
Secondary Measures
It’s crucial to see through the hype surrounding some of the leading phone companies and understand what the privacy risks really are. Until recently, many people thought Apple and privacy rights went hand-in-hand, until new signs emerged that the company is undermining its own reputation for privacy, opening a backdoor to customers’ communications through surveillance functions.
All ChatMail phones have a suite of secondary security features, safeguarding your sensitive information even if your phone is lost or stolen. We protect you from the potential consequences apps place on your data privacy. Our tamper proof feature lets users create optional duress passwords, so the phone will automatically delete any sensitive information if someone enters the wrong password too many times.
Any message, picture or voice message that is set to self-destruct will be eliminated from the devices it is stored on, even without a Wi-Fi connection. If content is marked self-destruct, it cannot be made a favourite, forwarded or saved on either device.
We live in an amazing era of technological innovation where phones relay information worldwide in an instant, but perhaps ironically, many people lack the information about how their phone poses a data liability. Learn about solid products like GrapheneOS, but don’t have unrealistic expectations about how it can keep you secure.