There's 0 reason why bank/pay/gov apps can't be ran on a regular OS. The goal is to force users into the Google world at the excuse of "security"

This is on point and it's sickening what Google is allowed to get away with. Even with the recent crackdowns on Google by various governments, they are steadily locking down Android, so even if you paid for your phone, whatever apps that you want to put on it will need their seal of approval.

The excuse of "security" or "it's for the children" is complete BS, because it's about "them" having unwanted and total control.

I would be happy if any of the big phone makers will starting adopting LineageOS or GrapheneOS as the main operating system for some of their models.

Or just leave the possibility of easy unlock the phone and publish sources.

BQ tried that with Cyanogen (the precursor to Lineage) https://www.trustedreviews.com/reviews/bq-aquaris-x5

As did WileyFox - https://www.xda-developers.com/wileyfox-to-issue-update-to-m...

They were both budget brands with niche offerings. For most people, the source of the OS is immaterial. There's very little competitive advantage to selling a forked OS, and a rather large downside in terms of support costs.

I'm mostly happy with my GrapheneOS device - but it is absolutely not suitable for mass market.

> I'm mostly happy with my GrapheneOS device - but it is absolutely not suitable for mass market.

What makes you say that? I run GrapheneOS on a Pixel and had to go through the relative simple flashing process, but if GOS came preinstalled on a device anybody familiar with Android (or even iOS) would be able to use it. Compatibility with Android apps is great too.

Off the top of my head:

Lots of banking apps don't work.

RCS has only just started working.

No "Find My Device" support.

Permissions model is difficult to understand - even I struggle with it.

Standard launcher has tiny icons which can't be adjusted.

Pop on to https://discuss.grapheneos.org/ and see the struggles which users have.

> No "Find My Device" support.

"Find My Device" means the location of your device is constantly sent to and stored on someone else's computer (the "cloud"), and it is something that shouldn't exist unless that someone else's computer happens to be yours.

You ordering the rest of the world which features should exist isn't how anything works.

I am not ordering anything. I was merely explaining that "Find My Phone" is not a feature -- it is an anti-feature that enables surveillance by a third party. The lack of such an anti-feature should be viewed as an advantage of Graphene, rather than a disadvantage.

Most banking apps work on GrapheneOS. Around 10% ban using any alternate OS, but a small subset of those specifically permit GrapheneOS now in addition to Google certified devices with the stock OS.

It's nearly the same permission model as Android 16 beyond having Storage Scopes and Contact Scopes as easy to use alternatives with fine-grained control along with Sensors and Network toggles. It's otherwise the same.

If you're talking about the exploit protection features with toggles, that's not part of the permission model and the defaults don't break any apps without serious bugs. Apps with memory corruption bugs can be broken by the defaults, which only requires turning on the compatibility toggle for the app. People don't need to understand the finer grained settings.

The default 4x5 icon grid has the same icon sizes as the stock Pixel OS, which can't be adjusted there either.

The vast majority of issues people have with GrapheneOS are issues with Android and Android apps which are not specific to GrapheneOS.

What is the issue with the permission model. It's basically the AOSP permission model. The changes made by GrapheneOS is the user-facing toggle for the INTERNET permission, and the sensors permission.

If people do not want to interface with those features, they can simply skip them, and the permission model will be the exact same as it is on Android.

> No "Find My Device" support.

I don't have any issues with it

OnePlus also shipped Cyanogen in their early days. They're still around, but they've long since pivoted to their own proprietary Android distro.

Given that Cyanogenmod was discontinued shortly after the OnePlus One released, it's hard to blame them.

I had that phone, too bad it died.

GrapheneOS is partnered with a major Android OEM and working towards some of their future devices meeting our requirements and providing official GrapheneOS support. It won't be the main operating system, but it will be an officially supported option. Their current devices don't meet our requirements, but they're working towards meeting those for future devices.

Banking, pay and government apps should be a website and work on any device with a web browser.

Lots of them are, in fact. It's not that hard, maybe even easier. What's wrong with the rest of them that require a phone?

NFC pay in browser? Does that exist?

Ok, less so NFC, but my bank and all the governments I have to deal with have reasonably functional websites. It's clearly possible.

Where are you from? I live in Germany. I use ING and DKB as my banks. Both of the banks require a Play Integrity-checked app as their default 2FA.In the past I used Sparkasse and Commerzbank. They too required a PI-approved app.

As an alternative you can order a code generator but for DKB that requires a paid debit-card. ING disables the phone app if you use a code generator. You cannot have multiple 2FA.

You could have chosen the Digipass device (I got mine for free) instead of a smartphone app.

They tried to force me to add my phone number, but when you talk to a Rep you can get out of that too...

Try Targobank, it works for me.

US, Virginia. Funny, I tend to assume Europe has this stuff better figured out.

EU Nations who are familiar with computers like Sweden and Estonia did.

Germany likes to think that they belong to cabinets and powered with internal combustion engines. Internet was a new land in 2013. So every user-friendly feature has to be shoved into Germany's throat by EU (especially banks and insurance). The usual reaction from German companies is to wait until the last moment and then hire a law / consultancy firm to implement required changes as badly as possible.

I don't believe it does, but it should.

Cheque depositing? Fingerprint (etc.) login?

My bank (Commbank) and my government (myID), both require apps to access the website.

All my banking apps works fine under lineage. The only app that does not work is McDonald. I have not investigated very far, maybe it is possible to make it work.

The only app I use that actually cares is Craigslist of all things. The app doesn't do anything that the mobile website doesn't.

For the love of God, why does McD's of all people require device attestation? I assume it's some downline package they are including?