After using LineageOS for long time, I have finally moved to GrapheneOS. I use a lot of banking and financial apps which I never felt comfortable using on LineageOS due to lack of proper sandboxing, unlocked bootloader etc.
GrapheneOS works flawlessly just like Android. You don’t even notice there’s hardening underneath. Also it protects from Google’s evil location tracking using WiFi/Bluetooth or even when the Location is turned off. I don’t understand how people in general are comfortable with Google tracking all the time. You can use Google Play and Play Services in a sandbox that works just like regular installation, but without deep tracking.
If you haven’t tried GrapheneOS, try it. You won’t go back to regular Android.
The thing is, I’d need the government 2FA app (which doesn’t work in graphene) when logging in to my bank on a browser as well, so that doesn’t change anything.
And I can’t do anything, I can’t check my digital mailbox (not email, we have something specifically for official communication with bank, government etc.), I can’t log in to check messages from my kids school, I can’t order a doctors appointment…you get the picture.
Sounds like more of a problem with your government than GrapheneOS.
it’s a problem because graphene os doesn’t pass google play safety check, or whatever it is called. They are apparently not able to make the sandboxes play services good enough to pass so the app accepts it’s validity.
It’s actually a problem with Google, because the only reason GrapheneOS doesn’t pass the Play Integrity API check is that Google enforces a whitelist of allowed operating systems. Even though GrapheneOS is 10x as secure as the stock OS, Google doesn’t allow it. Since this is a highly monopolistic practice, the GrapheneOS team is talking to regulators to finally stop this: https://grapheneos.social/@GrapheneOS/112916691727814901
Yeah i understand what you are saying and that is why everyone’s individual needs come into play.
I don’t know what country you are in and that can obviously affect things, my banks 2FA is an SMS. I have options in terms of the other things you mentioned, where as you may not have.