Bootstrap

Hermes OS

Hermes OS is a cutting-edge mobile operating system that employs military-grade security to protect your data and communications. Built for Google Pixel devices, it offers powerful features like remote wipe and a panic button to instantly respond to threats. With advanced exploit defenses and strict app permission controls, it shields you from surveillance, malware, and data leaks. Designed for professionals, journalists, and privacy-conscious users, Hermes OS delivers unmatched mobile security without compromising usability.

Features

Clean, Minimal Interface

Hermes OS delivers a fast, uncluttered Android experience with no bloatware, giving users full control over what's installed and running on their device.

No Background Data Collection

Unlike most mobile OSes, Hermes OS doesn't harvest or transmit user data in the background—what happens on your phone stays on your phone.

Battery and Performance Efficiency

With no background spyware or bloat, GrapheneOS runs lean—extending battery life and keeping your device fast, even over time.

Optional Google Services, On Your Terms

Choose to install Google Play in a sandboxed environment only if needed—use apps that require it without handing over your privacy.

Secure, Regular Updates

Get fast, direct OS updates from the Hermes OS team, with no carrier or manufacturer delays—ensuring you stay current and protected.

Multiple User Profiles & Workspaces

Easily create separate user profiles or workspaces to isolate apps, data, and usage—perfect for balancing work, personal use, or sharing your device securely.

Security

Duress PIN, Panic Button & Remote Wipe

Trigger a full device and eSIM wipe with a special duress PIN, activate a panic button for instant lockdown, or remotely erase your data if your device is lost or compromised.

Storage and Contact Scopes

Limit app access to only selected files and contacts, preventing unnecessary data exposure and giving you precise control over what each app can see.

Advanced Exploit Mitigations

Hermes OS hardens your device with state-of-the-art memory protections and compiler defenses to guard against zero-day and runtime exploits.

Per-App Network and Sensor Controls

Decide which apps can access the internet, GPS, camera, microphone, and more—cutting off potential trackers at the source.

MAC Address Randomization

Randomize your device’s MAC address for every Wi-Fi connection to prevent tracking, location profiling, and surveillance by networks or third parties.

Verified Boot with Hardware-Based Integrity

GrapheneOS enforces verified boot using the Pixel’s hardware-backed security chip, ensuring the OS hasn’t been tampered with and alerting you if integrity is compromised.

Use cases

Zero-trust mobile access (gate corporate VPN / apps)

Use hardware-backed Auditor attestation to verify device integrity before VPN/SSO and enforce VPN-leak blocking so traffic can’t bypass the tunnel. Result: only healthy, untampered phones reach internal systems.

BYOD with hard walls (keep Google/consumer apps contained)

Run Sandboxed Google Play only inside a dedicated work profile; disable app installation, allow only owner-curated apps, and apply Storage/Contact Scopes for least-privilege access. Result: strong separation without full MDM.

Executive travel / border-crossing mode

Limit hardware attack surface with USB-C/pogo-pin control (charging-only when locked/off), prefer LTE-only, enable auto-reboot; use Duress PIN/Password to trigger a wipe and End session to drop profile keys. Result: minimized exposure during inspections.

Contractors & third-parties (fast on/off-boarding)

Issue a separate user profile per vendor with only required apps; disable app installation; use End session when idle or remove the profile to revoke access instantly. Result: compartmentalized access with one-click termination.

Regulated data handling (finance, healthcare, legal)

Enforce data minimization with Storage Scopes and Contact Scopes; surface location use with the indicator; allow long passwords or 2-factor fingerprint unlock. Result: least-privilege access with practical auditability.

Field/sales teams on hostile Wi-Fi

Harden Wi-Fi with per-connection MAC randomization and DHCP-state flushing; force corporate tunnel via VPN leak blocking; keep risky apps offline with the Network permission toggle; default to Vanadium for browsing. Result: safer CRM/email on café, hotel, and airport networks.

FAQ

  • Log in to your account.
  • Purchase a license.
  • Open your dashboard and follow the step-by-step flashing guide to install Hermes on your compatible Google Pixel.
Tip: Back up your data first—the install process wipes the device. It’s straightforward, even if you haven’t flashed a phone before.

Yes. Run Sandboxed Google Play inside a dedicated work profile. Play Services and Play Store run as ordinary apps (no special OS privileges). Lock the profile down: disable new app installs, use “Install available apps,” and grant only the permissions your apps truly need.

Use hardware-backed attestation to verify device integrity and OS state before granting VPN/SSO. Gate access via your IdP or VPN so only attested, up-to-date devices pass. Pair this with “block connections without VPN” to keep all corporate traffic in-tunnel.

Create a separate user profile per person. Preload required apps, disable app installation in that profile, and publish approved tools via “Install available apps.” Optionally forward critical notifications to the owner profile. Off-boarding is instant: remove the profile and all work data is gone.

Use a strong passphrase with PIN scrambling, enable Auto-reboot (e.g., 12–24h) to return data to rest, and End session on the work profile when idle. Set USB to charging-only when locked (or fully off). Configure a Duress PIN/Password for irreversible wipe. Distance wipe: we provide a distance-wipe function directly from your user account—sign in and trigger a remote wipe if a device is lost or compromised.

Updates are automatic, background, and atomic (A/B) with rollback protection and anti-downgrade checks. Set an internal policy (e.g., “apply within 24–48 hours”), and verify compliance via attestation. Updates complete on reboot, so enforcement doesn’t disrupt users.

Pricing

3 months

300

Buy now

6 months

550

Buy now

12 months

1000

Buy now