Interestingly enough, almost all Android phone bootloaders can be unlocked. Especially Google's Pixel devices have an "unlock-friendly" bootloader: You can unlock it, install another operating system such as GrapheneOS and then even relock it to be able to use verified boot. Verified boot is an important security feature that confirms the integrity of the installed operating system on every boot (even for third party OSes assuming you relock the bootloader), thus preventing offline modifications or malware from persisting across reboots. You can also unlock the bootloader again, install the stock OS made by Google and relock it again. In comparison, lots of other Android phones (Samsung for example) are also unlockable, however you will not be able to lock the bootloader again, even when you install the stock OS again, because when unlocking the bootloader, a physical fuse on the circuit board of the phone will be tripped. This will also void your warranty. Some custom ROMs have been developed for phones with bootloaders that can't be relocked. These ROMs might provide better privacy at the cost of decreased security because verified boot is unavailable. It is a good idea to force the vendors to let the bootloaders be relocked after installing third party operating systems.
Looks like they're taking in some of Copperhead OS' contributions. That's the Daniel Micay guy they mentioned.
Notice he contributes stuff back to AOSP upstream. They're not stealing his work if that's what you think. Apparently he's just a cool dude.
You have to use Magisk to pass Safetynet since official LineageOS builds don't bypass Safetynet. Ironically, to pass Safetynet you have to make your phone less secure.
Once you have Magisk, you'll have to enable Magisk Hide and enable it for your banking app. You'll also have to get MagiskHide Props Config in order to change your device fingerprint to pass ctsProfile.
First line of the article:
> Paranoid Android is one of the more popular custom ROMs for Android devices out there
Paranoid Android is also the name of the team developing said ROMs. Read more here
Could be good news for the Replicant folks -- the S3, at least for the time being, is still their flagship and best-supported model. I still use an S3 as my daily driver for this reason and it works remarkably well for basic web / email tasks.
To any one else reading this, CopperheadOS is Android OS but hardened with more security. It has backport fixes that are faster than the Android security update patches you get monthly.
linageos comes without gapps which are googles preinstalled apps and also some services but many people install them for compatibility. those are not very good privacy wise. i would suggest to use linageos for microg https://lineage.microg.org/ if you need apps that use those google services.
Yup, they are tied to CM, thus at the communities whim. Their latest builds are CM 12.1 and considered "very early" builds.
Why would they go out and bash BB when they in the same position? It's incredibly unprofessional.
Basically, if you don't use Android wear, or use casting it's really no different imo. microG has come a long way.
Like I said, you sacrifice a lot of convenience. Another option you can check out if you use Xposed is XprivacyLua.
Maps and Waze still work, although I rarely use them.
Going Googleless is a lot of work, but it can be done. I use Next cloud as my cloud service, which I host myself.
https://lineage.microg.org/ Makes it easy to switch. No sitting there fiddling with settings and pulling your hair out trying to get it to work, it just does. My battery life on my HTC 10 is ridiculous. For a two year old phone (replaced the battery last year) this thing is a champ. I'm holding out for the next OnePlus, possibly may be waiting until the next OnePlus is announced.
If you ever have questions I can help.
It may seem to be weird but... Google Pixel can be what you are looking for. You can install Graphene OS which is focused on security. You'll find list of supported devices at the bottom of the linked website. Additionally, you can watch The Hated One's newest video about Graphene OS.
Is seems to be very interesting project.
LineageOS wont pass safety check without rooting it with suhide/magisk.
So, in order to make your bank think your phone is safe, you need to make it even more unsafe. It's just how it is.
Read more here.
Yes, to deGoogle your phone you can't be using the stock -- deeply Googled -- OS. That said, please don't ever flash a Pixel with LineageOS. Please instead flash GrapheneOS. Lineage has immense security and privacy degradations. Graphene on the other hand offers the most private and arguably most secure mobile device on the market. I really can't encourage you enough to look into it. Not only for privacy and security, but also ease. Graphene offers a web installer that allows you to install the OS from start to finish by primarily just clicking a couple buttons in your browser. It's dead simple and near impossible to mess up so long as you follow the instructions.
I hope this helped, have an amazing rest of your day!
Please don't forget about modem isolation, this is a very important topic for all "smart"phones (not for dumb phones):
>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network. That mobile telephony network is accessible to the mobile telephony operator, but also to attackers setting up fake base stations for that purpose.
"A-ABER DAS BEDEUTET JA SIE MÜSSEN VERSCHLÜSSELUNG ILLEGAL MACHEN, DIE VERSTEHEN GAR NICHT WAS DAS BEDEUTET"
... Habs euch von Anfang an gesagt, dass sie diese Route nicht gehen werden. Und nun schaut mal was für Instrumente genannt wurden. Whatsapp-Backdoor oder "Generalschlüssel für die E2E-Encryption" (rofl) sucht man vergeblich.
FYI: You can use an Android phone without any Google apps/services, by installing a Google-free Android ROM, F-Droid and microG.
Of course, it's not for everyone - some apps don't work if you don't have any Google Play Services installed and some may crash, but it's certainly doable.
Check out https://lineage.microg.org and https://e.foundation
So to my understanding this is going to be a community supported version / fork of CyanogenMod, without paid devs. This ultimately will mean that they'll have much fewer resources supporting various devices. That IMHO puts a damper on the #1 thing that CyanogenMod was good at: Device support.
So for those who don't mind the amount of devices supported and are interested in a security-oriented fork of AOSP, I would suggest you try CopperheadOS, as it's backed by a team of infosec devs and part of the Guardian Project.
Copperhead os is a privacy focused, open source ROM. It doesn't use Google player services, so no Google Play Store. Instead they use the open source app store called F-Droid.
They don't have support for most Android devices but they do have sell phones like the Google Pixel and Pixel XL with it already installed. They support the Nexus 9, Nexus 5X and Nexus 6P.
They can't have it both ways. They promote their software and say it's better, more secure. And promote people using it.
https://www.lineageos.org/Celebrating-one-year-of-LineageOS/
Read that and it talks security, and community. And their stance is basically screw you to the users.
Nokia should thank them, I'm buying a new 6 when it's available. I'm done with this.
Please check your facts.
GrapheneOS does not ship with Play Services but they provide a compatibility layer to run it as a sandboxed app.
https://grapheneos.org/usage#sandboxed-play-services
Edit: typo
> What makes you say that?
You are right, it would be more correct to say: Many people (including me) are using LineageOS to be a little bit less dependent on Google
> I would imagine that the Lineage team don't ever hold/process any user data themselves
I'm also not entirely sure, but I think it isn't that easy to waive one's responsibilities on GDPR to Google. After all it's still the lineageOS-website that causes the data-collection to happen. And at the very least they need a privacy policy explaining what data get's collected and how to opt-out (similar to how https://www.lineageos.org/legal/ explains other data-collection very well)
If think that the simplest solution would be LineageOS with MicroG. MicroG a free (as in freedom) re-implementation of Google Play services. They make their own version of LineageOS (for various reasons, see the FAQ) with only a week delay on the updates and with F-Droid pre-installed.
The advantage is that it supports all the LineageOS supported devices, without the hassle to install GApps or go without them.
Also, I recommend you use Shelter for containerizing non-free apps in the Android Work profile which gives them no access to the rest of your phone.
CalyxOS has microg which replaces google play services. It comes with Aurora store and f droid. Aurora store is a front end for Google play store so it just downloads from there anonymously.
One of the cleanest, barebones android operating system replacements. Doesn't even come with any google stuff by default. 700mb rom instead of 2.1gb that my OnePlus phone uses.
This version comes with MicroG which will allow you to use some Google apps you may still not be able to live without, like the Google Keyboard, and lets many apps that rely on google push notifications to work again.
This is a great reason people should consider LineageOS with Micro G when buying their phone. Even if you don't want to use it today, you can use LineageOS when your carrier stops supporting your device!
Regarding full lineageOS support for the foreseeable future, your best bet is probably a Pixel phone. These are still getting updates from Google, but when this ends, they will almost certainly follow their Nexus predecessors with good support in the custom rom community.
Here is a list of phones that are currently receiving the latest LineageOS builds (this list will likely grow, but you can be confident that these devices will be supported):
Unfortunately, I am not sure that any of these devices have been IP rated, although I have read that many users have experienced some type of water resistance with the OnePlus 5. The pixel 2 is IP67, but this is almost certainly out of your price range (although you can probably find it on ebay for only a little over $500 (like this one)
Graphene is a wonderful OS but I don't think it is what OP is looking for here. Graphene is super strict about security and therefore only supports 6 devices. It also doesn't work with microG, which is necessary for running many applications without having google services installed. LineageOS for microG is what I would recommend for a good balance between privacy and usability without jumping straight into the deepest depths of the rabbit hole.
It was mascot called VoLTE, intended as april fool. They used the mascot as the bootanimation and the changelog said
-added VoLTE for all devices
since a lot of people asked to add VoLTE for their devices (which you can't just simply add without the OEM supporting it).
GrapheneOS now as a sandboxed compatibility layer that let you install Play Services without giving them access to your phone. I don't know if it works well and I don't know if Android Auto works with it because I don't use it, but I've heard good stuff about it being better than MicroG and the like.
According to MicroG documentation, they do not support Android Auto
Using Waze and "getting permanently away from Google" isn't compatible, unfortunately. Yes, you have the convenience of getting live traffic updates because Google track every step you (and all other users) do. An alternative that works well, has live-traffic and is privacy-friendly is Magic Earth.
I understand that not everybody can deGoogle, but you said "get permanently away from Google"
https://copperhead.co/android/
It's a hardened custom ROM that's directly based on AOSP and is aimed to be stable, bugfree and more secure than Stock. It's only available for a handful of Nexus devices (Nexus 5, Nexus 9, Nexus 5X and Nexus 6P) but Copperhead provides support for them as long as Google does, so major version updates for at least two years after launch & security updates for three years after launch along with 1.5 years after the last device is sold. The sources for Copperhead are also available on GitHub.
Although the ROM itself is available as a free download for all devices, donations are welcome and devices with CopperheadOS preinstalled can be bought from their website (for non technical users or just to support them). Directly bought devices also include web-based support.
Here is a list of their changes/additions to AOSP, in case you're interested in the technical details: https://copperhead.co/android/docs/technical_overview
These are just technicalities. AOSP = Android Open Source Project. Any reasonable person knows that manufacturer and custom roms are still Android. What is allowed to be used to publicise something is a different matter.
The point is that the guy is trying to push his product as something completely new that needs investment, when he's just mostly bundling up other people's existing work.
It's essentially the same idea as this but those guys didn't go to Kickstarter asking for tens of thousands of pounds in investment. ¯\_(ツ)_/¯
The aim isn't to improve all Android devices or to upstream everything. It's also mostly focused on other things than PaX and grsecurity ever since the stable patches became private but also because new features are a lot more useful over the long term than simply making short term device-specific ports of an existing project. A full grsecurity kernel along with other kernel hardening features is part of the long-term roadmap. See https://copperhead.co/android/docs/technical_overview for an overview of what it covers today (or the issue tracker for what's planned).
The current answers are decent, but surprisingly not thorough, or sort of incomplete.
Short answer: A huge NO
Longer answer: a distribution like Ubuntu (I can't think of any other distributions) doesn't currently (as far as I know), and very good chance won't in the future, but as you showed, they did do certain things some people didn't like.THAT SAID, as far as I understand that feature was disable-able/removable, and even what it did do wasn't super crazy or invasive, just stuff like search query logging which is pretty weak (of course R. Stallman will say that's getting their foot in the door and a slippery slope, or even merely that even that in itself is totally unacceptable, but most people aren't even close to sharing his specifics of opinion).
Anyway, virtually all distributions of Linux aren't owned by a company and hence have no reason to do such a thing (I guess one other exception might be Chrome OS, but that's typically hardware limited to Chromebooks). Even one of the few that is owned by a company immediately pulled that feature after introducing it.
One notable exception is Android, if you count that as Linux (it is certainly not GNU-Linux, but it uses the Linux kernel so many people still consider it to be Linux). Google has all sorts of stuff that they watch and use. Although for both PCs and mobiles (but especially mobiles), frequently the biggest issue to privacy is simply with the programs and web services that you use, not the OS itself. If you use Android and don't like how Google has you in their pocket, you should easily be able to switch to LineageOS
My problem with Copperhead OS is that it is not Free Libre Open Source Software.
> Commercial usage of CopperheadOS requires working out a licensing arrangement with Copperhead From: https://copperhead.co/android/downloads
Given that Monero is money it is pretty hard to use Monero without engaging in "commercial" activity.
CopperheadOS is a custom, hardened ROM for hardware that meets specific criteria.
If you pick some random custom ROM and put it on some random hardware it's not nearly as secure.
See /r/CopperheadOS and https://copperhead.co/android/ for details.
look into microg as alternative to google services. It's an open source alternative that is based on google play services but anonymises your data. If you cannot do without google push for example, this would be your best bet. You don't need to use location data from google any more but can use a locally downloaded file or use mozilla's location backend instead. Lineage does not support microg natively though, so it would be easier to use the fork which is called lineage for microg https://lineage.microg.org/. You need a rom that supports signature spoofing (I use crdroid on my moto g) but lineage for micro g would be my choice of rom now, as it is the most well mainained rom when it comes to android updates.
Only for devices that have the license in their stock rom
> AptX and AptXHD have been added to supported platforms. Bear in mind, only devices that had this feature on their stock ROM will have this functionality in LineageOS
Proper Linux phones, which, although there's a lot of progress in the area, are nowhere near "average Joe material" and maybe never will be.
Another option would be a Google Pixel with something like GrapheneOS into it. But with Google now starting to use their own silicon, this might go the way of the dodo, as well.
I agree 100% with you.
Related:
>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network.
>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network.
My god! Game changer.
This article is particularly useful for ALL android users! It really clarifies that many banking apps are designed to only run on Google approved devices.
Now to get that banking app to
https://grapheneos.org/articles/attestation-compatibility-guide
"Banking apps are increasingly using Google's SafetyNet attestation service to check the integrity and certification status of the operating system. GrapheneOS passes the basicIntegrity check but isn't certified by Google so it fails the ctsProfileMatch check. Most apps currently only enforce weak software-based attestation which can be bypassed by spoofing what it checks. GrapheneOS doesn't attempt to bypass the checks since it would be very fragile and would repeatedly break as the checks are improved. Devices launched with Android 8 or later have hardware attestation support which cannot be bypassed without leaked keys or serious vulnerabilities so the era of being able to bypass these checks by spoofing results is coming to an end regardless.
The hardware attestation feature is part of the Android Open Source Project and is fully supported by GrapheneOS. SafetyNet attestation chooses to use it to enforce using Google certified operating systems. However, app developers can use it directly and permit other properly signed operating systems upholding the security model. GrapheneOS has a a detailed guide for app developers on how to support GrapheneOS with the hardware attestation API. Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.
"
This is making me take a harder look at https://copperhead.co/android/.
I picked up the first blackphone years ago and I've been happy with it (more or less) but it's definitely not something you can give to your non-techie spouse and say 'you should use this instead.' So I was hoping the blackphone 2 would present something smoother. But I've been on the fence with the purchase.
Unfortunately a while back Silent Circle started running into financial difficulty, some executive changes, and the updates on the Blackphone 1 stopped coming. Apparently their expectation was that I was going to drop close to a grand on their new phone -- they just stopped putting work into the first device.
All that started pushing me towards looking for alternatives like Copperhead OS. The idea that Silent Circle is bricking devices pretty much killed them for me. Those pepole that purchased the phones from non-authorized dealers are never going to get their cash back. No way. Bricking their devices is punishment and that's not how a security conscious OS development group should operate. Prevent them from using their servers -- sure. Don't allow those phones to update -- fine. But don't punish anyone.
On top of all that, if you want to understand your Blackphone's OS and how it works -- forget it. There's very little in the way of transparency and so you are effectively taking their work for granted. This is also a sore point in my book. Security is very much about transparency in many ways. If you don't understand how your OS works then you can't say confidently that it is secure. The Blackphone docs suck. Certainly the Copperhead people are more forthcoming about how they harden the thing and the way they incorporate ideas from OpenBSD is comforting.
Pretty sure Silent Circle just lost a customer here.
Latest LineageOS has similar firewall capabilities as CalyxOS. For microG you can grab/build LineageOS with microG support (https://lineage.microg.org/).
If you can't re-lock bootloader, CalyxOS doesn't have much benefits over LineageOS.
r/lineageos bans discussion of some possibilities like microG. r/fossdroid might be better.
I don't know the code names for the G5 but if the phone is officially supported by Lineage then there should be a "Lineage for microG" build available for it at https://lineage.microg.org/ I find that for my G4 Play the build there is a good starting point for running with decreased exposure to Google.
Oops. Just noticed this thread was originally on fossdroid, sorry for the link back to itself. There is a r/microg subreddit but I find that XDA is a better place for discussion and help on that.
https://grapheneos.org/install/web if you can follow this you can do it.
It's pretty simple just use the official cable you get from your pixel and also make sure your pixel is an unlockable non carrier version.
Sure, security and privacy are different things, but this is why OP is recommending GrapheneOS, instead of Google's Android - GrapheneOS has a lot of privacy controls which aren't present in stock Android.
For instance (just off the top of my head):
No Google Play Services, but it supports installing a sandboxed version of Play Services which has limited rights
It replaces the standard system webview and browser app with Vanadium, which is a privacy (and security) hardened version of Chromium. There's way too many patches to go into detail but it does stuff like removing all Google stuff from the code, disabling third-party cookies by default, disabling network prediction, metrics, article suggestions, WebRTC IP leaks, analytics and so much more.
Sensor and network network toggles
Per-connection MAC address randomisation (with DHCP flush between reconnection to prevent the network from potentially identifying that it's the same client).
I recommend checking out their FAQ, which goes into great detail explaining all the privacy and security features (as well as caveats).
Graphene and CalyxOS both work on the Pixel 3 as long as you have a carrier unlocked device:
The Pixel 5 is getting a bit old now (with only two years of guaranteed updates ahead of it) and the Pixel 6 has had very little information released about it, aside from using Google SOC which will take longer to port GOS/COS over to it.
This is a Google service. Google does all it can to track you. They use cookies, browser fingerprinting, if you're logged into their service they know even more about it. And then there is the location service running on your devices, which may in addition to GPS use bluetooth and wifi networks (both visible and just hardware addresses of these routers).
Google does all that - because they are essentially an Ad service, so they can provide you with the best matching ads based on who you are and where you are.
If you want to avoid this. Stop using any of the Google services first of all. Use a de-googled phone, like https://e.foundation/ ... and wipe cookies as often as you can.
yes : https://e.foundation/
the most polished un-googled Android out there.
It's basically LineageOS+microG+opensourceApps all packaged, ready to use. All ropes and trackers communicating to Google are cut out on the inside. Great for non tech savvy users.
Thank you for your great work! Is it somehow possible to have a recurring donation?
I feel like donating, but I can't really afford to donate a lot at the same time and it's easy to forget to do it every month manually.
Also, everyone should check out their donate page.
No it doesn't anymore, its came along way with the recent updates. You can use google play services and framework without any security issues due to its sanboxing. https://grapheneos.org/usage#sandboxed-play-services
GrapheneOS has support for installing the official releases of play services as sandboxed and unprivileged application. This approach, unlike microg, doesn't ruin the android security model and provides substantially more compatibility.
Please go and read all 3 of his blog posts.
I'm well aware of how much work can be involved in developing a mobile OS. However, that is far from what he is actually doing. He's bundling pre-existing work from other projects and slapping a fancy name on it.
He's using an existing build of LineageOS for his device, bundling MicroG with it and a few other existing open source apps like F-Droid. This isn't going to take years of development, because there's no development involved in what he is doing, apart from the custom launcher he's having made which could also be using someone else's code for all we know.
Here's a project already doing most of what he's suggesting, without begging for funding. LineageOS for microG
Calyx OS, I've been using it for a while and its great. Easy install and it has MicroG so notifications still work. You could also use Graphene OS but I didn't find it very user friendly.
Get yourself a Pixel 3a and flash GrapheneOS on it. It's the most secure and private mobile OS I know of.
Check out their subreddit for more details.
GrapheneOS is a really fantastic Android project that puts security and privacy first. Anyone truly serious about opting out of the big tech ecosystem should use it, and it's best experienced on Google's own Pixel devices.
It's all mentioned in Grapheneos installer: https://grapheneos.org/install/web#replacing-grapheneos-with-the-stock-os
there is an additional step to revert changes on the bootloader as well
They recently added a feature, Sandboxed Play Services, that may help you, instead of using microG: https://grapheneos.org/usage#sandboxed-play-services
I've not tried it myself, as I don't need it, but I read it's working pretty well, maybe you could give it a try.
See https://grapheneos.org/usage#sandboxed-play-services. It allows you to run Play services as fully sandboxed apps with no special access or privileges. Apps within the same profile use it so it enables broad app compatibility without sacrificing OS privacy or security.
Buy a pixel and load Graphene OS. I’m not confident that this solution will last forever though; I wouldn’t be surprised to see some sort of certificate validation on app installs in the future.
Because it's an insecure device that doesn't receive security updates since 2019: https://support.google.com/pixelphone/answer/4457705#when_updates&zippy=%2Cpixel-phones
https://grapheneos.org/faq#legacy-devices explains why it's not supported anymore (they used to).
I am not sure what you expect to find, but I believe GrapheneOS already provides a good description of it's features in comparison to AOSP (which is what CalyxOS essentially is). Did you read https://grapheneos.org/features already?
>I dont care about government tracking
By the way, anyone with a IMSI-Catcher can also track you when you're using the cellular network. Not just the government.
>but google and apple tracking for example.
In this case, you should use Cyanogenmod or Copperhead OS on your phone without the Google apps (gapps). The list of compatible phones are available on each websites.
You can also use Replicant as already mentionned but you will need to use a very old phone and some features won't work at all with this option.
Pico still installs Google Play Services and Play Store. I suggest using the Lineage microG fork. If you need any apps from the play store, use Yalp Store (you can install it via F-Droid). Otherwise, install apps from F-Droid. OsmAnd~ is in F-Droid.
Pixel 6: This will be supported, however it will take a while since it’s
an entirely new device, and we’d also need to do the 12 port in general
before we’re able to release Pixel 6 builds.
from CalyxOS website
It is right on their Website - https://e.foundation/legal-notice-privacy/
> e Foundation > Non-profit organization under the French law for association 1901 registered on April 26th 2018 > > Nº Siret: 84014633600010 > Code APE: 6209Z
https://www.societe.com/etablissement/e-foundation-84014633600010.html
Rough translation:
> The company E FOUNDATION currently domiciled its main establishment in Paris 10 (headquarters of the company). It is the establishment where the administration and effective management of the company are centralized. The establishment, located at 28 rue d Hauteville in Paris 10 (75010), is the establishment of the company E FOUNDATION. Created on 26-04-2018, its activity is other computer activities.
From the GrapheneOS website :
>LTE-only mode
>
>If you have a reliable LTE connection from your carrier, you can reduce attack surface by disabling 2G / 3G connectivity in Settings ➔ Network & Internet ➔ Mobile network ➔ Preferred network type. Traditional voice calls will only work in the LTE-only mode if you have either an LTE connection and VoLTE (Voice over LTE) support or a Wi-Fi connection and VoWi-Fi (Voice over Wi-Fi) support. VoLTE / VoWi-Fi works on GrapheneOS for most carriers unless they restrict it to carrier phones. US carriers other than T-Mobile tend to be missing these features due to us not including their proprietary apps.
>
>This feature is not intended to improve the confidentiality of traditional calls and texts, but it might somewhat raise the bar for some forms of interception. It's not a substitute for end-to-end encrypted calls / texts or even transport layer encryption. LTE does provide basic network authentication / encryption, but it's for the network itself. The intention of the LTE-only feature is only hardening against remote exploitation by disabling an enormous amount of legacy code.
As a general rule, it's best to avoid relying on normal calls and SMS.
I know this is such a minor thing, but it’d be really good if you could hyperlink most of the stuff mentioned here- Signal, Graphene OS etc just so that people who’s interest is piqued can have it easily accessible?
Graphene OS recommends against using anything other than inbuilt browser (Vanadium) or Bromite which are based on chromium.
Read - https://grapheneos.org/usage#web-browsing
Chromium has much stronger security like they explained. Using an unofficial fork of Firefox like Fennec is risky.
GrapheneOS offers substantial defenses against these kinds of attacks on the OS and apps. Defending against unknown vulnerabilities especially remote code execution bugs in apps and the OS is a major focus of the project. It's also focused on fundamentally improving privacy and security in other ways.
Please read through the overview at https://grapheneos.org/features. This only lists enhancements we offer compared to AOSP. You can see that this is a substantial focus including using our own entirely different heap implementation. Most of these attacks use memory corruption bugs, and most of those are heap corruption bugs. It's the whole point of our extensive work on https://github.com/GrapheneOS/hardened_malloc and other features. It certainly doesn't make you immune to exploitation, but it will often help to mitigate a generic memory corruption exploit targeting an app or OS component, alongside other changes.
You could see if there's a version of Replicant for your phone. There's also CopperheadOS, but I don't know much about that project at all.
Microg is a FOSS alternative for Google's APIs inside of Android. AOSP is open source, but typically Android ships with Google's proprietary application bundle which provides APIs that many applications use. Stuff like location services.
Despite the 'G' in Microg, it is FLOSS and Google-free.
It's not perfect, but it does provide most the common APIs that apps use that AOSP doesn't provide natively and allows you to use Android google-free.
Microg needs to have a alternative cert installed to allow it to install software outside of the google play store without forcing the user to reduce their security settings. Lineage OS refuses to do this for their OS because it's a useless feature (and thus a security risk) for the majority of their users, which I think is the correct choice.
Most Lineage users are going to bundle Google's apps (Gapps) at flash time or use something like OpenGApps to install Gapps, which is needed for the typical 'Android Experience'.
​
This is about the best you can get FLOSS-wise without making huge sacrifices for the functionality of your phone.
If you want to take it further and be aggressively free software as possible then your best choice is Replicant.
What you see in Yalp Store is MicroG pretending to be Google Play Services. If you have MicroG installed via LineageOS MicroG fork, you should only update via F-Droid. Also you should update to the latest beta MicroG, which is currently Version 0.2.4-105-gf289a13 in F-Droid.
Don't forget the biggest flaw: the OS. Stock ROMs are always BS.
Try LineageOS, it's the currently most widely supported ROM.
Next up: gapps. Do you need notifications? Most apps (from the playstore) don't run their own servers so they use Google's framework. There are 2 choices:
opengapps: It's not open, even with the name. It's Google's binaries repackaged. Don't use this if you want privacy.
microG: A true opensource alternative. Notifications are supported, location provider etc.
LineageOS does not support microG, but they forked Lineage and have a ready to use ROM available here: https://lineage.microg.org/ . I strongly recommend microG if you need anything from Google.
In terms of apps: You already know F-Droid. Ideally you would only use FOSS, but if you need apps from the playstore you can use Yalp. Also available on F-Droid.
If you have any questions just ask. I also second AFWall+, a must have if you deal with playstore apps.
you cant get it to work.
those are the supported devices
you can search xda developers, some people make calyx os unofficially for unsupported phones, but trust at your own risk.
I have an LG Nexus 5X, which is compatible with CoppeheadOS. It works pretty well, and comes with gapps off by default, plus a few other security patches not present in regular android. Then I just use F-droid to add all the cool apps most others have mentioned here. Would love to switch to replicant (their site seems to have an issue with their SSL certificates right now :-/), but there's very limited compatibility with modern devices.
did you also flash an updates version of Gapps right after flashing official LOS 15.1, like mentioned in the in Changelog-16?
If not this explains your errors with play store related apps. Updated Gapps version for Oreo has to be flashed before first boot.
Please read https://grapheneos.org/#history.
They forked our code and continue to copy our newer changes. They're fraudulently claiming to have created it and are selling phones with it for a lot of money. They're primarily dedicating their resources to harming us as much as possible, not building anything. They want to take our work, sell it, and wipe out the original open source project at all costs. I recommend looking at the other threads about it in /r/GrapheneOS. This one is about a very specific thing.
If you need MicroG, you get CalyxOS. The reason they don't do it is because it requires signature spoofing, which is a security risk. Another reason they don't allow it is because it requires many permissions to run, so again, has the possibility to be hijacked into something malicious. GrapheneOS has worked hard to harden android as much as they can, improving encryption methods, better sandboxing and much more. If they allowed MicroG or GAPPs it would greatly impact their main focus, extreme privacy and security. CalyxOS on the other hand, is more focused on improving privacy while not being to inconvenient, which is why they include MicroG out of the box and don't change nearly as much as the GrapheneOS devs do. Though, on GrapheneOS's website they do say they are trying to make it so MicroG could run as a regular app.
IMO CopperheadOS was never primarily focused on privacy, or software freedom --- most of its distinctive features were security hardening measures. See the list here:
https://copperhead.co/android/docs/technical_overview
I'm running LineageOS without Google Apps (F-Droid only) and it's basically fine. But from a privacy perspective, I think the most significant problems on mobile apply to all platforms more or less equally:
If you're open to installing a custom rom, I'd suggest CopperheadOS.
Technically still have binary blobs for things like the phone radio etc., which you realistically can't get rid of.
That sounds like marketing gibberish. I would want a lot more detail about how this security was being created/provided/maintained, and what the specs of the phone are before I could talk about price.
I would be more inclined to purchase an open-source-friendly phone from a well-known hardware manufacturer, and install a security/privacy-friendly OS such as Copperhead OS.
How much security can you give me for $200? For $500? For $800?
If you buy a Nexus 5X, man you are in for a surprise. There is a secure and really nice ROM for it, it's named CooperheadOS. I don't think it has any traces of Gapps in it. I wish I could afford a Nexus so I can use this ROM.
Here : https://copperhead.co/android/ .
You can use /d/gapps to get rid of google services if you have root. Many apps rely on google services though and don't have notifications or straight up refuse to open without them installed. There is a open source implementation of google services that is much lighter and doesn't send any data to google servers (unless you tell it to) called microG though. If your phone is supported by lineageOS I recommend installing LineageOS for microG it has microG and everything necessary built into lineageos which is an awesome rom.
They don't do anything new (which is fine, just don't pretend you do), they seem to like centralizing stuff into their own silo (maybe fine if it's standardized services that are easy to switch from and migrate from), they have bad technical practices (prebuilt apks, removing copyright notices from unchanged code)
Use Lineage+MicroG instead: https://lineage.microg.org/
If you want to switch to the beta ROM, you'll have to download the package from here and install it via the updater. You cna do this by going to the updater and select "choose update package" from the top right corner (if the option is not there, keep tapping the miui icon until it appears).
But be warned, switching from stable to beta (and vice versa) WILL WIPE ALL YOUR DATA, so make sure you back up first.
Either by directly downloading the beta ROM and flashing it through updater app or by downloading fastboot ROM (tgz format) and flashing it through Mi flash tool.
Use whichever method is easy for you. Keep in mind going to beta erases your phone so take backup of all the things you need before flashing it.
I think that's why there is Fennec in F-Droid. In any case, since it's on Android I would maybe just suggest Bromite as was also mentioned in PTIO (source) and I also lean onto GrapheneOS developer's explanation on the use case with regards to browsers in Android:
https://grapheneos.org/usage#web-browsing
As an alternative to the said password manager, I would recommend KeePassDX instead.
> Does it work on every Pixel phone? Even the latest?
The current recommended devices for longevity are pixel 3a, pixel 3a XL, pixel 3 and pixel 3 XL. Pixel 2 will likely be abandoned so that means no more updates. Pixel 4 does not have support.
> I’m a noob in android as I always used iPhones...
Android is very easy to understand, watch videos explaining the android operating system or run a android VM on your desktop to get familiar before you make the switch.
> Is it as full featured as Lineage?
That depends what features you're talking about. They both run on android 9.0 which comes with all standard android features. If you're talking about security features they have multiple differences.
> If so, why isn’t everyone (having a pixel phone) using it?
There's many reasons and I'll list them all below
They don't know it exists
They do not care about their privacy
They do not understand how to install it
They're using a locked bootloader version of the pixel like Verizon's version. (You need the google version of the pixel not a carrier branded one. Carrier branded ones lock the boot loader)
They want google app/google play services support (You need to understand that graphene OS/lineage OS with no GAPPS is going to be different than an iPhone, you're going to have to install your own app stores and some apps will not work since they rely on googles framework. Keep in mind many alternatives to these apps exist that are FOSS ie newpipe instead of the youtube app, and osmand instead of google maps.)
You can find more info about graphene here https://grapheneos.org/ or go to r/grapheneos
BTW, /e/ is now supporting/funding Marvin Wißfeld (https://e.foundation/e-foundation-announces-official-support-of-microg-development), maybe because the /e/ ROM is in essence a LOS for microG.
Now, even is microG has stalled new development, leaving version 17 particularly unsupported, that hasn't stopped LOS to progress, and for those phones that are still stuck at LOS 16 officially, I still see no reason for them not getting upgraded on LOS for microG. Any ways, might be devs on LOS for microG also stalled all their great effort, until seeing more active development on the microG side, which is sad if that's the case, given there are still upgrades on 16...
This is the first of it’s kind on Android and this project above many others deserves financial supoort especially since i’m pretty sure it’s all just being ran by one man the lead developer.
This is next level privacy we may never see again if it’s just not feasible to continue maintaining this for free.
Hey OP, I don't use what's app, but I do need some non-privacy respecting apps too on Graphene. I won't repeat stuff because u/FauxParrot already explained a lot in great details.
For this I use Insular from F-droid, which is a fork of Shelter/Island without telemetry or phoning home at all. And for other stuff like banking/entertainment, I have completely different profiles, but that won't really work for you as I'm guessing you need notifications and direct access to the app. At the moment, the implementation of sandboxed PlayServices works well, but I'd say the way to install it is not super practical. (But it will change in the future.) From Graphene website : >In the future, we'll have a client app for our repository so you'll be able to install and update the official Play services apps through that app and you won't need to deal with split APK installation manually. https://grapheneos.org/usage#sandboxed-play-services
Graphene is as easy to install as any other ROM, although I don't know how the process is if you're installing from Windows.
Lastly, if you're having issues, like u/FauxParrot said, CalyxOS will definitely be easier to configure for your needs, but imo, Graphene is worth the efforts.
I am personally using GrapheneOS, and they now have support for sandboxed play services, but I am a bit intense and I completely deGoogled and avoid all big tech so I have no need for MicroG / PlayServices. The only apps installed on my phone are opensource and sourced directly from F-Droid (or third-party repositories).
I am certainly not an expert, but if you have any question, feel free to ask me in PM
GrapheneOS is not slow. But here's some info about the exec spawning process which may cause some initial delay:
> GrapheneOS creates fresh processes (via exec) when spawning applications instead of using the traditional Zygote spawning model. This improves privacy and security at the expense of higher cold start app spawning time and higher initial memory usage. It doesn't impact runtime performance beyond the initial spawning time. It adds somewhere in the ballpark of 100ms to app spawning time on the flagship devices and is only very noticeable on lower-end devices with a weaker CPU and slower storage. The spawning time impact only applies when the app doesn't already have an app process and the OS will try to keep app processes cached in the background until memory pressure forces it to start killing them.
Their motivation is wiping out the open source project they've copied and turned into a product. They massively ramped up their attacked after we published https://grapheneos.org/install/web since their business model is dying. They're desperate. They aren't capable of building any of value themselves. They don't do actual privacy and security work. They copy us, fraudulently take credit for it and sell it as an expensive product with tracking. They also desperately want to cover up all the awful things they've done. They want to be able to lie about everything that happened unopposed.
Installation is straight forward and can be done in 10min from any Mac, Windows, or Linux PC. At worst, you will have limited functionality or non-functional apps that require google play services. These are few and far between however; even google maps works. Check out https://grapheneos.org/install for pixel devices, or lineageos.org for other handsets
If you are into privacy, I think a good option is to buy android smartphone and install copperhead OS on it (Google-less android focused on privacy) but keep in mind that now it only supports a handful of devices listed on their website https://copperhead.co/android/
There's a little-known option to donate monthly through Patreon. For me this is much easier than giving a one-off donation (and somehow more rewarding, as I'm helping to build a sustainable project)
Note to Copperhead crew: thanks for your work, and may I suggest adding links to the Patreon right next to the image download links?