Could be good news for the Replicant folks -- the S3, at least for the time being, is still their flagship and best-supported model. I still use an S3 as my daily driver for this reason and it works remarkably well for basic web / email tasks.

Please don't forget about modem isolation, this is a very important topic for all "smart"phones (not for dumb phones):

>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network. That mobile telephony network is accessible to the mobile telephony operator, but also to attackers setting up fake base stations for that purpose.

https://replicant.us/freedom-privacy-security-issues.php

I agree 100% with you.

Related:

>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network.

https://replicant.us/freedom-privacy-security-issues.php

>A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware. For instance the main CPU's RAM, its storage, the GPS, the camera, user I/O and the microphone. This situation is terrible for privacy/security as it provides plenty of opportunities to efficiently spy on the user, that could be triggered remotely over the mobile telephony network.

https://replicant.us/freedom-privacy-security-issues.php

I have an LG Nexus 5X, which is compatible with CoppeheadOS. It works pretty well, and comes with gapps off by default, plus a few other security patches not present in regular android. Then I just use F-droid to add all the cool apps most others have mentioned here. Would love to switch to replicant (their site seems to have an issue with their SSL certificates right now :-/), but there's very limited compatibility with modern devices.

AOSP is, yes (and even that is more so conceptually than practically), but not Google's or any OEM's Android, which make up more than 99% of all currently used Android systems - they're full of proprietary blobs and software.

The closest to actually usable fully open source Android is Replicant OS, and it has about a dozen of available devices, even fewer of which are actively supported.

>do i have to wait for the librem 5?

yep, and while you're waiting get a ReplicantOS device. One reason (along the many others) for the switch that people usually don't talk about :

>The modem system [...] is always proprietary. [...] the modem remains a crucial part for privacy/security: it is nearly always connected to the GSM network, allowing for remote control. The modem can be more or less damaging to privacy/security depending on what hardware it has access to and can control. That is to say, how isolated it is from the rest of the device. A device with bad modem isolation cannot prevent the modem from accessing and controlling key parts of the hardware.

source: https://replicant.us/freedom-privacy-security-issues.php

Replicant und das Android Open Source Project sind nicht Open Source? Evtl. sind sie keine freie Software, aber Open Source sind die ziemlich sicher.

Sailfish OS gibt es auch für andere Geräte, aber offiziell nur für Jolla, das stimmt. Mit deren Code habe ich mich allerdings noch nie beschäftigt… also wenn du meinst, dass das UI nicht open ist, dann nehm ich dir das mal ab.

Außerdem hab ich natürlich Tizen, Bada, Maemo und Meego vergessen. Die Tatsache ist, es gibt und gab schon so einige offene Betriebssysteme für Smartphones.

lol no

>Handshake has donated $1 million to support computer user freedom and free software development
>
>These significant contributions from Handshake will fuel the FSF's efforts with activists, developers, and lawyers around the world. They include:
>
>$200,000 for Replicant, the fully free mobile operating system based on Android;

https://www.fsf.org/news/free-software-foundation-receives-1-million-from-handshake

I disagree with your conclusion, but you make some good points. There are very few devices where the radio doesn't have DMA access and can basically trump the CPU nowadays. I still own and actively use a Galaxy S3 (i9300, which is still one of the most widespread LineageOS devices), and that's one of the very few devices with a "segregated" radio, and it's supported by Replicant too, though that still requires binary blogs if you want a fair portion of the hardware to be functional.

And... I do agree that LineageOS's kowtowing-to-Google "it's only secure if it's the way Google says" attitude is annoying. I don't really know if it's a carryover from when they were CyanogenMod and they basically cut a deal with Google where circulation of the GApps would be tolerated, as long as they weren't distributed directly with CM anymore, in exchange for CM not doing some things that Google really didn't want them to do... or what.

> You realize Android is Apache and GPL licensed, right? If you are a true zealot then you don’t have to use the closed source components of it.

Replicant is an entirely libre distribution of Android. It only works on a couple of phones, and it doesn't even work very well on any of them. I figure Librem 5 will provide a much nicer experience. (No comment on pricing.)

Actually yeah "any" is what I meant to ask. Hardware button functions on smartphones are pretty much power, volume, and very occasionally lock or silence... I've never seen other buttons.

As for notebooks, I've not infrequently seen killswitches for microphones and wireless connectivity. The latest Thinkpads have a built in camera cover as well, and of course aftermarket camera covers are easy to find or DIY.

If OP is being serious and not trolling, I would recommend getting a Replicant-supported device. GPS isn't supported without manually adding a proprietary blob. Then physically remove the microphone, and only plug in a headphone set with a built-in microphone when you want to make calls.

Or get a Fairphone 2, which is modular and can be taken apart really easily.

A mobile phone itself is a security risk because it can track your movements and it can be turned into a listening device, regardless of the OS it is running. Aside from the OS you see every mobilephone runs a secondary OS on the baseband processor, known as "modem firmware" or "radio firmware". This firmware is entirely proprietary and there is no free replacement for it.

Additionally there are several proprietary parts of Android that can do all sorts of spying on you. To get rid of them you have to use LineageOS (of course without google apps/gapps) or even better Replicant. If your phone isn't compatible with either of them get another phone.

> Do you know if any of the others are better in this regard?

Replicant is the only rom i know that tries to focus on privacy. But to achieve this, you need a kernel which is 100% open source, so it only runs on outdated devices since they don't accept proprietary code run in the kernel (There is still proprietary software in userspace, but it's way easier to prevent userspace software from accessing private data than kernel space software). But still this approach can't prevent you from hardware backdoors in the modem.

Most roms just take an existing rom as base and change a few settings, apply a few patches and add a few apps. And the ones they are based on (stock, lineage, paranoidandroid or omni) all don't focus on privacy.

Logcat shows the diagnostic info of what software is doing on your phone. The predictive text database is created as you use your phone locally or sync online to get an established database. I wouldn't buy a new phone if you can run LineageOS, there's no FLOSS phone. Any phone you get without a isolated modem cannot be verified as private even if you run all FLOSS as the OS. The modem has full hardware control on almost every phone besides maybe the librem 5 and can read/edit ram, switch on the mic, etc without the OS being aware.

Instead of accusing people for "breaking sub rules" and "spreading conspiracy theories".

Replicant using 100% open source code in their ROM...

I'm talking about libraries, drivers, rom, etc. Replicant is the only 100% open source ROM out there to exist. Not a single proprietary line of code exists in the ROM. The devs reverse engineered an open source 2D CPU rendering graphics driver to replace the proprietary Mali GPU driver. The modem processor is the only thing that runs Samsung's nonfree system (not a part of the ROM aka proprietary blob).

>Replicant is a fully free Android distribution running on several devices, a free software mobile operating system putting the emphasis on freedom and privacy/security. It is based on LineageOS and replaces or avoids every proprietary component of the system, such as user-space programs and libraries as well as firmwares. Replicant aims to be an ethical system: it does not ship nor recommend the use of non-free software.

Link: https://replicant.us/about.php#faq

Replicant removing a backdoor...

In 2014, Replicant developers have found a modem backdoor in the Android systems of several Replicant-supported devices, including the S3, and have successfully closed it in Replicant. Additionally, the phone has a read-only nonfree boot rom, which loads a nonfree bootloader. The bootloader is not part of the Replicant system, but it is responsible with loading Replicant.

Link: https://redmine.replicant.us/projects/replicant/wiki/SamsungGalaxyBackdoor

Let's start with this: Every mobile phone includes a microchip called "The baseband", this minicomputer includes their own OS, different at what you see(not Android or iOS), it runs the modem and the microphone(sometimes also the cameras), has access to memory and can control the rest of the device at its please, to be approved by the FCC it must be backdoored to give access to the government, leaving the door open to bad guys.

If you want to be private, you shouldn't have a mobile phone at all, but there are some measures may help:

Avoid iPhones and any phone with no removable battery, the baseband still works even with the phone turned off.

Avoid any phone with proven bad modem/baseband isolation (almost anything Xiaomi/Redmi/Oppo anything from Chinese cheap brands)

Get something with Good ROM support or at least PostMarketOS(no android compatibility) or Replicant(fully privacy respecting Android ROM) support, is the best mobile OS for privacy. replicant.us postmarketos.org

Avoid multicameras(like those with 15 cameras in every side) and phones with notch as the plague.

I'm not exactly sure how much of AOSP itself is libre. I'm not actually aware of any specific parts of AOSP that are non-free, apart from drivers and firmware blobs (that are necessary for the modem, wifi, and I believe Bluetooth hardware to work).

Replicant is based on LineageOS and according to their FAQ

> Replicant uses LineageOS's source code as a base. It is rebranded to provide the Replicant look and feel (wallpapers, logos) and parts of the code are reworked to remove anti-features that can spy on the user. Most importantly, Replicant does not include any of LineageOS's proprietary components (programs, libraries, firmwares) and instead provides free software replacements for some of these. The rest of the system is also adapted so that the free software replacements can run correctly.

The lack of non-free drivers and firmware are the reason it only works on "eight year old devices."

However, I haven't actually figured out what parts of LineageOS (apart from drivers or firmware blobs, of course) are non-libre.

I suppose your main motivation for replacing the Android userspace with GNU is due to software freedom concerns. If so, you may wish to check out Replicant, a fully libre variant of Android endorsed by the FSF.

You're probably looking for a project like Replicant - which works to reverse engineer proprietary libs and create FOSS solutions.

We only really do that in a pinch, and instead, build from source what is released, and shim/wrap all the remaining older proprietary libraries to get them to play nicely with modern android versions.

That said, Replicant have managed to get i9300 running blobless (no internal WiFi, BT or GPS though, and other issues - but sensors and RIL work). The next major release should be running 3D with Lima. It may be a while though. Far fewer devs compared with LOS.

Maybe, if it is one of the supported Replicant devices. Otherwise all OEMs are pretty much the same and you should only rely on them for the hardware and get the software from somewhere more trustworthy such as GrapheneOS, Replicant or LineageOS etc.

>It seems that the PP or L5 must either get way better support or they will be wiped out by better hardware or old hardware that will get just as much support with similar performance.

The whole point of them is to be completely mainline and run without any patches, not only for the kernel but also in userspace. If that succeeds there's no need in the future for community support as everything will be mainline just as you don't need support for your CPU, AMD GPU or some WiFi cards on your laptop/desktop.

>Unless something has changed I didn't see, neither can act as a phone yet, and both still use binary blobs.

They can both act as a phone, they just currently do it very poorly. Neither of them are released yet, it's still pre-release hardware.

>Other phones like the L5 and PP will also partially support binary blobs and mostly open source, so I don't see a big difference between philosophies (similar to bringing either to a "green party" plastic forks you found for free or buying bamboo forks that were sustainable made). Are you familiar with the replicant project?

The few binary blobs for the Librem 5 and the PinePhone are being worked on being removed (it is not final hardware yet). I don't see that happening with the 845.

Otherwise I agree.

>The problem with the devices is that they seem like a stepping stone or POC before it runs on other phones rather than a better phone to buy over the long term. What are you using your L5 for currently?

It's because they literally are pre-release hardware right now, it seems like a POC because it is a POC. I don't have my Librem 5 yet because I don't want a prototype either, I'm waiting patiently on the final hardware batch. I'm not in a hurry and I certainly wouldn't buy a PinePhone or a Librem 5 if I was.

Replicant proves that the hardware isn't just disposable.. There are also way more than 2 phone models that work on mainline. The Snap 845 and google's project treble also show more will be mainlined, and have been for years.

I don't really care that much about speed as much as support. It seems that the PP or L5 must either get way better support or they will be wiped out by better hardware or old hardware that will get just as much support with similar performance. Unless something has changed I didn't see, neither can act as a phone yet, and both still use binary blobs. Other phones like the L5 and PP will also partially support binary blobs and mostly open source, so I don't see a big difference between philosophies (similar to bringing either to a "green party" plastic forks you found for free or buying bamboo forks that were sustainable made). Are you familiar with the replicant project?

The problem with the devices is that they seem like a stepping stone or POC before it runs on other phones rather than a better phone to buy over the long term. What are you using your L5 for currently?

It's good offer if someone don't know anything about modding software. In short you received a Operation system called Replicant (easy to install so not sure why you should buy it). It's full free (as a freedom) operating system.

https://replicant.us/

They are all compromised due to the SoC and modem. I understand that this is a privacy awareness sub but a lot of the guide puts you in a false sense of security/ privacy.

About Aurora, I'm not sure about the wording within that line but I would prefer assurance that I'm getting an apk from google and not some mirror from who knows with who knows what.

And about firefox, the lack of a sandbox on mobile, and the desktop being advertised as a privacy focused browser despite pinging a bunch of servers keeps me away from the main branch.

If you want sources for all my arguments, feel free to ask

I like your logo more than the official Arch logo, so much that I want them to use yours instead. I've unfortunately gotten the official logo ruined by the 'small pinus' meme. Your logo does remind me a little bit of the postmarket os logo: https://postmarketos.org/

If anybody else wants to get the official Arch logo ruined for them forever like I have, you can click this highly NSFW link. You have been warned, though.

On a different note, if you like designing logos, maybe make a new one for https://replicant.us/ ? Their current one is absolute dogshit.

All cellphones are comprimised. It's something you cannot avoid in most countries. I have it worse as I'm using the stock rom on my carriers phone that I've personally degoogled, so you're going to have live with that paranoia if you like cell phones.

Read https://replicant.us/freedom-privacy-security-issues.php

Hardened Androids are available in an array of other devices, that do not contribute to Google's bottom line, like purchasing a Pixel does.

Aside from Pixel's origins, its also one of the more expensive devices out there. If its someones first time experimenting with a de-googled Android, something cheaper is likely a better alternative.

• Devices supported by Replicant

• Devices supported by Lineage / MicroG Lineage

Oh I know android is not google's and that chromium is still spyware, but yes, their "services" are just complete spyware and are 95% closed source (mostly has to do nothing with the app). Also, it's not really their hardware that's closed source (excluding apple), the manufacturers of the hardware like Qualcomm have their hardware closed source leading to backdoors. It's a bit complicated and I'm not the one to talk about that since I know little about hardware.

There are several custom OS's for Android devices like ReplicantOS that offer far more privacy than iOS or any other proprietary OS for that matter. Add to that being meticulous about your online activity and nothing beats an Android device. Sorry to shatter your illusion.

Aujourd'hui tu as deux options si tu veux être quasi peinard sur ton téléphone.
- Utiliser Replicant : https://replicant.us/
- Utiliser PostMarketOS : https://postmarketos.org/

Bien évidemment, comme souligné par les commentaires déjà saisis, marier anonyme et "utiliser whatsapp, telegram, messenger" dans la même phrase relève du contresens.
Cela dit, les alternatives libres, chiffrées et open-source existent (Signal par exemple)

Pour en revenir aux deux OS evoqués plus haut, le support dépend du téléphone bien sûr, de son âge et de ses capacités.
Pour ce qui est de PostMarketOS, ça consiste à installer une distribution GNU/Linux sur ton téléphone. Si tu es à l'aise avec un OS libre, alors ça devrait aller, sinon ça sera plus compliqué, surtout que tu peux te brosser pour le support des applications Android...

Enfin, et comme déjà dit, un LineageOS sans Gapps mais avec MicroG peut t'aider à atteindre ton but, surtout qu'il n'est pas forcément nécessaire d'avoir le Play Store d'installé pour pouvoir bénéficier des apps qui y sont présentes (coucou APKMirror...)

Pour conclure, tout est possible, il faut s'en donner les moyens, mais de toutes façons les antennes GSM te pisteront tout le temps ^^même ^^s'il ^^est ^^toujours ^^possible ^^de ^^changer ^^le ^^numéro ^^IMEI ^^de ^^son ^^téléphone ^^en ^^le ^^remplaçant ^^par ^^celui ^^du ^^Nokia ^^3310 ^^qui ^^dort ^^dans ^^le ^^"tiroir ^^à ^^tout" ^^de ^^ta ^^cuisine

I tried to make very clear in what sense (something between machine and human) I meant replicants are not too different from cyborgs.

How does the "nerd term" make anything clearer? What is a nerd term anyway? I am fairly certain android is actually the more commonly known term (thank you google!), whereas replicant is only known by people that know blade runner (and/or https://replicant.us/)...

Regarding your actual point:

So, District 9 is cyberpunk then? It has high tech (alien weapons and ship) and low life (the stranded aliens). This catch phrase cannot contain all the defining aspects. That's all I am saying.

The device is for sale now, but Replicant isn't supported on it yet. I think work is underway to support it though. Other distributions are currently supported, but I don't think any have been certified to meet the FSF's FSDG, like https://replicant.us has.

> I can't put my money on something that will spy on me

You're not asking about a landphone, so you are inherently buying a tracking device (all mobile phones are tracking devices). Either you need to scrap the phone idea, or you're actually looking to minimize the spying.

Scrapping the phone approach: get a phone that runs replicant, and don't install any blobs. This will automatically turn your phone into a non-phone as the CDMA/GSM radios won't have drivers. Then install Jami from f-droid.org. You'll probably need a blob to make wifi work.

There is the replicant project: https://replicant.us I found a reference to it on gnu.org. I have never tried to run it and have no experience with it. If it's working and indeed fully free, maybe there is a lot of useful solutions one can copy to make arch usable on phones.

Dann hat man aber immer noch proprietäre Treiber ohne die das nicht wirklich funktionieren kann (siehe Replicant) und die Firmware der Radios ist sowieso eine blackbox die bei Bedarf auch das OS überschreiben kann.