this post was submitted on 08 Aug 2023
48 points (88.7% liked)

Privacy

31859 readers
237 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

so Android is mostly developed by google so I assume it also sends a lot of data over to google. Is there an OS that's privacy respecting?

all 35 comments
sorted by: hot top controversial new old
[–] [email protected] 32 points 1 year ago (1 children)

AOSP-derived ROMs like LineageOS, Copperhead, GrapheneOS and Calyx are specifically developed as alternative android distributions that do not rely on Google to function

[–] [email protected] 9 points 1 year ago (3 children)

IMO Graphene is the only true option in this list, with Copperhead being aggressively sus given the history

[–] [email protected] 6 points 1 year ago (1 children)

Graphene is the best option but lineageos is also good and covers many devices. The con of lineageos is the lack of hardened security which graphene provides.

[–] [email protected] -2 points 1 year ago

Lineage isn't a whole lot more private or degoogled than any other vanilla rom, it's rather disappointing in that regard.

[–] [email protected] 4 points 1 year ago

Fully agree about Copperhead. Personally I've been using LineageOS since 2017 (and Cyanogenmod before that) and I'm very happy about it

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

If only it wasn't developed by a complete psycho. Even Louis Rossman couldn't handle it, and he ended up refusing to use GrapheneOS because he couldn't trust someone who is so unhinged with the privacy and security of his personal device.

I'm not saying I hate GrapheneOS, I actually use it currently, but it's a good point to bring up.

[–] [email protected] 2 points 1 year ago (1 children)

Well, from what i understand the nutcase quit after Louis Rossman said that, so no idea where things stand these days

[–] [email protected] 0 points 1 year ago (1 children)

strcat is the lead developer of the project, he isn't going anywhere unfortunately. If he leaves the project dies with him I'd assume (unless of course someone has the knowledge to fork it)

[–] [email protected] 2 points 1 year ago

No, he's handing over and has stepped down.

[–] [email protected] 31 points 1 year ago* (last edited 1 year ago) (2 children)

I would recommend GrapheneOS. There are literally no Google dependencies at all. They have reimplemented privacy friendly alternatives for all built in functionalities typically depending on google such as for location.

Additionally, with their custom built compatibility layer, they allow you to install google play services as a regular app, and fully control which permissions you grant it, which can be useful for apps which depend on google to give you notifications.

Grapheneos is also at the bleeding edge of speed to deliver security updates several times a week.

And with user profiles you can fully separate apps yet they have a custom way of piping notifications between profiles as profiles is a particularly convenient way to isolate apps and prevent them from knowing what other apps are installed.

It's not perfect but it's definitely the most secure and most privacy respecting, it's user friendly, puts the user back in control and works really well the moment you have adjusted to the new way of using android and make use of all the features.

Edit: big caveat, it is only supported on Pixel devices, which may seem illogical for an OS getting as far away from google as possible, but it's for their good security hardware, driver support and allowance for installing an alternative OS.

[–] [email protected] 5 points 1 year ago

I'm glad I picked up a second Pixel 6 at a good price, tried GrapheneOS out on it and I am slowly turning it into my daily driver. I couldn't be happier with it so far, battery life seems better, I feel more like I "own" the device and that it isn't up to sneaky shit etc.

It was by far, the easiest OS install I've ever done, I hope they keep up their awesome work. Now I just gotta find a good OS for my tablet.

[–] [email protected] 4 points 1 year ago (3 children)

it was all perfect until I realized it's for google pixels phones only..

[–] [email protected] 3 points 1 year ago (1 children)

I understand your frustration. I bought a second hand pixel 6 specifically for GOS and couldn't be happier.

Started with a pixel 5 but hated that device due to its poor display design where the display wouldn't stop popping out of the chassis and the earpiece which needed contact to the display would just disconnect when the display was out and the audio quality was bad.

I personally recommend the pixel 6, it's a good device. It still has guaranteed security updates until at least October 2026 and can be found for rather cheap on the second hand market.

[–] [email protected] 1 points 1 year ago (1 children)

I'm thinking of selling my redMi note 11 pro to buy a second hand pixel 6, do you think it's a good idea?

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago)

If you can afford to keep your phone until you figure out whether a pixel 6 with grapheneos is a good fit for you, I recommend that option. You can then later sell it once you're more familiar with the new ecosystem.

Otherwise, it's a bit of a bet. It depends on how confident and familiar you are with privacy compromises, though grapheneos doesn't force many compromise on you as you can always install the google play services if you need push notifications for WhatsApp for instance (though in that case, I would suggest installing WhatsApp with Google play services in a dedicated separate profile and "pipe" notifications through to your main profile).

[–] [email protected] 1 points 1 year ago

It sucks, but it is the only phone that supports unlocking and relocking if the boot loader which gives ability to protect OS from tampering.

I hate google, but needed to be free from spying asap. You could buy second hand and avoid giving them a penny.

[–] [email protected] 1 points 1 year ago

kinda ironic that you have to buy a phone directly from google to get rid of google on android ..

[–] [email protected] 9 points 1 year ago

I'm running graphene for over a year now and its great

[–] [email protected] 6 points 1 year ago
[–] [email protected] 4 points 1 year ago

i have been using grapheneos for a while now, and honestly its been great. the only problem is limited hardware support (only pixel ≥5 unless officially supported - due to unlockable bootloader). i have gone cold turkey from google apps like maps, although it is possible to set it up to work. banking apps and stuff dont work obviously, but those apps should be avoided anyways. ive also heard (some) good things about lineage, calyx, and /e/. i wish linux phones were daily drivable, but sadly it is not yet practicle for most. i would personally recommend at least looking into graphene on a pixel.

[–] [email protected] 4 points 1 year ago* (last edited 1 year ago)

Android is not developed by Google. It's open source but Google adds a lot of stuff on top. There are ways to minimise what apps can spy on you: gboard, keep notes, calendar, calculator, gmail - all can be swapped for better and more privacy respecting apps from F-droid. You can also disable Google and other system (vendor) apps through adb. Some OSs if you don't want to do that are Lineage OS and Calyx OS.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

AOSP from my knowledge uses some google addresses like DNS, time server and connectivity check google servers but unless you will install GMS (Play Services), no private data will be sent to google by default.

[–] [email protected] 2 points 1 year ago (2 children)

Android does not innately send data to Google, just a lot of phone manafacturers ship with Google apps reinstalled, such as google play and other telemetry. If you install the default Android open source project without anything else, and use F-Droid or Aurora to get your apps, you don't need Google at all.

[–] [email protected] 3 points 1 year ago

Google is so embedded in most stock Android version it's pretty much impossible to lock it all out. Google assistant, Gboard, RCS, location services... You can start disabling it all manually but there's a big chance you will miss something ot some update will just enable it back for you.

[–] [email protected] 2 points 1 year ago

interesting hmm, I already use F-Droid just thought it sent more data than I thought

[–] [email protected] 2 points 1 year ago

Android is based on the linux kernel and can be stripped of proprietary software. Custom versions like graphene os exist that are great for privacy.

[–] [email protected] 2 points 1 year ago

thanks everyone for the replies, unfortunately most of the OSes you guys have provided aren't compatible with my current phone (redMi 11 pro), so if I ever get a google pixel, I will use graphene OS. Good night everyone.

[–] [email protected] 1 points 1 year ago (1 children)

you can install tracker control or netGuard to see or block those connections

but it must be better to start with graphene, lineage or iodé as your base

[–] [email protected] 2 points 1 year ago (2 children)

The problem I've found with NetGuard is you can't use it alongside your VPN

[–] [email protected] 4 points 1 year ago (1 children)

i didn't try but i remember reading this:

NetGuard is a firewall application, so there is no intention to add VPN support. However, NetGuard supports a SOCKS5 proxy to chain VPN applications. You can find one possible community contributed solution here.

[–] [email protected] 1 points 1 year ago

Oh, interesting! I'll have to research this.

[–] [email protected] 2 points 1 year ago

I wish more VPN apps had firewall settings built into it.

[–] [email protected] 1 points 1 year ago (1 children)

If you're very technical and understand Linux, security, etc in great lengths (such as how to setup your own iptables rules with looking for help or creating your own scripts), and really know what your doing, a rooted non-gapps lineageos (optionally microg) is a great choice, as long as you install things like AFWall+ and such to lock it down a ton. Heavy emphasis on "understanding" what you're doing here, since if you don't, a rooted device could be bad on security.

If you're not at that comfort level or have the time for that kind of stuff, GrapheneOS (unfortunately on pixel) is the best option.

If you don't want to give Google any of your money, and you don't want to go into the super low level system control with root, the best option is probably still lineageos with microg (or without if you don't need push notifications for anything).

[–] [email protected] 2 points 1 year ago

I'd recommend DivestOS then, it's a fork of Lineage that has as much Google and other proprietary code removed as possible.

Only downside is that you can't use microg, so not the best choice if you need apps that are heavily dependant on it.

I don't, so I'm pretty happy with it.