LineageOS is apparently not private? (lemmy.zip)

submitted 1 day ago by PragmaticIdealist@lemmy.zip to c/privacy@lemmy.ml

28 comments fedilink hide all child comments

I'm planning on flashing LineageOS on my phone to debloat and to degoogle, and additionally to increase overall privacy but apparently from what I've heard here that it's not private enough or even at all?

I know about it being less secure because of the opened bootloader and the higher chances of you rooting to achieve what you want with a degoogled phone, but beyond that (especially privacy-wise) I don't know anything.

I've seen a video on how to degoogle it further, but surely it isn't all I need to do.

I need some education.

Unfortunately my phone is so obscure that it isn't supported by literally anything, but fortunately there's an unofficial port of LineageOS I found on Telegram, and that's the one I'll be using. So if you're thinking of suggesting another custom ROM, you're out of luck. Also you can't make me buy a Pixel - that thing ain't supported in my country (5G and others) and it's hella expensive as well.

you are viewing a single comment's thread
view the rest of the comments

[-] Zak@lemmy.world 2 points 1 day ago

Getting around Google's attestation with an unlocked bootloader requires root - I believe the go-to is Magisk and the Play Integrity Fix module. It's also a good idea to put the apps in question on the Magisk denylist. I've been using this for years with good results and would not describe it as "a lot of things".

Is that from installing an app or from install a malicious ROM?

A malicious app could modify the OS, but it would need root permissions. There are three ways that can happen:

The app exploits a privilege escalation bug in the OS. This can happen even if you don't have root access yourself.
The app exploits a bug in a superuser permission manager (e.g. Magisk) to gain root privileges without prompting you.
A previously legitimate app you've given root privileges to gets a malicious update (a supply chain attack).

A malicious ROM is certainly possible. Some random person's LineageOS fork is slightly less trustworthy than its maintainer (due to supply chain attacks).

[-] PragmaticIdealist@lemmy.zip 2 points 1 day ago

Getting around Google’s attestation with an unlocked bootloader requires root - I believe the go-to is Magisk and the Play Integrity Fix module.

I'm planning on using KernelSU, because I asked on the Magisk subreddit and it's unironically what they recommended. I looked around here and it solidified my decision even more.

The recommended way for me to install it goes like install custom recovery > install custom ROM > somehow flash preferred rooting solution in recovery > install preferred rooting solution as an app. link

this post was submitted on 06 Sep 2025

27 points (100.0% liked)

Privacy

41550 readers

707 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS