825
We Must Break The Chains
(media.piefed.social)
Apple and Google will gladly erase the works of developers to chase profits.
Please let me know viable options.
There are no realistic linux options for your phone. These memes are pipe dreams by people that haven't actually looked at how utterly incapable linux currently is at powering a smart phone for normal daily use and how these apps that they're complaining about android and apple are removing won't run on the linux phone in the first place.
Sounds like switching will mean we will lose everything we're already losing. Might as well go ahead and quit cold turkey.
Yeah... I'm rapidly approaching the point of just learning to live without a smartphone altogether as it becomes more and more frustrating to find one that has what I want.
That is correct, currently, moving to a linux phone will lose you more than what you're losing with Google and Apple changes.
Apps are just part of the problem. Running a full linux OS on a phone with all the normal mobile phone capabilities is also an exercise in frustration. Taking Ubuntu Touch as an example, the OS has been around since 2011, was released in 2014 and it's list of approved phones is still minuscule. If you're a person on VZW, that list grows even smaller as VoLTE is problematic enough to be considered impossible to get working reliably.
I truly hope that the linux phone landscape shapes up but in it's current form, it's actually losing ground as it's development is slower than the hardware development and at it's current rate, will never be a viable option.
At this point I'd rather keep my freedom and lose the convenience. If it means losing apps and horsepower, fine by me. I'm already half resigned to going back to a dumbphone. I'm also looking at options to assemble my own phone with off the shelf parts if that's what it takes.
When you abandon freedom to achieve security, you lose both and deserve neither. - Thomas Jefferson
i hear there is actual good stuff to be done with stripped raspberry pis.
what are you looking at for making a practical phone?
Phone calls, SMS, data as a baseline. GPS, and a way to run signal would be great. Everything else would be gravy.
My first thought was to use a pi zero as a base from which to build. Getting everything to fit in a package that fits in my pocket would be next. I can go to a machine shop to make a case from aluminium, rubber gaskets for water protection. Unfortunately I have a more than full time job and can't really dedicate any time to figuring this out, but if there are reproducible instructions already out there, then I will be looking at that option and start getting the parts to build.
It also helps that my phone carrier is offering me a free line right now so I can run 2 phones like a drug dealer.
As read by Spock although Civilization a slightly different version attributed to Benjamin Franklin.
That's funny I've had several Android apps run fine under Linux mobile OSes.
I'm not going to say they're ready for general public daily use but there's no reason they one day couldn't be? There's a foundation there. With a good enthusiast community we could get it to the point that it's at least useable for power users and grow from there.
Several? Well, consider me corrected, it's clearly ready for prime time.
Thanks for not reading any of the rest of my comment
Thank you for starting with a contrary clickbait sentence, then immediately following it up with a confirmation of my comment that linux is not suitable as a mobile OS.
You're just a giant bundle of negativity and unpleasantness, aren't you?
And I'm starting to notice that being a bit more common from piefed users nowadays
Foundation? Well, consider me corrected, I'm clearly ready for pound town.
What's the point in the sarcasm?
There's never going to be some viable alternative to Android and iOS that just springs up out of nowhere fully developed ready for daily driving...
(I was echoing the other guy on the other half of your comment :P)
All dreams start as pipe dreams. Every one.
UBPorts is a solid foundation. It just needs more adoption and backing.
Get a Pixel 8 or 9 and install GrapheneOS. The recent changes to AOSP aren't some death knell for the project. Even if it were: using GOS on an older Pixel for the next five years or so is going to be way safer than alternatives.
I'll grant that whether or not this matters to someone depends on their personal threat model. My counter argument is to gesture broadly at the state of things. If they think the computing device they use most often shouldn't be their most reasonably secured and trustworthy computer then I'm not sure there's much else to discuss on the topic.
I want to be able to recommend any of the Linux phone projects or even something like Murena's new partnership with HIROH but they don't solve the problems GrapheneOS does.
The best breakdown of current options I've found is here: https://eylenburg.github.io/android_comparison.htm
Moving to phones made by google as a protest against google really seems weird. Sorry, but I will stick to the less secure options
This position misses the point entirely and introduces personal risk for no benefit. Buy a used Pixel if it makes you feel better about it. Then you're upcycling.
By less secure I mean lineageos or /e/os. How does it miss the point entirely?
Neither LineageOS nor /e/OS are comparable alternatives. They're significantly less secure than stock Android.
"I don't want to support Google so I refuse to use their hardware with an OS which, by default, prevents Google from achieving their objectives. Instead I'll use insecure platforms that still give Google most of what they want."
Android and Chrome are independent from Google in the same way that AT&T is independent from the NSA. The reality is that Google does what they want with both projects. Their main line of business is surveillance and those projects facilitate their business goals. GrapheneOS is developed for the Pixel platform because of the tight integration with Android from the hardware up.
This has allowed the GOS project to build a modified OS which is stripped of the default tooling and dependencies that give Google power over the device and its user's digital ecosystem. The same cannot be said for any other project at the moment.
Using Google's hardware to deny them access to the reasons they developed and produced that hardware to begin with directly spits in their face. It's more effective to buy hardware from Google, or buy one of their devices second-hand from a trusted source, and then modify it to achieve our goals while denying our would-be owners their own than to continue capitulating to their brand of Surveillance Capitalism.
I really want to understand this, but I don't find constructive information anywhere. Everything I read either doesn't really explain anything at all and is based on assumptions/opinions, or expect me to be a mobile os engineer.
Let's say I have a phone with lineageos, without google play services and without gapps, with most apps installed via f-droid and only a couple from aurora store. What power does google have over me, that wouldn't also have if I used a pixel with grapheneos?
In terms of security, If any threat involving physical access to the phone is statistically irrelevant for me, how is my phone less secure than stock android? And how would grapheneos improve my life?
I can absolutely sympathize with that. There aren't good resources for the uninitiated to get up to speed or which readily justify "this vs that". The goal of the documentation that does exist often has little to do with convincing the tech-savvy public anyway. Marketing and education of laymen isn't going to be the technical writer's forte.
I don't have time to answer all your questions as fully as they deserve but I'll start with one example from the security side, show how I establish a basic from-scratch understanding of that problem, and how I'm able to arrive at a reasonable conclusion about whether it matters or not.
Looking at the previously linked Android comparison table the secure NTP entry will be more straight forward to talk about. That's the
entry in that table.
Here are search results for the same question from two different providers:
DuckDuckGo: https://duckduckgo.com/&q=is+secure+network+time+protocol+important%3F
Kagi: https://kagi.com/search?q=is+secure+network+time+protocol+important%3F&r=us&sh=D_5b8AmhNdDFwIR62tc9pA
Checking a few of the top results I find the info on Baeldung's site the most accessible. https://www.baeldung.com/cs/ntp-security-authentication-synchronization
Sections 5, 6, and 7 are the most relevant to our discussion. In 5 we see that spoofing, man in the middle, and denial of service attacks are the primary concerns. 6 provides an overview of a secure vs insecure connection. 7 covers best practices and specifically addresses mitigating spoofing and man in the middle attacks.
Referencing the chart again we see that GrapheneOS addresses this and others, including LineageOS and stock Android, do not.
Digging into this further I searched the GrapheneOS FAQ for NTP and found relevant info in the Default Connections section: https://grapheneos.org/faq#default-connections
I searched the LineageOS wiki for similar info and couldn't find any. https://wiki.lineageos.org/
If I've missed some info on theIr wiki please let me know. I went searching for additional info on how LineageOS handles NTP to try and put this to bed but I couldn't find much. The long and short of it is that we can conclude a secure NTP implementation matters and without it we're vulnerable to attacks we otherwise would not be.
While searching I did run across this thread on the Privacy Guides forums that I'd like to share: https://discuss.privacyguides.net/t/is-lineage-os-as-private-as-graphene-os/30738/3
Kev nails it.
I suggest malware exposure ought to be within everyone's threat model for, likely, their most used computing device. Couple that with the longer delays between full patches for LinearOS and GrapheneOS becomes a compelling choice.
The other question, asking what power Google has over you, has much more to do with "DeGoogling" and how Google Play services are implemented. For LineageOS, as you mentioned, Google Play services aren't implemented by default and aren't supported.
This is way ahead of alternatives in the same space, like /e/ or Calyx, but their DeGoogling efforts are minimal so they're still defaulting to Google's choices for Domain Name Services, Digital Rights Management, and GPS services. Is that the end of the world? No. You can change that with some effort and maintenance. On GrapheneOS it's already taken care of though.
If a LineageOS user doesn't put in that effort and maintain the changes then they're leaking a ton of useful info to Google by default. So the user doesn't have to worry about Google Play services but does have to worry about Google's data collection, fingerprinting, and influence.
I came across the following blog post a few years ago and it made clear to me how it could be that bad from DNS and GPS info alone. Michael is talking about Google DNS from a corporate Systems Admin perspective but it applies to individuals just the same.
https://www.michaelrinderle.com/2020/05/08/why-systems-administrators-should-stop-using-8-8-8-8-google-dns/
It's categorically better to deny Google this information entirely if possible.
Thanks for being interested and asking good questions. I hope my reply is helpful. <3
Thank you for taking your time to write this and to find a few resources. I will give it a deep read and try to better understand it.
To your last, it wouldn't. Graphene is smartly designed but everyone thinks you need all that security. Most people don't and wouldn't notice a damn bit of difference.
Lineage is offered on far more devices and if your main goal is just degoogling you get a lot more options without giving money to Google.
Cool, but in my country when O find a used pixel 8 it usually costs around 700 USD! Too much for the hardware..
You're absolutely correct. Living in the core of the empire or within one of its beneficiaries affords certain advantages which are made inaccessible to those outside of those regions. Your best approach is likely assuming your mobile device is compromised and only conducting sensitive activity on an inexpensive laptop you can reasonably secure.
Some secure-by-default Linux OSes I'd recommend are:
Parrot Security OS https://parrotsec.org/
Tails OS https://tails.net/
Qube OS https://www.qubes-os.org/
These are listed from most user-friendly to least. Signal has a desktop client that I'd be comfortable using on any of those three platforms.
https://pine64.org/devices/pinephone/ https://jolla.com/
I haven't used either of those directly but have started looking into linux on a tablet (Plasma mobile mainly) and things are definitely rough... nowhere near the polish of Android or iOS (understandably) and the app store options are not great / hacky
I'm just getting into things here, but my guess is that if you want to try a linux phone, if you're OK living in a world that's closer to the first days of smartphones than the current fairly-advanced smartphone, you might only be slightly or mildly frustrated. If you're looking for a modern smartphone experience, you're probably going to have a bad time.
That said, the lack of viable options for smartphones is terrible and it's somewhere I'd like to invest some time contributing to open-source projects to improve