Anyone using Lineage? How is it?
I’ve got a Pixel 7 and have been wondering
To be honest I do not see any reason to use Lineage with Pixel while there is GrapheneOS... But maybe there will be some users of it: it is always better to have more free open OS
Graphene has a relatively short support, especially given that the phones for it are completwly unaffordable new so it's effectively shorter than advertised. I am now spoiled by using a device that is not EOL so I think I will be switching when GOS' support ends.
GOS Supports the pixel devices for the same amount of time as Google hard to keep a device secure once drivers are no longer being updated. But with Google extending support for pixel 6 and 7 series and the new 7 year guarantee on pixel 8 devices and newer this isn't really a concern anymore. So pixel 7a and fold will be supported until 2028 and Pixel 6 and 6 pro until 2026 pixel 7, 7 pro, and 6a until 2027. Seems like plenty of time for support and that means as long as Google supports it so does GOS.
its alright, it kept my "supposed to be dead" phone to keep on running with latest stuff, i like the built in firewall, but if you're privicy focused then this is not for you.
What privacy issues are you talking about?
Once LinageOS is installed your bootloader is always unlocked so anyone who finds your phone if lost owns it. GrapheneOS and a few other ROMs I forget the names of allow the bootloader to be relocked keeping android security model intact allowing the device to still be secure.
Is the bootloader really that important for a lost phone? If someone finds your phone can't they just tear it apart and read the storage with external tools? A locked bootloader sounds more like an anti-tampering measure and not for protecting your phone's content after it's lost.
If someone finds your phone can't they just tear it apart and read the storage with external tools?
that's not the problem that BL locking solves. this is solved by storage encryption. BL locking solves 2 other problems:
It is largely an anti-tampering measure. Without it you could have things injected into the system. For example, a stalker could install a hidden tracking program as a service and then return your phone without you knowing.
Iirc it's also a prerequisite for full-disk encryption on modern android. So, without it your user data is available to be dumped in an unencrypted state. Most phone thieves are interested in reselling the phone, so they're provably not going to go through the effort and risk damage to the phone just to dump encrypted data from the chips directly. However, if it's just available unencrypted from fastboot why not dump it? They could get info that could be used to blackmail or scam you or people you know. Or they could just sell the data.
No because the data is encrypted especially on Graphene OS and even on stock pixel phones data at rest is fully encrypted and pixel phones also have a onboard security chip as well. So unless you can unlock the user data it would be useless. That is why a locked bootloader is so important it is needed to ensure at rest encryption its a requirement for it.
That would be a security issue, not a privacy issue. Maybe that was what RelativeArea0 meant but if so I think that confused people because "privacy" implies somehow corpos/the state is spying on you through Lineage
LOS has privacy issues though, if I remember correctly. like, default DNS server is 8.8.8.8of google, assisted gps contacts a global server of I think qualcomm to speed up getting a GPS fix, and others I don't remember now
Ah, so not that significant and fixable? GOS has an assortment of calls home as well (to their own servers at least, but still a third party).
I used it extensively ony Samsung Galaxy S4 until Android 9 or 11. Was very good (model jflte(xx))
I was planning to move to Lineage, and eventually GrapheneOS (non Pixel at the moment) but revolut has broken compatibility by enforcing the use of the Play Integrity API, revolut is my main bank so I'm kinda blocked, for now... 🤬
My last bank did that so I switched banks my new bank app works without any play services installed on GOS.
that's the spirit
Upgrading android versions did a surprise factory reset for me. Never used it again after that.
Custom Roms are only viable if official android support has dropped and you are no longer getting upgrades.
I dont get why anyone would use LineageOS on a phone that new and that well supported by custom roms (GraphineOS, /e/os, etc)
True But maybe might be helpful if the phone hits EOL?
At that point using it will be less secure, the reason why GraphineOS stops supporting devices is because they focus on security. In addition the Pixel 9 will be EOL in what eight years from now? Maybe even more
Eight years, minus the few years you'd have to wait until the phone is close to affordable. And updates via LineageOS is still way better than just using a phone with no updates when it hits EOL like you normally would.
How safe is Lineage?
Their devs dont really care about security so id say its not safe at all.
Any source on this?
Lineage allows people to have newer android/security patches on end-of-life phones, that's a pretty good security argument.
That first link talks about how it requires an unlocked bootloader, therefore verified boot is disabled and the device is less secure.
While that is true, I think that's a bit of an unfair thing to hold against it considering on most Android phones, you need to unlock the bootloader to run anything the OEM doesn't approve, and most vendors do not support installing your own keys.
That should be a criticism against the OEM for forcing you to weaken the security of the device to have full control over it, not Lineage. That is not really their fault.
I think it would be nice of them to mention that the signing keys being held by the OEM and the OEM only is a massive security (and freedom!) weakness on it's own, and that without being able to sign everything yourself, you can't really be certain of the security of your device, as you cannot control everything on it.
GrapheneOS
how safe is google?
I connect my glucometer (Dexcom G6) with my phone and I'm assuming lineage wouldn't work with it.
Lineage is just Android, however, some apps (Usually banking apps are the worst offender) throw a fit running on rooted/custom roms, though it's usually bypass able with varying amounts of effort. I would not expect a glucometer app to have issues, but I've seen apps throw that fit for less in the past.
Being a medical thing, I'd advise you to pickup a cheap used Android phone that's also on the supported list to test out your app first, or at least have an alternative means of monitoring it
I did some Google searching and it came up... inconclusive, though the Dexcom website has this blurb on the compatible phones section
"You can use this app on any OS that meets the minimum requirements, but Dexcom recommends not updating to a new OS before it's listed here."
And the only minimum requirement for Android is that it's v10. I also didn't see mention of root/or "unauthorized OSes" on that page and alot of the times they will put something like that if a companies app will scan for root/custom roms
So, you might be fine
Works on GrapheneOS
Oh damn, good to know
This is a most excellent place for technology news and articles.
