Unfortunately my phone is firmware locked ... so I have to take the time to root and debloat my daily driver .... it's exhausting
My manufacturer ended support but my device was still working well.
No, X7 Pro has a Mediatek chip so there are no official roms for it, and I didn't want to risk buying an older phone just for custom rom support since it's possible to brick your phone if you mess up the installation.
Cyanogenmod on Nook, then LineageOS on phone and tablet, now GrapheneOS on phone and tablet. Reason is control and freedom. Security for GOS.
Ayyy, the Nook Color was my ~~gateway drug~~ first Android device I rooted, too! Haven't stopped since...
I'm experimenting with Lineage OS on my Moto G 5G 2024. Not a "daily driver" yet, but I'll see how I can transition from the "normie" phone to this LineageOS phone. Some tasks will never really be replaced, so I'm probably gonna be carrying 2 phones. Like, say, hypothetically if I were to attend a protest (which I'm not saying I would (hi fbi, pls don't arrest me, this is just hypothetically speaking ๐)), I would leave the normal phone at home and bring the one with LineageOS, to document, record any police brutality, and its always on airplane mode, won't even bring a sim. Also useful for navigation and other stuff.
See you there, or not, and its definitely done peacefully, obviously ๐. And I'm definitely not being forced to say "peacefully" under the threat of legal repercussions ๐
I've been running various unofficial versions of LineageOS on a Pixel C for years because the screen is beautiful and the battery remained good until this year.
Official Google support ended with 8.1 Oreo in 2017, but it is currently running 13. I don't think that it'll get any more updates, but I squeezed an extra 7 or 8 years out of it. Plus, I can probably keep using it as a stationary screen on my treadmill for a few more years. Potentially, It'll be useful for a full decade past that final release date.
That's why I use custom roms.
I use GrapheneOS without play services on my daily driver because I despise Google's forcing play services down Android's throat. The irony isn't lost on me that Graphene only works on Google devices, that will hopefully change soon as Graphene works with an OEM to build their own devices. I don't bother with banking or government apps as they aren't mandatory where I live, at least not yet. I try to stick to FOSS (or at least source available) apps where possible.
On a secondary device I also run a rooted version of GrapheneOS just for fun. Yes I know it might be viewed as terribly insecure but it's just a secondary device that I like to play around with, it doesn't have any important data on it. I find it quite interesting to learn how rooting methods work to bypass the normal security measures in place.
What make a rooted phone insecure?
It's important to point out that security isn't binary. Things aren't simply "secure" or "insecure". Rather, there are certain classes of vulnerabilities that are present in some systems and absent in others.
Typical PC operating systems don't have the app sandboxing prism's comment mentions at all, and do have a way for apps to prompt to ask for administrative access. A phone with root is somewhere between the two; apps are usually sandboxed, but if you give them root (or they get it with an exploit), then they're not.
If a PC is secure enough for a certain use case, an Android phone with root probably is as well. Either one calls for a bit of caution with regard to the apps you install.
Non rooted phones usually have read-only OS partition so even if malware is present, it can't affect the OS itself
That's true on modern Android even with root. The active OS partition can't be modified while running, and updates install to the inactive slot. If the bootloader is unlocked, malware could theoretically act as an updater and install itself to the inactive slot, but I'm not sure that has been seen in the wild.
It's theoretically possible to have a locked bootloader and root. That requires a device with a re-lockable bootloader like a Pixel, and a ROM that has root support built in to the signed image.
Rooting devices breaks the principle of sandboxing: one app shouldn't be able to access or modify another app or its data, or system files. If you give an app root, it can do whatever it wants to the system. It could install a keylogger to steal credentials, extract login tokens from another app's storage or just nuke system files to make your device unbootable.
Let's say you don't give any apps root. Even having a rooting platform on the phone (e.g. Magisk) is still a vulnerability. Most rooting platforms will ask the user whether an app should get root when the app requests it. But there could be code execution vulnerabilities (e.g. buffer overflows) in the rooting platform that let you add an app to the list of apps allowed to use root without user confirmation.
TLDR: Root gives an app full access to the device, it could do anything with that. Even if you're careful with what you give root to, it still adds a lot of attack surface that could be exploited.
It would be great if we had a fine-grained access control mechanism where the user could specify that AccA may write to anything in /sys/class/power\_supply and AdAway may write to /etc/hosts, but neither can access any *other* system files. Apps that use root almost always need a fairly narrow set of elevated privileges.
Android already has everything it needs to support that under the hood with SELinux. A UI for it would allow users full control of their devices with a reduced attack surface area.
KernelSU has something like this called app profiles where you can set the capabilities that each app gets when it uses su. And if you are a SELinux wizard you can also set a custom domain for each app which would give you the fine grained control you're looking for. I doubt the average KernelSU user wants to delve into SELinux details so some tool to automate this would be cool. Sadly doesn't look like Magisk supports this.
Not exactly sure what you're asking.
I THINK you ask about the 3rd option.
I've used, and still using GrapheneOS, CalyxOS, and LineageOS.
Also tried a few others in the past.
I am asking why did you switch to a custom ROM. And to which.
Edit: stock to custom
Missed the 'and why'.
I've tried quite a few other custom ROMs in the past.
I'm using those because of privacy. Plus, I feel like they are very lightweight comparing stock ROM.
After the new changes Google would make, I'd install custom ROM, even if I didn't care about privacy. So I'll be able install any app I desire. From F-Droid, GitHub, amd even apps like Vanced.
Which do you like best for a daily driver?
I have been daily driving LineageOS since 2023 on a Samsung Galaxy S10+, and before that experimented a little with CyanogenMod. Number 1 reason is privacy and security. I don't want Google spyware or any other proprietary software on my phone (though I have to live with proprietary drivers, but at least they are abstracted away behind HAL).
I use LineageOS on my Pixel 4A because official support ended. I continue to use a Pixel 4A because newer phones are bigger when I would prefer smaller, and because most newer phones don't have headphone jacks, which I use.
Oh... The headphone jack. Its awful not having one. That's why I stick with my cute s7
I got into custom ROMs late into the game. I always had locked devices because it was easier for me paying monthly for a phone.
However, when I switched to using my Pixel 7 Pro I tried LineageOS, and a few other forks and such. I tried GrapheneOS back when I was on my 7 Pro. I didn't stick with GrapheneOS because I was struggling with some app compatability. Ultimately switched back to LineageOS with Root. It allowed me to use my system wife adblocking, and other custom stuff such as custom kernels, and modules.
I broke my 7 Pro, and got an 8 Pro. For a brief period of time I used LineageOS with root and custom modules and kernels. I got tired of having to fix play integrity and safety net. So I switched to GrapheneOS.
Noe that I am on GrapheneOS again full time, it has gotten a lot better, and more importantly I have changed my habits. So GrapheneOS offers me exactly what i want and need.
Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.
The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:
1. All posts must be relevant to Android devices/operating system.
2. Posts cannot be illegal or NSFW material.
3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.
4. Non-whitelisted bots will be banned.
5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.
6. Memes are not allowed to be posts, but are allowed in the comments.
7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.
8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.
Community Resources:
We are Android girls*,
In our Lemmy.world.
The back is plastic,
It's fantastic.
*Well, not just girls: people of all gender identities are welcomed here.
Our Partner Communities: