Pixels are pretty much the only Android phone that supports full verified boot with custom keys, meaning verified boot of the entire base system works no matter what OS you're booting (as long as your OS supports verified boot in the first place). They're about on par with iPhones security-wise, but Pixels support alternate OSes which is really nice.
Other Android phones often either have broken verified boot implementations (such as only verifying the kernel) or completely lack it.
The Titan M makes Pixels even better; it is a security chip which stores keys such as those for verified boot.
The security of Pixels is why security-focused mobile operating systems like GrapheneOS often target Pixels instead of say, Samsung Galaxies.
Or on any other supported phone (see this list: https://doc.e.foundation/devices/) you can follow the install guide there. Might even work with your current phone!
The "easy installer" has very limited hardware support at this time.
The first time I followed the install guide, I ended up with a "hard brick" --- wouldn't even power up. Contrary to popular opinion, it is possible to recover from this but it does take time, effort and determination.
As a result of my experience, I made suggested changes which were incorporated into the guide for my device.
So they're charging a premium (you can buy these phones in mint condition on swappa for nearly $150 less) for a refurbished 3 year old phone because it's preloaded with a ROM for enthusiasts. Who would buy this? I can't imagine any of the people who know or care enough to use /e/ are the kind of people who'd pay someone else $150 to flash a ROM for them.
Yes, there's no root exploit or rootless bootloader unlock that I know of on the Snapdragon versions. I'm seeing similar prices on the Exynos versions, though.
Could you find someone to pay you more than $150 an hour to flash a rom?
Do you have to sit there the entire time you're setting up a phone with a new rom?
The comment you replied to is making a great point, generally people running custom roms without Google's services do so because they are enthusiasts.
An Android device without Google is going to require avoiding very common apps and using workarounds that are already going to be time consuming whether you flash the device or not.
Meanwhile people who aren't enthusiasts probably don't care about Google's hooks into Android via GPS.
-
People who apparently think... their hourly rate... is too high to flash a rom (something mostly automated anyways...) but also want to flash a rom and deal with a phone that is missing the core services that normally define an Android device on an outdated device and want to pay a 2x premium for a privilege may just be a sample size of you lol
GP is saying that there is market for preflashed custom device even if it's 150 markup.
And I agree flashing is no fun. It takes time to find a rom that supports your device well, realize you need to root/unlock bootloader first, etc etc.
Most of the time for casual flashing is spent finding the right tools and setting up.
Flashing is one thing, flashing without Google's services is another.
My point is if you think flashing is no fun, working around the fact Google has moved more and more functionality to Google Play Services every year is going to be even less fun.
This is a product that only enthusiasts will find fun flashing or not, so why even bother paying extra for obsolete hardware?
-
Edit because people don't like when you point out the obvious and now I'm rate-limited:
Privacy concerned smartphone "normies" have Apple. By definition "normies" are not concerned with Stallmanistic posturing about how Apple locks down their very secure devices.
If you have an ideological opposition to them that somehow doesn't apply to the large manufacturers making the phones these guys flash I'd love to know it
I’m a time strapped, privacy concerned smartphone normie who would love to find a good alternative to Apple / Google to recommend to friends. I use three apps: messaging, web browser, and camera. Seems like those apps are covered in this one.
You have to actually figure out what a ROM is, how to access the bootloader on your device, work out all the drivers, naturally figure out all the quirks that happened that weren't listed in the instructions, and then flash the device. Sadly I can't just flash an .iso onto my phone like I would on a USB - 2 clicks.
I've only owned one Huawei phone, but it definitely had Google's software installed. (and after running some network analysis, I noticed it also phoned home to China)
I'm very interested in how do you run the said network analysis? I'm considering buying an Android again but I'd like to properly tame it by cutting off as much spy traffic as possible.
I don't remember what I was using at the time, but there's a variety of ways to do it, depending on what you're looking for. Generally, you want to capture network traffic at the packet level and run it through a tool to help you analyze it. The tool you pick would depend on what you're looking for and the type of analysis you're doing. Here's a few tools that come to mind:
Not the original parent commenter but a sniffer like Wireshark would reveal the url(s) or IP addresses being requested by the phone to call home - it’s fairly easy to check if those belong to a Chinese IP range.
What you are looking at is like buying an iPhone and wanting to block Apple. You won't be able to from the phone itself (unless you flash another ROM but then you'd be better off buying something like a pine phone).
If you are really serious and you won't flash a new ROM then you will need to filter the traffic after it leaves the phone as you cannot trust the phone or its apps. IMO the only way to do this is to use a VPN to connect to a device that runs a proper firewall. It could either be a Raspberry Pi you carry around (bit too geeky for me) or a server somewhere you trust. I connect to a pfsense machine at home via VPN and filter traffic with pfblockerng. You can block on geography if you want.
My girlfriend's iPhone is just as bad as my OnePlus..
I wondered that too and I concluded that it's because the threat model is different.
* China spying will steal your data and identity so the safety of your money and assets will be at risk. Your photos may be sold, your credit cards may be stolen, etc.
* Five Eyes spying will hurt you if you're non-normative. Say you're a casual drug user or perform low scale criminality. Or say you're doing a thing that's legal now but illegal later.
Presumably there's the idea that China could blackmail you but I have a hard time believing anyone would go for that over just letting their naked pics on the Internet.
So the Five Eyes spying is probably harmless to someone totally normative. The China spying is probably harmful to them.
For the non-normative, dark-web peer to peer Bitcoin user who is buying LSD, the China spying is probably better.
Yeah, I was eliding all the pieces as to how to get there. I think they're more likely to have unpunished rogue employees, I think they're more likely to have poor security practices, and so on and so forth.
A friend of mine was on the team that investigated the Twitter 'breach' that got those Saudi activists disappeared. Through personal experience I find it easy to believe that technique would have been more effective on a Chinese company but since I cannot communicate that experience and since you don't share it, I can accept that our views must diverge.
And yes, I'm also a drug-using dark-web crypto user. Had to keep that one quiet from the investigator friend, eh?
Because your information is still getting stolen. Isn't this obvious? There is no lesser evil much less so than a country that doesn't comprehend concepts like "privacy" and "human rights".
They are "likely worse", IE. you don't know? IMO they are not worse and the data collected by Huawei is useless compared to anything Google collects since I don't live in or near China. They also don't share it with anyone that might kick down my door if I like something that the US someday in the future sees as the new red scare.
You don't need to live in China to be affected by China. There are many ways a country can use information on foreigners to advance the country's goals, affecting said foreigners.
And if you flash a good custom OS like GrapheneOS, maybe LineageOS without microG, then Google doesn't track you even if you use their hardware. Even better if you use a secure OS like GrapheneOS or standard AOSP without Google Play Services or bloatware.
Sailfish has a runtime for Android apps, but under the hood it's closer to other mobile Linux projects, and to that end the hardware compatibility is less like Lineage or /e/ and more like UBPorts.
Android's handling of the Linux kernel, until this current version cycle, has involved several forks per device -- patches from Google (the Android Common Kernel), then patches from chipset vendors, then patches from device vendors -- with closed binary drivers inserted at various points in this process. [0] Treble has been exposing generic hardware interfaces to system images since version 8, but the drivers themselves haven't had that kind of uniformity re: how they interface with the kernel itself.
There are projects that will adapt them to run GNU-based systems -- to use UBPorts as an example again, it actually does exist as a GSI -- but since the modifications needed to get them to run depend on a custom kernel, they're still device-specific.
Meanwhile, Android devices are required to run Google's entire test suite using a generic build of AOSP, so while GSI compatibility isn't perfect, the minimum baseline is effectively just the ability to unlock your bootloader.
[0] Generally. In some cases -- most Huawei devices, non-US Samsung models -- the device vendor is the chipset vendor. But that doesn't mean their chipset IP is any more open than, say, Qualcomm's, nor does necessarily alter that of other components like camera sensors.
Honestly, I think this kind of thing is more likely to lead to a good usable daily-driver phone than the Pinephone. Unfortunately there is not quite as much hardware freedom on this device...
I haven't had any crashes, but I've had more and more sites not work with Firefox. The payroll site I use for my small business is the most annoying one, I have to switch to Safari to run payroll.
Had Firefox updated and needed a restart? I get that crashed message on xubuntu 20.04 when opening a link in a new tab. Every time it confuses me for a moment then I remember why.
The offers of GrapheneOS and /e/ are very different. /e/ targets to be a usable alternative to a google-owned software, which includes for instance cloud storage and backup, access to third party proprietary apps, etc. While GrapheneOS is harder to use, but it does provide much better security hardening.
hey there phh; slightly tangential, but: What are your plans for phh-treble? To be honest, if you've got the bandwidth, I'd love for you to start something comparative to /e/ and CalyxOS.
With Generic Kernel Images (and APEX to an extent), do you see phh-treble likely replacing LineageOS as the preferred base for projects like /e/? Merci.
My goal for Phh-Treble remains the same, which is provide a good basis for a pure unmodified AOSP with good hardware support, so that other people can make whichever ROM they want with it. As such, I'm saddened that many ROMs, including /e/ still doesn't officially provide GSIs...
I haven't had a good look at either /e/ or CalyxOS, but /e/ looks like they are too focused on the marketing for my taste, /e/ really isn't known to be a contributor in term of source code to the community, their only contribution is bringing users (I do have a bit of respect for that). CalyxOS has nice things, it is much closer to what I'd want than GrapheneOS. CalyxOS tries to makes features closer to what you can get on a "standard" google-owner Android, and they are definitely a great value to the community, like SeedVault is a really nice addition for de-googlizing one-self. I feel that CalyxOS goes too much into security, while privacy/data-owning are already very nice features, and they restrict their user-base because of that.
I doubt that GKI would help phh-treble replace LineageOS. First, I'm happy there are LineageOS GSIs based on my work :-) But the real reason LineageOS persist is that most users want a ROM tailored for their own device. Sure one of the biggest real issue of phh-treble is the lack of security upgrade of the kernel, but from my experience discussing with many people asking me for device-specific ROM, the reason they want device-specific ROMs is really about feelings.
Most users feel a device-specific ROM will be more optimized. (no they are usually not Gentoo users). Usually they'll come to me with "hey, you have this feature that works on my device in GSI, but not in my device-specific ROM, could you help fix it?", when I ask why not just use my GSI, the answer goes with optimization, and the obvious answer is "It's so much more optimized that hardware features doesn't even work.".
yes. Anything Android based is absolutely dominated by Google. At this point it probably takes less manpower to maintain a Gnome/KDE/Lomiri based distro for your platform than Google-free Android.
Your definition of google-free: Completely zero code input, developer overlap, or potential design influence by Google
My definition of google-free as it relates to phones, and I think the more common one: No callbacks to any Google service such as Play store, google cloud messaging, or any of Google's usual default android applications.
By that definition, Linux, Chromium, and lots of other software isn't Google-free. But that's ridiculous. Android does not contain any tracking code, and at most uses Google servers as the default for network connectivity tests, etc. which you can change. Versions of Android running on actual phones often have tracking, but this is not related to Android itself and is largely about Google Play Services.
How do you say "/e/ OS"? I know this is always asked but I still don't know because I've seen conflicting answers. Is it just e OS? Why complicate your brand by throwing in "/"s?
How about a new Moto G7 Plus for say $185 with screen protector and case with $5 going to /e/ foundation to continue development. Here is the proposed /new/ hardware:
I use one of these myself as a daily driver and have done several for friends and family so I have the flashing part down. I have toyed with the idea of turning this over to my grandson as a business for college spending money.
I replace some of the default apps with better non-tracking, privacy focused alternatives such as Brave browser and TwinMe for video calls and instant messaging. Note: Your iOS friends will like TwinMe too.
Any interest in going turn key "Google free" at this price point? The goal is for my grandson to net $50 per phone. Any less is not worth the time and effort required.
88 comments
[ 2.1 ms ] story [ 156 ms ] threadAnd consider GrapheneOS.
Anyway, please read GrapheneOS.org in its entirety.
Other Android phones often either have broken verified boot implementations (such as only verifying the kernel) or completely lack it.
The Titan M makes Pixels even better; it is a security chip which stores keys such as those for verified boot.
The security of Pixels is why security-focused mobile operating systems like GrapheneOS often target Pixels instead of say, Samsung Galaxies.
Or on any other supported phone (see this list: https://doc.e.foundation/devices/) you can follow the install guide there. Might even work with your current phone!
The first time I followed the install guide, I ended up with a "hard brick" --- wouldn't even power up. Contrary to popular opinion, it is possible to recover from this but it does take time, effort and determination.
As a result of my experience, I made suggested changes which were incorporated into the guide for my device.
Either way, when I'm ready for my next phone i'm going to strongly consider /e/
Could you find someone to pay you more than $150 an hour to flash a rom?
Do you have to sit there the entire time you're setting up a phone with a new rom?
The comment you replied to is making a great point, generally people running custom roms without Google's services do so because they are enthusiasts.
An Android device without Google is going to require avoiding very common apps and using workarounds that are already going to be time consuming whether you flash the device or not.
Meanwhile people who aren't enthusiasts probably don't care about Google's hooks into Android via GPS.
-
People who apparently think... their hourly rate... is too high to flash a rom (something mostly automated anyways...) but also want to flash a rom and deal with a phone that is missing the core services that normally define an Android device on an outdated device and want to pay a 2x premium for a privilege may just be a sample size of you lol
And I agree flashing is no fun. It takes time to find a rom that supports your device well, realize you need to root/unlock bootloader first, etc etc. Most of the time for casual flashing is spent finding the right tools and setting up.
My point is if you think flashing is no fun, working around the fact Google has moved more and more functionality to Google Play Services every year is going to be even less fun.
This is a product that only enthusiasts will find fun flashing or not, so why even bother paying extra for obsolete hardware?
-
Edit because people don't like when you point out the obvious and now I'm rate-limited:
Privacy concerned smartphone "normies" have Apple. By definition "normies" are not concerned with Stallmanistic posturing about how Apple locks down their very secure devices.
If you have an ideological opposition to them that somehow doesn't apply to the large manufacturers making the phones these guys flash I'd love to know it
Web install takes moments these days, can be done by any 8th grader with a GrapheneOS phone, or PC with any major browser and a USB C cable.
It’s great that it’s so easy. I’m happy that people enjoy doing it. I simply don’t want to.
Let me know.
Possibly. But that will not include installing updates, and it does not include troubleshooting when something breaks down the line.
Say that again :) ?
Tease apart I think and believe /e/ is a really great initiative, which aligns better with ecology than Fairphone does (so far).
If my phone was supported I'd have switched long ago (it's a 2015 sony z5c I bought second hand 3.5 years ago).
What do you mean by that?
https://esolutions.shop/shop/e-os-fairphone-3/
https://www.wireshark.org/
https://www.snort.org/
https://www.ntop.org/products/traffic-analysis/ntop/
If you are really serious and you won't flash a new ROM then you will need to filter the traffic after it leaves the phone as you cannot trust the phone or its apps. IMO the only way to do this is to use a VPN to connect to a device that runs a proper firewall. It could either be a Raspberry Pi you carry around (bit too geeky for me) or a server somewhere you trust. I connect to a pfsense machine at home via VPN and filter traffic with pfblockerng. You can block on geography if you want.
My girlfriend's iPhone is just as bad as my OnePlus..
* China spying will steal your data and identity so the safety of your money and assets will be at risk. Your photos may be sold, your credit cards may be stolen, etc.
* Five Eyes spying will hurt you if you're non-normative. Say you're a casual drug user or perform low scale criminality. Or say you're doing a thing that's legal now but illegal later.
Presumably there's the idea that China could blackmail you but I have a hard time believing anyone would go for that over just letting their naked pics on the Internet.
So the Five Eyes spying is probably harmless to someone totally normative. The China spying is probably harmful to them.
For the non-normative, dark-web peer to peer Bitcoin user who is buying LSD, the China spying is probably better.
A friend of mine was on the team that investigated the Twitter 'breach' that got those Saudi activists disappeared. Through personal experience I find it easy to believe that technique would have been more effective on a Chinese company but since I cannot communicate that experience and since you don't share it, I can accept that our views must diverge.
And yes, I'm also a drug-using dark-web crypto user. Had to keep that one quiet from the investigator friend, eh?
Sailfish has a runtime for Android apps, but under the hood it's closer to other mobile Linux projects, and to that end the hardware compatibility is less like Lineage or /e/ and more like UBPorts.
Android's handling of the Linux kernel, until this current version cycle, has involved several forks per device -- patches from Google (the Android Common Kernel), then patches from chipset vendors, then patches from device vendors -- with closed binary drivers inserted at various points in this process. [0] Treble has been exposing generic hardware interfaces to system images since version 8, but the drivers themselves haven't had that kind of uniformity re: how they interface with the kernel itself.
There are projects that will adapt them to run GNU-based systems -- to use UBPorts as an example again, it actually does exist as a GSI -- but since the modifications needed to get them to run depend on a custom kernel, they're still device-specific.
Meanwhile, Android devices are required to run Google's entire test suite using a generic build of AOSP, so while GSI compatibility isn't perfect, the minimum baseline is effectively just the ability to unlock your bootloader.
[0] Generally. In some cases -- most Huawei devices, non-US Samsung models -- the device vendor is the chipset vendor. But that doesn't mean their chipset IP is any more open than, say, Qualcomm's, nor does necessarily alter that of other components like camera sensors.
It's the best non-Google, privacy enhanced experience you can get at the moment.
With Generic Kernel Images (and APEX to an extent), do you see phh-treble likely replacing LineageOS as the preferred base for projects like /e/? Merci.
I haven't had a good look at either /e/ or CalyxOS, but /e/ looks like they are too focused on the marketing for my taste, /e/ really isn't known to be a contributor in term of source code to the community, their only contribution is bringing users (I do have a bit of respect for that). CalyxOS has nice things, it is much closer to what I'd want than GrapheneOS. CalyxOS tries to makes features closer to what you can get on a "standard" google-owner Android, and they are definitely a great value to the community, like SeedVault is a really nice addition for de-googlizing one-self. I feel that CalyxOS goes too much into security, while privacy/data-owning are already very nice features, and they restrict their user-base because of that.
I doubt that GKI would help phh-treble replace LineageOS. First, I'm happy there are LineageOS GSIs based on my work :-) But the real reason LineageOS persist is that most users want a ROM tailored for their own device. Sure one of the biggest real issue of phh-treble is the lack of security upgrade of the kernel, but from my experience discussing with many people asking me for device-specific ROM, the reason they want device-specific ROMs is really about feelings.
Most users feel a device-specific ROM will be more optimized. (no they are usually not Gentoo users). Usually they'll come to me with "hey, you have this feature that works on my device in GSI, but not in my device-specific ROM, could you help fix it?", when I ask why not just use my GSI, the answer goes with optimization, and the obvious answer is "It's so much more optimized that hardware features doesn't even work.".
Also, not weird in the context of Google actively maintaining their position as a a top security firm these days, with Project Zero.
Which is what the general public wants.
For everyone else, there's Graphene.
Evidence otherwise appreciated, even if just a compelling theory...
My definition of google-free as it relates to phones, and I think the more common one: No callbacks to any Google service such as Play store, google cloud messaging, or any of Google's usual default android applications.
https://m.gsmarena.com/t_mobile_revvlry+-9764.php
I use one of these myself as a daily driver and have done several for friends and family so I have the flashing part down. I have toyed with the idea of turning this over to my grandson as a business for college spending money.
I replace some of the default apps with better non-tracking, privacy focused alternatives such as Brave browser and TwinMe for video calls and instant messaging. Note: Your iOS friends will like TwinMe too.
Any interest in going turn key "Google free" at this price point? The goal is for my grandson to net $50 per phone. Any less is not worth the time and effort required.