Wow LineageOS really is a bazaar, and not a cathedral.
* 74% of installs are unofficial builds, not ones released by LineageOS.
* 2/3 of US installs are on non-phones (waydroid, nintendo switch, rpi, etc)
* Most of the installs on actual phones are in China, Brazil and Vietnam
* Less than 21% of installs are on versions that receive security updates, and less than 9% of installs are on the latest version (mostly because device's binary blobs don't support newer android versions?)
>> 74% of installs are unofficial builds, not ones released by LineageOS.
One of the first versions of LineageOS I used was Evolution X on my Moms old OnePlus phone since it wasn't supported by the "official" Lineage version. Great track record of almost daily updates, and the customization you could do with it was phenomenal. The funny thing was I was running Ubuntu Touch on it before and it was super sluggish (totally not expecting that tbh) so switched to Evolution and suddenly the same phone was really snappy and the battery lasted for almost two days.
But yeah, I'm not surprised many installs are just branched versions of the original since many of them you can run on phones that aren't supported by the official version.
Given how uncommon x86 phones are (a few asus, lenovo, etc. that did not sell well) I think it's clear the vast majority of waydroid_x86_64 are not phones, right?
Nobody was saying anything about x86_64 being the vast majority of Waydroid installs or not but you, so not sure what's your point. Read my first comment again.
The parent said "2/3 of US installs are on non-phones (waydroid, nintendo switch, rpi, etc)", you responded with "Some Waydroid installations are on phones". My response to you was about the vast majority of waydroid installs tracked here are highly unlikely to be on phones due to the CPU architecture.
Your response was unwarranted. I never said anything that would suggest that most of these are phones. Some of these 2/3 are, even if they're in the minority.
the LineageOS teams refuses to incorporate patches to support MicroG as a replacement for Google Services so anyone (including me) that wants to follow that path is required to use unofficial builds.
They stopped that malpractice a while ago (last year?). Signature spoofing is now possible, so microG should work.
But they really hurt their credibility with the prior stance, and that their subreddit still has rules forbidding almost all discussions - interpreted as just closing all questions regarding blocked topics, like rooting, microG, Volte - is still a stain on an otherwise great project.
> They stopped that malpractice a while ago (last year?).
By now it has actually been almost two and a half years.
> But they really hurt their credibility with the prior stance, and that their subreddit still has rules forbidding almost all discussions [...].
While I'm not looking to turn this into an off-platform meta discussion, pretty much all of those rules have their very good reasons to be there.
As an example, you would be surprised how many people install a Magisk module to strip away LineageOS-specific build version properties, and then end up in our support platforms asking why the Updater can't search for new updates (of course while not mentioning that they have modified their system).
microG I don't even see listed as a part of any rule anymore, it was removed when upstream support for microG was merged.
You are correct, the microG ban is gone from the sidebar. That's nice.
(Why this was so important: During covid the official contact tracker in Germany needed microG/the play services, a newer alternative than bundled the scanner or something, so worked without. When it becomes life and death impractical positions like that hurt).
It's okay if you dont want to discuss it. To share my position anyway: You need the option to have root so the device belongs you (and not the Rom), VoLTE is an existential threat and the ban stiffles all options to easily get information about the situation. That's the main point: Banning topics completely does only make things worse, and it is not like the project tried not to ban these topics for how many years now, a decade? An Autobot answer should suffice for making the problems known.
If you are talking about the addition of microG, that indeed seems like it hasn't been mentioned on the blog, although I'd argue very likely due to an oversight.
I can find internal conversations that it deserves to be announced in a more prominent way than on the "Sunsetting LineageOS 18.1" post, was left as "to be added to the LineageOS 22.x" blog post, and then just never made the initial draft. Whoops.
If you are talking about the rules on the subreddit (or the other social platforms), that one indeed has been discussed a lot on the platform itself (and which we usually keep available).
> * 74% of installs are unofficial builds, not ones released by LineageOS.
Every time I want to install LineageOS on a device because it's been abandoned by the manufacturer, it's also been abandoned by LineageOS, leaving me with some random custom rom as only option.
It is a great OS. It needs to be available on newer Motorolas, say 2024 and onward. People want SD card slots, and even 3.5mm headphone jacks. It is the memory card slot that matters most.
It is great to have a degoogled phone. Then the lack of a card slot annoys you and the desire to just plug in an aux cable and have sound anywhere without a dongle comes to the fore.
I wish they would just commit to also support the Motorola G Stylus line. The G Stylus 2024 was a great phone.
Exactly why I stopped installing LineageOS on my phone.
While part of it was that I was no longer interested in tinkering with ROM and playing cat-and-mouse game with SafetyNet/root detection/whatever, the other part is that I cannot trust these ROMs, some of which come (or came) with their own bloatware. Those that have official builds are of course better, but the overall experience and security situation is still much worse than OEM ROM, despite all the junk there.
P.S. another issue is that I became sick of devs using xda forum as the only channel to handle communication, including bug reports, updates etc. GitHub has existed for over a decade, and the issue tracker/release system is usable, yet they choose the worst way to do software engineering.
Agreed, the xda forum thing is a huge security smell. "Here, download this big binary from a random forum user and put it on a device you carry with you everywhere which is equipped with internet, camera, microphone, and GPS. You're welcome!"
The GrapheneOS setup seems a lot better (though it has more limited support).
currently on GraphineOS for those very reasons. There is some amazing stuff in XDA forums but ultimately it's just some random guy posting some random ROM.
Only way I was able to get Cyanogenmod on stuff back in the day, was to use shady hacks from XDA, but man it was super slow and seemed to use a ton of bandwidth...
xda is older than github and has a lot of institutional inertia. Also I get the impression that many of the people involved in the xda ecosystem are hobbyists that just kind of learn things as they go along and have less exposure to bigco software engineering practices.
You talk as if github is a daunting service only meant for enterprise customers.
When in reality it's easy to sign up and used by almost every kind of project you can think of, including someone's 100 line random bash script with a single sentence README, a tiny embedded device hobby project all the way to a vibe coded project, from people who know nothing about software engineering. You almost need to go extra mile to not put your stuff on github.
I don't think there is any reasonable excuse/explanation other than "inertia".
Wow, that's not the distribution I expected; waydroid beats any other version... Though I guess that's not apples-apples since it aggregates any physical device running waydroid... And also I didn't expect unofficial builds to be so popular.
PSA: LineageOS has some unofficial builds which works on earlier gen Amazon devices. I turned an Echo Show from an annoying ad machine into the device a Chumby always could have been.
It's quite sad to see these stats. It used to be the defacto standard for custom ROMs. These dwindling numbers make me think either people aren't as interested in custom ROMs anymore and using the (bloated/Google) factory ROMs or maybe there's some new standard.
Didn't these numbers used to be much, much higher in the past?
NB: Since I'm on GrapheneOS now I haven't looked back
- Spoofing SafetyNet used to be trivial, and not many apps depended on it; whereas these days, it's between hard and impossible to spoof Play Integrity, and it feels like much more apps depend on it. (At least, that's why I stopped rooting my phone.)
- If you want a non-bloated, mostly-AOSP ROM with updates for many years, installing LineageOS (or another third-party ROM) used to be the only option; whereas these days, the Pixel phones give you most of this, and you can just buy these in a store instead of needing to manually flash a ROM.
- The stock ROMs from most manufacturers are less horrible than they used to be. I'm not saying that they're great now, but there's a pretty huge difference between most new phones today and a KitKat-era cheap Samsung phone.
- As you said, I suspect that GrapheneOS has supplanted LineageOS for many of the enthusiast users.
I believe a lot of the enthusiasm we had at the start of the smartphone age is also now gone. The phone is now a boring device made for scrolling and running apps that are mandatory to participate in modern society.
> running apps that are mandatory to participate in modern society
This right here is why I no longer consider custom ROMs. My phone is a tool critical to my daily life and I need it to function correctly nearly 100% of the time. Custom ROMs never really reach that bar in my experience.
Also, the various forms of attestation allow corporations the power to punish me for having the temerity to modify my own property. Yet another way the tech industry has metastasized into a societal cancer.
I'm trying to use lineage at the minute, but xiaomi has made it next to impossible to even unlock the bootloader on my phone, and even then I'd likely need to move at least one of my banks as I seem to remember it not working on lineage, and I'm the target audience for a custom rom. For mass appeal it needs to be much easier, and without any compatibility issues with stock android. I cannot believe it's somehow standard to not allow bootloader unlocking on a device owned by the user, I am fully aware of the risks of it but phone companies insist on treating me like a complete idiot.
Now that manufacturers support their devices for 5+ years and ROMs are actually quite usable out of the box, the need for custom ROMs is much lower. Plus, some convenience apps require things like remote attestation, getting in the way of users. I suspect a significant chunk of the serious ROM user base is also lost to GrapheneOS these days.
Even Samsung is fine with a quick debloating session you can do through WebUSB these days. The only phones I'd really need a custom ROM on these days are those certain Chinese brands that stuff their phone with absolute garbage. Compared to the days where a custom ROM would be faster and updates would end after half a year, if they happened at all, I barely have a reason to use a custom ROM these days.
> NB: Since I'm on GrapheneOS now I haven't looked back
Not to suggest GrapheneOS has become the new "standard" given it currently only supports Pixels, but I hear a lot more about GrapheneOS as the custom Android build than LineageOS, so I wonder if a lot of people have moved there from LineageOS.
The other reason for a decline in custom ROMs may just be that apps are becoming more and more locked down. Banking apps are getting stricter all the time, so even the ones that work with custom ROMs today aren't guaranteed to work tomorrow. And more people probably use Google Wallet than ever, which also rules out custom ROMs AFAIK.
The people behind GrapheneOS have a really nasty attitude towards any OSS initiatives in the smartphone space that aren't GrapheneOS. Really soured me on using their ROM.
Can you give examples of what you consider "nasty attitude" on their part? All criticism of other project I've seen was either cold, clinical technical criticism, or defense against slander propagated in the media against GrapheneOS.
I haven't seen GrapheneOS folks going out of their way to attack anyone.
GrapheneOS has a long history of brigading. They officially encourage it[0] and are now trying to make it a part of their OS[1].
But wait, they are just doing it to The Baddies, right? Setting aside the fact that they frequently claim targeted harassments against them, often with little[2][3] to no[4][5][6][7] evidence (the only heavily cited arguments from them are technical ones), they are using their fanbase for the good of humanity, right? Also, the link I presented earlier[0] doesn't seem that old.
Look no further: Daniel Micay(stinger), threatening another hardened browser Bromite of collaborating with his abuser (submitted one pull request), of stripping their ability to collaborate with him and... changing the license to prevent that, on an open-source project[8]. Don't take my words, the links are there. But honestly I can't think of any reason you have to go that far.
> I'm a bit surprised by you pulling out this issue that was fixed 4 years ago and only affected apps which did not target SDK 23 or higher (which at the time was already a requirement for apps uploaded to Play Store). Your phrasing made me think there might be a new issue, but if this is what you were referring to, all good.
Again, I encourage you to read the entire thread and make up your own mind.
If you believe this behaviour comes from the bygone era before thestinger stepped down, here's a more recent incident: https://tech.michaelaltfield.net/2025/08/19/grapheneos-danie... GOS of course responded[9], but not without false claims: GOS accused the author of falsely claiming that he was a GOS contributor, but the author never said that, they instead said they "make a lot of contributions to many different open-source projects, especially security-related ones." (This was not edited after the fact; see [10]) Daniel Micay still manages/frequents many repos of GOS, including grapheneos.org[11], hardened_malloc[12], and os-issue-tracker[13]. You'll also see that the GitHub sponsor is registered to Daniel's account. I'm not saying there's anything wrong with this per se, it's just me showing that Daniel still has a substantial influence over the project and, judging from the tone of GOS' toots, he still writes the bulk of them as well. He did write most of the GOS-related comments here on HN under his account before he removed it and created a dedicated GOS account 20 days ago (as of writing).
And this leaves out many unverifiable (but consistent with the above) claims of coordinating attacks on their Matrix chat against projects they deem insecure and/or are a threat. You will have heard a lot of the phrase 'Kiwi Farms' regarding TechLore and Louis Rossmann, but although Louis does seem to have an account there, I couldn't find any activity remotely suggesting of GOS or Daniel over there. I couldn't find any evidence that TL is associated with KF. GrapheneOS also claims Louis "livestreamed" his private DMs, which I cannot corroborate; he may have deleted the livestream, but much more likely, it was simply recorded, judging by the format of the video. As for the supposed 'smear campaign', I think you can judge that by yourself. The videos are still up on YouTube.
What I can see from the above is that Daniel Micay (and by extension GOS) makes a lot of accusatory claims without much to back up, and oversteps his boundaries in o...
Agreed that it has often been nasty in the past, but:
* I feel like it has gotten a lot better in the last year or so. Now I mostly see explanations about technical decisions. They do compare to alternatives (which is nice for understanding, I find), and they aren't scared to say that they believe the alternatives are doing it wrong. Which is fine as well.
* I have been following GrapheneOS for years (even when I was on /e/OS), and I must say that the technical arguments have always been interesting and correct. I don't have a single example where it was technically wrong. Of course the alternatives hate it when it is pointed out that they are doing security/privacy wrong.
* The alternatives have been nasty as well, let's not pretend they haven't. It's all counter-productive and unfortunate, of course. But let's not pretend that the CEO of Murena implying that GrapheneOS is for paedophiles (his words, there is a video interview of him saying that) is not "nasty".
That android distro has suspicious sponsors and relentless bots advertising it everywhere. Not even getting into the fact they force users into opaque hardware where there is obvious interest to spy on people, just the other day they were also promoting the usage of government sponsored VPNs.
LineageOS is doing good as always, just without suspicious sources of revenue.
Shady sponsors (if there is any) doesn't matter when transparency is in place. Want to reveal malicious intent? Provide a PoC.
Only hardware that supports bootloader relocking are Pixel devices. There are no others to consider development effort - plain simple. No, you can't use an unlocked device as a daily driver. Up to a minute out of your hands (or triggered reboot from public power outlet, due to outdated Lineage firmware) - and your bootloader is rewritten with one that collect your FDE secret and sends it to a remote server.
Opaque hardware? Which hardware are better and more transparent than Titan and upcoming OpenTitan? Bruteforce protection which considers current ambient temperature - what more do you need?
I can't say anything about VPN affiliation, but everything else is complete bollocks.
They're making inaccurate attacks on GrapheneOS to mislead people. We have sponsorships for our server infrastructure with those companies listed here:
Four of our sponsors are dedicated server companies and one is a VPN company sponsored 2 dedicated servers for us via one of their dedicated servers providers where they have a large discount on the hardware and traffic.
IPinfo is a well known GeoIP company. They provide open source projects including Alma Linux and GrapheneOS with free access to geolocation database downloads. We use it to implement GeoDNS on our self-hosted anycast DNS clusters. They get most of their GeoIP data from crawling the internet with over 1300 probes which makes it far more accurate than the more traditional options based on WHOIS and geofeeds.
What's sketchy about any of these companies? They also don't receive anything more than being listed on our site which we would do for transparency regardless.
GrapheneOS is entirely funded by donations but other donations by both companies and individuals are informal rather than official sponsorships. For example, Proton and Cape have both repeatedly made donations to GrapheneOS.
> Only hardware that supports bootloader relocking are Pixel devices
That's not quite right, but Pixels are the only devices providing all of the hardware requirements for GrapheneOS listed here:
GrapheneOS will also support future Motorola devices meeting all of these our requirements and providing official GrapheneOS support. Those will likely be available in under a year.
> I can't say anything about VPN affiliation, but everything else is complete bollocks.
Mullvad and Proton have both sponsored GrapheneOS with donations. All they wanted was us to say they donated to us which we would do for transparency anyway. We have no obligation to ever post about it again or to say anything positive about either company.
They're describing Tor as a government sponsored VPN and are claiming we promoted it because we answered people's questions about using it on GrapheneOS and have a small amount of documentation on using it. We don't specifically promote using Tor. We regularly caution people about the risk of making themselves into targets with it by accessing the public internet via exit nodes. Tor makes sense for some situations but we generally recommend using a traditional VPN for most people's use cases.
GrapheneOS is entirely funded by donations. It doesn't accept strings attached sponsorships. We list companies sponsoring infrastructure for GrapheneOS on our website to encourage more companies to make donations and for transparency.
Which of these companies do you claim is suspicious and what's the reasoning for that? Server sponsorships are how many Linux distributions including Alpine, Arch and Debian host their update mirrors and other infrastructure.
> force users into opaque hardware
Computer hardware and firmware is nearly universally closed source. The devices we currently support are among the most open including using Trusty OS for the TEE and secure core, OpenTitan as the basis for the secure element and littlekernel for the late stage boot chain on the main SoC.
GrapheneOS is coming to more devices but those devices need to meet our hardware security and requirements and provide the driver/firmware updates we need. We have a partnership with Motorola Mobility that's working towards new devices meeting our requirements with official GrapheneOS support.
> just the other day they were also promoting the usage of government sponsored VPNs
This is utter nonsense. Answering people's questions about how to use Tor on GrapheneOS is not promoting government sponsored VPNs. We don't even specifically promote Tor but rather explain how to use it. We also recommend people carefully consider using it to access the public internet via exit nodes since it makes people using it into targets and anyone can host an exit node.
I agree on the locked down part. Ever since I bought my first smartphone (HTC Desire) I've been flashing custom ROMs pretty much the day I bought it. In the beginning it was a hastle, then it became much easier. In 2021 and 2023 I bought a Xiaomi and it required registering before bootloader unlock was allowed. I didn't like I had to register, but did it anyway.
The real problem for me were the hard to come by blobs that needed flashing after certain updates. And the fact no official supported LineageOS build as available. That last one is mostly on my part for not checking before buying. But still, in the past pretty much any popular phone had one or more official builds supported on XDA. Nowadays you need to venture into Telegram groups scrolling over endless linear conversations of people asking the same issue over and over again. Maybe I'm just getting old, but what was wrong with using a (well structured) forum?
For me, I'm not that concerned with having contactless payments work. Although I did switch banks just to not have the Google Services/wallet requirement. That was short lived though, pretty much every contactless payment now only works with Google Wallet (ridiculous), I just gave up on it and pay by card instead.
I just want to get away from the fact Google Services is integrated into everything you do on your phone. The fact Google Wallet has access to not only the payments you make using NFC, but also the last x transactions on you bank account 'for fraud detection purposes' is quite insane if you ask me.
That's why I just run plain without Google Services (not even the sandboxed one by GrapheneOS) and accept the fact certain conveniences just isn't available for me.
I don't even miss rooting, which I mostly did in the past to have (non VPN based) add blocking on OS level. I just replaced most apps by their browser-based alterantives and use an add blocker there.
About 250k devices were getting GrapheneOS security updates two years ago[1], so it is approaching the number of official (and opt-in reported) installs of LineageOS.
It's a combination of anti-competitive practices from Google (Play Integrity, more and more features locked behind closed source binaries instead of AOSP) and manufacturer locking the bootloaders much more than in the past.
Nowadays most devices can't be bootloader unlocked at all (see Huawei/BBK(Oppo,Vivo) in China) or can but with difficulties and, in some cases, little to no driver support (see Xiaomi or even Samsung's unlock procedures too, difficult to deal with from experience). So developers cannot develop ROMs as they cannot get on the phones anyway.
This is partly done, I think, to prevent users from uninstalling bloatware (Chinese brands doing this mostly), since I've had to deal with this on a BBK branded phone, locked down so far even ADB can't touch the bloat.
Google is also a part of this with play integrity and apps being blocked from working, so if you depend on Google or if you want to use that phone in your day-to-day life with apps from work or banking apps, it might not work great on the same phone.
In my opinion I think it is mostly the manufacturers fighting this, Google is solvable but a locked bootloader isn't.
Honestly I just don't really care to anymore. I used to flash custom ROMs on all my phones because I could only afford cheap (100-200€) phones that were filled with bloatware, but ever since I started being able to afford a decent mid-range phone (Pixel 6a was the first one I didn't reflash) I just found out I wasn't actually missing anything, and I definitely enjoy things like contactless payments, and not having something randomly break every time I update.
It's because of Google Play Services and the subsequent years long gutting of AOSPs application list. Google enforces OEMs to bundle their entire suite if they want to ship with Play Services and then uses that as an excuse to kill the basic AOSP phone apps that are outside of their ecosystem.
The actual numbers are frankly even more disappointing - these numbers are heavily pushed up up by waydroid, which is an emulator for Android apps on Desktop Computing. More than half of the US installs is running Waydroid, with the actual most used real device in the US being nx_tab... which is LineageOS for the Nintendo Switch. That's a difference of 180k and 12k btw. The most used actual phone in the US for LineageOS is beyondx, which is the codename for the Galaxy S10 5g, a device that at a glance stopped being sold last year.
China by contrast fares much better when it comes to LineageOS (as Google Play Services isn't allowed in the country by export controls, the control from Google isn't nearly as strong there); the most used device there is actually a phone, the Xiaomi Mi 8 (dipper) and right behind it, the Xiaomi Mi 10T(/Pro) codenamed apollon.
Final country worth mentioning is Brazil, which apparently really likes the moto g7 power, a phone from roughly the same period as the Galaxy S10 5g.
Vietnam is also relatively high, with the Galaxy S7 (herolte) being the most used device. Russia is just a case where it's basically all waydroid users - not real phones.
At least from my understanding of the world, most of these numbers make sense if you consider them in proximity to US power, financial capabilities making phones last longer than their official support dates and just a rough idea of what phone brands are popular in which country.
From what I understand, my phone's 4G won't work with lineage os and either of the two cell providers that have reception in my area so it's basically unusable for me. I would like to use it but I effectively can't.
a significant contribution is due to android companies not allowing bootloader to be unlocked and then not providing kernel sources, making any development very hard, and many times impossible.
Note that these are the statistics coming from people who are willing to share statistics. Quite a few privacy-minded individuals use these ROMs but don't want to send telemetry, which means those installs don't make it into the statistics.
The large amount of Waydroid and Switch installs surprised me a little, but overall this is about what I expected in terms of distribution.
I doubt whether those US numbers are real, lot of custom rom development/user base has been asian & european market in last decade even though the numbers have been decreasing over the decade (I don't have proof)...
Partially agree, as LOS is no where used as OEM and people familar with custom rom eventually would have used LOS (not mendatory but the numbers would relate)
I miss the free era from 10 years ago. Back then it was probably still called CM.
Now manufacturers are extremely closed: Xiaomi started by making Android ROMs, but today the most practical way to unlock its BL is through exploits...
I remember on xda with my Galaxy S Plus i9001 [1], we had:
- dual boot [2]
- Ubuntu touch [3]
- different kernels with various optimizations, overclocking, etc
- an absurd amount of ROMs, aside from CyanogenMod and LineagesOS there was ParanoidAndroid, Carbon, JellyBean, AICP, plus all the ROMs made specifically by users for this phone
- the latest linux kernel, somebody just compiled it for AOSP, I think it was version 3 or 4 against 2, which was the standard for every other phone, it ended up on some tech news website
I think It was a really great modding scene and a lot of people learnt stuff from that. Mainly by bricking their phones and having to fix them.
Exactly. Of course not everything will work on every device, but they're not even going in that direction (like by incorporating/extending PHH patches) despite acknowledging that most devices won't be officially supported.
Surprised to see there're only one million devices with lineage OS installed. I personally installed it on a few amazon fire tablets. I thought it would be more than 10m devices at least.
Recently installed LineageOS on an old Samsung tablet I had laying around. The thing was barely usable with whatever the highest Android version was it was comparable with. Now it works wonderfully! Really happy with it. Privacy features aside, Lineage can do wonders to revive old hardware
My Nokia T20 is getting to this point and I wish Lineage was an option. Sadly, I don't think it has enough of a footprint for anyone to bother with writing the firmware/drivers -- I wish I had the time to give it a serious try. Seeing this class of devices reduced to e-waste really bums me out. :(
Yeah, I was lucky. My Samsung device is officially supported. As you said, since no one else has had the interest to do it for your Nokia, it’s basically up to you to make it work, since they rely on volunteers.
I wouldn’t begin to know how to take the base ROM and adapt it to a specific device, but I’d imagine any of the frontier LLMs could probably make quick work of it. It might be worth taking a weekend, and spending some tokens on coaching a model through the task?
Interesting why there is no legal challenge for regulator to fine phone manufacturers for not allowing other operating systems. Any groups working on that?
I have a question about country and carrier statistics. Is the fact that Kyrgyzstan is in 12th place real?
The factors that make me doubt this are that the three major Kyrgyz networks are not represented according to their market shares. I see Beeline KG and MEGA (as expected), but do not see "O!" at all. Yet, on Russian underground forums, advice has been circulating that a foreign SIM was an effective censorship circumvention device. And, coincidentally, "O!" is the only Kyrgyz operator who does not offer competitive roaming rates in Russia. So, are the counted users real Kyrgyz users, or Russian roamers that also want a phone free from any possible spyware that comes with it in Russian stores?
107 comments
[ 3.4 ms ] story [ 45.1 ms ] thread* 74% of installs are unofficial builds, not ones released by LineageOS.
* 2/3 of US installs are on non-phones (waydroid, nintendo switch, rpi, etc)
* Most of the installs on actual phones are in China, Brazil and Vietnam
* Less than 21% of installs are on versions that receive security updates, and less than 9% of installs are on the latest version (mostly because device's binary blobs don't support newer android versions?)
One of the first versions of LineageOS I used was Evolution X on my Moms old OnePlus phone since it wasn't supported by the "official" Lineage version. Great track record of almost daily updates, and the customization you could do with it was phenomenal. The funny thing was I was running Ubuntu Touch on it before and it was super sluggish (totally not expecting that tbh) so switched to Evolution and suddenly the same phone was really snappy and the battery lasted for almost two days.
But yeah, I'm not surprised many installs are just branched versions of the original since many of them you can run on phones that aren't supported by the official version.
Some Waydroid installations are on phones.
Searching for "waydroid_x86_64 LineageOS 20.0" leads to a sourceforge page [0] of waydroid with LineageOS builds that have 70-80k downloads per month.
[0] https://sourceforge.net/projects/waydroid/files/images/syste...
But they really hurt their credibility with the prior stance, and that their subreddit still has rules forbidding almost all discussions - interpreted as just closing all questions regarding blocked topics, like rooting, microG, Volte - is still a stain on an otherwise great project.
By now it has actually been almost two and a half years.
> But they really hurt their credibility with the prior stance, and that their subreddit still has rules forbidding almost all discussions [...].
While I'm not looking to turn this into an off-platform meta discussion, pretty much all of those rules have their very good reasons to be there.
As an example, you would be surprised how many people install a Magisk module to strip away LineageOS-specific build version properties, and then end up in our support platforms asking why the Updater can't search for new updates (of course while not mentioning that they have modified their system).
microG I don't even see listed as a part of any rule anymore, it was removed when upstream support for microG was merged.
You are correct, the microG ban is gone from the sidebar. That's nice.
(Why this was so important: During covid the official contact tracker in Germany needed microG/the play services, a newer alternative than bundled the scanner or something, so worked without. When it becomes life and death impractical positions like that hurt).
It's okay if you dont want to discuss it. To share my position anyway: You need the option to have root so the device belongs you (and not the Rom), VoLTE is an existential threat and the ban stiffles all options to easily get information about the situation. That's the main point: Banning topics completely does only make things worse, and it is not like the project tried not to ban these topics for how many years now, a decade? An Autobot answer should suffice for making the problems known.
I can find internal conversations that it deserves to be announced in a more prominent way than on the "Sunsetting LineageOS 18.1" post, was left as "to be added to the LineageOS 22.x" blog post, and then just never made the initial draft. Whoops.
If you are talking about the rules on the subreddit (or the other social platforms), that one indeed has been discussed a lot on the platform itself (and which we usually keep available).
* root is still frowned upon
* microG is frowned upon
* bypassing SafetyNet (sorry, Play Integrity) is frowned upon
* bootloader relocking is not oficially nor semi-officially supported
* missing patches (Google's 6 month source embargo) were not talked about
That sounds more like an OEM problem.
Every time I want to install LineageOS on a device because it's been abandoned by the manufacturer, it's also been abandoned by LineageOS, leaving me with some random custom rom as only option.
It is great to have a degoogled phone. Then the lack of a card slot annoys you and the desire to just plug in an aux cable and have sound anywhere without a dongle comes to the fore.
I wish they would just commit to also support the Motorola G Stylus line. The G Stylus 2024 was a great phone.
Are these bot posting farms and click farms masquerading?
There's a big world out there.
There are e.g. LineageOS builds for Tablets and also Smarthome devices, like the Amazon Echo Show 5, Lenovo ThinkView Displays, etc.
While part of it was that I was no longer interested in tinkering with ROM and playing cat-and-mouse game with SafetyNet/root detection/whatever, the other part is that I cannot trust these ROMs, some of which come (or came) with their own bloatware. Those that have official builds are of course better, but the overall experience and security situation is still much worse than OEM ROM, despite all the junk there.
P.S. another issue is that I became sick of devs using xda forum as the only channel to handle communication, including bug reports, updates etc. GitHub has existed for over a decade, and the issue tracker/release system is usable, yet they choose the worst way to do software engineering.
The GrapheneOS setup seems a lot better (though it has more limited support).
More projects should strive to establish a culture like GrapheneOS has.
Only way I was able to get Cyanogenmod on stuff back in the day, was to use shady hacks from XDA, but man it was super slow and seemed to use a ton of bandwidth...
When in reality it's easy to sign up and used by almost every kind of project you can think of, including someone's 100 line random bash script with a single sentence README, a tiny embedded device hobby project all the way to a vibe coded project, from people who know nothing about software engineering. You almost need to go extra mile to not put your stuff on github.
I don't think there is any reasonable excuse/explanation other than "inertia".
If emulators worked, what's the point of those giant phone farms?
I don't know anything about this, so take it with a grain of salt.
I am just under the impression that a cheap real android is the fastest cheapest way to get a trustworthy-looking device for spamming purposes.
Didn't these numbers used to be much, much higher in the past?
NB: Since I'm on GrapheneOS now I haven't looked back
- If you want a non-bloated, mostly-AOSP ROM with updates for many years, installing LineageOS (or another third-party ROM) used to be the only option; whereas these days, the Pixel phones give you most of this, and you can just buy these in a store instead of needing to manually flash a ROM.
- The stock ROMs from most manufacturers are less horrible than they used to be. I'm not saying that they're great now, but there's a pretty huge difference between most new phones today and a KitKat-era cheap Samsung phone.
- As you said, I suspect that GrapheneOS has supplanted LineageOS for many of the enthusiast users.
..a boring ¡spyware! device that tracks and listens to you!
Also you forgot to mention that you're sharing your personal and device details to our 1,893 e21 partners!
Really though, I'm just waiting for that AI agent that will help me shop online on my phone.. That's my vision of a perfect future!! /s
(how is this boring?:))
This right here is why I no longer consider custom ROMs. My phone is a tool critical to my daily life and I need it to function correctly nearly 100% of the time. Custom ROMs never really reach that bar in my experience.
Also, the various forms of attestation allow corporations the power to punish me for having the temerity to modify my own property. Yet another way the tech industry has metastasized into a societal cancer.
Even Samsung is fine with a quick debloating session you can do through WebUSB these days. The only phones I'd really need a custom ROM on these days are those certain Chinese brands that stuff their phone with absolute garbage. Compared to the days where a custom ROM would be faster and updates would end after half a year, if they happened at all, I barely have a reason to use a custom ROM these days.
Not to suggest GrapheneOS has become the new "standard" given it currently only supports Pixels, but I hear a lot more about GrapheneOS as the custom Android build than LineageOS, so I wonder if a lot of people have moved there from LineageOS.
The other reason for a decline in custom ROMs may just be that apps are becoming more and more locked down. Banking apps are getting stricter all the time, so even the ones that work with custom ROMs today aren't guaranteed to work tomorrow. And more people probably use Google Wallet than ever, which also rules out custom ROMs AFAIK.
I haven't seen GrapheneOS folks going out of their way to attack anyone.
GrapheneOS has a long history of brigading. They officially encourage it[0] and are now trying to make it a part of their OS[1].
But wait, they are just doing it to The Baddies, right? Setting aside the fact that they frequently claim targeted harassments against them, often with little[2][3] to no[4][5][6][7] evidence (the only heavily cited arguments from them are technical ones), they are using their fanbase for the good of humanity, right? Also, the link I presented earlier[0] doesn't seem that old.
Look no further: Daniel Micay(stinger), threatening another hardened browser Bromite of collaborating with his abuser (submitted one pull request), of stripping their ability to collaborate with him and... changing the license to prevent that, on an open-source project[8]. Don't take my words, the links are there. But honestly I can't think of any reason you have to go that far.
Another crashout on Mozilla's repo: https://web.archive.org/web/20240909072043/https://github.co... . Also notable are his insecurity claims against MicroG, to which one of the contributor replies:
> I'm a bit surprised by you pulling out this issue that was fixed 4 years ago and only affected apps which did not target SDK 23 or higher (which at the time was already a requirement for apps uploaded to Play Store). Your phrasing made me think there might be a new issue, but if this is what you were referring to, all good.
Again, I encourage you to read the entire thread and make up your own mind.
If you believe this behaviour comes from the bygone era before thestinger stepped down, here's a more recent incident: https://tech.michaelaltfield.net/2025/08/19/grapheneos-danie... GOS of course responded[9], but not without false claims: GOS accused the author of falsely claiming that he was a GOS contributor, but the author never said that, they instead said they "make a lot of contributions to many different open-source projects, especially security-related ones." (This was not edited after the fact; see [10]) Daniel Micay still manages/frequents many repos of GOS, including grapheneos.org[11], hardened_malloc[12], and os-issue-tracker[13]. You'll also see that the GitHub sponsor is registered to Daniel's account. I'm not saying there's anything wrong with this per se, it's just me showing that Daniel still has a substantial influence over the project and, judging from the tone of GOS' toots, he still writes the bulk of them as well. He did write most of the GOS-related comments here on HN under his account before he removed it and created a dedicated GOS account 20 days ago (as of writing).
And this leaves out many unverifiable (but consistent with the above) claims of coordinating attacks on their Matrix chat against projects they deem insecure and/or are a threat. You will have heard a lot of the phrase 'Kiwi Farms' regarding TechLore and Louis Rossmann, but although Louis does seem to have an account there, I couldn't find any activity remotely suggesting of GOS or Daniel over there. I couldn't find any evidence that TL is associated with KF. GrapheneOS also claims Louis "livestreamed" his private DMs, which I cannot corroborate; he may have deleted the livestream, but much more likely, it was simply recorded, judging by the format of the video. As for the supposed 'smear campaign', I think you can judge that by yourself. The videos are still up on YouTube.
What I can see from the above is that Daniel Micay (and by extension GOS) makes a lot of accusatory claims without much to back up, and oversteps his boundaries in o...
bugs: you tell me!
> volte is not working !
omfg ban that guy~!
* I feel like it has gotten a lot better in the last year or so. Now I mostly see explanations about technical decisions. They do compare to alternatives (which is nice for understanding, I find), and they aren't scared to say that they believe the alternatives are doing it wrong. Which is fine as well.
* I have been following GrapheneOS for years (even when I was on /e/OS), and I must say that the technical arguments have always been interesting and correct. I don't have a single example where it was technically wrong. Of course the alternatives hate it when it is pointed out that they are doing security/privacy wrong.
* The alternatives have been nasty as well, let's not pretend they haven't. It's all counter-productive and unfortunate, of course. But let's not pretend that the CEO of Murena implying that GrapheneOS is for paedophiles (his words, there is a video interview of him saying that) is not "nasty".
LineageOS is doing good as always, just without suspicious sources of revenue.
Shady sponsors (if there is any) doesn't matter when transparency is in place. Want to reveal malicious intent? Provide a PoC.
Only hardware that supports bootloader relocking are Pixel devices. There are no others to consider development effort - plain simple. No, you can't use an unlocked device as a daily driver. Up to a minute out of your hands (or triggered reboot from public power outlet, due to outdated Lineage firmware) - and your bootloader is rewritten with one that collect your FDE secret and sends it to a remote server.
Opaque hardware? Which hardware are better and more transparent than Titan and upcoming OpenTitan? Bruteforce protection which considers current ambient temperature - what more do you need?
I can't say anything about VPN affiliation, but everything else is complete bollocks.
https://grapheneos.org/sponsors
We also list the sponsors of specific servers in our server documentation:
https://grapheneos.org/articles/grapheneos-servers
Four of our sponsors are dedicated server companies and one is a VPN company sponsored 2 dedicated servers for us via one of their dedicated servers providers where they have a large discount on the hardware and traffic.
IPinfo is a well known GeoIP company. They provide open source projects including Alma Linux and GrapheneOS with free access to geolocation database downloads. We use it to implement GeoDNS on our self-hosted anycast DNS clusters. They get most of their GeoIP data from crawling the internet with over 1300 probes which makes it far more accurate than the more traditional options based on WHOIS and geofeeds.
What's sketchy about any of these companies? They also don't receive anything more than being listed on our site which we would do for transparency regardless.
GrapheneOS is entirely funded by donations but other donations by both companies and individuals are informal rather than official sponsorships. For example, Proton and Cape have both repeatedly made donations to GrapheneOS.
> Only hardware that supports bootloader relocking are Pixel devices
That's not quite right, but Pixels are the only devices providing all of the hardware requirements for GrapheneOS listed here:
https://grapheneos.org/faq#future-devices
GrapheneOS will also support future Motorola devices meeting all of these our requirements and providing official GrapheneOS support. Those will likely be available in under a year.
> I can't say anything about VPN affiliation, but everything else is complete bollocks.
Mullvad and Proton have both sponsored GrapheneOS with donations. All they wanted was us to say they donated to us which we would do for transparency anyway. We have no obligation to ever post about it again or to say anything positive about either company.
They're describing Tor as a government sponsored VPN and are claiming we promoted it because we answered people's questions about using it on GrapheneOS and have a small amount of documentation on using it. We don't specifically promote using Tor. We regularly caution people about the risk of making themselves into targets with it by accessing the public internet via exit nodes. Tor makes sense for some situations but we generally recommend using a traditional VPN for most people's use cases.
GrapheneOS is entirely funded by donations. It doesn't accept strings attached sponsorships. We list companies sponsoring infrastructure for GrapheneOS on our website to encourage more companies to make donations and for transparency.
https://grapheneos.org/sponsors
Which of these companies do you claim is suspicious and what's the reasoning for that? Server sponsorships are how many Linux distributions including Alpine, Arch and Debian host their update mirrors and other infrastructure.
> force users into opaque hardware
Computer hardware and firmware is nearly universally closed source. The devices we currently support are among the most open including using Trusty OS for the TEE and secure core, OpenTitan as the basis for the secure element and littlekernel for the late stage boot chain on the main SoC.
GrapheneOS is coming to more devices but those devices need to meet our hardware security and requirements and provide the driver/firmware updates we need. We have a partnership with Motorola Mobility that's working towards new devices meeting our requirements with official GrapheneOS support.
> just the other day they were also promoting the usage of government sponsored VPNs
This is utter nonsense. Answering people's questions about how to use Tor on GrapheneOS is not promoting government sponsored VPNs. We don't even specifically promote Tor but rather explain how to use it. We also recommend people carefully consider using it to access the public internet via exit nodes since it makes people using it into targets and anyone can host an exit node.
The real problem for me were the hard to come by blobs that needed flashing after certain updates. And the fact no official supported LineageOS build as available. That last one is mostly on my part for not checking before buying. But still, in the past pretty much any popular phone had one or more official builds supported on XDA. Nowadays you need to venture into Telegram groups scrolling over endless linear conversations of people asking the same issue over and over again. Maybe I'm just getting old, but what was wrong with using a (well structured) forum?
For me, I'm not that concerned with having contactless payments work. Although I did switch banks just to not have the Google Services/wallet requirement. That was short lived though, pretty much every contactless payment now only works with Google Wallet (ridiculous), I just gave up on it and pay by card instead.
I just want to get away from the fact Google Services is integrated into everything you do on your phone. The fact Google Wallet has access to not only the payments you make using NFC, but also the last x transactions on you bank account 'for fraud detection purposes' is quite insane if you ask me.
That's why I just run plain without Google Services (not even the sandboxed one by GrapheneOS) and accept the fact certain conveniences just isn't available for me.
I don't even miss rooting, which I mostly did in the past to have (non VPN based) add blocking on OS level. I just replaced most apps by their browser-based alterantives and use an add blocker there.
[1]https://discuss.grapheneos.org/d/12281-how-many-grapheneos-u...
This is partly done, I think, to prevent users from uninstalling bloatware (Chinese brands doing this mostly), since I've had to deal with this on a BBK branded phone, locked down so far even ADB can't touch the bloat.
Google is also a part of this with play integrity and apps being blocked from working, so if you depend on Google or if you want to use that phone in your day-to-day life with apps from work or banking apps, it might not work great on the same phone.
In my opinion I think it is mostly the manufacturers fighting this, Google is solvable but a locked bootloader isn't.
The actual numbers are frankly even more disappointing - these numbers are heavily pushed up up by waydroid, which is an emulator for Android apps on Desktop Computing. More than half of the US installs is running Waydroid, with the actual most used real device in the US being nx_tab... which is LineageOS for the Nintendo Switch. That's a difference of 180k and 12k btw. The most used actual phone in the US for LineageOS is beyondx, which is the codename for the Galaxy S10 5g, a device that at a glance stopped being sold last year.
China by contrast fares much better when it comes to LineageOS (as Google Play Services isn't allowed in the country by export controls, the control from Google isn't nearly as strong there); the most used device there is actually a phone, the Xiaomi Mi 8 (dipper) and right behind it, the Xiaomi Mi 10T(/Pro) codenamed apollon.
Final country worth mentioning is Brazil, which apparently really likes the moto g7 power, a phone from roughly the same period as the Galaxy S10 5g.
Vietnam is also relatively high, with the Galaxy S7 (herolte) being the most used device. Russia is just a case where it's basically all waydroid users - not real phones.
At least from my understanding of the world, most of these numbers make sense if you consider them in proximity to US power, financial capabilities making phones last longer than their official support dates and just a rough idea of what phone brands are popular in which country.
China developed Harmony OS in response to American banning some of their brands from using Google Play.
https://www.huaweicentral.com/huawei-harmonyos-once-again-ov...
https://storage.googleapis.com/play_public/supported_devices...
[1] https://wiki.lineageos.org/devices/
The large amount of Waydroid and Switch installs surprised me a little, but overall this is about what I expected in terms of distribution.
I miss the free era from 10 years ago. Back then it was probably still called CM.
Now manufacturers are extremely closed: Xiaomi started by making Android ROMs, but today the most practical way to unlock its BL is through exploits...
- dual boot [2]
- Ubuntu touch [3]
- different kernels with various optimizations, overclocking, etc
- an absurd amount of ROMs, aside from CyanogenMod and LineagesOS there was ParanoidAndroid, Carbon, JellyBean, AICP, plus all the ROMs made specifically by users for this phone
- the latest linux kernel, somebody just compiled it for AOSP, I think it was version 3 or 4 against 2, which was the standard for every other phone, it ended up on some tech news website
I think It was a really great modding scene and a lot of people learnt stuff from that. Mainly by bricking their phones and having to fix them.
[1] https://xdaforums.com/f/galaxy-s-plus-i9001-android-developm...
[2] https://xdaforums.com/t/app-kernel-dual-boot-s-plus.2462783
[3] https://xdaforums.com/t/new-test-porting-ubuntu-touch.238260...
I kind of miss that phone.
I feel like there's a problem in privacy in this dataset...
I wouldn’t begin to know how to take the base ROM and adapt it to a specific device, but I’d imagine any of the frontier LLMs could probably make quick work of it. It might be worth taking a weekend, and spending some tokens on coaching a model through the task?
The factors that make me doubt this are that the three major Kyrgyz networks are not represented according to their market shares. I see Beeline KG and MEGA (as expected), but do not see "O!" at all. Yet, on Russian underground forums, advice has been circulating that a foreign SIM was an effective censorship circumvention device. And, coincidentally, "O!" is the only Kyrgyz operator who does not offer competitive roaming rates in Russia. So, are the counted users real Kyrgyz users, or Russian roamers that also want a phone free from any possible spyware that comes with it in Russian stores?
P.S. I visited Kyrgyzstan in June this year.