this post was submitted on 20 Jul 2024
93 points (96.0% liked)

Privacy

32120 readers
940 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Im considering buying a new phone and i don't really consider a Pixel. I really like Fairphones approach, with the self repairable stuff. Even though they don‘t have a headphone jack. But well… I can’t change it. I’ll definitely go with the adapter over wireless headphones.

But to my question: What private OSes are there? Fairphone sells FP4s with eOS, how is that? And does it work on the FP5? GrapheneOS only works on Google Pixels right?

top 50 comments
sorted by: hot top controversial new old
[–] shortwavesurfer@lemmy.zip 29 points 4 months ago* (last edited 4 months ago) (17 children)

Graphene does only work on the pixel devices. What makes it special is that you can lock the bootloader again after installing it, which with things like lineage, you cannot do. I have never used /e/OS but i use lineage as my daily and it can be installed on FP

[–] Ilandar@aussie.zone 13 points 4 months ago (2 children)

What makes it special is that you can lock the bootloader again after installing it

I'm not sure why this is considered special. You can also re-lock the bootloader with CalyxOS, iodéOS and DivestOS. This is a Pixel thing, not a GrapheneOS thing.

[–] vikingtons@lemmy.world 8 points 4 months ago

It's also possible to relock the bootloader on a handful of Motorola and fairphones, at least as part of the Calyx install procedure

[–] shortwavesurfer@lemmy.zip 5 points 4 months ago

Okay, I was not aware of that, so thanks for the information.

load more comments (16 replies)
[–] Andromxda@lemmy.dbzer0.com 23 points 4 months ago* (last edited 4 months ago) (1 children)

Yes, GrapheneOS only works on Pixel devices, because the project has some pretty extensive hardware security requirements: https://grapheneos.org/faq#future-devices

The Fairphone is a highly insecure device, which comes nowhere close to the (hardware) security of a Pixel. On top of that, the Fairphone company doesn't even know how to maintain their own Fairphone OS. The verified boot implementation is fundamentally broken and very misleading, since it's signed with the publicly available (!!!) AOSP test private keys. This is such a blatant disregard of security practices, that should have made it impossible to certify their devices. It's not a surprise either that Fairphone regularly misses important Android security patches, or delivers them months later. That's also why GrapheneOS will never support devices like the Fairphone. There are more issues with Fairphone's misleading update policy that I haven't covered in detail.

I highly recommend against purchasing such insecure, and poorly maintained hardware. DivestOS is the best option for "damage control", if you already own a Fairphone. Its developer actually cares about users and their security, and the OS is properly signed.

load more comments (1 replies)
[–] communism@lemmy.ml 18 points 4 months ago

Fairphones can also run CalyxOS if you want to look into that

[–] N4CHEM@lemmy.ml 17 points 4 months ago (1 children)

There are several degoogled OS options for the Fairphone models, with different levels of degoogling and privacy: LineageOS, CalyxOS, DivestOS, iodéOS and /e/OS.

Most of these are based on LineageOS (I understand that CalyxOS isn't, but I might be wrong). I personally use iodéOS and I like the helpful developers, the ability to remove / replace any of the apps preinstalled with the system, and the iodé blocker which blocks trackers, adds and any connection you want to at a system level.

load more comments (1 replies)
[–] hellfire103@lemmy.ca 17 points 4 months ago

DivestOS is the way to go.

[–] RubberElectrons@lemmy.world 16 points 4 months ago* (last edited 4 months ago)

I'm on CalyxOS, it works great. Locked bootloader, ability to block connection of devices when screen is locked (defeating cellebrite's method of choice), work profiles and firewalls etc.

[–] Undertaker@feddit.org 15 points 4 months ago* (last edited 4 months ago) (1 children)

There are only a few to consider. /e/os if you want it easy or DivestOS if you want it most secure and private. All the other possibilities have disadvantages compared to these.

Please be aware that you should buy FP5 as FP4 has huge hardware issues and the support is a dissapointment. And yes, /e/ is available for FP5 (but not via easy installer, but it's not hard to flash it yourself)

/e/ is announced as 'degoogled' but that's not 100 % true (and not nearly as well). For example MicroG connects to Google as well as connectivity backup check. Patch level is far behind AOSP. The App Lounge uses clean APK for some apps which is very risky. Communication is a problem and they do not react like they should for example when Mike Kuketz analysed /e/ and found several problems.

The community is huge and they support many devices.

DivestOS is better in most points but is managed by one person alone. MicroG is not included by default (if you need it) and multi sim support is a problem.

[–] infeeeee@lemm.ee 4 points 4 months ago

You can disable microg connecting to google servers, but basically you get a standard gms free experience, with most apps simply not working from play store. They list in the wiki how and why they connect to google: https://github.com/microg/GmsCore/wiki/Google-Network-Connections

A completely google free experience would be unusable for "normal" people, so they somewhat right as they target "normal" users. I also don't like /e/, but because they are deliberately obfuscating a lot of things in their documentation, and they try to sell their os as something genuine, but it's mostly just AOSP with microG.

[–] gytrash 12 points 4 months ago

If I had a Fairphone I'd use CalyxOS or DivestOS. They seem to be the best for privacy and security out of the OS that Fairphone supports.

[–] refalo@programming.dev 10 points 4 months ago* (last edited 4 months ago) (1 children)

CalyxOS is another one. Some consider fairphone problematic

[–] Linsensuppe@feddit.org 8 points 4 months ago (1 children)

Can you explain that? Why is Fairphone problematic?

[–] refalo@programming.dev 10 points 4 months ago* (last edited 4 months ago) (2 children)

Well, whether anything is problematic or not is highly subjective.

Do you consider no headphone jack to be problematic? Or that some think it was done intentionally to push their wireless headphones?

What about the use of slave labor? After realizing it was impossible to get away from that, they tweaked their slogan from a fair phone to a "fairer" phone.

How about the high price and little demand?

See what I mean? One person's problem is not everyone's.

[–] Linsensuppe@feddit.org 9 points 4 months ago* (last edited 4 months ago)

I do consider the missing headphone jack a problem, but are other brands better? I did not research any of this, but don‘t other brands do the same. Considering this, I think Fairphone is one of the better phone producers. Im not saying they are the best or that they do nothing wrong. And please correct me if I’m wrong, I think the high prices come from the higher loans and better quality materials than other brands.

[–] Ilandar@aussie.zone 7 points 4 months ago (7 children)

What does any of this have to do with Fairphone? You can apply every single one of these criticisms to the rest of the industry and it would be way more relevant than it is with Fairphone.

It seems some people will not accept paying more for an ethically superior product unless it is literally perfect in every single ethical aspect. If it's not perfect, then this company that is vastly superior to all its competitors when it comes to ethics is somehow the villain. This is braindead logic.

load more comments (7 replies)
[–] mariusafa@lemmy.sdf.org 9 points 4 months ago

FP4 with CalyxOS works perfectly.

[–] Ilandar@aussie.zone 8 points 4 months ago* (last edited 4 months ago) (3 children)

The Fairphone 5 is supported by CalyxOS, iodéOS, /e/OS and LineageOS (with or without microG, which is a Google Play Services replacement).

You can read about each of the projects here:

load more comments (3 replies)
[–] haui_lemmy@lemmy.giftedmc.com 6 points 4 months ago (11 children)

Depending on your linux knowledge, you may want to use real linux (postmarketOS). But beware, the amount of things that require closed source OSs like android or ios isnt 0. banking apps for example arent accepting of non proprietary phones yet. I dont know about emulation though.

[–] MrSoup@lemmy.zip 3 points 4 months ago (2 children)

For emulation there is Waydroid. I've never tried to run bank apps with it, but everything else worked smoothly.

load more comments (2 replies)
load more comments (10 replies)
[–] freeearth@discuss.tchncs.de 5 points 4 months ago

DivestOS is a good option

[–] kylian0087@lemmy.dbzer0.com 4 points 4 months ago (2 children)

May i know why you do not like the pixel phones?

[–] sweetpotato@lemmy.ml 12 points 4 months ago* (last edited 4 months ago) (6 children)

They are expensive and I don't want to give money to Google

[–] Cube6392@beehaw.org 13 points 4 months ago (3 children)

I highly encourage everyone to buy their pixel phones for grapheneos secondhand. there's enough pixel fanbois out there you should be able to deprive any corporation of the money of your sale by buying a like new condition last generation pixel (Like an 8 now that the 8a and 9 are out)

[–] BearOfaTime@lemm.ee 5 points 4 months ago (1 children)

Recently bought a used Pixel for just under $200.

I refuse to buy new when a 1-2 year old flagship is 1/3 the price of new.

[–] Cube6392@beehaw.org 3 points 4 months ago

Especially since when was the last time you got a phone that impressed you? Like phones haven't been getting better they've been getting more gimmicky

[–] sweetpotato@lemmy.ml 3 points 4 months ago

Yeah that's not a bad idea

[–] clark@midwest.social 3 points 4 months ago

Yup. Bought a secondhand 7a for ~$250. Maybe I should have looked for an 8, but honestly I don't think the 7a is too bad all considered.

[–] FutileRecipe@lemmy.world 6 points 4 months ago

They are expensive

Sometimes you get what you pay for, and...

I don't want to give money to Google

I get that, but your purchase (the entire Pixel department, to be honest) is a drop in the ocean to their profits. They won't notice you not buying one at all. You're handicapping yourself in the mobile security arena (not being able to install GrapheneOS) to take the high ground and not effect a tech giant.

That aside, if you really don't want to give Google, buy one from a reseller and not from the Google Store.

[–] vikingtons@lemmy.world 3 points 4 months ago

they sometimes retail at a loss around the holiday season.

[–] HEXN3T@lemmy.blahaj.zone 2 points 4 months ago

If you don't want to give money to Google, why not take money from Google?

https://adnauseam.io/

Then, once you've offset enough money, then you can buy a Pixel at an overall loss on Google's side.

load more comments (2 replies)
load more comments (1 replies)
[–] hostops@sh.itjust.works 3 points 4 months ago (1 children)

I use MicroG LineageOS which is in my opinion comparable with graphene os and is supported by a lot more devices.

https://lineage.microg.org/

[–] Undertaker@feddit.org 8 points 4 months ago (1 children)

Graphene and Lineage are the most uncomparable custom roms. Have and look at security and privacy and the type of Google Play handling.

See https://eylenburg.github.io/android_comparison.htm to geht a first idea

load more comments (1 replies)
[–] Linsensuppe@feddit.org 2 points 4 months ago* (last edited 4 months ago) (1 children)

What about de-googled android? Is that private/secure?

[–] umami_wasbi@lemmy.ml 3 points 4 months ago* (last edited 4 months ago) (1 children)

No given the recent Cellebrite leak. You're only secure if you use Pixel 6 and after, stock or GOS.

Of course that mostly only apply if you put government into your threat model.

[–] possiblylinux127@lemmy.zip 10 points 4 months ago

That's a threat to any device. Also the pixel scored way better than many other devices

[–] cyberwolfie@lemmy.ml 2 points 4 months ago

I use CalyxOS on my FP4. I have been happy. Almost 2 years now.

load more comments
view more: next ›