Hello there! This is my problem: I’m going to buy a new smartphone, and I’d really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but… Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc… What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?
Thanks in advance folks!
Edit:
Thanks to anyone for the great answers! I finally decided to buy a pixel 6 (or 6 pro if I find a good deal) and install a custom ROM on it!
GrapheneOS will support it for “only” 3 more years, while other roms like lineageos or divestos will have longer support. What do you suggest? Graphene OS and when support ends switch to another one? O directly use the other one?
You must log in or register to comment.
Ironically, the best devices for degoogling are Pixels. You can unlock the bootloader very easily and then flash something like GrapheneOS or CalyxOS, and finally even relock the bootloader afterwards for security. Graphene can run google services in a sandboxed mode and Calyx has microG by default iirc.
Thanks for the answer! Sadly pixel devices have no SD card, and it is a quite important feature for me
deleted by creator
probably storing files
deleted by creator
Why not just buy a usb-c to sd card reader for $8 on amazon? Wouldn’t it be better to comprimise a bit of convenience then installing a less secure / private rom
deleted by creator
The best option would be a Pixel running GrapheneOS. If you don’t want a Pixel, a well supported device with DivestOS (look for a recent one with a relockable bootloader) would be your best option. Debloating a stock OS isn’t recommended since those apps will come back anyway should the system update. Leaving your bootloader unlocked and rooting your phone as well is detrimental to Android security. Please don’t do that. See a third party OS comparison Also see:
thanks for the answer!
Debloating a stock OS isn’t recommended since those apps will come back anyway should the system update
really? at every OS update they will be brought back? there is no way to prevent that?
Leaving your bootloader unlocked and rooting your phone as well is detrimental to Android security. Please don’t do that.
my option #2 was to unlock the bootloader only to debloat and to flash privileged apps like fdroid, and then lock it again. Would this still be dangerous?
Unfortunately, yeah, see this discussion on stock Android debloating . As for 2, I don’t think you even need that anymore, the new F-Droid basic apps can do automatic update out of the box.
deleted by creator
I don’t think you need a bootloader unlock for installing any apps though, isn’t fdroid just a normal app install?
I can install fdroid with low privileges, but it will ask for permission at every update and install. Installing it with elevated privileges will allow for background updates, like Google Play does
That isn’t needed anymore, I think F-Droid basic can auto-update apps now. https://f-droid.org/packages/org.fdroid.basic/
I am dismayed at the current scenario of basically nothing but the pixels being supported for rooting (not the fault of the community). Also a bit saddened by how easily everyone has accepted it.
If I don’t go the pixel route, I will probably purchase a cheap OnePlus mobile next year with at least kernel version 5.10. By next year, KernelSU should be more mature, and if you know about KernelSU, you know that passing SafetyNet is not a problem. I’d run microG in the work profile and put my apps there, and also debloat the pathetic excuse of ColourOS (or whatever Oppo uses). Fuckwads couldn’t even keep the damn tool open to unbrick devices (which is why development stopped). By next year I just need to figure out how to install patches with a modded kernel.
Sorry that doesn’t answer your question since you need a mobile now. I’m just quite annoyed at the state we are in. I really hope linux mobiles take off in the near future and I don’t have to deal with such nonsense.
I am dismayed at the current scenario of basically nothing but the pixels being supported for rooting (not the fault of the community). Also a bit saddened by how easily everyone has accepted it.
Serious question, what the the community not accepting it look like?
More outrage at OnePlus maybe. More discourse in general. I’m astonished at how nobody seems to be batting an eyelid at the Pixel being the only real mobile which can be rooted (and if that’s the case, what’s the point of all the projects? Would you run anything other than Graphene OS on a pixel?)
I dearly wanted the FP5 in the US but they didn’t do it. Quite disappointing. I’m just waiting for KernelSU to mature a bit more and learn how to install security patches on top of a custom kernel. Once I get to that point, I’ll just shut up.
I think people are just all outraged-out these days. (Well, at least for this…) The years and years of outrage about locked phones didn’t get any of the old manufacturers to change their ways and when the option of the pixel showed up, people who care about this were just tired and settled for just voting with their wallet. Or at least that was my experience.
I fear the day when the pixels will no longer be as friendly to “rooters”
Hopefully like https://mobian-project.org/
Removed by mod
Here you can filter the search for Custom ROMs by release year. A few current models are already available: https://www.sustaphones.com/ beside Pixels i.e. Xiaomi, 2023, redwood X5 Pro 5G, Teracube 2e, 2022, emerald, Motorola g32, g42, g52, …
this is a very cool website, thanks for sharing!
If pixel/GrapheneOS is not an option I would recommend DivestOS which supports a very wide range of devices
Google Pixel with GrapheneOS. Nothing matches it.
Fairphone is the bomb diggity
Buying a pixel isn’t the end of the world, but it is still feeding the enshittification beast
A used pixel takes the brunt off of the moral compromise.
Removed by mod
Murena (the company behind /e/ os) also sell smartphones with /e/ os installed. They’ve also partnered with Fairphone if you’re looking for a more sustainable model. I bought the Fairphone with /e/ os a couple of months ago because I was looking for a phone with replaceable parts and it works well. They also sell some refurbished models I believe.
Murena is a weird company. I tried to purchase a cellphone directly from them a few months ago, and they have this weird system on their website that forces you to create a full-blown cloud account with them - complete with email, calendar, file transfer and all - before being able to order anything. And in fact, even after creating the account, I couldn’t even figure out how to order with my brand-spanking new murena.io email.
After fiddling with this for a while, and mostly reflecting on the fact that this company that knows absolutely nothing about me just gave me an email address and a bunch of storage for free at the click of a button, I decided this was all a little too sketchy for my taste and gave up on the whole idea. That’s not how I expect to place an order with a normal company: I expect to have a cart and do a secure pay, not go through this kind of account creating rigmarole.
So, I’m not saying Murena is a bad company. I’m saying be careful with them, because the purchasing process is highly unusual with them.
Interesting, I’ve gone through the process and whilst I do have an account to track the order I haven’t been forced to do anything else. I also use the phone and the app lounge without logging in.
Edit: I just looked at it and I only have a shop account to track the order. No cloud service or email address
I didnt have this experience at all. I think maybe I hit a skip button when they asked me to set up an account.
I got a Fairphone4 from them and it’s been great!
When did you get it? Maybe they changed their web store since I tried to patronize it.
Just a few weeks ago.
Okay, then I guess Murena made their web store simpler or less sketchy-looking. I tried ordering from them around the end of June.
You can purchase a supported model with any company you feel comfortable buying, then install /e/ OS as well. I think you were expecting a more typical purchase experience of a store. Murena should seek for this experience, but yeah, they are a weird company aiming to a weird market, it doesn’t feel that weird to me.
I got a Fairphone 4 from them. Works great! Totally degoogled by default.
A while ago I got a Motorola cellphone on on the Lineage compatibility list. I installed LineageOS and that was a pain to set up, but I got it working well. A few months later there was a Lineage update that bricked the phone.
Another alternative is iodeOS. They also sell pre-installed Fairphones and support a few more devices (not as many as eOS) https://iode.tech/de/installation-iodeos/#1611161940311-4fb3b2cf-4d60|sc-tabs-1700424213961
If you have the money and you care about not buying or owning a Google product, and / or you care about repairability, get a FairPhone: you can install
GrapheneOS orCalyxOS on them and they too support relocking the bootloader. It’s not just Pixel phones.Bonus: they have a SD card slot, unlike Pixel phones.
They’re not the speediest or sleekest devices, but that’s not where the interest lies with Fairphone cellphones: they’re mostly designed for long life and easy maintenance, and they’re made by a cool company I want to support personally. And they’re not made by Google, so buying one won’t support Google or the Pixel ecosystem in any way.
deleted by creator
Ah yes you’re correct. I got confused.
If you have the money
here’s the problem XD I’m willing to pay around 350€, 400 at most, and the fairphone 4 starts from over 500€
Yeah they’re not cheap 🙁 It’s too bad because they’re really decent cellphones. But they’re twice the price of anything equivalent from any of the big manufacturers.
Thanks to anyone for the great answers! I finally decided to buy a pixel 6 (or 6 pro if I find a good deal) and install a custom ROM on it! GrapheneOS will support it for “only” 3 more years, while other roms like lineageos or divestos will have longer support. What do you suggest? Graphene OS and when support ends switch to another one? O directly use the other one?
I have the P6. It’s an all around good phone. Don’t forget to look at GSI ROMs. All recent devices handle those. I can and eventually will install LineageOS on my Galaxy Tab S8 and have it on my old Tab low end tablet.
I’ve never heard of GSIs and it seems really interesting! I’ve found nothing about it on the LOS website, is it something “unofficial”?
Since devices that came with Android 10, all devices are expected to adhere to a standard Android interface. The GSI stands for generic system image.
Given a particular Hardware platform and drivers any GSI should run on any matching Hardware.
I know that Andy Yan’s LineageOS GSI works on my sm-t510 (a64 variant) and from user testimonials, it also runs on the sm-x720 (arm variant, TAB S8).
I linked the forum section that contains the thread for his and many other GSIs.
Thanks for the answer!
Iirc, there are unofficial ports of LineageOS for newer devices. Also, I’ve been using another system, ArrowOS, in its vanilla form, on a Redmi Note 10 Pro phone I have, and it’s working fine so far, so maybe an alternative for your case if you don’t find a decent phone compatible with LineageOS?
I recommend you purchase a Google Pixel 6a or above (minimum security support ends July 2027) and flash GrapheneOS. (Pixel 8/pro preferred)
Aurora Store doesn’t avoid Google since a lot of the apps from the play store include Google’s SDK and libraries. microG also doesn’t avoid Google as it is still running proprietary Google code and has more privacy/security weaknesses
Sandboxed Google Mobile Services is a much better implementation which is featured in GrapheneOS. The services are not privileged and is treated like any other app. They don’t downgrade privacy or security unlike the other alternatives.
There are much more privacy and security benefits using GOS. Here is a 3rd party comparison between different mobile OS.
microG also doesn’t avoid Google as it is still running proprietary Google code
What proprietary code?
has more privacy/security weaknesses
Source?
microG runs Google Play code just like Aurora Store. It is not fully open source. Here’s more information.. It is still connecting to Googles propriety servers.
microG requires Signature Spoofing and alternative OSes usually ship with microG as a privileged system app. This increases the attack surface as it is not confined by the regular sandbox rules.
Now you’re using a privileged component, which downloads and executes Google code in that privileged unprotected context, and which talks to Google servers because otherwise, how would FCM work for example?
Despite doing both of those things, MicroG doesn’t have the same app compatibility as Sandboxed Google Play despite the extra access it has on your device. Even in some magical universe MicroG worked without talking to Google servers or running Google code (again, in a privileged context), the apps you’re actually using it with (the apps depending on Google Play) have Google code in them.
microG runs Google Play code just like Aurora Store. It is not fully open source.
Neither of them run “Google Play code”.
You can download proprietary apps through the Aurora Store and those on their own might include Google play libraries but that should be painfully obvious.
µG can optionally download and run the proprietary DroidGuard for implementing the proprietary SafetyNet. If you don’t want proprietary software, you should not explicitly enable SafetyNet (I don’t know what app you’d use it with anyways).
That’s a Twitter thread with no cited sources aka. the truthiest information known to man.
It is still connecting to Googles propriety servers.
If you ask it to, yes. That’s one of its explicit purposes.
It obviously must talk to Google servers in order to facilitate things like cloud messaging for example; there is no other way.
It does try to implement many APIs that would ordinarily talk to Google’s servers in regular GMS using alternative methods however and if it has to talk to Google, it does so with the least amount of data possible.
microG requires Signature Spoofing
This is usually only enabled for the µG app itself and nothing else.
ship with microG as a privileged system app. This increases the attack surface as it is not confined by the regular sandbox rules.
This does increase the attack surface a little. In a world where blindly trusting gigabytes of privileged vendor blobs is the norm however, I don’t think it’s all that significant.
Compared to the hundreds of MiB of regular proprietary GMS code that ships on Android devices, it pales in comparison.
downloads and executes Google code in that privileged unprotected context
As opposed to …running running the entire GMS in a privileged context?
MicroG doesn’t have the same app compatibility as Sandboxed Google Play despite the extra access it has on your device.
You’re comparing apples to oranges. µG replaces GMS, not the tool used to sandbox GMS. You could sandbox it in the same way.
There is no “extra access” that µG has compared to regular GMS.
[if] MicroG worked without talking to Google servers
I don’t know why you keep mentioning this, it was never up to debate.
the apps you’re actually using it with (the apps depending on Google Play) have Google code in them.
Apps that bundle Google Play code have Google Play code inside?!
Start the presses! Notify the President!
A wild revelation, the world must know it!
thanks for the answer! I would gladly do this if only pixel phones had an SD card… Sadly they don’t, and I really need it, so no pixel for me :(
Perhaps you should add this criterion to the start post? Otherwise ten more people will recommend GrapheneOS…
You can always connect a USB stick or card reader with an SD card via USB-OTG
I will recommend you do use a phone that still receives security updates (Not EoL) because I don’t want you to lose out on security just to deGoogle.
If you are strict on having an SD card slot and your phone is still receiving support, you should use StockOS to receive firmware updates as soon as possible. If the phone you decide to get is EoL, the least bad option would be DivestOS (fork of LineageOS)
Is there a reason you need SD storage? Some Pixel devices have onboard storage of 256GB+, so unless the storage needs to be removable, they could still be a good option.
deleted by creator
Great, I’ll do this then! Thanks man
deleted by creator
Removed by mod
deleted by creator
Removed by mod
deleted by creator
Removed by mod
Wow, I didn’t expect you to be on lemmy. I was subscribed to your privatelife subreddit when I was on reddit. Do you have anything similar on lemmy?
Removed by mod
It’s your money completely upto you choose what you think is best. Generally if you want to go the route of buying a unsupported device unlocking the bootloader etc. You gotta do your research and know what ya doing m8
