this post was submitted on 03 Oct 2025
841 points (97.5% liked)

Linux Phones

1595 readers
74 users here now

The Discussion on Linux-based Phones.


Benefits:

  • Hardware freedom.
  • Perfect operating-system competition.
  • Full utilization of specs.
  • Phone lifespan raises to 10+ years.
  • Less e-waste.

Linux Mobile Distros:

  • Ubuntu Touch
  • Sailfish
  • FuriOS
  • Postmarket OS
  • Mobian
  • Pure OS
  • Plasma Mobile
  • LuneOS
  • Nemomobile
  • Droidian
  • Mobile NixOS
  • ExpidusOS
  • Maemo Leste
  • Manjaro Arm
  • Tizen
  • WebOS

Linux Mobile Hardware:

  • Fairphone 5
  • Volla Phone
  • PinePhone
  • FLX1
  • Librem 5

⚙️Contribute

🧼Go Clean From the Duopoly:

💻Related Communities:

📰News:

💬Messager:

⌚️Watch:


founded 1 year ago
MODERATORS
 

Apple and Google will gladly erase the works of developers to chase profits.

you are viewing a single comment's thread
view the rest of the comments
[–] derek@infosec.pub -1 points 3 weeks ago (1 children)

Neither LineageOS nor /e/OS are comparable alternatives. They're significantly less secure than stock Android.

"I don't want to support Google so I refuse to use their hardware with an OS which, by default, prevents Google from achieving their objectives. Instead I'll use insecure platforms that still give Google most of what they want."

Android and Chrome are independent from Google in the same way that AT&T is independent from the NSA. The reality is that Google does what they want with both projects. Their main line of business is surveillance and those projects facilitate their business goals. GrapheneOS is developed for the Pixel platform because of the tight integration with Android from the hardware up.

This has allowed the GOS project to build a modified OS which is stripped of the default tooling and dependencies that give Google power over the device and its user's digital ecosystem. The same cannot be said for any other project at the moment.

Using Google's hardware to deny them access to the reasons they developed and produced that hardware to begin with directly spits in their face. It's more effective to buy hardware from Google, or buy one of their devices second-hand from a trusted source, and then modify it to achieve our goals while denying our would-be owners their own than to continue capitulating to their brand of Surveillance Capitalism.

[–] fading_person@lemmy.zip 4 points 3 weeks ago (2 children)

I really want to understand this, but I don't find constructive information anywhere. Everything I read either doesn't really explain anything at all and is based on assumptions/opinions, or expect me to be a mobile os engineer.

Let's say I have a phone with lineageos, without google play services and without gapps, with most apps installed via f-droid and only a couple from aurora store. What power does google have over me, that wouldn't also have if I used a pixel with grapheneos?

In terms of security, If any threat involving physical access to the phone is statistically irrelevant for me, how is my phone less secure than stock android? And how would grapheneos improve my life?

[–] timbuck2themoon@sh.itjust.works 3 points 3 weeks ago

To your last, it wouldn't. Graphene is smartly designed but everyone thinks you need all that security. Most people don't and wouldn't notice a damn bit of difference.

Lineage is offered on far more devices and if your main goal is just degoogling you get a lot more options without giving money to Google.

[–] derek@infosec.pub 3 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

I can absolutely sympathize with that. There aren't good resources for the uninitiated to get up to speed or which readily justify "this vs that". The goal of the documentation that does exist often has little to do with convincing the tech-savvy public anyway. Marketing and education of laymen isn't going to be the technical writer's forte.

I don't have time to answer all your questions as fully as they deserve but I'll start with one example from the security side, show how I establish a basic from-scratch understanding of that problem, and how I'm able to arrive at a reasonable conclusion about whether it matters or not.

Looking at the previously linked Android comparison table the secure NTP entry will be more straight forward to talk about. That's the

Secure connection to network time server?

entry in that table.

Here are search results for the same question from two different providers:

is secure network time protocol important?

DuckDuckGo: https://duckduckgo.com/&q=is+secure+network+time+protocol+important%3F

Kagi: https://kagi.com/search?q=is+secure+network+time+protocol+important%3F&r=us&sh=D_5b8AmhNdDFwIR62tc9pA

Checking a few of the top results I find the info on Baeldung's site the most accessible. https://www.baeldung.com/cs/ntp-security-authentication-synchronization

Sections 5, 6, and 7 are the most relevant to our discussion. In 5 we see that spoofing, man in the middle, and denial of service attacks are the primary concerns. 6 provides an overview of a secure vs insecure connection. 7 covers best practices and specifically addresses mitigating spoofing and man in the middle attacks.

Referencing the chart again we see that GrapheneOS addresses this and others, including LineageOS and stock Android, do not.

Digging into this further I searched the GrapheneOS FAQ for NTP and found relevant info in the Default Connections section: https://grapheneos.org/faq#default-connections

I searched the LineageOS wiki for similar info and couldn't find any. https://wiki.lineageos.org/

If I've missed some info on theIr wiki please let me know. I went searching for additional info on how LineageOS handles NTP to try and put this to bed but I couldn't find much. The long and short of it is that we can conclude a secure NTP implementation matters and without it we're vulnerable to attacks we otherwise would not be.

While searching I did run across this thread on the Privacy Guides forums that I'd like to share: https://discuss.privacyguides.net/t/is-lineage-os-as-private-as-graphene-os/30738/3

Kev nails it.

It can be as private as Graphene OS if no Google services are installed. Difference is that the former lacks a strong security model because of its unlocked bootloader.

If your threat model involves:

  • Counter-forensics
  • Sensitive professional work
  • Malware exposure

You should consider installing Graphene OS instead. If you want the camera to work better, you can install GCam (Google’s default camera app) and revoke its network permissions.

Otherwise, Lineage OS is a great option for a secondary device, not a primary one.

I suggest malware exposure ought to be within everyone's threat model for, likely, their most used computing device. Couple that with the longer delays between full patches for LinearOS and GrapheneOS becomes a compelling choice.

The other question, asking what power Google has over you, has much more to do with "DeGoogling" and how Google Play services are implemented. For LineageOS, as you mentioned, Google Play services aren't implemented by default and aren't supported.

This is way ahead of alternatives in the same space, like /e/ or Calyx, but their DeGoogling efforts are minimal so they're still defaulting to Google's choices for Domain Name Services, Digital Rights Management, and GPS services. Is that the end of the world? No. You can change that with some effort and maintenance. On GrapheneOS it's already taken care of though.

If a LineageOS user doesn't put in that effort and maintain the changes then they're leaking a ton of useful info to Google by default. So the user doesn't have to worry about Google Play services but does have to worry about Google's data collection, fingerprinting, and influence.

I came across the following blog post a few years ago and it made clear to me how it could be that bad from DNS and GPS info alone. Michael is talking about Google DNS from a corporate Systems Admin perspective but it applies to individuals just the same.

https://www.michaelrinderle.com/2020/05/08/why-systems-administrators-should-stop-using-8-8-8-8-google-dns/

It's categorically better to deny Google this information entirely if possible.

Thanks for being interested and asking good questions. I hope my reply is helpful. <3

[–] fading_person@lemmy.zip 2 points 3 weeks ago

Thank you for taking your time to write this and to find a few resources. I will give it a deep read and try to better understand it.