I’m looking for a security and privacy oriented mobile OS. Which is better, LineageOS or GrapheneOS? Also, please tell me specifically what is the difference between the two!
Lineage is not specifically focused on privacy (although I wish it were). That said, using LOS with the Play Store crap is a good start.
I can’t speak to Graphene.
GrapheneOS is a hardened version of Android, focused on creating the most secure mobile operating system in existence. Currently it’s AOSP Android with modifications made by Daniel Micay, mostly from his old Android Hardening project and new stuff he’s working on, but eventually I believe he intends to replace Android entirely because of security concerns with the Android/Linux kernel.
LineageOS is a project that tries to bring modern-ish mostly-AOSP Android to apparently as many devices as possible. So it has pretty high compatibility as far as custom ROMs go, as long as somebody is maintaining builds for your device. Because it isn’t bundled with Google apps by default, with F-Droid and some research you could create an entirely (or mostly) free and privacy-respecting phone easily on LOS.
Where LOS falls short is security, because LOS has no special security related modifications included. In fact, LOS builds commonly don’t even include security patches for the firmware/hardware they’re running on, even when those patches are available. For example, despite security patches for Pixel devices being open and available, I don’t believe they’re implemented in LOS. Rather, LOS merely implements the AOSP security updates released by Google and uses that patch level. This is highly contrary to user expectations, because LOS is setting their patch level to be very recent, but only selectively including patches that are non-hardware specific, so in terms of them claiming they’re completely up to date security-wise, it’s almost false advertising.
If you need a secure and private device, and you want Android, you should be purchasing a Google Pixel and installing GrapheneOS, hands down.
If your only concern is not having Google stuff on your phone, LineageOS is probably fine.
@Jonah I didn’t realize LOS was quite so sloppy with patches. Or at least I thought not with devices they officially support, since unofficial is a complete mess. Do think another AOSP-based ROM a better choice for those of us who don’t have one of the few devices supported by Graphene?
Thank you for the wonderful explanation! ! Specifically, where is Graphene better in terms of security? And what mobile OS do you use?
excellent info @jonah - thanks for the detail
the only thing i might add regarding custom ROMs in general, is stay away from all of the smaller projects, such as many/most of those on XDA-Developers because they are not focused on privacy or security and aren’t patched - these devs build their ROMS on a whim it seems, then just as quickly abandon when the next “better” device hits the streets
regarding LOS and compatibility, they also drop support for older devices (though not as soon) and because they’re trying to support so many devices, compatibility with a particular device may be very poor, as i can personally attest to
and then there’s the baseband…
@wafiech as far as security goes there are no better Android phones than the Google Pixel. To have a secure experience you need to trust the hardware security first and foremost, and Google is the only vendor releasing timely security updates for their firmware, and the only vendor with open source security features. The Titan M security chip in Pixel 3 devices for example is the only open and robust security solution for Android devices and Graphene takes full advantage of that. If you don’t have a Pixel you aren’t going to be able to get a secure Android experience, but you could still get good privacy/anonymity from large corporations like Google if you use LineageOS.
@pinp I use an iPhone XS with iOS.
@12bytes.org yep! I also highly discourage rooting devices for the same reason: developers creating applications that use root are not security or privacy focused and rooting your device creates massive security holes.
Regarding the baseband, that’s a pretty good argument for an iPod Touch these days… I don’t think there are any comparable (non-cellular) mobile devices running secure/modern software anymore besides the new iPod touch, which is unfortunate.
That’s a very interesting post Jonah, and has me wondering now! What I don’t get is … Apple is a swine for stealing/tracking data etc, so why would that be trusted?
This got my attention, and same question! Do you REALLY TRUST Google to do ANYTHING which doesn’t give them a backdoor into people’s data, location, browsing habits, messages… ?? I am not questioning you, I have no technical abilities at all so next to you I am a mouse, but I am curious about this now as I may get myself a Pixel based on this because I can’t trust many people but I know you can be trusted and if that’s your view, I better think hard!
I desperately want a second phone, it needs to be a smart phone so I can use Signal/Wire/Riot and ProtonMail App, but I want to make it as private/anonymous as possible. Any advice you can offer will be hugely appreciated
PS I should add - Would the best option (best possible currently) be to wait and buy a Librem5 phone?
With regard to security I definitely trust Google, they’re doing incredibly important work on all fronts, with their Pixel hardware, and with things like TLS 1.3 in Chrome, and their focus on hardware security like U2F.
Where I don’t trust them is with privacy, and that’s where the custom software comes in. If you’re running GrapheneOS there’s nothing to worry about.
I haven’t seen any evidence of that.
The big thing is Apple keeps their hardware/software offerings relatively siloed from their services and third party apps. I think their hardware is exceptional, and iOS is great for security. Where it gets less clear is with iCloud: the data that they collect that isn’t End-to-End Encrypted should be for example; and with third party apps, because no privacy/security features on a device are going to prevent you from giving away your data to Facebook or whoever.
Contrast with OEM (Google Play enabled) Android, which is basically just a vehicle to get people using Google Chrome, Google Photos, Google Drive, etc.
Also with the iPod Touch I was more referring to heightened hardware security because it lacks GSM, so cellular tracking methods are completely out of the picture. It’s just iOS and a WiFi module that can be disabled, which is fantastic. There aren’t any phone-like Android devices without cellular capabilities that I’m aware of, and certainly none I’d trust (I mean, I’m sure some Chinese company makes one). And even stepping it up larger there might be some Android tablets that could fill that niche, but I’m not even sure if I trust them. Samsung is basically the only people making Android tablets anymore and their track record with updates is abysmal.
And I forgot to answer your other question. I personally don’t trust Purism and I don’t see anything that makes the Librem5 more (or less) secure or private than a non-Google Android ROM. But I’m holding my final judgement until they actually make a product.
Thanks Jonah, some very interesting points there.
Fair enough, and I also have my reservations.
I am running Lineage. I have not heard of Graphene. I don’t know if I am up to making the change but would get someone to do it for me if it’s really worth doing. What does Graphene do for my privacy that Lineage doesn’t?
You haven’t seen any evidence of Apple tracking their users? I am surprised by that, but that’s not a snarky comment, I am just genuinely surprised and I will look into it again. FWIW I am actually an apple user, I have iMacs and iPhones (and Samsung tablet as I thought a rooted Samsund tablet was more privacy focussed than an ipad).
I am trying to find a way to set up the most secure and private MACHINE (laptop ideally but tablets could be considered) and same for phone. These are for personal use. I will continue with Aple gear for business stuff. The trouble is Apple requires all users to have an Apple ID to use just about any of the features of a mac, such as Facetime, Messages,etc. I could try living without it if I put my mind to it, and I might after reading your post.So you think an apple machine/iphone can be private, if only by removing icloud?
Who and/or what are you protecting yourself against?
The only honest answer is “everyone”, but given some context I could probably elaborate a bit on that. I would “like” to protect myself from govt level attacks, ISP and cell company spying/tracing etc, but as I am not doing anything criminal (until they change the law of course, 10 years ago it wasn’t illegal to do many things people are arrested for now!!) I probably don’t need that level, but I do WANT it if i can get it.
I was just thinking, you mentioned ipod touch. That really got me thinking and I may explore that (removal of baseband issue, he says pretending he understands the words he speaks :D). I had an idea, which is probably a dumb one, but just in case… I will need data access when not near wifi. What if I had an iphone, and an ipod touch, and when the ipod touch wasn’t near wifi, i used the hotspot provided by the iphone. Would that be in any way better than having cellular data connected to the ipod touch (private device)??
I said that Edward Snowden says Google Pixel is dangerous, what do you think about this?
Link/source? Can’t find this. In fact, I found this tweet of his semi-endorsing GrapheneOS on a Pixel over iPhones:
(Well, CopperheadOS, but that’s the project the GrapheneOS dev was working on at that point in time, and Copperhead’s security was moved into Graphene)
Anyways, at the end of the day Snowden is just some guy, same as myself or anyone else here, and is certainly not infallible. I tend to take his opinions with a grain of salt.
What happens if you install GrapheneOS on a non-Pixel device (eg Nexus)? Also, can GrapheneOS be used without any problems, including Android apps? What is the cheapest way, site or service to buy Pixel in secondhand?
Very well said. I totally agree. I think the guy is a bit of a hack. He paints an image of being some super high tech spy with knowledge of everything. Not only is he just a guy, he is just a guy who wasn’t an analyst (for long, arguably at all), he was a geek who had high level access for geek needs. He snatched some shit and released it. I make no judgement of that, I am in many ways pleased that he did it (to alert people to the dragnet we live under), but I don’t rate him as some kind of expert. In fact I would sooner trust opinions of people on this BOARD than him. Another point is that he is just ONE man, so even IF he was a genius and totally pure in his motives, it would only take ONE act to bribe/blackmail him into promoting stuff “they” want him to promote. Making all the techs in the free software world would be a much harder task, impossible more like!
to say that Snowden is a hack, or just some guy, or that he paints an elevated image of himself is wildly inaccurate in my opinion
that may be what the mainstream media would like people to believe, but that’s not what he is - also he never claimed to be an NSA analyst - he worked for Booze Allen
let’s not forget that he risked everything, including his life, to bring to the attention of the public what no establishment “news” company has bothered to do - let’s also not forget that this isn’t over; his fate is still very much undetermined and he cannot return to his home country without risking prison - that’s not something i’d want hanging over my head every day
Snowden does not appear to be seeking attention - according to his statements and actions, as well as the documentaries about him, he never wanted this to be about him; he wanted people to focus on the documents
there’s a lot he exposed that isn’t new at all, but he’s a highly credible source and he had the documents to bolster his case and, as a result, the tech landscape has changed as well as the political landscape to a lessor extent
look at the documents, not the messenger as the media/government would rather you do
I don’t actually think you have disagreed with me much there. I certainly don’t disagree with much you said! I overstated my position though. “Hack” was overstated in particular.
My point is about his level of expertise, and I didn’t accuse him of being responsible for what others say about him (which is my main cause for concern). Just as you said, it’s about the DOCUMENTS, not HIM. Agreed. The documents are awesome, genuine, and the points he made were backed up and true. He is a hero for freedom. I take nothing away from him for that, and he gets shit loads of credit from me for ruining his own life to expose the crap he exposed.
I was mainly referring to how everyone says “Snowden said use this, or that”, unless I heard it from him myself, I take it with a pinch of salt. And I do WONDER if there are people out there (agencies/media) using “Snowden says” to push people towards things they already have exploited in some way. If that were true, it wouldn’t reflect on him of course. I don’t think HE has been exploited, but I think his image/words/recommendations are often exploited and used as some kind of holy grail. I think that much faith in one man’s words are always dangerous, so for me, the words of a large group of people (such as on this forum and others) will always have to carry more weight for me just for the reason of it being a collective rather than a one man show.