sources/tech/20211114 5 De-Googled Android-based Operating Systems to Free Your Smartphone from Google and other Big Tech.md
16 KiB
5 De-Googled Android-based Operating Systems to Free Your Smartphone from Google and other Big Tech
With the ever growing surveilling presence of advertisement giants like Google and Facebook on your personal and intimate devices like Phones and Tablets, it is time to deal with it.
You might be wondering why should you install a different Android based OS on your phone than what is already included. Let me give you a few reasons:
- Your phone manufacturer partners with entities like Facebook to pre-install the apps on your phone and simply uninstalling these apps won’t net you any less surveillance (they tend to get reinstalled when there is a new OS update).
- Android phone manufacturers don’t have any incentive to provide you with OS and Security Updates; using an alternative Operating System helps your device get necessary updates even after the vendor stops supporting it. Yes, your smartphone officially gets 3-4 years of support but it doesn’t need to be thrown after that.
- Since these off the shelf Android ROMs don’t bundle anything other than what is necessary, your phone can feel more responsive due to the less bloat.
- Less pre-installed software also means fewer services run in background, resulting in better battery life.
- A lot of customization options.
- Easy to rollback updates (because previous versions are available on the website of ROM).
WARNING
Please be careful if you decide to use any of these operating systems on an actual device. Flashing any third-party ROM on your device will void its warranty and may even render your device useless if not done correctly. Installing custom ROM also needs a certain level of expertise and even then you could encounter issues, specially if the device is not supported by the choice of your operating system. It’s better to try with an older, disused smartphone. We take no responsibility for any damage caused to your device.
This list specifically focuses on Android based distributions and custom ROMs. We have a separate list of open source mobile operating systems that include options such as Ubuntu Touch and PureOS.
1. LineageOS
LineageOS is arguably one of the most popular Android ROM, which is a fork of the very popular [but dead since 2016] CyanogenMod Android firmware/OS. Due to the popularity of LineageOS, it has support for the vast majority of Android Phones.
This popularity also means that brand new phones get included in the LineageOS Project sooner than in other Android based ROMs.
LineageOS even supports your Nvidia Shield TV Set top boxes. How amazing is that?
Pros
- One of the most popular Android ROM
- Excellent first party and third party documentation due to the popularity
- The LineageOS ROM (in theory) is equally secure as the Android Open Source Project
- Extends your phone life cycle by providing OS updates even after phone vendor stops providing updates
- Timely updates for officially supported devices
- LineageOS follows the AOSP tree very closely (for people who want the most stock Android experience)
- Less “preinstalled bloatware” compared to your stock factory firmware
Cons
- Can feel “incomplete”, since no Google apps like YouTube/Gmail/Photos etc are included
- The LineageOS project is a community effort, so not all hardware features of your phone may work right out of the box
- LineageOS can not help making your phone more secure if the vendor blobs itself pose a security risk
- Unlocking bootloader is a necessary step (for all roms), and doing so can pose security issues
- Banking apps may be a hit or miss (Read more here)
2. CalyxOS
CalyOS is a rather interesting Android OS based on the Android Open Source Project (AOSP). Instead of not shipping the Google Mobile Services (GMS) and leaving users to figure stuff out by themselves (flashing gapps etc), CalyxOS ships with microG.
CalyxOS is backed by the Calyx Institute, which is a non-profit organization to promote individual rights like free speech, privacy rights etc.
Pros
- Uses microG
- Ships with with F-Droid and the Aurora Store instead of Google Play Store
- Datura Firewall allows you to block internet access per app
- Uses Mozilla Location Services instead of Google’s Location Services
- Monthly over-the-air security updates
- Has verified boot for increased security
- Phone Dialer automatically makes a Signal Call if the recipient has Signal
- CalyxOS locks the bootloader after installation, reducing security related attack vector(s)
Cons
- Only available on Pixel phones (but there is a good reason behind this)
- As with all ROMs, bootloader unlock is required (and may lead to warranty issues)
- Flashing third party ROM on your phone has the possibility of bricking the phone
- Installing apps that you have paid for can be harder (“not so privacy friendly” workaround)
- Banking apps can be a hit or miss on CalyxOS
3. GrapheneOS
GrapheneOS is an Android based ROM focusing on security and privacy. Although, one may argue that their efforts have been more towards increasing security, and doing so also benefits your privacy.
Neither is a bad thing, just know that GrapheneOS is oriented more towards people who value security more.
Their team works around the clock to harden the security of many parts of the base AOSP and provide you one of the best security oriented Android ROM. GrapheneOS can even sandbox Google’s Play Services.
Pros
- Provides stronger and hardened app sandboxing than AOSP
- Uses its own hardened malloc (memory allocator with hardened security)
- The Linux kernel is hardened for better security
- Provides on time security updates (under a day or three)
- Ships with Full Disk Encryption (very important for a mobile device)
- Doesn’t include any Google apps or Google services
Cons
- Limited hardware support; Only available for Google Pixels
- Their hardcore approach to security (sandboxing) has lead to headaches and is not recommended for new users
- Push notifications don’t work out-of-the-box for most apps (due to the lack of GMS)
- Security features like restricting mobile connectivity to LTE-only seem to appear a tad bit unnecessary for your average Joe
- Google SafetyNet doesn’t work out of the box, which is required for your Banking apps
4. /e/OS
You may think that /e/OS is yet another Android Operating System. You would be partially right. Don’t dismiss this Android ROM just yet. It packs so much more than any off the shelf Android based Operating System.
The biggest outstanding feature is that the eFoundation (which is behind /e/OS) provides you with a free ecould account (with 1GB of storage), instead of you needing to use your Google account.
Like any privacy respecting Android ROM, /e/OS replaces every single Google related module or app with a FOSS alternative.
Side note: The eFoundation also sells phones with /e/OS pre-installed. Check it out here.
Pros
- The App store on /e/OS rates apps based on how many permissions they need and how privacy friendly is that app
- Provides an ecloud account (with a @e.email; 1GB in free tier) as a synchronization account
- Ships with microG framework
- Google DNS servers (8.8.8.8 and 8.8.4.4) are replaced with Quad9 DNS servers
- DuckDuckGo is the default search engine replacing Google
- Google NTP servers are replaced with pool.ntp.orgs
- Uses location services provided by Mozilla
Cons
- Device compatibility is very limited (list of supported devices)
- On top of limited device compatibility, only older phones are supported
- No indication if SafetyNet is being worked on; at the moment, SafetyNet is not working
- Roll-out of new features from Android takes a while
5. CopperheadOS
CopperheadOS is another, one of the best security oriented Android ROM for your [Pixel] phone. It was developed by a team of just two people. It was a startup that used to sell Nexus phones (RIP) and Google Pixel phones with CopperheadOS pre-installed on the phones.
Just like CyanogenMod, CopperheadOS used to be all the glory for security oriented Android ROM. Unfortunately, due to an issue that I will not get into, the main developer went separate ways from CopperheadOS.
Pros
- Unparalleled documentation, compared to any other Android ROM documentation
- CopperheadOS has had many of the security oriented features before AOSP itself
- Uses Cloudfare DNS (1.1.1.1 and 1.0.0.1) instead of Google’s DNS (8.8.8.8 and 8.8.4.4)
- Includes a internet firewall for per-app permission
- Uses Open Source apps instead of obsolete AOSP apps (Calendar, SMS, Gallery etc)
- Includes F-Droid and the Aurora App Store
Cons
- Questionable claims about the security of CopperheadOS after the main dev went different ways
- The original aim towards security feels abandoned in favor of an organization that provides phones pre-loaded with CopperheadOS
- No indication of SafetyNet working on CopperheadOS
Honourable mention: LineageOS for microG
The LineageOS for microG project is a fork of the official LineageOS with microG and Google Apps (GApps) included by default. This project takes care of making sure that microG works flawlessly on your phone (which can be a complicated process for a beginner).
Pros
- Provides the microG implementation of GMS without any inconveniences
- Comes with F-Droid as the default App Store
- Provides weekly/monthly over-the-air updates
- Has option to use location service provided by either Mozilla, or by Nominatim
Cons
- Enabling signature spoofing to enable microG support can be an attack vector from a security POV
- Even though this ROM is based on LineageOS, as of writing this, not all of the LineageOS devices are supported
- Includes Google Apps (GApps) instead of providing Open Source alternatives
- No confirmation if Google’s SafetyNet is working or not
Misclleanous
You may be wondering why some of the interesting Android based ROMs (CalyxOS, GrapheneOS etc) are only restricted to supporting Google’s Phones. Isn’t that ironic?
Well, that is because most phones support unlocking a bootlaoder, but only Google Pixels support locking the bootloader again. Which is a consideration when you are developing an Android based ROM for privacy and/or security focused crowd. If the bootloader is unlocked, it is an attack vector that you haven’t patched yet.
Another reason for this irony is that, only Google makes their phones’ Device Tree and Kernel Source Code available for the public in a timely manner. You cannot develop a ROM for said phone without its Device Tree and Kernel Source Code.
I would also recommend the following FOSS apps regardless of your ROM choice. They will prove to be a nice addition to your privacy friendly app toolkit.
Conclusion
In my opinion, if you have a Google Pixel phone, I recommend giving a try to either CalyxOS or GrapheneOS or CopperheadOS. These Android ROMs have excellent features to help you keep your phone out of Google’s spying eyes while also keeping your phone [arguably] more secure.
If you do not have a Google Pixel, you can still give LineageOS for microG a try. It is a good community effort to bring Google’s proprietary features without invading your privacy, to the masses.
If your phone isn’t supported by either of the operating systems mentioned above, LineageOS is your friend. Due to the wide range of support for phones, yours will undoubtedly supported at any capacity, be it officially or unofficially.
via: https://itsfoss.com/android-distributions-roms/
作者:Pratham Patel 选题:lujun9972 译者:译者ID 校对:校对者ID