What are the most privacy respecting smartphones to buy, I am also looking for the one which respects your privacy the most. So far going to privacy communities esp on reddit, I often see Google Pixel + GrapheneOS being recommended.
But the thing is I don’t really trust Google with privacy, as we have seen they are last one to respect privacy. What if Google has some backdoor in the hardware that cannot be changed? And the problem with the more privacy respecting OSes for mobiles like GrapheneOS, CalyxOS etc are that they are only supported for Google pixel phones.
So I am really confused here.
Google Pixels have no backdoors. Recently, Maxime Rossi Bellom , Philippe Teuwen and Damiano Melotti did a deep research about the Google’s Chip, called TITAN M, in order to give an understanding regard it’s attack surface as well as the known and previously vulnerabilities.
Presentation Material
There is also a repository on GitHub, which contains the tools they used in their research on the Google Titan M chip.
There is also a very interesting thread from Daniel Cuthbert, in which he showed some part about their presention. In the same thread, he also wrote that the Titan M is the reason why he switch from iPhone to Pixel.
We’re are talking about BlackHat here, not some random guy which claims things without any proof.
Regard the OS, GrapheneOS is far better than CalyxOS; it offers much better privacy and security improvements. You can see the list of the features here; https://grapheneos.org/features
This is interesting to hear. So research finds no presence of any backdoors on the TITAN M chips of Google pixel phones. I wanted to buy a new smartphone which is more private and so far the most private OSes are only supported for pixel phones. On a sidenote how does the GrapheneOS compare to other OSes like the LineageOS or DivestOS?
I don’t know about DivestOS. However, GrapheneOS is dramatically better than LineageOS. That’s because GrapheneOS is focused on privacy and security rather than customization like LineageOS. GrapheneOS starts from the strong baseline of the Android security model and brings a lot of privacy and security improvements. While LineageOS doesn’t have real privacy and security improvements, it also weakens the android security model.
There is a very good article written by madaidan, who explain the security of Android and the problems about lineageOS; https://madaidans-insecurities.github.io/android.html
Thanks. DivestOS is a fork of LineageOS. Website: https://divestos.org/
Madaidan’s article also seems to recommend Pixel + GrapheneOS. Would there be any significant difference between Pixel 3, 4 or 5 when it comes to privacy? Asking since, Pixel 5 costs more than 4 and 3 and whether it would be worth paying an extra hundreds of dollars for the latest Pixel.
Hi! Really sorry for the delay.
Every new generation of pixel bring privacy and security improvements hardware wise. In particular, the new pixels have set a new standard for mobile security;
https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
This article smells bullshit.
Having a separate chip for some system activity is reasonable security, but what about running a libre GSM modem with some clear (hardware) limits on what it can reach in case it’s compromised (this is what Pinephone/Librem is doing)?
Encouraging fingerprints as passwords. Worst security advice ever.
Built-in protections automatically scan for potential threats from phone calls, text messages, emails, and links sent through apps, notifying you if there’s a potential problem. (…) The detection runs on your Pixel, and uses a privacy preserving technology called federated analytics to discover commonly-run bad apps.
I don’t know about the details, but this smells like some really privacy-invasive tech.
I’d say the most private would probably a Purism Librem with Pinephone being second place. Both of those come with their own caveats.
I think Graphene also puts a high focus on security for which, if you’re using android, the Pixel phones offer the best platform. You could also go with the /e/ android operating system if your focus is on de-googling while sticking to android.
Librem seems very expensive ranging from $1200-2000. Can’t afford that, I would want something less than $500 and if more preferably to be under $350. Would sticking to android that’s already installed and degoogling it be really enough when it comes to privacy?
Depends on what you consider “enough”. Even “degoogling” it in most instances won’t entirely get rid of proprietary code and reliance on some google services. It’s a trade-off.
For me it would be enough that big corps not taking my data or tracking any of my activities. With degoogling you can only decrease the amount of spying that big corps do instead of completely eliminating it?
That’s my understanding. You can decrease it, significantly, but not entirely. But the same goes for the web in general. Hard to completely bock all tracking and such too while still interacting meaningfully. So unless you’re a die-hard fanatic and willing to suffer a lot of inconveniences, good enough will have to be, well, good enough for most of us.
Unfortunately privacy and convenience generally just don’t go together and the convenience factor along with the mentality of “nothing to hide, nothing to fear” makes people just go for the most privacy violating stuff and arguing about privacy with those who have that mindset is just not easy either.
If you remove Google Play Services and only install apps from F-Droid (which are vetted by the community and explicitly list antifeatures) you should achieve your goals. That is, assuming your system itself is not snitching on you.
Also worth noting, phone providers are big corps doing tons of spying on their users. If you’d like to get rid of those, running your smartphone using wifi only with randomized MAC addresses (i think is default now on Android) is very reasonable.
Yes removing Google Play services will reduce the spying that Google does on you but the mobile company can still possibly spy on you. How do I check that my phone has a randomized MAC address or not?
Yeah thats about right. If you stat worrying about hardware backdoors then you should go with a pinephone. Personally im not that worried about hardware backdoors as theyre probably everywhere so i use a samsung with LineageOS, up to you to choose
Either Pinephone or Pixel + GrapheneOS are the way to go?
On my opinion yeah, id go with pixel if you want your phone to be usable
I purchased a used Pixel 3a for ~$150 last week and it works well with GrapheneOS. Since your budget is a bit higher than mine was, you could go for a newer Pixel.
GrapheneOS places more emphasis on security than LineageOS, but the privacy provided is comparable, or so I have heard from several sources.
Pinephone is a hacker’s phone, like a beta under constant evolution. So depending on the system you use on it (which you are free to choose, that’s refreshing) you may have varied experiences like with battery life.
However, Pinephone is much cheaper and hardware wise inspires more confidence. The modem does not have direct access to the phone’s memory (unlike most smartphones) which is like hardware security 101, and there’s ongoing R&D to develop a FLOSS driver for it.
The question is also: would we rather financially support an enthusiast community building awesome hardware? Or a giant corp ruining our lives?
Removed by mod
Sorry for a late reply. The grapheneOS seems to have a problem with not a very welcoming community but their OS is still good with all the security and privacy features that it comes with? If it is not Google Pixel + GrapheneOS that is the most private way of using a mobile phone then what is the most private way? I see this set up recommended in almost every privacy community including this thread.
Removed by mod
can’t you stick to the OS and hardware (facts) and leave politics/opinions outta this? the community does matter if you need help, but how in the hell do they know your race, sex, or politics unless you wear them on your sleeve?
Removed by mod
My rights end where yours begin and vice versa. My main point will always be “you do you” or “good fences make good neighbours” or don’t trespass on my property or in my mental space. Values differ from individual to individual - even within close-knit families or within causes. As long as you don’t infringe upon another’s freedom (I include all animals - wild and domestic), you should be able to do as you please. Both Left and Right have one thing in common - both try to shove their values (“decency”) down the throats of others. Fuck you both equally. If that (do as I say) mindset isn’t offensive, then i don’t know what is! Be as this or that as you like, but preaching to me when I don’t wanna hear it is going to breed resentment. That is you wasting my time and mental energies. Live by your own values and if I see that you are content, healthy, and successful in one manner or another, maybe I will adopt some of your ways WITHOUT your saying one word to me. Proselytizing or ‘teaching’ me is so often rude.
Removed by mod
Right and wrong are relative to some extent and always have been and always will be. Who is to say the religious fundamentalist’s ‘decency’ is better or worse than (the obvious opposite) a Progressive’s? Who is sole arbiter of the truth? Shouldn’t it be more up to the individual? What ever happened to “Live and let live”?
Removed by mod
The question is “which smartphones are most private?” Not “which OS community is the least toxic?” Seems you have your reasons for hating on Graphene, but you’ve totally lost the plot here. Save that rant for a question thats actually asking about it, please. In the end, if it works and its the most private, thats what is going to matter the most to the end user.
Removed by mod
mimimimimi I don’t care, it’s secure, I like the features. Separate the creation from the creator.
Do you trust the creator, though? He is an absolutely deranged and extremely spiteful individual.
Deranged and spiteful? Yeah I’d trust that. Spite and grit are the only ways that a huge project like GOS can be maintained so well. If you want me to swap make your own secure Android distro.
Removed by mod
Is his code racist? also lol ban me it’s just a website
Removed by mod
I am willing to change Android distros if you can point me to an actively developed one centered around security that can compete with GOS.
Removed by mod
Camera app shutter can be muted with the volume slider, just tried it on the latest version so I assume it would have been patched out. I am open to swapping away from a lunatic’s OS if you have any other ROMs that can relock the bootloader and come with a user profile manager that easily allows me to install apps from my main profile to the others. Frankly I’ve never heard of DOS before, and I will immediately give it a shot on my work phone. Thanks :)
I hear lots of great things about Graphene but it’s only able to run on Pixel phones. I have a LineageOS installed on my phone & I have full control over the firewall, and there’s no google on it. Got the phone a year ago, battery still lasts 2 days of occasional use. It’s amazing how nice a phone feels without ads, constant upload/download, and unneeded background services running.
Basically, and even with Graphene, the biggest security risk for a phone is the person using it. I wish it were more turn-key but the tracking with cookies is just the tip of the iceburg… apps like to track too and if you need an app outside of the free-open-source-software circle you should know how to control its access to the internet.
That last part is where Graphene shines IMO, as every time you install an app you have the choice of natively allowing network permissions that you can change at any time. I agree with you on Lineage being great for an extra layer of privacy especially for the average person.
o cool I didn’t know that. I use AF Wall as my firewall GUI on Lineage. I do have to give it root to update the tables though.
I use TrackerControl (TC) on my Lineage devices for this. Will look into AF Wall, thanks!
LineageOS also supports some more obscure phones if you don’t like Google pixel phones or if you’re on a tight budget
LineageOS from what i heard stopped supporting different passphrases for partition decryption and session unlocking. Having two separate passphrases was very useful because unlocking your screen happens much more often and is therefore much more likely to be compromised (eg. recorded by CCTV).
Still, much respect for LineageOS, but we should still consider that most smartphones (except for Librem 5 and Pinephone) don’t care for hardware architecture and firmware reach, rendering the entire phone insecure.
This article is not really relevant. It points out that when the os is replaced by a privacy focused os like e-os then no data is sent back.
This article is not really relevant. It points out that when the os is replaced by a privacy focused os like e-os then no data is sent back.
Anything with as few data points tied to you is the most ideal. How far are you willing to go for privacy, and what are you using the devices for? If you absolutely need to run an Android ROM on mobile, GOS or even just a carefully setup LineageOS device would be your best bet. If you can live without a cell phone choose to do so.
