this post was submitted on 21 Aug 2021
26 points (96.4% liked)

Open Source

32381 readers
1654 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
26
Looking for a new mobile OS (lemmy.ml)
submitted 3 years ago by [email protected] to c/[email protected]
50 comments fedilink hide all child comments
 

I have been running lineageOS on my OnePlus 2. I liked it, but Lineage has stopped supporting my phone. There are two options that I have been able to find as replacements - postmarketOS and /e/OS. Any thoughts on those or other recommendation? Anything that gets security updates, is open source, and is functional meets my needs.

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 3 years ago (2 children)

On android there are three recommended operating system:

GrapheneOS

GrapheneOS starts from the strong baseline of the Android Open Source Project (AOSP) and provides substantial privacy and security improvements from the bottom up, such as:

You can find a partial list of grapheneOS features here.

GrapheneOS has also experiments support for installing the official releases of:

as unprivileged, sandboxed apps like any others and GrapheneOS implements shims to make them work without the many privileged permissions and SELinux policy extensions these apps usually require. This approach fit the android security model, unlike microg.

CalyxOS

CalyxOS starts from the strong baseline of the Android Open Source Project (AOSP) and minimizes the tracking, surveillance, and spying done by phone manufacturers, mobile phone service providers, internet service providers, advertising companies, data miners, and malicious hackers. It provides some privacy and security improvement, such as;

  • scramble PIN
  • block unknown USB devices
  • encrypted backup via seedvault
  • Wi-Fi and Bluetooth auto turn off
  • directly make an encrypted call using Signal or WhatsApp from the Dialer
  • sensitive Numbers privacy
  • tethered network devices (USB or Wi-Fi) can use the phone's VPN or Tor.
  • microg
  • datura firewall
  • mozilla Location Services (and Dejavu) available as default location services.
  • nominatim available as default geocoding service

You can see the full lost of features here

In addition, CalyxOS bundles some application in order to protect user's privacy and security, such as;

LineageOS

LineageOS is a ROM focused on costomization and compatibility with different devices rather than improve privacy and security. Nonetheless, It comes with a few privacy and security improvements, such as:

  • PIN scramble
  • sensitive numbers privacy
  • encrypted backup via seedvault
  • Trust
  • Hide specific apps behind a secure lock

You can see more detail about LineageOS features

However, this ROM severely weaken the security model of android in different ways:

  • using SELinux in permissive mode instead of enforcing mode, which is a very bad approach

  • disabling verified boot which ensures that all executed code comes from a trusted source, rather than from an attacker or corruption

  • using userdebug builds, which is a bad approach because builds released with userdebug do have serious sandbox holes. In fact, Even if lineage supported verified boot, you could easily disable it as it is a userdebug build. So malware could just disable verified boot on lineageos if it wants to due to userdebug and achieve full persistence.

  • lacking of rollback protection which means that an attacker could downgrade the system to a vulnerable version for further exploitation even if the bootloader was locked.

Moreover, LineageOS still support phones which don't have vendors support anymore. So, closed source components such as the bootloader, modem firmware, and other firmware no longer get updates.

/e/

/e/ is basically a LineageOS reskin.

conclusion

It's important to understand that this is not a comparison. These operating systems are different projects; they offer different things, have different goals,thus they have different approaches. Therefore, I'm not saying what OS you should use. You have to choose according your own user case and threat model. And please, if you can read the documentation I linked about these project.

Also, these project have really active community, so if you have any questions you should ask there:

[–] [email protected] 5 points 3 years ago (2 children)

Great general info! Thanks for taking the time to put it together. Specifically, Graphene and Calyx support a combined total of 12 devices 11 of which are Pixels. Great for those users and it might inform what I buy in the future. Lineage supports tons of devices - great for anyone reading this who doesn't care about the softened security (or doesn't have another choice). Lineage is out for me specifically because my device is old/unpopular enough. /e/ still list support for my device, but I am guessing that since it is based on Lineage it won't get meaningful support either.

[–] [email protected] 2 points 3 years ago (1 children)

It depend, /e/ could still continue to support your device if trees aren't so outdated. Still, check frequently at least the security patch version

[–] [email protected] 1 points 3 years ago

Thanks for the distinction. Just for the record and anyone asking the same question - /e/ does still support even though lineage dropped my device.

[–] [email protected] -4 points 3 years ago (1 children)

I recommend you learn about the levels of lunacy I debunked regarding the security theater GrapheneOS and its fanboys have created. https://lemmy.ml/post/73800/comment/66676

The poster above deleted a lot of comments where we had a discussion, a month ago.

[–] [email protected] 1 points 3 years ago

Maybe if I am ever looking at graphene I will. As I said it isn't available on my device.

[–] [email protected] 5 points 3 years ago (1 children)

LineageOS don't use permissive selinux and disabled nearly every function of userdebug build except for root functions over adb (that is disabled by default).

The only real danger about LOS is the unlocked bootloader, but it can't be solved by LineageOS developers, since it depend deeply by manufactorer.

Still, even if it is a security risk it depend a lot about your threat model and if you usually install only trusted apps and navigate on trusted sites (or usually disable JavaScript) the actual attack surfaces isn't really a problem for the common users, and there are only theoretical risks.

The great thing about official LOS is the support of a lot of devices (and not only Google made) and the big community approval needed for every change.

Community standards for LOS are actually really strict, and you can be pretty sure to have a stable system when you use official LOS on your device. Since there are dozens of supported devices it gives users a lot of freedom.

[–] [email protected] 1 points 3 years ago (1 children)

don’t use permissive selinux

LineageOS weakens SELinux policies.

disabled nearly every function of userdebug build except for root functions over adb (that is disabled by default).

LineageOS still uses userdebug build. Userdebug builds are primarily development builds that are supposed to be given to closed beta testers hired by a business. These builds are not considered to be secure. Security isn't even a concern as these builds are purely for development purposes.

The only real danger about LOS is the unlocked bootloader Disabling bootloade

Verified boot ensures that all executed code comes from a trusted source rather than from an attacker or corruption. Moreover, Verified Boot checks for the correct version of Android with rollback protection which helps to prevent a possible exploit from becoming persistent by ensuring devices only update to newer versions of Android. Verified boot it's not only useful against physical attacks, if a remote attacker has managed to exploit the system and gain high privileges, verified boot would revert their changes upon reboot and ensure that they cannot persist.

Also, rollback protection can be enabled even with bootloader unlocked. However, Lineage doesn't have rollback protection either.

even if it is a security risk it depend a lot about your threat model and if you usually install only trusted apps and navigate on trusted sites (or usually disable JavaScript) the actual attack surfaces isn’t really a problem for the common users, and there are only theoretical risks.

That's not really a good argument. The majority of users have bad habits regarding good security practices, they usually install applications without check the signature, for example. You just assume that users will act in certain way, but in reality you don't know that. It's not real security, it's security through obscurity. The risks are not only theorical, as I explained above.

Community standards for LOS are actually really strict.

Doesn't seems so. All the problem I pointed out still remain. Also, they don't add any relevant security or privacy improvement, instead they weaken the security android model.

Since there are dozens of supported devices it gives users a lot of freedom.

If you prefer/need/want to use lineageOS then go for it, it's up to you. However, freedom it's not equal to privacy and security.

[–] [email protected] -2 points 3 years ago* (last edited 3 years ago)

Hello GrapheneOS propaganda account, nice to meet you. Nice security theater you are fooling everybody with.

[–] [email protected] 4 points 3 years ago (1 children)

I have been running /e/ for over a year and I have to say that it has been great. As opposed to lineage, they have stripped out as much of the Google stuff as possible while keeping it working (they use microG).

[–] [email protected] 3 points 3 years ago

Great to have perspective from a real world user. Thank you!

[–] [email protected] 4 points 3 years ago (2 children)

PostmarketOS would be my choice of those options. They support full disk encryption which the others don't.

[–] [email protected] 3 points 3 years ago (1 children)

Out of curiosity: given that AFAIK full disk encryption only helps when the device is turned off, how is that a really useful feature for a smartphone that is basically never turned off?

[–] [email protected] 2 points 3 years ago

You're right that they are probably just edge cases. As a thought experiment I see three possible use scenarios - 1) Lose the phone and it dies 2) Malicious person gets phone, tries to restart for whatever reason, and is locked out 3) I know for some reason that someone is about to try to get data off my phone in person and I have time to turn it off.

More to the point there really isn't a downside. Entering a password when I restart is nothing for me, and the read/write slow down isn't going be noticeable because I don't ask much of my phone.

[–] [email protected] 1 points 3 years ago

That is a nice-to-have that could push me that way

[–] [email protected] 4 points 3 years ago (1 children)

https://devices.ubuntu-touch.io/device/oneplus2/

[–] [email protected] 1 points 3 years ago (1 children)

Thank you! I must have been looking somewhere with outdated info when I looked into this one.

[–] [email protected] 1 points 3 years ago (1 children)

Its worth a try, but the OP2 isn't the best supported device sadly.

[–] [email protected] 1 points 3 years ago

Yeah, I don't think it was super popular and it's getting old (6yrs). I think spotty support is all I can hope for, but I'd rather do that than toss it.

[–] [email protected] 4 points 3 years ago (2 children)

I highly recommend just going to the xdadevelopers forum for your device, and see what the most supported ROMs are. They'll all be AOSP-based of course, but many of them will have de-googled / de-play-store download options. Most importantly the most popular ones will always support all your phone hardware.

[–] [email protected] 2 points 3 years ago

I've never been in the xdadevelopers forums. I will definitely go take a look. Thanks for the new resource.

[–] [email protected] -1 points 3 years ago* (last edited 3 years ago) (25 children)

They also might package spyware and are often provided by twelve year olds.

load more comments (25 replies)
[–] [email protected] 2 points 2 years ago

Yes there is also latest version of LineageOs 20 available. Read it here Lineage Update