11

crosspostato da: https://lemmy.kde.social/post/416424

Hello there! This is my problem: I'm going to buy a new smartphone, and I'd really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but... Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc... What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?

Thanks in advance folks!

you are viewing a single comment's thread
view the rest of the comments
[-] netchami@sh.itjust.works 2 points 1 year ago

I highly recommend GrapheneOS on a Google Pixel. You can also get a used one, just make sure to buy a Pixel 6 or newer, as the models don't get security updates anymore. The Pixel 6 is supported until October 2026 (~3 years). You can check out the entire list of supported devices and the minimum support length on this site. Pixels are a fantastic choice for security because of their Titan M security chip which has support for various Android security features like the Weaver API which throttles unlock attempts making brute-force attack unfeasible, Android StrongBox, and Insider Attack Resistance.

GrapheneOS is really awesome, by default it doesn't include any Google services making it an excellent choice for privacy. You can install Google Play services, but they will run in a sandbox, you have the ability to restrict what Google has access to on your phone. They also make significant security improvements like hardening the memory allocator, the C library, SELinux policies, etc. What makes GrapheneOS so much better than other ROMs is the fact that you can relock the bootloader and make use of Android Verified Boot with GrapheneOS' custom signing keys.

You can watch this video or read the official documentation to learn more. My advice: Stay away from insecure ROMs like LineageOS.

[-] tubbadu@lemmy.kde.social 1 points 1 year ago

Thanks for the answer! Why is lineageos insecure?

[-] netchami@sh.itjust.works 1 points 1 year ago* (last edited 1 year ago)

It doesn't allow you to lock the bootloader meaning you can't use Android Verified Boot. There are more security issues with LineageOS, you can read about them on this site

this post was submitted on 22 Nov 2023
11 points (86.7% liked)

Ask Android

2246 readers
6 users here now

A place to ask your questions and seek help related to your Android device and the Android ecosystem.

Whether you're looking for app recommendations, phone buying advice, or want to explore rooting and tutorials, this is the place for you!

Rules
  1. Be descriptive: Help us help you by providing as many details as you can.
  2. Be patient: You're getting free help from Internet strangers, so you may have to wait for an answer.
  3. Be helpful: If someone asks you for more information, tell us what you can. If someone asks you for a screenshot, please provide one!
  4. Be nice: Treat others with respect, even if you don't agree with their advice. Accordingly, you should expect others to be nice to you as well. Report intentionally rude answers.
  5. No piracy: Sharing or discussing pirated content is strictly prohibited. Do not ask others for a paid app or about how to acquire one.
  6. No affiliate/marketing links: Posting affiliate links is not allowed.
  7. No URL shorteners: These can hide the true location of the page and lead people to malicious places.
  8. No lockscreen bypasses: Please do not comment, link, or assist with bypassing lock screens or factory reset protection.
  9. No cross-posting: Please take the time to make a proper post instead of cross-posting.
Other Communities

founded 2 years ago
MODERATORS