Which Google free phone?

Google Pixel 3a with GrapheneOS.

Best ROM for security and privacy. No crap like LineageOS or other failed custom ROM.
You get it for ~300€

Best ROM for security and privacy. No crap like LineageOS or other failed custom ROM

Could you tell more? Why do you think LineageOS is crap? What are the advantages of GrapheneOS?
Thank you.

1 Like

LineageOS have failed Implementation like their privacy manager or the app based firewall.
Also they doesn’t support re-locked Bootloader so the phone run with a open Bootloader and also with a custom Recovery (TWRP). Both are securty desaster.
You can read more here: https://www.reddit.com/r/GrapheneOS/comments/cnwu1a/how_is_grapheneos_different_from_bare_lineage_os/

GrapheneOS is a hardened AOSP with Security and Privacy in mind.
The website explain that perfectly and better then any user can: https://grapheneos.org/

If you have more question, i try to help

2 Likes

I’d be interested to learn LineageOS’s response to this. To busy to look now but please point me to it if you find it.

Thks. So I understand that GrapheneOS is more secure, but what about the de-googlisation of the device? Does it use any google apps or services? The project is maintained by 1 person, isn’t it a little ‘dangerous’ if only 1 guy does the work and maybe errors…?

1 Like

@webDev you will not find any response from LineageOS to that. They don’t have the knowledge nor they works as one big team. Every device dev make his own part.
I use LineageOS in past too for many years (even from CynanogenMod) but GrapheneOS is the real way.

@alexian
GrapheneOS run without GAPPS. So no Google stuff is running on the device.

Only these required Connectivity checks are made: https://grapheneos.org/usage#default-connections
Read why that’s not disabled.

GrapheneOS is a very new project (old name was CoppherheadOS which got corrupted) and Daniel Micay is the main dev, while he have some support from other people and the team grow. Also LineageOS is mostly too only maintained by 1 person for a device.

it run also very stable because of no useless implementations LineageOS have. This is also the sense of that project: Keep the code as much as possible clean/ unmodified and only harden the system.

1 Like

Thank you for the reply.

Regarding: > Only these required Connectivity checks are made: https://grapheneos.org/usage#default-connections

Read why that’s not disabled.

Yes, it is the same with LineageOS…

I might be tempted when I change my phone to switch to a Pixel 3 with GrapheneOS. What about the camera software? Can I, like with LineageOS, install the Google camera?

1 Like

@alexian The Pixel 2 and Pixel 3 (but not the Pixel 3a) have a Pixel Visual Core providing a hardware-based implementation of HDR+
More info at https://grapheneos.org/usage#camera

I personally have a 3a and i use this recommend OpenCamera (from F-Droid) and photos are much better then from my OnePlus 2 with LineageOS.
So if photo quality is important for you, you should buy a Pixel 3. If that’s not the main point then Pixel 3a is the way.
Security related both devices are equal.

Also the Pixel 4a may the next will get GrapheneOS - if the community help at least.

2 Likes

True paradox that best phone to avoid monopolistic Google is to buy … google overrated Pixel, ( thanks to AOSP true success) . Sony used to be almost on par with Pixels, but they seem to cut their aosp participation more and more (like htc & lg few years ago).

Thanks to aosp Treble project, you can now have better Google-free roms on low cost devices than on sophisticated flagships :

I have uploaded on F-Droid a specific app to pre-test devices in shops, prior to purchase : https://f-droid.org/en/packages/com.oF2pks.kalturadeviceinfos

1 Like

Talking about privacy against GrapheneOS costed me a ban in reddit…

This is by far the most secure Android ROM. I completely agree with that.

However, it has a lot of automatic connections with Google. Daniel says, be in the crowd but that statement seems a mistake. Google will know your device exists, that it runs Android and some basic information about it.
Sorry! But for me automatic connections means no privacy whatever Daniel or other people may say.
BTW, you could avoid them with NetGuard and some antiGoogle hosts.

On the other hand, Daniel says we have to use chromium browsers because of their security. Ok, that’s correct due to their sandbox.
However, Chromium mobile engines do not allow ublock origin/umatrix. Even some trackers only can be blocked with Firefox engines (according to ublock/umatrix creator)
Again, for me that’s not privacy.

Finally, we have to give money to Google. A paradox, the same sentence that a partner said before.

So, What Android ROM do I recommend in terms of privacy? A LineageOS without gapps or a “netguarded” GrapheneOS.
In terms of security, GrapheneOS.
Nevertheless, I prefer a Librem, a Pinephone or a Replicanty phone by far.

Greetings.

2 Likes

@Narsil Where in Reddit did you got the ban ?

it has a lot of automatic connections with Google
Not true. Only one for:
DNS connectivity and functionality tests
DNS resolution for other connections
Read https://grapheneos.org/faq#default-connections
You should read why it’s a bad idea to block that.

Google also know anyway that you own a Pixel, because you need to allow Network once to get it unlocked. But that isn’t a problem.

Browser addons:
make you unique and you can use other methods to block ads. Using uMatrix isn’t recommend on such a small device.
Also looks like you doesn’t know how things works. Using such blocker doesn’t increase your privacy at all, as many other options exist to track you. You only make you more unique.

Google is sadlly the only Android company which care about Security. No other company provide 3 year full and monthly security updates.
Only Apple is better (5 years).

LineageOS is a joke. They think that provide Android updates make the secure longer secure then phone manufacturer provide support, but that’s not true.
Android Updates are only the half. You need firmware updates too and no, LineageOS doesn’t provide that, as the can’t.

Librem is a joke too. They say that their woudln’t be any firmware updates for baseband because of compatiblity problems.
That’s make sense but also is a security desaster.
Same also for Pinephone, Replicant, …

it only exist two ways:

  • Pixel devices (GrapheneOS provide better Security & Privacy then stock Google ROM, while Google itself provide good security too - but less privacy)
  • iPhone as they provide long time support and have same security as Pixel - maybe even GrapheneOS. Privacy related they’re not very much better then Google.
2 Likes

Browser addons:
make you unique and you can use other methods to block ads. Using uMatrix isn’t recommend on such a small device.
Also looks like you doesn’t know how things works. Using such blocker doesn’t increase your privacy at all, as many other options exist to track you. You only make you more unique.

Could you elaborate, which other methods to block ads?

I agree that using add-ons make you more unique but in that case why so many people use these add-ons thinking it is good for privacy? What do you recommend to increase privacy and make you less unique?

LineageOS is a joke. They think that provide Android updates make the secure longer secure then phone manufacturer provide support, but that’s not true.
Android Updates are only the half. You need firmware updates too and no, LineageOS doesn’t provide that, as the can’t.
And GrapheneOS provides firmware updates? How is Graphene more secure than a LineageOS?

Thank you.

1 Like

Could you elaborate, which other methods to block ads?

Sure! For example you can use a DNS which use Adblocking on server side. I use DNSWarden

but in that case why so many people use these add-ons thinking it is good for privacy? What do you recommend to increase privacy and make you less unique?

This is because a lot of misinformation and privacy freaks exist on internet which spread solutions they think it help but they doesn’t know any technical info nor how things realy works.
On enduser side their doesn’t exist a real solution. The best one is using Tor browser without any own modifications.
As simplest solution you can block Ads + 3th party Cookies which will prevent the basic tracking and also improve your browsing speed and site behaviour. Against all other tracking stuff their doesn’t exist anything you can do - sadly.

2 Likes

In Privacy.

Not only one.
Connectivitycheck and gooogle.com
time.android.com
play.googleapis.com

As for the browsers, it is a recurrent answer, the uniqueness.
Nevertheless, with Bromite I have always the same fingerprinting and on the other hand, I can change it with Mozilla engines. Moreover, Canvas can’t be blocked properly in Chromium browsers.
Besides, trackers and adds are better avoided with ublock/umatrix.
Undoubtly, you have to use few addons in order to avoid more uniqueness but in all web tests I get better marks than using Chromium browsers.

To sum up, IMO, GrapheneOS is a good a privacy oriented ROM but could be even better with some changes that are controversial, I know.

BTW, you talked about firmwares related to Pixel devices. Ok, that means security.
However, are these firmwares open source? Are wifi, radio and bluetooth drivers in GrapheneOS open source? Is it disabled baseband in GrapheneOS? Ok, it is mitigated with software but not disabled.
All in all, not privacy for me.

1 Like

Connectivitycheck and gooogle.com
time.android.com
play.googleapis.com

my GrapheneOS doesn’t connect to these domains. Don’t know where dd you read that.

Addons: As i already say, you don’t avoid tracking. You only think but blocking that stuff help, but you don’t know that the websites use more tracking options which you can’t fully block. Not even the Tor browser can do that 100%.

I talk about firmware in generall and this is the main reason why GrapheneOS only support few Pixel devices.
I don’t answer your questions about OpenSource here, as the research is your turn.

GrapheneOS open source

Yes. Looks like you never take a look at the GrapheneOS website which i post here more then once.

Is it disabled baseband in GrapheneOS

I don’t understand your question but disable baseband wouldn’t make sense on a Smartphone which is used for calls.

Ok, it is mitigated with software but not disabled.

Don’t understand what you mean

1 Like

time.android.com (Google server) is the NTP server by default. Maybe it could be pool.ntp.org. This is an automatic connection. Android does not need that. Due to NITZ it has data and time automatically (without internet):
https://en.wikipedia.org/wiki/NITZ

On the other hand, connectivitycheck.gstatic.com, google.com and play.googleapis (Google servers) are in GrapheneOS web page:
https://grapheneos.org/faq#default-connections
HTTPS: https://www.google.com/generate_204
HTTP: http://connectivitycheck.gstatic.com/generate_204
HTTP fallback: http://www.google.com/gen_204
HTTP other fallback: http://play.googleapis.com/generate_204

As for the Open source, GrapheneOS does not have libre drivers (the same than LineageOS) Only Replicant has open source drivers. Due to that it is the only Android ROM recommended by the Free Software Foundation.

Regarding baseband it is completely privative (and necessary) and even with mitigations by software it is operational. The only way is by hardware (like Librem does, with switches that can control it partially)

1 Like

Regarding baseband it is completely privative (and necessary) and even with mitigations by software it is operational. The only way is by hardware (like Librem does, with switches that can control it partially)

Activating airplane mode will fully disable the cellular radio transmit and receive capabilities, which will prevent your phone from being reached from the cellular network and stop your carrier (and anyone impersonating them to you) from tracking the device via the cellular radio

The hardware switch on Librem is useless. It disable your celluar like GrapheneOS but disable it, mean you can’t use it at all. So it doesn’t provide any further improvement. The Pixel phone for example isolate the baseband to other components, which the Librem hasn’t.

1 Like

Precisely, hardware isolation will be always more effective than by software.
Switching something off (hardware) is more reliable than disabling it (software)

Remember that when you put airplane mode Wifi and GPS are still here (3 components in baseband)
What is more, ENEA’s OSE (baseband privative OS) is still running and operational.

Given that the original question is about a Google-free experience, there’s this article by Hans re privacy which they might find helpful.

  • Why not use Tor (highest security level) and/or i2p for as much as possible, the Tor nodes seem pretty robust these days and can handle a fair amount of traffic.
  • Maybe a firewall for apps you’re unsure about too.
  • Nextcloud for open-source, encrypted data-syncing across your devices,
  • Depending on how far you need to go, there’s Tails operating system that doesn’t write any info to the hard disk (for desktop computers).
  • For devices that you don’t need connected to the net, physically remove the networking hardware.
  • The above is just what I could come up with in this moment but I’m sure there’s others that I’ve missed.
1 Like

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.