[sf-lug] android
Rick Moen
rick at linuxmafia.com
Thu Apr 7 00:07:35 PDT 2022
I wrote:
> 3. The obvious way to escape the clutches of the 2nd most nosy
> corporation in the world -- and still use Android if that is
> one's cuppa is to _not use Google's Android builds_, but rather
> (hardware support permitting[1]) one of the third-party,
> less-filled-with-vendor-captive-proprietary-junk Android,
> Replicant or CopperheadOS for the purists, PostmarketOS for
> the realists.
I misremembered the relevant names, on account of writing
extemporaneously.
The ur-implementation of truly open source Android was CyanogenMod.
When that project imploded, its flagship successor, and main current
example of the genre, is LineageOS.
https://en.wikipedia.org/wiki/LineageOS
The hardcore-FSF-leaning, militant-free-software version of LineageOS
with absolutely all proprietary bits omitted is Replicant.
https://en.wikipedia.org/wiki/Replicant_(operating_system)
/e/ (formerly Eelo) is a fork of LineageOS with microG, a free and
open-source implementation of Google APIs substituted for Google Play
Services.
https://en.wikipedia.org/wiki//e/_(operating_system)
There are, predictably, others.
https://en.wikipedia.org/wiki/List_of_custom_Android_distributions
_PostmarketOS_, is a real Linux distribution for mobile devices, not an
Android variant. It's a popular choice for PinePhones.
https://en.wikipedia.org/wiki/PostmarketOS
> and one must select very carefully.
>
> 4. Privacy? Using commodity Android means laughable security
> _and_ privacy, and also that you're fine with your handset
> getting EOLed in a ridiculously short period of time.
>
> 5. That's not even talking about the skunk in the garden, the thing
> cellular pphone users seldom even think about, the problem of the
> baseband chipset getting rooted and puppeteered over the air by
> average nation state spook agencies and, these days, probably by
> even modest criminal organisations. This is a largely unsolved
> problem, but Pine Store and Purism at least partially deal with it
> by decoupling the main and baseband chipsets rather than having
> them share a data/RAM bus as with most phones -- communicating,
> if memory serves, over USB. With power switches for various
> subsystems.
>
> Enlightening study from 8 & 6 years ago:
> https://blog.torproject.org/mission-impossible-hardening-android-security-and-privacy/
> https://blog.torproject.org/mission-improbable-hardening-android-security-and-privacy/
> (not the same URL twice!)
>
> Illustration of the baseband problem at work, with a quite
> unforgiveable backdoor built into the Samsung Galaxy by the vendor:
> https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor
>
> More on the baseband problem:
> https://news.ycombinator.com/item?id=10905643
>
>
> You asked a question that invites, well, a wide-ranging and highly
> debatable discussion. I've only dipped my toe in, above.
>
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> SF-LUG is at http://www.sf-lug.org/
More information about the sf-lug
mailing list