this post was submitted on 06 Sep 2024
71 points (88.2% liked)

Privacy

32165 readers
1000 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

(Please when answering, assume I’m not a beginner at privacy/programming :) I know where the good stuff at)

First off, shameful confession: I’m writing this on a dying yellow iPhone XR I bought second-hand three years ago (189€). I absolutely love the look of it: the screen, build quality, are all amazing. The only problem was the locked ecosystem (sideloading Spotify/Torrent client was sooo hard).

I saw the android phone of my mother dying really fast. She currently has a Xiaomi phone that’s ridiculously big for my hands, there’s advertisements in the stocks apps (?!!), the UX is janky and everything. It looks like a bloat, privacy nightmare.

So… because it’s impossible to find a jailbreakable phone nowadays I need to buy an android and ideally I would want:

  • Good screen (vivid colors)
  • Good build quality (not shitty plastic)
  • Don’t care about the camera (I don’t want those ridiculously big cameras they make nowadays)
  • Would want to install either GrapheneOS/LineageOS

The things that scare me off:

  • I really need my bank app and I need it updated so I have to use Google Play Services but I don’t want it to plague my phone with privacy bullshit (I want to be degoogled)

The things that excite me:

  • Customization possibilities
  • Learning experience
  • Even more privacy than a de-googled IOS phone :)
  • F-Droid!! (Maybe I’ll find a beautiful IRC client)
  • More choices for Mastodon & Lemmy clients
  • Freedom of free software.
  • client for open-source git providers :)

But to get all of that, I don’t want Google, I need shitty apps (non-free software) I have to install:

  • Instagram (for non-technical friends)
  • GitHub (job & open-source)
  • No-Ad Modded Spotify from Balatan
  • Discord (gamer friends)
  • Telegram (cryptobros friends)
  • Steam (because I still love gaming)

Any advices? Phone ideas? I’m so lost in this ocean of choice (freedom ✨)

My current phone:

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 38 points 2 months ago (1 children)

Graphene OS only works on Pixel Phones. They're really the gold standard. Pick one from the supported list on the graphene os website that suits your needs.

[–] [email protected] 5 points 2 months ago

i wish i knew about graphene when i got a pixel 6 pro. i got rid of it only after a year because it was such a buggy POS.

[–] [email protected] 25 points 2 months ago* (last edited 2 months ago) (3 children)

GrapheneOS

Google Pixels are the only options with this one.

No-Ad Modded Spotify from Balatan

Have you tried Spotube? It is a no ads YouTube Music client, that fetches your library from Spotify.


I can't recommend you a specific device, but can suggest a Bootloader Unlock: Wall of Shame, which can help you choose a device, as you are planning to install a custom ROM, like Lineage. Best of luck with your device search!

[–] [email protected] 11 points 2 months ago (1 children)

That Bootloader unlock link is an awesome idea!

load more comments (1 replies)
[–] [email protected] 3 points 2 months ago

Missing from the list: ASUS lost a lawsuit in the UK after lying about saying their unlock servers being down would come back up for Zenfones. While they have a headphone jack, offer good price/performance, & used to fall in the ‘small phone’ category, you can no longer unlock bootloaders with final statement being they won’t be allowing it going forward.

(I would contribute to the upstream, but I only use proprietary Microsoft GitHub when absolutely required—keep this in mind Privacy fam when setting up any unmirrored Git repository)

[–] [email protected] 2 points 2 months ago (1 children)

can suggest a Bootloader Unlock: Wall of Shame

Unfortunately it only mentions unlocking. Re-locking the bootloader is just as important, and strictly necessary for Android Verified Boot to work.

[–] [email protected] 3 points 2 months ago* (last edited 2 months ago)

Among modern devices, only Google Pixels support re-locking on custom ROMs, IIRC.

EDIT: Looks like, modern OnePlus devices can be re-locked too.
EDIT 1: Same goes for SHIFT6mq.

[–] [email protected] 23 points 2 months ago* (last edited 2 months ago) (1 children)

A Google Pixel with GrapheneOS is the best thing on the market for privacy and security.

GrapheneOS is a privacy and security-focused operating system, which is based on Android and retains full compatibility with Android apps. There are no Google services by default, but you can install Sandboxed Google Play services, which have much less access to your device, because they are running in the normal Android application sandbox, just like any other app you install, and can be removed at any time. GrapheneOS offers many other cool features, such as a network permission toggle, which lets you revoke internet access from any app (like e.g. the Google Camera app).

I'm glad you already know about F-Droid, because there are so many amazing apps there. After looking at your home screen and the apps you currently use, here are some quick recommendations from me:

  • Before you start using F-Droid, add the IzzyOnDroid repoisitory, as it contains even more awesome apps that can't be found in the official repo
  • Switch to a better F-Droid client, such as Droid-ify
  • Revolution is the best IRC client I could find on F-Droid, it looks a little older (doesn't use the newest version of Material Design), but still works very well
  • LibreTorrent is an amazing torrent client
  • AntennaPod is IMO the best podcast app on Android
  • The official Wikipedia app is available on F-Droid: https://f-droid.org/en/packages/org.wikipedia
  • Element X is a new, rewritten version of the Element client (it's officially made by the Element team, and you can even try it out on iOS right now)
  • Clock You is a good and modern looking clock/timer/stopwatch/alarm app
  • There are a few Telegram apps on F-Droid. I have found Nekogram X to be the best. If you prefer the experience of the stock Telegram app, you can get Telegram-FOSS from F-Droid.
  • For Signal, you can either use Signal-FOSS (requires a third-party repo), or an improved fork of the app called Molly (you can either get it from Accrescent, which is available in the GrapheneOS App Store), or by adding their custom F-Droid repo. Molly is officially recommended by the GrapheneOS project over the normal Signal app.
  • The official GitHub app works just fine, but you can also try FOSS alternatives from F-Droid such as FastHub-Libre, or OctoDroid.

The other apps you mentioned in your post are not available on F-Droid, but I also have a few recommendations there:

  • xManager for Spotify (it's a modded, patched version that removes ads)
  • Aliucord for Discord (it removes some of the telemetry and tracking)
  • Instagram and Steam can easily be downloaded from the Google Play Store. You can use Aurora Store, to download apps from Google Play without creating a Google Account.
  • If you only need Steam for the authenticator, there is a way to get the verification codes in a FOSS TOTP authenticator like Aegis, without having to install the Steam app: https://help.ente.io/auth/migration-guides/steam/
  • You can either use FFUpdate to download the Brave Browser, or use Obtainium to pull the APK from GitHub

Also check out Lawnchair launcher, since I at least find the stock launcher kinda lacking in features and UI/UX.

Feel free to ask me any further questions, either in this thread or via Lemmy DM

[–] [email protected] 4 points 2 months ago (1 children)

That’s amazing advice thanks :) you’re so knowledgeable about this ecosystem

[–] [email protected] 2 points 2 months ago (1 children)

I'm trying to help out wherever I can :)

[–] [email protected] 3 points 2 months ago (1 children)

Thank you, for all the Alternatives. I love Antenna Pod!!!

[–] [email protected] 2 points 2 months ago

I love it too, it's genuinely the best app for podcasts I've ever used

[–] loganb 22 points 2 months ago (1 children)

You sound like the ideal candidate for a refurbished Pixel 7 / 8 from amazon.

Test its hardware thoroughly on the stock os in case you need to return it.

Install GrapheneOS using the Web installer.

Install Droid-ify into your main profile from the f-droid web page. It looks much better than the official f-droid client and actually has a working auto-update

Create a work profile. I use an app called Shelter as the work profile admin app. This allows you to auto freeze your big-tech apps to help with battery life / privacy. Install google services from the built-in GrapheneOS app store.

Enjoy.

[–] [email protected] 3 points 2 months ago (1 children)

Google services shouldn't even be needed for the apps OP listed above. Instagram works just fine without Google services, just like Discord, Telegram and Steam. I don't know about GitHub, but there are FOSS alternatives for it on F-Droid. Spotify (xManager) also works just fine.

[–] loganb 2 points 2 months ago (1 children)

Generally agreed, I would actually try using as many services with their progressive web apps.

The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.

[–] [email protected] 2 points 2 months ago

Probably an unpopular opinion, but I've never seen the point of PWAs. I don't want a crappy website as an icon on my homescreen, I want a proper native app. If the app is privacy-invasive, I will either find a FOSS alternatives, or isolate it in a separate user profile.

The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.

That's true, I also need Play services for mine, but I have a special user profile for it.

[–] earth_walker 18 points 2 months ago* (last edited 2 months ago) (6 children)

Get a Pixel 7 or newer and put Graphene OS on it. Pixels are excellent phones and have good support for custom ROMs. The Pixel 6 has a lot of weird issues that the others don't have, so avoid it. Graphene is the best ROM for privacy AND security, and it is also relatively user-friendly.

Or, if you want an older phone, try a Pixel 3, 4 or 5. They are good phones with an older design style that may appeal to you.

/e/OS (also known as Murena) is also a good ROM for privacy, and supports a broader range of devices.

[–] rolling_resistance 2 points 2 months ago (1 children)

What issues does 6 have? My experience has been great, but I have nothing to compare it to.

load more comments (1 replies)
[–] [email protected] 2 points 2 months ago (1 children)

Typing this up on /e/os on OnePlus6t. Love it for ~2 years now. Signed up and support the project now with their ecosystem (64gb option).

load more comments (1 replies)
load more comments (4 replies)
[–] [email protected] 9 points 2 months ago (1 children)

I'd go either with a Fairphone 5 (or maybe wait for the 6 to release) with CalyxOS or a Google Pixel with GrapheneOS.

[–] [email protected] 3 points 2 months ago

I'm on Fairphone 4 with CalyxOS, and I am happy with that. I would not expect them to release a Fairphone 6 anytime soon, so unless OP has all the time in the world, the Fairphone 5 should be good if they want to go this route.

[–] [email protected] 9 points 2 months ago (1 children)

Why not use most of the web versions of the non-free apps you mentioned? No Google needed.

[–] rolling_resistance 5 points 2 months ago* (last edited 2 months ago)
  • push notifications
  • websites that tell you “use our app”
  • better UX
[–] [email protected] 9 points 2 months ago

I should really get around to putting grapheneos on my pixel but I'm lazy.

[–] [email protected] 8 points 2 months ago

A pixel phone with GrapheneOs?

[–] eruchitanda 6 points 2 months ago* (last edited 2 months ago) (2 children)

Banking apps work great on second profile (user), you can use Shelter/Insular (accessible from the main user), or Android's 'Multiple Users' (which means to switch user).

E: double space

[–] eruchitanda 3 points 2 months ago (1 children)

To update your Play Store apps you can use Aurora Store (notice that Aurora *Droid* is completely different app).

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 5 points 2 months ago

This is crazy. I’m in exactly the same situation and have been thinking about getting a mobile plan with a Pixel 8 (where I would install GrapheneOS on) as those are getting cheaper with the Pixel 9 out not.

[–] [email protected] 5 points 2 months ago

Buy a used Pixel that fits your budget. The Pixel 6 sometimes has problems with the battery so maybe rather choose between 7, 8 or 9. But you could send it to Google to get a new one but then you have to deal with them so yeah. Ifixit also has first party replacement batteries if you would choose the Pixel 6 and you would get this problem. Still I would recommend 7 lineup. Just take a look at grapheneos.org for length of support. Also 9 will be hard to find 2nd-hand I recon ;^)

[–] [email protected] 4 points 2 months ago (1 children)

https://wiki.lineageos.org/devices/ and make sure to double-check that unlocking the bootloader isn't too much bother (ie. read the installation instructions)

[–] [email protected] 2 points 2 months ago (3 children)

Lineage IS for MicroG: https://lineage.microg.org/

Also keep in mind that Lineage OS is not designed to relock the bootloader.

load more comments (3 replies)
[–] [email protected] 4 points 2 months ago* (last edited 2 months ago)

Calyx OS, Graphene OS or Lineage OS with MicroG. All of those will work fine for your use case. Just aim to get as many of your apps off of F-droid as possible. F-droid is a marketplace of free software and all apps in the main repo must meet certain requirements.

I would recommend eliminating your non free apps especially the dark pattern ones like Instagram and Discord. These apps are not private and you can't make them private. They are designed to get you hooked to the point where you can not leave. Also Targeted advertising has its own dark patterns which are harmful on so many levels. I realize it is hard to move but you can be the change you want to see. Maybe make it a long term goal to try to get people to move somewhere else. You can do some research and come up with an alternative.

[–] [email protected] 4 points 2 months ago (2 children)

Google Pixel of some kind.

One of the only phone lineups with easy bootloader unlock, and also the only ones supported by GrapheneOS.

You can also use it as-is if needed without going crazy from ads and notifications everywhere like other brands tend to have.

[–] [email protected] 6 points 2 months ago (1 children)

You can also use it as-is if needed without going crazy from ads and notifications everywhere like other brands tend to have.

Isn't it bad since Google == Far from privacy?

load more comments (1 replies)
load more comments (1 replies)
[–] [email protected] 3 points 2 months ago (1 children)

Your "ideally would want" pretty much locks you to a Pixel phone. The 7 has serious radio issues, the 8 works great (I had the 7 Pro now have the 8 Pro, no always on GrapheneOS) and don't know about the 9, but other that all the AI bullshit they are pushing with it, I don't really see that the specs justify those prices, specially since you're looking at installing GrapheneOS on it.

[–] [email protected] 3 points 2 months ago (1 children)

5a was the last version with a headphone jack, so they lost my respect

[–] [email protected] 2 points 2 months ago

That's an across the board thing. But yes, that's l a removed.

[–] [email protected] 2 points 2 months ago (2 children)

Take a look at Nitro Key. They're like Yubikey, but they sell pixel phones with a security and privacy focused custom grapheneOS.

[–] extspace 6 points 2 months ago (2 children)

Is it any different than installing grapheneos on pixel phone yourself?

load more comments (2 replies)
load more comments (1 replies)
[–] Nickm8 2 points 1 month ago

We need more Lemmy posts with sections "The things that excite me"

[–] [email protected] 2 points 2 months ago

Buy unlocked. It’ll cost more and you won’t have the option of doing the carrier/manufacturers no interest payment system, but that’s what it costs to actually not be locked into a particular carrier for the foreseeable future.

My actual advice about phone choice is to learn the unjailbroken ios way of doing things because what you’re asking for in your post knocks out a lot of the more specific things people recommend on android devices and pushes you to smaller or not privacy focused roms.

You’re not auditing the code so you need the most eyes on it that you can get so running smaller or less privacy oriented software becomes more of an issue.

If you haven’t already, make a threat model and see if/how that changes your requirements and desires.

[–] [email protected] 2 points 2 months ago (1 children)

Check lineage's list of supported devices.

Though after 15 years of flashing phones, I'm now on the Pixel train. I love the plastic back on mine. Makes it lighter while also making it stronger. Plastic doesn't crack like glass or ceramic.

load more comments (1 replies)
[–] [email protected] 2 points 2 months ago (1 children)

Google phone for Graphene is mandatory therefore not my suggestion.

Lineage should not be your alternative as it is not privacy orientated. Take a look at Divest or /e/. There are many supported devices and in terms of privacy much better than Lineage. But in terms of security it is: Divest >> Lineage > /e/

You can check what devices are supported and which suits your needs best

load more comments (1 replies)
load more comments
view more: next ›