crosspostato da: https://lemmy.kde.social/post/416424

Hello there! This is my problem: I’m going to buy a new smartphone, and I’d really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but… Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc… What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?

Thanks in advance folks!

  • Free Palestine 🇵🇸
    link
    fedilink
    English
    21 year ago

    I highly recommend GrapheneOS on a Google Pixel. You can also get a used one, just make sure to buy a Pixel 6 or newer, as the models don’t get security updates anymore. The Pixel 6 is supported until October 2026 (~3 years). You can check out the entire list of supported devices and the minimum support length on this site. Pixels are a fantastic choice for security because of their Titan M security chip which has support for various Android security features like the Weaver API which throttles unlock attempts making brute-force attack unfeasible, Android StrongBox, and Insider Attack Resistance.

    GrapheneOS is really awesome, by default it doesn’t include any Google services making it an excellent choice for privacy. You can install Google Play services, but they will run in a sandbox, you have the ability to restrict what Google has access to on your phone. They also make significant security improvements like hardening the memory allocator, the C library, SELinux policies, etc. What makes GrapheneOS so much better than other ROMs is the fact that you can relock the bootloader and make use of Android Verified Boot with GrapheneOS’ custom signing keys.

    You can watch this video or read the official documentation to learn more. My advice: Stay away from insecure ROMs like LineageOS.

    • tubbaduOP
      link
      English
      11 year ago

      Thanks for the answer! Why is lineageos insecure?

      • Free Palestine 🇵🇸
        link
        fedilink
        English
        1
        edit-2
        1 year ago

        It doesn’t allow you to lock the bootloader meaning you can’t use Android Verified Boot. There are more security issues with LineageOS, you can read about them on this site