crosspostato da: https://lemmy.kde.social/post/416424

Hello there! This is my problem: I’m going to buy a new smartphone, and I’d really like to degoogle myself as much as possible. The idea would be to buy a device compatible with LineageOS, but… Supported devices are usually older models, and often there are newer devices with better specs for the same price, that does not support lineageOS. Is seems a shame to buy a device with lower specs than another one just because of software compatibility. So the alternative would be to buy an unsupported device, unlock the bootloader and debloat it as much as possible, flash privileged fdroid and aurora store on it, install microg, etc… What do you suggest me to do? Is the second alternative a viable option? What other steps should I do if I decide to go that way?

Thanks in advance folks!

  • Max-P
    link
    fedilink
    English
    33 months ago

    Supported devices are usually older models, and often there are newer devices

    Usually. If you want a new phone, your best bet is Google’s Pixels, OnePlus (although recently, it’s been weird), Nothing probably too. Google’s phones in particular have a long history of being really easy to develop for, you can pretty much just build AOSP and it just works. They’re community supported for a really long time.

    Most other brands make unlocking their bootloaders either hard or impossible, and to even just root, you need to unlock the bootloader anyway, at least the way without exploits. Since unlocking the bootloader is the big hurdle, root and custom roms tend to come together. So a phone you can root to debloat as your second option would probably also be suitable for option 1.

    Sure, it’s in the pricier range, but if you value the ability to control your operating system as much as I do, it’s worth the price. Plus, I think my OnePlus 8T will hold up great for the foreseeable future. It’s way more powerful than I need, so I’m sure it’ll take a few more versions of Android. I’m using 4-5GB out of the 12 it’s got on average, they’d have to seriously bloat up AOSP to use all that. I’ve dealt with cheaper devices and they just kinda suck, stock or not.

    • tubbaduOP
      link
      English
      13 months ago

      thanks for the answer!

      So a phone you can root to debloat as your second option would probably also be suitable for option 1.

      Not always, because LineageOS for example has many unofficial builds (which I’d rather not use), meaning that the bootloader is unlockable but no official LOS image is available… right?

      • Max-P
        link
        fedilink
        English
        13 months ago

        If you stick to official builds, then yeah it’s indeed pretty limited. Maybe building the unofficial ones yourself would alleviate your concerns?

        It’s… probably still easier than trying to debloat and put microG on a stock ROM.

        Depends on the manufacturer whether I’d rather use the stock ROM or an XDA special I guess.

        • tubbaduOP
          link
          English
          13 months ago

          So you’re suggesting using an unofficial build? How do updates work? The unofficial developer has to rebuild it in order for me to install the update? I have really no idea how all of this work

          thanks for your help!

  • Free Palestine 🇵🇸
    link
    fedilink
    English
    23 months ago

    I highly recommend GrapheneOS on a Google Pixel. You can also get a used one, just make sure to buy a Pixel 6 or newer, as the models don’t get security updates anymore. The Pixel 6 is supported until October 2026 (~3 years). You can check out the entire list of supported devices and the minimum support length on this site. Pixels are a fantastic choice for security because of their Titan M security chip which has support for various Android security features like the Weaver API which throttles unlock attempts making brute-force attack unfeasible, Android StrongBox, and Insider Attack Resistance.

    GrapheneOS is really awesome, by default it doesn’t include any Google services making it an excellent choice for privacy. You can install Google Play services, but they will run in a sandbox, you have the ability to restrict what Google has access to on your phone. They also make significant security improvements like hardening the memory allocator, the C library, SELinux policies, etc. What makes GrapheneOS so much better than other ROMs is the fact that you can relock the bootloader and make use of Android Verified Boot with GrapheneOS’ custom signing keys.

    You can watch this video or read the official documentation to learn more. My advice: Stay away from insecure ROMs like LineageOS.

    • tubbaduOP
      link
      English
      13 months ago

      Thanks for the answer! Why is lineageos insecure?

      • Free Palestine 🇵🇸
        link
        fedilink
        English
        1
        edit-2
        3 months ago

        It doesn’t allow you to lock the bootloader meaning you can’t use Android Verified Boot. There are more security issues with LineageOS, you can read about them on this site

        • tubbaduOP
          link
          English
          23 months ago

          Thanks!

  • @aluminium@lemmy.world
    link
    fedilink
    English
    13 months ago

    I don’t know your exact needs but I have been using nothing but < 100€ used devices for the last 4 years and its been mostly a great experience! I especially can recommend older Oneplus phones before the 10, as they make it easy to unlock the bootloader and flash stuff. Also the Pixel 3 and 4 are quite cheap and offer a lot.