Ricochet is the best place on the internet to discuss the issues of the day, either through commenting on posts or writing your own for our active and dynamic community in a fully moderated environment. In addition, the Ricochet Audio Network offers over 50 original podcasts with new episodes released every day.
GrapheneOS — Privacy OS for your Google Phone
GrapheneOS is an operating system for your Google Pixel phone which has been thoroughly de-Googled by people who also analyze each new release of the Pixel for shifty hardware. That’s why it’s only available for Google-manufactured phones. That’s why I bought one — to run GrapheneOS. My current iPhone is “secure” in the way that only a government could love — Just turning the damned thing on requires an Apple account. Apple may (or may not) be better at protecting your privacy from external snoops, but this just means that Apple can charge a higher price for information derived from your use of their hardware — if you are an Apple user, they have a monopoly on you.
So Google is the Devil and Apple runs its own private Hell — what’s a privacy-minded individual to do? That’s where this GrapheneOS thing comes in. Android is just Linux (here we go again!) customized for a phone platform, which means that it isn’t quite proprietary to Google — they are required to publish the core system, although their applications are not necessarily included in that deal. SWEET! I don’t want your damned apps anyway, and would rather not even have them on my phone.
So GrapheneOS is what the privacy nerds have produced after stripping Google’s spyware and dependencies from Android.
You can get it here: https://grapheneos.org/
And you can start learning about it here: https://www.youtube.com/watch?v=xIXAzA555xk
An update to the video linked above (as of December 2021):
GrapheneOS has official production support for the following devices:
- Pixel 5a (barbet)
- Pixel 5 (redfin)
- Pixel 4a (5G) (bramble)
- Pixel 4a (sunfish)
- Pixel 4 XL (coral)
- Pixel 4 (flame)
- Pixel 3a XL (bonito)
- Pixel 3a (sargo)
The following devices are end-of-life, no longer receive full security updates and are supported via extended support releases of GrapheneOS:
- Pixel 3 XL (crosshatch)
- Pixel 3 (blueline)
We provide extended support releases as a stopgap for users to transition to the far more secure current generation devices.
GrapheneOS has experimental support for the following devices:
-
Pixel 6 Pro (raven)
-
Pixel 6 (oriole)
Other than that, the video is pretty much solid despite being a year old.
This GrapheneOS project is something to do is you can grab a second phone and take your sweet time to set it up. I’m setting mine up, and will move the SIM over from my iPhone when I’m good and ready. The battery on my ancient iPhone is starting to get flaky, so I needed a replacement.
I’ll continue rambling on this topic in the comments.
Published in General
I don’t know about the Pixel phones, but as far as I can tell the iPhones have never had a user-replaceable battery, which is a deal-breaker for me. Even if I liked the other stuff about the iPhone, which I don’t…
My son and I were discussing the use of alternate Android–he just bought a Pixel 5a. I’m passing this on.
I wanted to get the post up before I got all long-winded, so I’ll treat individual aspects here in the comments.
Privacy, Security, Secrecy, Anonymity: Good luck sorting that out. Most of what you find online is white papers massaging the meaning of these terms to support a manufacturer’s claims. So I’ll just focus on what I hope to accomplish with this phone, and what I admit is already gone. I think privacy is my goal here, but I’m open to debate semantics.
It is too late to hide myself from the internet. My own behavior over the last thirty years has established me as a known individual who emits signals (mostly unintentionally) that uniquely identify me. I use YouTube without an account and through a VPN. Guess what — that puts me in a small class of people whom any competent fascist outfit would flag for higher scrutiny because A) if you want my info you’ll have to work a little harder (and work costs money, so the softest targets don’t get that level of scrutiny) and B) if I am being so furtive, perhaps I have something to hide. Worth a look? Statstically, this is a good bet.
So there actually *is* a value to running below the radar by not paying any attention to privacy. The nail that sticks up gets hammered, and all that.
Still, our surveillance state gets better every day because the technology advances not only in hardware terms (exponentially), but because of two forms of learning — one is simply the software getting better (exponentially) as people learn what to look at and what to ignore, and how to go about getting that through better algorithms. The other type of learning is real machine learning (exponential as well!), in which algorithms are applied to algorithms and even the people who kicked the thing off no longer know exactly what the software is doing or what it has found out — they just automate and provide feedback to the machines as to how useful the dataset seems to be. If you use bluetooth headphones as you walk around, you are tracked by applications which have permission to use bluetooth on your phone. You are also tracked by similar applications on the phones of everybody around you. Wi-fi was bad enough — bluetooth is, well, exponentially worse (IP address, to cell, to wifi, to BT is an exponential increase in the timely precision tracking of, uh, you).
Each of these things (which contribute to reducing your privacy) only gets a fraction of the picture, so it’s the combination of these things which presents the real threat. Yes, some of them are uniquely identifying, and some divulge content while others merely indicate (but might not prove) identity, but the real money-maker for the anti-privacy fascism lies in combining datasets.
I’ll edit this later to add links. Ta-ta for now!
Phil, you’re up on this stuff. In my internet poking, I’ve found that GrapheneOS is the right answer, although I completely sympathize with folks who appreciate a different point in the trade-off between effort and results. I say this not to scare anybody off, but to bolster my claim that THIS IS THE ONE FOR YOU AND YOUR SON.
And it rhymes, so it has to be true!
I’m a 4a guy. Bought it just for this. GrapheneOS is just a Godsend for those who catch on the the abuses and go elsewhere, rinse and repeat.
So… the goal is not to use this phone to somehow “disappear”, which is no longer possible. Even if you become somehow perfect, your family, friends, and coworkers who still use Facebook, Twitter, and LinkedIn are just going to indicate you anyway. Your phone number is actually a weapon against your privacy — everybody has it, and it is tied to a credit card number — credit card issuers have everything on you — everything. So there’s no disappearing.
The best you can do is to make the adversary’s job more difficult, and to try to do so as low-profile as possible. This is where GrapheneOS excels. It doesn;t go into paranoid mode — instead, it turns down the amount of correlating information that it shares, and it allows you to run your phone like a police state. Each app runs in its own little universe, the way Unix Almighty intended, to the extent possible. However, your apps need to be connected to something, or else anything more sophisticated than the calculator app will be mostly useless these days. So I’m not peddling privacy advice for people who live on a submarine and can’t be detected anyway. This OS is useful for people who have regular lives to live, and would like to use regular apps (carefully selected, to be sure) to do their regular things — they just don’t want every stinking app on the phone trying to win the data exfiltration race against every other app.
And now, I’ll link to a video which frankly “radicalized” me about privacy. Remind me someday to tell you the story about becoming a privacy jerk, and then getting confortable, and then seeing THIS VIDEO and just going grape-nuts about privacy. Here’s the video, and please suffer the awkward presentation — focus on what they are saying:
I use Lineage OS. It’s similar but I plan to swap over to Graphene at some point. I use a VPN.
The amount of personal info mobile phones harvest about us is obscene.
This is where I get most of my tech privacy info: Inteltechniques
Another good source is Rob Braxman.
Heh. I’m watching Braxman right now. Him good man. Thanks, I’ll check the other link. I also recommend “TheHatedOne” on various platforms.
I’ll check out The Hated One…
Santa is bringing me the following books for Christmas
The Complete Privacy & Security Desk Reference: Volume I: Digital https://www.amazon.com/dp/152277890X/ref=cm_sw_r_cp_api_glt_fabc_HW9CQ60Z58Q0PD13VJ3Q
The Complete Privacy & Security Desk Reference: Volume II: Physical https://www.amazon.com/dp/1720869332/ref=cm_sw_r_cp_api_glt_fabc_TWRTHB5W02HC1JA9PVJM
Extreme Privacy: What It Takes to Disappear https://www.amazon.com/dp/B094LDWKGZ/ref=cm_sw_r_cp_api_glt_fabc_QJ832YTCP2J01AMFJ0JB?_encoding=UTF8&psc=1
book report to follow
Well, for my son. I don’t have a Google phone. LineageOS is for me and my Samsung Galaxy S8.
Did you forget to buy these with cash in a brick & mortar bookstore?
To my knowledge Samsungs sold in the US are locked and a custom OS cannot be installed. I tried with mine and purchased another before I figured that out. There are tutorials on the web showing how to do it, but I didn’t find any that appeared to authored by someone in the US.
Used to be (might still be the case) that you could talk to the people at the service (not the phone) provider, like AT&T etc, and ask them to unlock the phone. Not possible with little blister-pack phones, but with the fancy ones, this is frequently a thing. So long as it’s not on its initial obligation etc.
I have all 3 books and I have implemented as many of the practices they describe as I can. The author of these 3 books has stated that the first 2 are outdated and he no longer recommends them. The last book you list pretty much replaces the first two, although I find they still have some valuable info.
The author’s website is the one I referenced above: Inteltechniques.
I highly recommend his podcast.
I would love privacy OSs for my iPhone 8 and my Kindle HD Fire . . .
Nope. Not gonna happen, and by design. You MIGHT be able to load a different OS on your Kindle, but it sure won’t Kindle anymore.
I bought mine unlocked. I’ll report back if I have trouble.
I think you may be confusing Carrier locking, which US case law now requires be for a limited time, and bootloader locking, which only allows a device to install an OS with a hash value signed by a recognized certificate issued by its manufacturer. There’s no limitations on the duration of that under any law or court rulings I’m aware of.
In some cases a boot lock can be defeated or disabled, but Samsungs are particularly difficult from what I understand.
Ah. I know not of Samsung.
Seen this?
https://www.fxtec.com/pro1x
OMG! To have a keyboard again would be wonderful.
I will review it when it arrives–sometime in February. (:
“Slider” phones have been available for years. Maybe not “free” from whatever provider you use, but they’re available.
Looks great!