*In terms of privacy, customisation, camera quality, and battery time.

For the longest time I have only used either iPhone or Samsung. I plan on switching to Android for the next phone I get, but I find that Samsung phones are often too big for me and put too much energy on camera quality (I don’t take many photos). I have started to look into brands such as Nokia and Motorola, and I would like to know what you guys think of them. Additionally, do you suggest any other phone brands aside from them? My biggest priorities are privacy and long battery time. Bonus if the phone can run LineageOS (I have excluded Graphene as they are only compatible with Pixel phones).

Thank you for any answers. Cheers!

  • sugar_in_your_tea@sh.itjust.works
    1·
    8 months ago

    propaganda dissemination

    I read or skimmed each of your links each time. I’d quote from them, but it’s incredibly annoying since that particular link is an image and the others are massive walls of text (that mostly attack the character of individuals, not technical work).

    I’ll quote one particular part that relates to what I’m talking about:

    Attack the message rather than the messenger

    You seem to do the opposite. I agree those people suck, but I don’t agree that implies their work sucks.

    There is nothing “out of the box” about flashing a custom ROM on any phone

    Out of the box means what you get right after installing the ROM. It’s the set of defaults. Like on a Linux distro, it’s the firewall configuration, default apps, memory allocator, etc.

    Modifying app permissions and using a strong firewall can be done without root

    It’s still not going to get you everything GrapheneOS, DivestOS, or CalyxOS provide. A firewall isn’t going to protect you from an app accessing files it shouldn’t, memory exploits from an attacker, or fingerprinting with your MAC and IP address.

    Custom ROMs provide a level of protection that users messing with permissions and firewall settings won’t get. Here’s how I see it, using the Pareto principle:

    1. 80% of privacy benefits with app permissions and a firewall
    2. 80% of the remaining benefits by installing a decent custom ROM (GrapheneOS, DivestOS, CalyxOS, etc)
    3. GrapheneOS will leave you a bit more secure than other ROMs due to per-connection network spoofing, storage segmentation, EXIF metadata stripping (could be done with an app), etc
    4. Linux phones - no oversight from any tech company (huge privacy win), complete control over the OS, etc

    As you go further down that list, you get more painful tradeoffs. So you need to decide how far down that list you want to go.

    I think GrapheneOS has the best trade-off of usability vs security and privacy, but everyone is different. For some people, even LineageOS has too many tradeoffs.

    He did all the development needed to be done.

    I don’t see how that’s relevant at all. Linux was incredibly insecure, had very liked hardware support, etc until others joined. These days, most code comes from manufacturers building drivers or large tech companies (like RedHat) driving subsystem development (BTRFS, systemd, etc).

    These days, the value of a Linux distro has very little to do with the developers (people who write code) and everything to do with the maintainers (people who build, test, and publish packages).

    Google partnership is avoided by other custom build makers like LineageOS for a reason

    Yeah, cost.

    I don’t know the requirements, but I know there’s a trust system there. If you break the embargo and release early, that gives attackers who didn’t know about the vulnerability a window to attack participating projects (i.e. the rest of the Android ecosystem) before the embargo is lifted. Here’s an example of OpenBSD getting in trouble for patching before the embargo was lifted.

    Perhaps those other projects just don’t have the manpower, organization, or funds to get a partnership. Partnering with Google on security embargoes likely has no impact to the privacy of a given project’s users, it merely has expectations on the participant.

    Tor Project avoids Chromium base for both desktop and mobile browsers for multiple reasons, one of them being security

    Tor cares more about privacy and anonymity than security, and Firefox likely provides a stronger base for that. But security is another issue entirely.

    After a brief review of that linked Tor page, here’s what I saw:

    • the first part is about an extension of Chrome, not a fork of Chromium
    • almost everything is related to privacy, not security

    Here’s DivestOS’s take, which ships Gecko-based Mull on why Android Chrome has superior security. The big one is per-site process isolation:

    Firefox calls per-site process isolation Fission and is enabled by default on desktop. Fission is not yet enabled by default on Android, and when manually enabled it results in a severely degraded/broken experience. Furthermore Firefox on Android does not take advantage of Android’s isolatedProcess flag for completely confining application services. Standalone Chromium based browsers strictly isolate websites to their own process.

    That said, I agree with DivestOS devs here:

    It is an important hardening feature, but the browser isn’t completely insecure without it assuming it is up-to-date and that you aren’t on the receiving end of targeted/zero-day attacks.

    I also care more about per-site data isolation:

    The goal of per-site data isolation is to prevent say a third party script from being able to store data and use that to track you across many websites, instead any data set will be keyed to the website it was set from.

    Chromium calls per-site data isolation (network) state partitioning and is not enabled by default.

    It’s a trade-off between security and privacy, and Chrome arguably has better security, while Firefox arguably has better privacy. Both are quite secure, so I prefer Firefox.

    It risks bricking

    That’s not a security or privacy issue, and is essentially the same across custom ROM vendors.

    Snowden is not a security expert, but an OPSEC expert.

    He’s neither. He was a contractor for the NSA who had way more access than he needed (NSA fail), and was under less scrutiny vs full time employees. I think he largely got lucky and only got away once. I’ve read both his account and an alternative perspective and that’s my assessment.

    I think he has valuable things to say (and should be protected as a whistleblower), but I do verify what he says.

    shutter sound

    From your link (edit to post concerning the OpenCamera alternative):

    The fault is with the device for not supporting standard method for cameras to disable the shutter sound on Android.

    OpenCamera doesn’t have as good of quality as either the system camera or Pixel Camera included in GrapheneOS (both seem to be based on upstream code).

    My guess is that this shutter sound issue is from upstream, and likely only takes effect in Japan. It’s a miss for sure, but the GrapheneOS docs make it clear that the goal is to have the same features as the original camera, but with some privacy and security features on top (stripping of metadata, fewer permissions, etc).

    But you really shouldn’t be using the built-in camera anyway for OPSec, there’s too much risk of OTA updates, metadata (tons of sensors), etc. There are smaller cameras if you need something discrete, and OpenCamera may be good enough for even sensitive uses.

    That said, good example of a miss by GrapheneOS, I’m interested in any more you might have. That’s an odd one I wouldn’t have thought of (I rarely use my camera).

    Android’s zero days cost more than iOS’ zero days

    This is an unfair comparison imo. Android gives users and apps a lot more system features, so the attack surface is much larger. I’d have to look at the report, but it’s probably counting all costs across vendors as well, which have a lot of different hardware.

    I’d be interested in narrowing it to just Pixels (or any other phone line) vs iPhones. That’s a bit more charitable toward Android since Pixels aren’t nearly as popular as iPhones, but it’s at least fair from a number of supported models standpoint.

    it is Apple that is sketchy, not Android

    Both are sketchy. Apple is sketchy because it’s closed, Android is sketchy because it’s run by an ad firm and tons of data is run through Google’s servers (notifications, Play services, etc).

    I’d much prefer a Linux phone (Pinephone Pro ideally) to Android, but usability counts too, and Linux phones just aren’t there yet.

    on Google hardware with proprietary “security” chips that it refuses to open up

    Every phone has proprietary hardware they won’t open up, the most important of which is the modem. Even Linux phones have this issue.

    So I have to ask myself what Google gets out of screwing me with their security chip. It doesn’t help them get more ad revenue, and if there’s a breach, it could scare customers away from using their hardware. So I don’t see any special motivations for Google to compromise this and other phone vendors not to. Google surely doesn’t need the NSA’s money either.

    If you’ll look, you’ll find Google getting into hardware security tokens (Titan), offering FIDO U2F on their products, etc. They want more people trusting their security so they can collect more interesting data, so it’s more likely for them to fingerprint through things like Play services (to serve more relevant app recommendations) than to compromise security.

    That said, if you know of a provably more secure device, I’m so ears.

    Why is it the only custom Android build to get this?

    That’s a good question for the other custom Android projects. I’m guessing they haven’t put in the effort needed or don’t have the infrastructure to comply with whatever Google needs to include them.

    I’ll have to ask their maintainers.