You should look into GrapheneOS if you're set on using pixel.
this post was submitted on 05 Jul 2023
49 points (100.0% liked)
Privacy
789 readers
7 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Yes, as the other comment said, Pixel is actually an easy device to do this with because it has good community support.
What version of pixel is recommended?
Depends on budget I guess. I went for 6A which was the cheaper model from last year after the 7 was out. I got mine for £299. The older models always drop, getting them around the time new ones comes out is really quite good value. I've not noticed any real performance issues. It's been a good step up from my old phone. I realised it was probably better to buy the lesser model a year old more frequently than buy brand new models for at least twice that. This was after my last 2 being top of the range Android phones. It depends on budget and what you're comfortable with.
It is also worth buying outright rather than contract, as to install GrapheneOS you need to be able to unlock and lock the bootloader and on come contract phones, they interfere with that.
As new as you can afford. The older the model, the shorter its remaining update lifetime.
I got a Galaxy S20 Ultra refurbished off ebay for $300. It was a flagship phone and was $1,400 when released. It has an SD card slot that allows up to 1TB I think, a 5000mAH battery, and a 108 MP main camera. And it has 12 gb of ram.
Whatever you decide, definitely consider refurbished options.
No need for refurbished, just buy a used one in good condition. Paying more for refurbished is pointless when the only part that consistently degrades over time is the battery - something that can be replaced for much less than the refurb tax.
Ironically Pixel phones are well suited to be degoogled. I'm not versed in the technical background, but CustomROMs like GrapheneOS can be installed and bootloader locked after installation. There must be a reason they are the only choice by several CustomROM teams focused on privacy.
I just bought a Pixel 6a for ~300€ (7a was 470€ here). One factor was this video from Marques Brownlee. I'm not a fan, but stumbled over it. Here he let his considerable viewer base vote on the best cameras. It was a blind heads up test and not just a heads up bracket.
Pixel 6a is a great value, it goes on sale sometimes too.
Lmao
Man all these mfs are steering you deadass wrong. If you’re a noob for privacy stuff start with an iPhone.
You get very clear user settings at first boot that let you choose your level of privacy and you have to actively add trackers on it. You get a very clear functional internal check that communicates what you’re letting different applications do and gives you an opportunity to change that. You get a functional phone that only requires that you trust the people who made it, honestly the same devils bargain any phone requires.
You also get one of the biggest userbases to look shit up and one of the longest support windows in phones.
Once you’re paying attention to your apps and data then you can get a sealed pixel from last year shipped to a vacant house and run graphene and only connect through a vpn and only log in with anonymous accounts.
Don’t try to learn in formula one. Start with a go cart.
"I need a cheap phone."
"jUsT bUy aN iPhoNe bRo!!!!!"
The problem with the iphone, is that Apple has shown it's true colours in recent years. Scanning cloud documents etc under the guise of finding CSAM. Privacy to apple is an advertising slogan and it isn't as private as you'd expect.
Didn’t they end up not doing that?
I don’t have a kid with a cell phone so it’s not something I’ve looked into extensively but didn’t they replace the cloud scanning for on device scanning that has to be enabled through parental controls?
Wouldn’t you want a corporation for whom privacy and security are part of an ad campaign? You would want them to tie their identity and public perception to the things you want because when they violate those ideas (like scanning cloud documents for csam to comply with some eu directive) everyone will notice and yell and they’ll walk it back?
They ended up not doing it after the anger. If they could get away with it, they would have. If they didn't go ahead with it anyway, then the legal argument looking really shaky.
The last part of your post was a little weird to comprehend, a lot of weird leading the witness sort of questions. You can throw hundreds at me, but I'll give you the only ones that matters...
Do I trust them? No. Do I want to give them my money and activity? No.
That’s kind of a silly answer to any of the questions I asked. No one gets to have a cell phone without trusting some company. Even the beloved fairphone is manufactured in a factory and has a supply chain that requires trust.
I was trying to “lead” you towards discussing what company or kind of company you do trust. I didn’t suggest the apple stuff to the op out of love for that company, but recognition that for someone whose new to privacy it’s a platform that has a very good history of respecting privacy and providing tools that allow users to take control over it.
So no “leading” (some folks would just call it having a conversation…): what company do you trust? Do you recognize that given a lack of zero trust architecture in the hardware, software and infrastructure of cell phones you can’t get one without putting your trust in some company or group of companies? What do you look for in a company to trust?
Part of this discussion is why I didn’t suggest a secondhand pixel dead dropped and configured with anonymous credentials on a private network. A person who is new to privacy cant be expected to do that and understand it, they need to begin to see all the different ways their data, metadata, biometrics and analytics are tracked and start to decide what they want to protect. That’s how they get to baby’s first threat model and figure out how to respond to it.
"Baby's first threat model" is a little patronising. The specifically asked about Pixel and de-googling and your response is virtually "you know nothing child, go with apple".
I don't trust companies, generally. I tend to trust open source software that is quite well known, as security/privacy by obfuscation is a poor model. If people can see the code, and scrutinise it, they'll find the nasties generally.
By leading, you were asking weird question so only you could get the answer you wanted, and some were weird. Have to tie yourself in some real logical knots to get there.
Finally, no one mentioned second hand hardware. A few years old point I suspect was intended to mean not the newest model. I bought a 6a pixel when the 7 was out. It was £299. It was a good price for quality hardware that could be de-googled.
Lol “baby’s first threat model” was a joke. Not everything is an insult, even on the internet.
What answer was I trying to get and what logical knots did I tie? I’m not trying to fight you, just to explain the logic of recommending a specific platform to someone who asked about getting into privacy and de-googling.
I was using second hand hardware interchangeably with an older phone, but using a secondhand device does obfuscate the chain of ownership to anyone observing connections by imei (at least until you get a cell contract).
I use lots of open source software and have for decades but some of the repository audits recently are alarming. Of course, any reader of the jwz blog knows that the open source community’s idea of security often isn’t.
Yes, I have a Pixel 6a, and have installed GrapheneOS on it. It does what I need and I enjoy the extra privacy. Would recommend.
What do you use for maps?
I haven't really needed to yet, but I think I'd probably look for OSmand (sp?) on F-droid. It uses Open Street Maps.
Magic Lantern is also a more privacy friendly alternative.
Just get a LineageOS supported phone of your choice and follow this guide: https://lemmy.ml/post/128667
There are some good recommendations already here. I'll just add that iodéOS has support for many older and cheaper models, including phones from Samsung, Sony, OnePlus and Xiaomi. I believe CalyxOS also has support for some cheap Xiaomi models. If there's a particular phone you like then check if there is a LineageOS build available for it before you give up and go for a boring Pixel.
The Pixel 7a is amazing, can run GrapheneOS, has a 64 megapixel camera and cost $499. If thats too much, the 6a is $449, but I'd recommend spending the extra $50 for the better overall hardware.
A used or refurbished Pixel 6a can be had for $200 - $250, which is both substantially less than the sticker price of a new 7a, and extends the life of a device that might otherwise go to a landfill. 6a gets security updates until July 2027, too, so it's practically a no-brainer.
But the 6a only has a 12 megapixel camera. If camera quality is a primary focus when selecting a phone, the 7a having a 64 megapixel camega could be worth the extra loot.
Used Pixel 5 or greater and Lineage OS
They may be seeing the same thing I am, pixels have an unlockable boot loader unlike Samsung so that’s what’s being recommended.
MadgePickles, you can degoogle an AOSP rom that’s compatible for your device, but you’ll need to be able to get access to the boot loader. You can also run things like graphine or lineage os. If you don’t want to get that “heavy” into it there are ways to “reduce” google on any android phone, but with a stock rom, you’ll still be googled.
Check out xda-developers forum to find the rom/community you like, then pick a phone. To me it’s all about what you want and then get the hardware under it.
As mentioned, GrapheneOS. Check which models work with the OS. Read the instructions before you buy. I think you still need to login with a Google account the first time to do something but I haven't event used that OS.
https://grapheneos.org/releases has instructions.
From there check out the other OS options.
https://www.sustaphones.com/ is a good place to look but I'm not sure how up to date it is.
If you are not satisfied with the camera choices... Well, I guess you might need to buy a camera too? Not ideal.
A "try before you buy" option would be to use adb or https://github.com/0x192/universal-android-debloater to "remove" the googly bits and see how things go.
When doing research pay attention to the dates of posts and articles as some issues were resolved (banking apps I believe).
I'm running a used Pixel3 with CalyxOS which is a fork of Android that's De-Googled, but it still has access to the Play Store if you really need it, which I need a few apps.