Things that make me angry about my current smartphone Samsung Galaxy S21Ultra on a Verizon plan is the mandatory software updates in which they install WITHOUT MY PERMISSION stupid apps like Netflix and addictive gambling games and stacking block games and Candy crush. God knows what else they install without my permission. I don’t want any of it!

Next phone I buy I want to start with a clean slate, I’m not going to affiliate with any conglomerate like Verizon or AT&T or Sprint or T-Mobile etc, I prefer to go rogue somehow,

which smartphone do you recommend that has no bloatware and it’s customizable?

  • GasMaskedLunatic@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    23
    arrow-down
    1
    ·
    edit-2
    1 year ago

    The only recommendation I can provide is a Google Pixel device with GrapheneOS. Graphene is only designed to work on Pixels because they are (allegedly) the most secure mobile phone hardware-wise. Once you flash Graphene, it’s up to you to install any apps beyond the basic browser (Vanadium), gallery, camera, caller, SMS, PDF viewer, contacts, file manager, and security/system apps. No Google involved without your permission, though you will have to install Google services, available via a Graphene mirror and sandboxed for privacy, IF you want to install an eSIM after flashing Graphene. If you’re interested in further information, please let me know. I use it, love it, and am happy to provide any information you may need to decide if it’s a good fit for you or not.

    • iamak@infosec.pub
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      What is the root scene on Graphene? I know the dev is pretty against it but I like having root access after being used to it. Is it possible to easily root it without any integrity issues later on?

      • xep@kbin.social
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        It’s not supported. According to the devs rooting defeats the purpose of Graphene OS.

        • iamak@infosec.pub
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Yeah I have read that. And couldn’t find any reason why. When I ask about root people only say "if you want root, graphene isn’t for you"😅

          • Lemongrab@lemmy.one
            link
            fedilink
            arrow-up
            2
            arrow-down
            2
            ·
            1 year ago

            Rooting defeats androids security model and allows for further exploitation. Graphene most likely does support it because any AOSP OS that is geared towards security isn’t going to leave a big hole in their security allowing malware or bad actors to modify system files (or install a rootkit).

            • iamak@infosec.pub
              link
              fedilink
              arrow-up
              0
              arrow-down
              1
              ·
              1 year ago

              Desktop Linux allows root access and is still secure. Allowing root access doesn’t make it insecure.

              • Lemongrab@lemmy.one
                link
                fedilink
                arrow-up
                1
                arrow-down
                1
                ·
                1 year ago

                Desktop linux isn’t the same as Android, which is why I said the “Android security model”. Android is a mobile operating system and must protect against the fact that it will be in unknown environments all the time. It must protect against physical attacks, software attacks, and partially sandbox apps. Root breaks app sandboxing and allows for modifying system files and reading internal app storage. The system image is immutable and modifications/settings are made on top.

                Linux desktop isn’t more secure out of the box. The general user account shouldnt be a sudoer. Immutable OSes are more secure and help pervent rootkits and other attacks. PCs are most often stationary and stored in a private location. Laptops are weak against attacks because you can boot to a different OS from usb without passworded BIOS. Desktop OSes are the geared for the same kinds of protections.

                There is good reason why Android is far more secure than Linux mobile.

      • GasMaskedLunatic@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        5
        ·
        1 year ago

        It looks like the verified boot security feature of Graphene effectively prevents rooting the OS. I understand wanting root access, it does provide some nice features, but I don’t have any need for it. I don’t have any bloatware embedded to remove, and I don’t need to mod any system apps, so I haven’t looked into it much. I know the dev says it isn’t planned because it massively increases attack surface, which I personally agree with, but it would be nice to have the option via a separate version of the OS or something. If you need root access, I would suggest looking into LineageOS. It’s similar in privacy to Graphene and last I knew could be rooted. Graphene is very focused on security as well as privacy, and for me is a best of both worlds, but if you want to modify the system for various power-user type features, it might not be for you.

        • iamak@infosec.pub
          link
          fedilink
          arrow-up
          4
          ·
          1 year ago

          Yeah I’m currently running LineageOS. I wanted root mainly for adblock (modifying /etc/hosts) and AppOps. Does Graphene have those features built in?

          • GasMaskedLunatic@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            No, it doesn’t. I use 95% FOSS software, so anything that might have ads just gets denied network permission entirely. As for AppOps, I just looked it up, and that would be something I’d like to see developed as a feature of Graphene. It seems like a genuinely useful, and at the very least privacy-protecting, app. I don’t use copy/paste via keyboard, and despite it not having network permissions, I’d still deny it clipboard access simply because it doesn’t need it.

      • trevor@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        You can root on GrapheneOS. You do it exactly the same way you’d do it for the stock Google ROM:

        1. Have an unlocked bootloader. Yes, this means that it “”“defeats the purpose of GrapheneOS”“”, if the purpose of GrapheneOS isn’t for you to avoid Google’s privacy nightmare. I use GrapheneOS for privacy moreso than security, and not being able to block ads properly is irritating.
        2. Install the Magisk app.
        3. Extract the boot.img from the GrapheneOS image and patch within Magisk.
        4. Flash the patched boot image in the bootloader.

        The main annoyance with this is that you’ll have to do that dance every month when a security patch gets released, but for me, it’s better than vomiting from exposure to ads on mobile.

    • NightFantom@slrpnk.net
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      Not OP but interested in both privacy and high-tech features. My current (stock) pixel 4a device has a worse camera than many other phones, but the software compensates a lot, netting better picture quality overall very often. I’m wondering how much of that is lost when using graphene instead of stock android, do you know?

      Similarly with the latest gen pixels having AI features built in, I’m assuming much of that is software that’s not as easily installed somewhere else…

      • GasMaskedLunatic@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I’m not sure what the GrapheneOS stock camera app does under the hood, but if it’s not enough for you, you have the option of installing Google’s Pixel Camera app from the Play/Aurora store if you want to compare. I don’t imagine it would require Google Play Services to run on devices older than 8 since they don’t have the AI integration, but I could be wrong. You can easily deny the app network permissions to ensure that the app isn’t sending your photos to Google. As far as the AI features go on newer devices, I could see those requiring Google Services installed to work, but again, they’re available through a Graphene mirror, run sandboxed for privacy, and can be denied network permissions. I’m satisfied with how my pictures turn out (7 Pro), but I may try Pixel Camera out just to see what the difference is.

    • LemmyKnowsBest@lemmy.worldOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Will a pixel respect my wishes for them to not install game apps behind my back?

      And how can I buy one without bloatware already loaded on it? When I bought this phone I had to delete so much bloatware.

      • RogueBanana@lemmy.zip
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        Pixel is stock android and is guaranteed to not have bloat unless some carrier is involved in it. Whenever anyone here suggests pixel they are definitely doing it for custom ROM like grapheneos and its pointless to buy otherwise.

    • NightFantom@slrpnk.net
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      I also caved for a pixel (4a) for my last phone, it still has Google’s bloatware (can’t remove youtube music app for example), but at least it doesn’t have Samsung’s bloatware in addition.

      Still interested where this thread goes in other options though, as it’s getting worse in battery life and I’m also looking out for something new.

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Flash a third party OS like Graphene/Lineage/DivestOS. No more bloat.

        A Pixel is rootable, which would enable you to remove whatever you want. Though I prefer starting clean.

  • vxx@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    I’m happy with Motorola. I don’t buy high end phones though, as I don’t care about paying 400 extra for a good camera.

    I have a G42

    • StickBugged@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I’ve got a g31 which I’ve had for about a year, and the only thing I don’t really like about it is the lack of custom ROMs and stuff like that

  • Octagon9561@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    For best privacy AND security, Pixel 8 or 8 Pro with GrapheneOS. Nothing else compares. The Pixel 8 series are also the first that support hardware memory tagging, basically making them immune against 70% of all exploits.

  • tanakian@lemmy.sdf.org
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    “smartphone” doesn’t matter. it is a computer that runs software. the only question is who controls that software? free/libre software is by definition one that you control. and what you described means that you dont control your device.

    so advices: easy way is to just install lineage os or graphene or some other open source android version. you will control it. i dont advice to install google play services.

    other advice: you can get a sony phone because it can run sailfish os. also i believe those are great. otherwise install open source android, lineage or something.

    sailfish has android emulator (it costs money) but sailfish is not android. it is a linux/qt based system. very polished. not as polished as open source android, but it is fast, lightweight and beautiful. native sailfish apps arent feature rich but do you really need feature rich? then you can get more apps from fdroid store and use android emulation layer.

    other, better but harder option: get a device which is well supported by postmarketos.

    postmarketos has several user interfaces but neither of those is what you have used to. i believe it is the best option but you must prepare yourself to be able to change. most probably you wont have a working camera. thats ok, i live like that.

  • thatKamGuy@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    If you just want something that’s more privacy-minded out of the box without messing about with custom ROMs etc, maybe consider an iPhone?

    • Zink@programming.dev
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      They are good products, even if they don’t have the nerdy cool factor. Each day I’m working on old C/C++ code in Linux, so having my phone be a reliable appliance instead of yet another computer to fuck around with is totally fine for me. I liked my past Android phones too though.

      No carrier bloatware and very long software support.

    • AnEilifintChorcra@sopuli.xyz
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Weirdly in this case I think I agree. You can look at my previous comments about how much I hate Apple but it seems to me that OP isn’t too technical and installing a custom ROM might not be what they’re after. iPhones don’t have any of those annoying games and stuff preinstalled, as long as the carrier doesn’t install stuff. I’d suggest a refurbished unlocked iPhone though, to save some money. Make sure the previous owners account is removed from the device or else it’ll probably just be a paper weight.

      If OP is open to custom ROMs then GrapheneOS is a great choice but LineageOS and DivestOS are also great options for someone that wants to get started with privacy and they support a lot more devices, that can be got for cheaper than an iPhone/Pixel. Again, I’d recommended a refurbished, carrier unlocked phone that is supported by one of these projects

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Its not hard to flash a rom these days, unlike ten years ago.

        Now developers post instructions for each device type. Look at Lineage, Graphene, DivestOS. Very good instructions from all of them, including installing ADB on Windows or Linux.

        Of the dozens (hundreds?) of times I’ve flashed over the years, I’ve bricked 1 device, and that was from experimenting and not following instructions, I knew it was risky.

        And with Pixel it’s about as straightforward as it gets.

  • library_napper@monyet.cc
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Get a used pixel for $100. Factory reset on arrival, and install Graphene OS. Do not install gapps.