(Please when answering, assume I’m not a beginner at privacy/programming :) I know where the good stuff at)
First off, shameful confession: I’m writing this on a dying yellow iPhone XR I bought second-hand three years ago (189€). I absolutely love the look of it: the screen, build quality, are all amazing. The only problem was the locked ecosystem (sideloading Spotify/Torrent client was sooo hard).
I saw the android phone of my mother dying really fast. She currently has a Xiaomi phone that’s ridiculously big for my hands, there’s advertisements in the stocks apps (?!!), the UX is janky and everything. It looks like a bloat, privacy nightmare.
So… because it’s impossible to find a jailbreakable phone nowadays I need to buy an android and ideally I would want:
- Good screen (vivid colors)
- Good build quality (not shitty plastic)
- Don’t care about the camera (I don’t want those ridiculously big cameras they make nowadays)
- Would want to install either GrapheneOS/LineageOS
The things that scare me off:
- I really need my bank app and I need it updated so I have to use Google Play Services but I don’t want it to plague my phone with privacy bullshit (I want to be degoogled)
The things that excite me:
- Customization possibilities
- Learning experience
- Even more privacy than a de-googled IOS phone :)
- F-Droid!! (Maybe I’ll find a beautiful IRC client)
- More choices for Mastodon & Lemmy clients
- Freedom of free software.
- client for open-source git providers :)
But to get all of that, I don’t want Google, I need shitty apps (non-free software) I have to install:
- Instagram (for non-technical friends)
- GitHub (job & open-source)
- No-Ad Modded Spotify from Balatan
- Discord (gamer friends)
- Telegram (cryptobros friends)
- Steam (because I still love gaming)
Any advices? Phone ideas? I’m so lost in this ocean of choice (freedom ✨)
My current phone:
Graphene OS only works on Pixel Phones. They’re really the gold standard. Pick one from the supported list on the graphene os website that suits your needs.
i wish i knew about graphene when i got a pixel 6 pro. i got rid of it only after a year because it was such a buggy POS.
deleted by creator
That Bootloader unlock link is an awesome idea!
eh, it equates region lock with racism and feels more like an anti-corpo rant than a comprehensive view of locked/unlocked devices.
A better link would be the lineageOS devices page, or the postmarketOS devices page. These will tell you explicitly which chipsets and models are open and worth getting
Missing from the list: ASUS lost a lawsuit in the UK after lying about saying their unlock servers being down would come back up for Zenfones. While they have a headphone jack, offer good price/performance, & used to fall in the ‘small phone’ category, you can no longer unlock bootloaders with final statement being they won’t be allowing it going forward.
(I would contribute to the upstream, but I only use proprietary Microsoft GitHub when absolutely required—keep this in mind Privacy fam when setting up any unmirrored Git repository)
can suggest a Bootloader Unlock: Wall of Shame
Unfortunately it only mentions unlocking. Re-locking the bootloader is just as important, and strictly necessary for Android Verified Boot to work.
deleted by creator
A Google Pixel with GrapheneOS is the best thing on the market for privacy and security.
GrapheneOS is a privacy and security-focused operating system, which is based on Android and retains full compatibility with Android apps. There are no Google services by default, but you can install Sandboxed Google Play services, which have much less access to your device, because they are running in the normal Android application sandbox, just like any other app you install, and can be removed at any time. GrapheneOS offers many other cool features, such as a network permission toggle, which lets you revoke internet access from any app (like e.g. the Google Camera app).
I’m glad you already know about F-Droid, because there are so many amazing apps there. After looking at your home screen and the apps you currently use, here are some quick recommendations from me:
- Before you start using F-Droid, add the IzzyOnDroid repoisitory, as it contains even more awesome apps that can’t be found in the official repo
- Switch to a better F-Droid client, such as Droid-ify
- Revolution is the best IRC client I could find on F-Droid, it looks a little older (doesn’t use the newest version of Material Design), but still works very well
- LibreTorrent is an amazing torrent client
- AntennaPod is IMO the best podcast app on Android
- The official Wikipedia app is available on F-Droid: https://f-droid.org/en/packages/org.wikipedia
- Element X is a new, rewritten version of the Element client (it’s officially made by the Element team, and you can even try it out on iOS right now)
- Clock You is a good and modern looking clock/timer/stopwatch/alarm app
- There are a few Telegram apps on F-Droid. I have found Nekogram X to be the best. If you prefer the experience of the stock Telegram app, you can get Telegram-FOSS from F-Droid.
- For Signal, you can either use Signal-FOSS (requires a third-party repo), or an improved fork of the app called Molly (you can either get it from Accrescent, which is available in the GrapheneOS App Store), or by adding their custom F-Droid repo. Molly is officially recommended by the GrapheneOS project over the normal Signal app.
- The official GitHub app works just fine, but you can also try FOSS alternatives from F-Droid such as FastHub-Libre, or OctoDroid.
The other apps you mentioned in your post are not available on F-Droid, but I also have a few recommendations there:
- xManager for Spotify (it’s a modded, patched version that removes ads)
- Aliucord for Discord (it removes some of the telemetry and tracking)
- Instagram and Steam can easily be downloaded from the Google Play Store. You can use Aurora Store, to download apps from Google Play without creating a Google Account.
- If you only need Steam for the authenticator, there is a way to get the verification codes in a FOSS TOTP authenticator like Aegis, without having to install the Steam app: https://help.ente.io/auth/migration-guides/steam/
- You can either use FFUpdate to download the Brave Browser, or use Obtainium to pull the APK from GitHub
Also check out Lawnchair launcher, since I at least find the stock launcher kinda lacking in features and UI/UX.
Feel free to ask me any further questions, either in this thread or via Lemmy DM
That’s amazing advice thanks :) you’re so knowledgeable about this ecosystem
I’m trying to help out wherever I can :)
Thank you, for all the Alternatives. I love Antenna Pod!!!
I love it too, it’s genuinely the best app for podcasts I’ve ever used
You sound like the ideal candidate for a refurbished Pixel 7 / 8 from amazon.
Test its hardware thoroughly on the stock os in case you need to return it.
Install GrapheneOS using the Web installer.
Install Droid-ify into your main profile from the f-droid web page. It looks much better than the official f-droid client and actually has a working auto-update
Create a work profile. I use an app called Shelter as the work profile admin app. This allows you to auto freeze your big-tech apps to help with battery life / privacy. Install google services from the built-in GrapheneOS app store.
Enjoy.
Google services shouldn’t even be needed for the apps OP listed above. Instagram works just fine without Google services, just like Discord, Telegram and Steam. I don’t know about GitHub, but there are FOSS alternatives for it on F-Droid. Spotify (xManager) also works just fine.
Generally agreed, I would actually try using as many services with their progressive web apps.
The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.
Probably an unpopular opinion, but I’ve never seen the point of PWAs. I don’t want a crappy website as an icon on my homescreen, I want a proper native app. If the app is privacy-invasive, I will either find a FOSS alternatives, or isolate it in a separate user profile.
The main reason I think they may need google services is the banking app. Mine will refuse to launch without google services installed.
That’s true, I also need Play services for mine, but I have a special user profile for it.
Get a Pixel 7 or newer and put Graphene OS on it. Pixels are excellent phones and have good support for custom ROMs. The Pixel 6 has a lot of weird issues that the others don’t have, so avoid it. Graphene is the best ROM for privacy AND security, and it is also relatively user-friendly.
Or, if you want an older phone, try a Pixel 3, 4 or 5. They are good phones with an older design style that may appeal to you.
/e/OS (also known as Murena) is also a good ROM for privacy, and supports a broader range of devices.
What issues does 6 have? My experience has been great, but I have nothing to compare it to.
I’ve heard a lot of people complain about software glitches and minor hardware issues. These issues may be due to the fact that the Pixel 6 was the first Pixel to use Google’s own Tensor chips.
Typing this up on /e/os on OnePlus6t. Love it for ~2 years now. Signed up and support the project now with their ecosystem (64gb option).
Obligatory reply since that’s exactly my specs too :P
Or, if you want an older phone, try a Pixel 3, 4 or 5
These are outdated and don’t get security updates anymore, and thus shouldn’t be used anymore. The Pixel 6a is supported until 2028, the Pixel 8 even gets 7 years of security updates (until 2030), the Pixel 8a and 9 are supported until 2031.
/e/OS (also known as Murena) is also a good ROM for privacy
/e/OS is unfortunately highly insecure and shouldn’t be compared to GrapheneOS or recommended. Graphene is really the better choice here.
They can recieve security updates if you use an alternative ROM such as Lineage or /e/OS.
Can you please explain how e/OS/ is insecure?
They can recieve security updates if you use an alternative ROM such as Lineage or /e/OS.
They can only receive OS updates, but firmware updates are just as important for maintaining the security of a device. These can only be provided by the device manufacturer.
Can you please explain how e/OS/ is insecure?
Sure. It’s based on the already insecure LineageOS, you can read more about that here: https://madaidans-insecurities.github.io/android.html#lineageos
On top of that, the /e/OS devs don’t release updates in a timely manner, often taking 1-3 months to releases even simple but important Android Security Bulletin patches.
They can not recieve firmware updates. They are always provided by the OEM
I should really get around to putting grapheneos on my pixel but I’m lazy.
Why not use most of the web versions of the non-free apps you mentioned? No Google needed.
- push notifications
- websites that tell you “use our app”
- better UX
I’d go either with a Fairphone 5 (or maybe wait for the 6 to release) with CalyxOS or a Google Pixel with GrapheneOS.
I’m on Fairphone 4 with CalyxOS, and I am happy with that. I would not expect them to release a Fairphone 6 anytime soon, so unless OP has all the time in the world, the Fairphone 5 should be good if they want to go this route.
To update your Play Store apps you can use Aurora Store (notice that Aurora *Droid* is completely different app).
If you don’t want Google *device* you could get any other device supported by LOS but is means no official GOS on your phone.
Shelter is better, BTW; but Insular is good option too.
This is crazy. I’m in exactly the same situation and have been thinking about getting a mobile plan with a Pixel 8 (where I would install GrapheneOS on) as those are getting cheaper with the Pixel 9 out not.
A pixel phone with GrapheneOs?
Buy a used Pixel that fits your budget. The Pixel 6 sometimes has problems with the battery so maybe rather choose between 7, 8 or 9. But you could send it to Google to get a new one but then you have to deal with them so yeah. Ifixit also has first party replacement batteries if you would choose the Pixel 6 and you would get this problem. Still I would recommend 7 lineup. Just take a look at grapheneos.org for length of support. Also 9 will be hard to find 2nd-hand I recon ;^)
Calyx OS, Graphene OS or Lineage OS with MicroG. All of those will work fine for your use case. Just aim to get as many of your apps off of F-droid as possible. F-droid is a marketplace of free software and all apps in the main repo must meet certain requirements.
I would recommend eliminating your non free apps especially the dark pattern ones like Instagram and Discord. These apps are not private and you can’t make them private. They are designed to get you hooked to the point where you can not leave. Also Targeted advertising has its own dark patterns which are harmful on so many levels. I realize it is hard to move but you can be the change you want to see. Maybe make it a long term goal to try to get people to move somewhere else. You can do some research and come up with an alternative.
Google Pixel of some kind.
One of the only phone lineups with easy bootloader unlock, and also the only ones supported by GrapheneOS.
You can also use it as-is if needed without going crazy from ads and notifications everywhere like other brands tend to have.
You can also use it as-is if needed without going crazy from ads and notifications everywhere like other brands tend to have.
Isn’t it bad since Google == Far from privacy?
Sure. But at least it doesn’t come with tiktok and facebook
Pixels are great, but definitely make sure to install GrapheneOS to increase your privacy and security
https://wiki.lineageos.org/devices/ and make sure to double-check that unlocking the bootloader isn’t too much bother (ie. read the installation instructions)
Lineage IS for MicroG: https://lineage.microg.org/
Also keep in mind that Lineage OS is not designed to relock the bootloader.
This project makes it so much less painful to get microG up & running. It all just works. If only they were the default for these unofficial LineageOS builds as it would seem like the tinkering types are more likely to be interested in takinga privacy step with microG than those that want Google Play.
Lineage OS is not designed to relock the bootloader.
I don’t understand why so many people worry about that… doesn’t it only ensure that data is wiped if some agent secretly installs a rootkit or sorts on your phone before giving back the device to you?
To me, bootloader locking is mostly a way for phone manufacturers to make it harder to run anything but the ROM they have chosen (and it’s a PITA and the most laborious part of installing a ROM).
It prevents a random guy from picking up your phone and flashing a different (probably more malicious) custom rom