I assume it not completely locked down, but does it mean Google doesn’t have access to everything like I assume it does with Android?

  • Imprint9816@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    35
    arrow-down
    1
    ·
    1 year ago

    Its not really meant for privacy. Its a great rom for keeping an old phone up and going but you should consider divestos or grapheneos if privacy is your main concern.

    • someguy3OP
      link
      fedilink
      English
      arrow-up
      12
      arrow-down
      2
      ·
      1 year ago

      I’ve heard graphene isn’t maintained any longer than Google pixel updates. So 5 years.

      • baseless_discourse@mander.xyz
        link
        fedilink
        arrow-up
        22
        ·
        edit-2
        1 year ago

        This is for security concerns, because all the firmware and driver are maintained by first party, so once the first party stopped maintaining firmware, there is no way for graphene to make the device as secure as a phone that is still in its support period.

        At that point, you can try to switch to lineage to increase the life of your device.

        That being said, graphene do offer extended support for some devices like pixel 4(XL) is still supported right now, but it made it very clear that it is “extended support”, and it exist only to help user transition to their next device.

        • someguy3OP
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          At that point, you can try to switch to lineage to increase the life of your device.

          Which basically brings me to my question, how is LineageOS for should I call it basic privacy.

          • baseless_discourse@mander.xyz
            link
            fedilink
            arrow-up
            4
            ·
            edit-2
            1 year ago

            It is okay for privacy, especially if you dont have google app installed, but it is not security and privacy focused.

            If you have google app installed I imagine it is probably as private as stock os on a pixel, but less secure. Graphene/calyx will definitely have better security and privacy than lineage with or without gapps.

            But I understand there is other tradeoffs besides just security and privacy, like minimizng ewaste, cost, availability, etc.

          • jet@hackertalks.com
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            1 year ago

            It’s good for general computing, and if it’s off the internet it’s good for anything. But if it’s networked don’t trust it with things you’re not comfortable being at higher risk.

            So watch YouTube fine, banking maybe not

            The context here is a phone that’s no longer receiving hardware security updates, not lineage OS itself. If you put lineage on a modern phone getting updates, then I’d be comfortable using it as a standard phone doing all the standard things including online banking

  • Cam@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    2
    ·
    1 year ago

    It is good for privacy as long you do not install Google Play Services and also do not download any apps that is bad for your privacy. However GrapheneOS is a better option which additional security benefits.

  • miss_brainfart@lemmy.ml
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    1 year ago

    Even without explicit installation of GApps, Lineage still uses and connects to quite a few Google services in the background.

    It’s a great way of keeping older devices up to date, but not much more than that.

    • DangerMouse@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      Yes, this is the crux of LineageOS. There is a fork called DivestOS that is more libré and reduces dependence on Google services, as well as having bootloader re-locking for some devices.

    • Free Palestine 🇵🇸@sh.itjust.works
      link
      fedilink
      arrow-up
      3
      arrow-down
      8
      ·
      edit-2
      1 year ago

      It’s more like a way to make your devices insecure by unlocking your bootloader, disabling Verified boot and letting all kinds of malware persist on your device as well as allowing anyone with physical access to your device to modify the system partition and load malware onto it.

        • Free Palestine 🇵🇸@sh.itjust.works
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          Sure, but DivestOS is better for old devices as it supports bootloader relocking and it’s just much better for both privacy and security. If you want the most secure mobile OS on a modern sevice, go for GrapheneOS on a Google Pixel (which also has hardware security with the Titan M2 secure element).

          • miss_brainfart@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            Divest doesn’t officially support MicroG or Sanboxed Play Services though, which can be an issue depending on what apps you need.

            Lineage will still be the better option for most people because of this, unless they actually need to buy a new phone anyway

            • Free Palestine 🇵🇸@sh.itjust.works
              link
              fedilink
              arrow-up
              2
              arrow-down
              1
              ·
              1 year ago

              I haven’t tried microG on DivestOS yet, but from my experience on CalyxOS (before I switched to GrapheneOS) I can tell that it works really well. Doesn’t really matter whether it’s officialy supported, you can just install it yourself.

              • miss_brainfart@lemmy.ml
                link
                fedilink
                arrow-up
                2
                ·
                edit-2
                1 year ago

                After reading up on it on the DivestOS page, it mostly seems to work, with the exception of SafetyNet

                https://divestos.org/pages/faq#microgOptions

                Some apps require SafetyNet to work, while the option to enable it currently exists it will not work in the unprivileged mode that DivestOS uses and will be removed in a future update.

                But then again, the whole point of the DivestOS project is to remove as much Google and other proprietary code as possible.

                So if someone wants to use DivestOS specifically, they likely don’t use any apps that need microg.

                • Free Palestine 🇵🇸@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  1
                  ·
                  1 year ago

                  Right, SafetyNet. I haven‘t tried banking apps (or anything else that requires SafetyNet) with microG, but SafetyNet is just a flawed system in general. Even on GrapheneOS, with the proprietary Google services running in a sandbox, only SafetyNet basic integrity can be achieved, because the OS needs to specifically be whitelisted by Google order to get full integrity. It‘s a ridiculous monopolistic move by Google. I just never use banking apps on my phone, I have a dedicated small and light laptop only for banking, that I can also take on a trip if I need to do anything related to banking on the go. I do this for extra security, so my banking is separated from all my other digital activities, but I‘ve heard that basic SafetyNet integrity that be achieved on GrapheneOS is enough for many banking apps.

  • lickmysword@sh.itjust.works
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    1 year ago

    I’d say neutral. Since you can install gapps (e.g. Playstore, gmail) for convenience and less privacy. Or microG instead of gapps.

    • Tibert@compuverse.uk
      link
      fedilink
      arrow-up
      2
      arrow-down
      2
      ·
      1 year ago

      You can’t rely install that. There can be microg (not sure if it’s in the distributed rom), but there is no system integration with microg, so G apps cannot work. Neither a lot of apps based on play services.

      Microg however offers a modified LineageOs rom where they have installed the system integration for micro G. On that rom, the G apps and apps requiring G services do work.

      Maybe it could be a bit more privacy friendly than using the direct Google services, but it still connects to Google to get some services for some apps.

    • RaoulDook@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      It’s only less secure in a rare circumstance that a bootloader compromise happens by theft or advanced malware. If you’re not doing stupid stuff on your phone you probably won’t get advanced malware on it, and most thieves probably don’t even know what a bootloader is, so IMO the security is good enough.

      So the practical benefits of improved privacy and removal of bloatware etc are a much more significant benefit over stock android. I won’t use a phone with stock android at all after getting used to Lineage and Graphene

  • lambalicious@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    From what I get, if your phone is anything other than a Pixel still within supported lifetime, then LOS is decent. At that point it’s mostly a hardware tradeoff (use a phone that all of has active lifetime support, is bootloader-relockable and has Custom ROM support) than a software one.

  • Gamey@feddit.rocks
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    It’s good as long as you don’t install Goole play services but doesn’t have some of the extras privacy centric roms people will recommend you (only usable on a Google Pixel) have.

  • S13Ni@lemmy.studio
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Lineage OS is android. Android is open source, but phones come with proprietary google and other software preinstalled, to grant phone it’s full functionality.

    You can either try to remove said apps via root access and keep your vanilla system otherwise , or install custom rom like lineageOS, that doesn’t have google apps (GAPPS) installed, so they can’t get your data unless you login to some google site, or install app associated with google, or use google to login elsewhere.

    Both will get the job done but custom rom is more thorough way of doing it,.

    • someguy3OP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Are you saying Android by itself isn’t that bad?

      • S13Ni@lemmy.studio
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Yes. Android is open source operating system based on the linux kernel, originally not even developed by google until they bought the company originally responsible for its development, and continued it’s development. Anyone could go to read it’s source code, and check if it has trackers of some kind, for the parts that are open source. LineageOS is just one version of android that comes without that stuff. You could also elevate to root access on your phone and delete said software, but it is not as good for security.

        However, all stock android comes with lot’s of googles own software preinstalled you necessarily can’t remove + software from phone manufacturer like samsung. Without those, android is pretty alright privacy vice. Bear in mind some core programs like sms messenger, or phone dialer app might not be open source, since google has been making more and more of those proprietary over time.

        Alternatives to degoogling android really are just jailbroken iphone or linux phone such as pinephone, which is only for hobbyists and developers more than fully fledged usable phone. Some android phones also lock the bootloader, making it harder to install custom ROMs or root it. I have fairphone 4 that luckily does not have that, although I don’t currently use custom ROM or have rooted it, since I have not had time to look into how to make my banking app authenticator work with those.