Alternative OS for Android devices

[dan-kir]

One method of mitigating telemetry collection on Android devices is installing an alternative OS.

Examples being GrapheneOS and CalyxOS. These are sometimes referred to as "deGoogled" OS's as they do not include any Google apps/services in the default installation.

These two examples are only supported on Googles Pixel devices. LineageOS is another option with wider device support.

GrapheneOS in particular also has a lot of additional security features built in. Eg. Hardened memory allocator (https://github.com/GrapheneOS/hardened_malloc), device integrity monitoring (https://attestation.app/about) and sandboxed Google Play services (https://grapheneos.org/features#sandboxed-google-play)

I think this is worth including in the guide. As a long time user of GrapheneOS I can begin drafting a PR.

[nopeitsnothing]

Sounds good to me. Be sure to mark it as a draft to avoid confusion. I like Graphene myself.

[Lefty-Insider]

"Much of the world seems to be suffering from "early onset mobile/cloud dementia" in my view. I hereby "coin" this term and its endemic spread across the world and note that this illness primarily impacts the millennial generation. It is truly delusional to believe that you can change a pocket surveillance device to provide privacy and anonymity, much less into a tool than can be used to your advantage for Dark Web illegal activities." Lefty Insider

[nopeitsnothing]

It is truly delusional to believe that you can change a pocket surveillance device to provide privacy and anonymity, much less into a tool than can be used to your advantage for Dark Web illegal activities.

No, you can, it just requires you to know the lower level technical aspects than the OS and radio bands; most people don't go further in their search for privacy than the internal apps (GAPPS, et al). I have no interest in cell phones. I don't even have a home phone to provide to the general public, only a work phone on-prem that is not connected to external networks and is hosted in the cloud.

[Lefty-Insider]

Than,

Well you say you can, but you yourself are not proof of that as you don’t use one.

Movements are continuously tracked by cell towers in order to provide service to people with their cellularized and colorized Newton’s.

You have to take your phone apart and disable the mic and camera and remove a chip or two like Ed Snowden?

“I have no interest in cell phones”

I don’t know why you responded to this quote, rather than my offer to assist with the writing.

“work phone on-prem that is not connected to external networks and is hosted in the cloud”

I guess to me the cloud IS an external network.

Confused,

lefty

From: Than Harrison @. Sent: Thursday, June 16, 2022 4:58 PM To: NobodySpecial256/thgtoa @.> Cc: Lefty-Insider @.>; Comment @.> Subject: Re: [NobodySpecial256/thgtoa] Alternative OS for Android devices (Issue #30)

It is truly delusional to believe that you can change a pocket surveillance device to provide privacy and anonymity, much less into a tool than can be used to your advantage for Dark Web illegal activities.

No, you can, it just requires you to know the lower level technical aspects than the OS and radio bands; most people don't go further in their search for privacy than the internal apps (GAPPS, et al). I have no interest in cell phones. I don't even have a home phone to provide to the general public, only a work phone on-prem that is not connected to external networks and is hosted in the cloud.

— Reply to this email directly, view it on GitHub https://github.com/NobodySpecial256/thgtoa/issues/30#issuecomment-1158173143 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AZUIAX7RXCC7O7JU2MNGADDVPOPP3ANCNFSM5X4P5D3Q . You are receiving this because you commented.Message ID: @.***>

[nopeitsnothing]

Nobody is saying you can't assist and we'd greatly appreciate it if you do, but using a cell phone - however hardened it is - is not recommended here. It's outside of the scope of the guide for a reason.

[yourfeetontheairandyourheadontheground]

The spirit of the guide does not recommend the use of smartphones at all. GrapheneOS is a privacy tool. Not an anonymity tool.

GrapheneOS does not provide anonymity whatsoever due to IMEI/IMSI tracking. IMHO it should not be added to the guide.

[Lefty-Insider]

Than,

Again, I wish you would go back and read my initial message.

I don’t know what you are on about here.

Lefty

From: yourfeetontheairandyourheadontheground @. Sent: Saturday, June 18, 2022 12:40 AM To: NobodySpecial256/thgtoa @.> Cc: Lefty-Insider @.>; Comment @.> Subject: Re: [NobodySpecial256/thgtoa] Alternative OS for Android devices (Issue #30)

The spirit of the guide does not recommend the use of smartphones at all. GrapheneOS is a privacy tool. Not an anonymity tool.

GrapheneOS does not provide anonymity whatsoever due to IMEI/IMSI tracking. IMHO it should not be added to the guide.

— Reply to this email directly, view it on GitHub https://github.com/NobodySpecial256/thgtoa/issues/30#issuecomment-1159367457 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AZUIAX3SYNC2EFGOFSAVKDTVPVOM3ANCNFSM5X4P5D3Q . You are receiving this because you commented.Message ID: @.***>

[Lefty-Insider]

Than,

I think you have me confused with someone else.

Lefty

From: Than Harrison @. Sent: Friday, June 17, 2022 4:08 PM To: NobodySpecial256/thgtoa @.> Cc: Lefty-Insider @.>; Comment @.> Subject: Re: [NobodySpecial256/thgtoa] Alternative OS for Android devices (Issue #30)

Nobody is saying you can't assist and we'd greatly appreciate it if you do, but using a cell phone - however hardened it is - is not recommended here. It's outside of the scope of the guide for a reason.

— Reply to this email directly, view it on GitHub https://github.com/NobodySpecial256/thgtoa/issues/30#issuecomment-1159227140 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AZUIAX2EMNG3FXOBREBGX6DVPTSJ3ANCNFSM5X4P5D3Q . You are receiving this because you commented.Message ID: @.***>

[dan-kir]

Agree that GrapheneOS and similar projects do not offer any anonymity as a service or function. They can however provide additional security and privacy.

If I had a requirement to communicate anonymously over the internet using a mobile phone I would choose GrapheneOS as my device operating system. Likely via the Tor Browser/Orbot applications.

It's silly to treat a mobile device as anything other than a small computer with some additional sensors in it. If you can operate anonymously and securely from a laptop you should be able to do the same from a mobile device. Both have their pros and cons.

[Lefty-Insider]

“It's silly to treat a mobile device as anything other than a small computer with some additional sensors in it”

I view that statement as complete nonsense, and part of the delusion I spoke about.

Is a smartphone a computer?

There is a lot of talk of this lately, mostly it seems from people who do not have or do not know how to use a desktop or laptop computer. I see this as a general societal phenomenon I will call DDoT. The dumbing down of things. Device mobility has always involved tradeoffs.

I am going to disabuse those who believe it is a computer of this notion right here and now.

Definition: a programmable electronic device designed to accept data, perform prescribed

mathematical and logical operations at high speed, and display the results of these operations.

https://www.dictionary.com/browse/computer

Does a smartphone do calculations like a computer? Yes, but so does a pocket calculator, is that a computer? Does it have a display? Yes, but again so does a pocket calculator. Only in the absolute broadest sense of the word it may be, but still a very underpowered limited use-computing device.

If you disconnect a smartphone from the Internet, what will it do? Is it still smart, or is it just a

dumb terminal connecting to AWS, Azure, or the Google Plex like in the old mainframe computer days?

Or maybe it is really just a cellularized and colorized Newton 2.0.

You can calculate waitress tips and keep your golf score with it right?

https://www.tcw.org/lefty/Short%20Stories/Is%20a%20smartphone%20a%20computer.pdf

From: Dan Kir @. Sent: Sunday, June 19, 2022 12:28 AM To: NobodySpecial256/thgtoa @.> Cc: Lefty-Insider @.>; Comment @.> Subject: Re: [NobodySpecial256/thgtoa] Alternative OS for Android devices (Issue #30)

Agree that GrapheneOS and similar projects do not offer any anonymity as a service or function. They can however provide additional security and privacy.

If I had a requirement to communicate anonymously over the internet using a mobile phone I would choose GrapheneOS as my device operating system. Likely via the Tor Browser/Orbot applications.

It's silly to treat a mobile device as anything other than a small computer with some additional sensors in it. If you can operate anonymously and securely from a laptop you should be able to do the same from a mobile device. Both have their pros and cons.

— Reply to this email directly, view it on GitHub https://github.com/NobodySpecial256/thgtoa/issues/30#issuecomment-1159620634 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AZUIAXZBMO2DJWFYR3UZLWDVP2VUPANCNFSM5X4P5D3Q . You are receiving this because you commented.Message ID: @.***>

[nopeitsnothing]

There's few points here that I feel are necessary to address.

A cellular device is a tracking device, no more, and no less. It's used by people daily to have convenient access to the internet, to work and to stay connected. It is by design insecure in that it is connected all the time to the internet and your location and other identifying information, even when in airplane mode, because of its litany of sensors and connections. It is a computer that fits in your pocket and provides a convenience, not security and certainly not anonymity, so please do not construct a logical basis on that it can be hardened sufficiently to defeat data collection, contact correlation, fine-tuned location, etc. It cannot and this is not possible, even with Graphene OS or other OS providing fine-tuned access to permissions and security settings.

Hopefully you understand that for this reason it can't be considered in the guide. There are plenty of options available to guide you toward a more secure and private mobile device but those guides are specifically tailored to people with the need of a system that they can control your information. This one is for those wishing to eliminate as much control of their data possible by third parties, and that would be inconvenient to mobile users and not a very big quality of life to everyday people.

[Lefty-Insider]

“ It is a computer that fits in your pocket”

I take issue with that. What can it do disconnected from a network?

We never called dumb terminals computers. I think we called them typewriters.

From: Than Harrison @. Sent: Sunday, June 19, 2022 1:41 PM To: NobodySpecial256/thgtoa @.> Cc: Lefty-Insider @.>; Comment @.> Subject: Re: [NobodySpecial256/thgtoa] Alternative OS for Android devices (Issue #30)

There's few points here that I feel are necessary to address.

A cellular device is a tracking device, no more, and no less. It's used by people daily to have convenient access to the internet, to work and to stay connected. It is by design insecure in that it is connected all the time to the internet and your location and other identifying information, even when in airplane mode, because of its litany of sensors and connections. It is a computer that fits in your pocket and provides a convenience, not security and certainly not anonymity, so please do not construct a logical basis on that it can be hardened sufficiently to defeat data collection, contact correlation, fine-tuned location, etc. It cannot and this is not possible, even with Graphene OS or other OS providing fine-tuned access to permissions and security settings.

Hopefully you understand that for this reason it can't be considered in the guide. There are plenty of options available to guide you toward a more secure and private mobile device but those guides are specifically tailored to people with the need of a system that they can control your information. This one is for those wishing to eliminate as much control of their data possible by third parties, and that would be inconvenient to mobile users and not a very big quality of life to everyday people.

— Reply to this email directly, view it on GitHub https://github.com/NobodySpecial256/thgtoa/issues/30#issuecomment-1159790586 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AZUIAX2MMU7HNMJNSZ7GU2LVP5SSVANCNFSM5X4P5D3Q . You are receiving this because you commented.Message ID: @.***>

[NobodySpecial256]

It's worth noting that the guide focuses on anonymity, which necessitates the use of a device that avoids forcing users to reveal their physical location every time they connect to a network. Android's security isn't the issue, it's its privacy. Even a Graphene-flashed device has this limitation, and considering cell tower tracking is both the easiest and most reliable way to track a person's physical location, using a phone as a primary device is inherently contradictory to the intent of the guide.

There's also the limitation that apps, even with no permissions at all, have enough access to completely deanonymize and track a user. While modern Android versions and ROMs such as Graphene are less atrocious due to the adoption of a slightly-less-leaky permission model, they do not even come close to solving the issue.

Additionally, as stated before, not even airplane mode is sufficient to stop all forms of device tracking. I might expand this to say not even powering off the device is necessarily sufficient, as malware capable of escalating to root once can simply fake a shutdown, unless you physically remove the battery (which is impossible on most modern devices, including every model Pixel)

[dan-kir]

Lefty, Your provided definition of a computer does not apply to a pocket calculator. Key words in the definition being "logical operations at high speed". If you remove, from a phone, the GSM radio, remove the GPS and install a GNU/Linux OS is it not a computer? Not expecting an answer as we're getting stuck in the weeds.

All, Whether the guide includes advice on mobile devices or not, people will still use them. Sometimes circumstances do not permit the use of a laptop or desktop computer. Sometimes the associated risks are accepted for the sake of convenience. This is all dependent on an individuals threat model.

I might only require anonymity for a specific task, at a specific time and in a specific place. A mobile device might be the most practical solution to get a job done before burning the device and returning to business as usual. Complete anonymity at all times is...tough...if not impossible.

The current appetite for any advice or recommendations on mobile devices seems to be low. So happy to close off the issue and I will agree to disagree.

[ghost]

GrapheneOS has nothing to do in the guide. It's a privacy tool. You cannot achieve anonymity due to IMSI/IMEI unless you wana buy a Pixel with a prepaid card as a burner. Kinda expensive.

[NobodySpecial256]

I might only require anonymity for a specific task, at a specific time and in a specific place. A mobile device might be the most practical solution to get a job done before burning the device and returning to business as usual. Complete anonymity at all times is...tough...if not impossible.

The guide already has a section on mobile phones as burners. It's important to note the distinction between using a device as a burner vs using it as a primary device for anonymous activities. And if someone can afford to use a Pixel as a burner, they can afford a Qubes-capable laptop too.

Also remember it's an anonymity guide, not a privacy guide. While it discusses privacy heavily, the intention is to discuss privacy as it relates to helping to preserve anonymity and operational security. If anonymity isn't required for your threat model, this guide is not meant for you. While its contents will still be applicable, that's not the intention of the guide.

[NobodySpecial256]

Your provided definition of a computer does not apply to a pocket calculator. Key words in the definition being "logical operations at high speed". If you remove, from a phone, the GSM radio, remove the GPS and install a GNU/Linux OS is it not a computer? Not expecting an answer as we're getting stuck in the weeds.

According to https://en.wikipedia.org/wiki/Computer

A computer is a digital electronic machine that can be programmed to carry out sequences of arithmetic or logical operations (computation) automatically. Modern computers can perform generic sets of operations known as programs.

By this definition a standard pocket calculator is probably not a computer, as they cannot run sequences of operations - it has a fixed set of non-scriptable operations triggered by direct user input. A TI-84 would qualify as a computer, however, due to its ability to accept and run arbitrary programs. Operations can be executed in sequence rather than performing a single operation then waiting for the user to input what operation to perform next. By this definition, a phone must be a computer, as it also can run arbitrary programs (for phones they're referred to as "apps"). The capability of the device is limited only by its hardware resources, as the programming environment is Turing-complete.

If you disconnect a smartphone from the Internet, what will it do? Is it still smart, or is it just a dumb terminal connecting to AWS, Azure, or the Google Plex like in the old mainframe computer days? Or maybe it is really just a cellularized and colorized Newton 2.0. You can calculate waitress tips and keep your golf score with it right?

I take issue with that. What can it do disconnected from a network? We never called dumb terminals computers. I think we called them typewriters.

Any argument that non-networked phones are less capable than non-networked desktop or laptop computers is ridiculous. Your typical Android phone can run full-featured IDEs capable of offline compilation and execution of arbitrary user-written programs. Modern phones are not thin clients, and they're most certainly not zero-clients.

I could also mention the ability to run desktop Linux distros on top of a stock Android ROM.

[ghost]

This shouldn't be in this guide. It's off-topic. You don't get anonymity from any phone OS. GrapheneOS or anything else.

It's out of scope and this should be closed.

[dan-kir]

Been valuable discussion, for the most part.

Closing issue.