[bigbugbag]

Android is not FLOSS obviously but the point is that you can 't do more than having blind trust for the manufacturer. Having the best argument is not the same as as actually offering the best privacy.

You could try jolla or fairphone or even a blackphone (or one of the governmental only privacy oriented smartphones not available to the general public).

But this is somewhat irrelevant as having a smartphone with a GSM chip is a severe privacy issue in itself whatever the hardware/OS. Even a simple mobile phone is a privacy liability unless you take some precautionary measures.

To get some privacy one has to accept to have less comfort and ease of use, privacy and security are a tradeoff. something only a few actually do.

[la_oveja]

Android is actually FLOSS. The problem comes when people want to add a Google account.

You can use a free version of Android? Yeah! You are going to lack some stuff tho. Google Play Services provides geolocation services, the app store, push notifications,...

[swinglock]

I don’t think it stops with the Google software. You will still more likely than not have proprietary binary blobs running in your kernel to support your proprietary hardware executing proprietary firmware that is as large as operating systems themselves, the largest with the biggest attack surface waiting the process anything they can on 2G, 3G, 4G, WiFi and Bluetooth bands.

Android is more open than iOS but it’s not really open enough to make a significant difference, not for 99% of users and not really for the 1% that think it is more secure or private because they run a (heavily modified, very old, probably abandoned by the manufacturer) Linux kernel but ignore the baseband and closed source camera driver.

[bigbugbag]

I think you're confusing android and android open source project (AOSP) here. Android is AOSP + Gapps.

Even the FLOSS nature of AOSP has been questioned for years, but as a manufacturer it's impossible to offer a phone with AOSP, to be able to use android you have to include the Gapps.

Google has slowly been moving functional parts from AOSP to Gapps, the point being to limit the AOSP part and eventually get rid it of the open source part.

[la_oveja]

You don't need GApps to run Android. The only closed source blob you need is chipset and modem drivers.

And no: AOSP is Android. It's like saying that Linux is not Linux unless you bundle it with GNU-utils and wrapped by Canonical.