[notyoutube]

I'm using microg's lineage, and something I was wondering when choosing a rom was, how secure are all those roms in terms of supply chain/developpers. There are many, with no big reassuring name behind, and it's hard to trust that what looks like a random rom from the internet is not just a full trojan horse.

It would be nice to have just the one or two options, with app store and some kind of official entities backing (say, states, or universities, or distros).

[izacus]

It's safe to assume that there's very little-to-none supply chain protection. It's mostly all single people or tiny groups of people releasing this.

[notyoutube]

Sad to hear. It feels like the EU could fund some entity to manage, develop and distribute such a degoogled android with only a very small fraction of its other spendings, and that would help a lot with reducing google/apple's hold on the european market… A cheap deal.

[izacus]

Android is a Google project through and through, so I'm not sure if basing the result would actually be "reducing google hold on european market". For that you'd have to actually have a product that isn't developed by one of those corps.

[greentea23]

Degoogling is a misnomer imo. It's not about not using anything from Google or Apple at all. They both contribute to Linux, clang/llvm and other core open software tooling after all. It's about not using unaudited closed source code which cannot be proven to be secure or private, as well as getting away from the online services Google/Apple bake into their operating systems that spy on and tell on users as a requirement to boot the device at all. There's also some cool features that are blocked by both. Since AOSP is open source and the API is easy to target by 3rd party app stores, it's perfectly legitimate to use it as a starting point. There may come a day where Google stops releasing it in such a usable way though, and a more complete fork will be necessary to maintain OS sovereignty.

[flas9sd]

> It's about not using unaudited closed source code which cannot be proven to be secure or private [..]

Degoogling is not deblobbing and Lineage or /e/ use plenty of closed source software during runtime. The top parent and DivestOS author really is deblobbing* to some degree, but forks of LineageOS that introduce measures of "degoogling" hold onto vendor firmware blobs on androids /vendor partition for functionality. Those aren't known for connecting to the Google hivemind though.

* https://github.com/Divested-Mobile/DivestOS-Build/blob/de3ba...

My interpretation of the term degoogling fits the second part of your sentence, "getting away from online services": it is user agency in what network connections can occur, so either by default or optionally users can stop any signaling coming from the device they use. They don't have that freedom with the software the device came with.

[notyoutube]

Better phrased than I did, thanks. How feasible do you think such an endeavour would be? What are the roadblocks to people doing that right now?

[greentea23]

Sadly it's pretty hard. I have had a great experience with Lineage OS for several years now. Installing a custom ROM is not that hard imo, but it is scary to most and few flagship devices allow it. But I think more competition will be the key to more freedom and openness, and that is coming: Google is being pressured to embrace 3rd party app stores, and Apple is being pressured to allow side loading in Europe. Also things like RISC-V and the growing open source hardware movement are shaking things up. The death of Moore's law will also bring more competition into chip design in the coming decade which could help to establish more open standards and options in the market.

[notyoutube]

I mean, it would be a step in a better direction, wouldn't it? One might start with something like aosp/lineage and potentially fork from there if needs be, or ask of companies to support this alternative rom, etc.

[kaba0]

GrapheneOS is by far the most secure option. Unfortunately, it’s only for pixels (as the former “director” (in my opinion rightly) claims that there is not much point to “extreme” security if the hardware itself is already vulnerable, and most android phones have very shitty hardware security)

[4ggr0]

> not much point to “extreme” security if the hardware itself is already vulnerable

What I don't get about this is that a lot of people who install custom ROMs do so, to ungoogle their devices, and just plainly get rid of Google. So why exactly is Google deemed to be a safe hardware vendor?

[eptcyka]

They have a secure boot chain and they allow users to use their own signing keys. Samsung for instance also has verified boot, but doesn't allow users to use their own keys. Thus, the boot process is as secure using GrapheneOS as it would be using stock Android, but this just isn't the case for any other device manufacturer.

[4ggr0]

Yeah but that's still SW, if we talk about HW then using Google-HW to get rid of Google seems a bit weird. I know that Google is not manufacturing these parts, but they're probably not open-source either.

I don't care that deeply about privacy/security, just being a bit devils-advocat-y.

[smallerfish]

It depends on why you want to de-google. Running Android means that you're plugged into their ad-analytics data collection. Firmware layers are extremely unlikely to be reporting personalized analytics into that engine.

On the other hand if you're trying to avoid an oppressive state, you probably want to avoid any potential for a sub-poena to a big corp yielding information on you; in which case considering fully open firmware makes much more sense.

[kaba0]

There is basically no production-ready free hardware on the market, the pinephone (which is in the toy category, let’s be honest) is also full of proprietary firmware.

[4ggr0]

> the pinephone

I even got one of these and all I did with it was install a couple of different distros, since then it's collecting dust as it's unbelievably slow and the battery lasts for about 2 hours.

[eptcyka]

It is hardware.

[greentea23]

There is no such thing as a safe hardware vendor at this time unfortunately. The good thing about Google is they are the only company that actually lets you swap out the software to at least improve your privacy (but they penalize you by blocking payment and auto integration), so it's far better than everyone else, but far from perfect, mainly since the baseband processors are universally closed off.

[geraldhh]

afaik microg is developed by a german guy with a grant from the goverment. can't get more legit than that in the android ecosystem :D

[commoner]

I'm having a great experience using microG, which lets me selectively enable and disable cloud messaging for every app that attempts to use Google Play Services. microG does not implement the ads and tracking (Google Analytics) APIs of Google Play Services. microG also lets me use Mozilla Location Services to replace Google Location Services, which obtains a location much faster than GPS alone. With microG being free and open source, I trust it much more than the proprietary Google Play Services, even with sandboxing applied.

It's weird that the article doesn't mention microG even once, since it's what /e/ uses instead of the Google Play Services client.

[geraldhh]

> It's weird that the article doesn't mention microG even once

true

seems like the whole aftermarket android ecosystem hinges on the functionality of this, mostly unrecognized, component

[3abiton]

There are no real answers to this, taking trust out of the equation, the only way to be sure is to inspect the source code and build it yourself. On a side note, it's always possible to hook dns to a remote piehole setup, and monitor connections. Aside from the security issues related to roms, there are still the binary blobs from OEMs.

[maratc]

> It would be nice to have just the one or two options, with app store and some kind of official entities backing

I won't doubt that you know that iPhone is a thing.