TL;DW
LINDDUN card deck PDF for reference: https://downloads.linddun.org/linddun-go/default/v240118/go.pdf
TL;DR: Out of iPhone, Pixel, Android, AOSP forks, and GrapheneOS, the answer is GrapheneOS by a country mile.
GrapheneOS sometimes sacrifices privacy for security.
I had way more privacy related features and controls on a rooted LineageOS phone (which was obviously much less secure)
Such as? Been thinking of flashing GrapheneOS since I got a Pixel on the way.
Grapheneos has some unique features that simply no other mobile OS has. It is insane solid for security, but that does not make it lose anything in terms of privacy.
Starting with the fact that it comes with only the bare minimum of apps necessary for a functional mobile device (anything else you have to find, choose and install yourself).
Without digging too deep into the technical details of the software itself, the first "shit, I love this” factor for me begins with the storage scope and contacts scope. This is one thing I’m not willing to live without anymore. Pretty much every app, proprietary or otherwise, will ask for access to storage. With scopes you can provide access to a folder of your choice,even create a folder for each app if you want, effectively blocking every other app from potentially snooping into other apps storage.
The same holds true for contacts. Signal (Molly in my case) asks for access to contacts, but I have no need for that, as everyone I talk with over Signal is already there. But if someone new comes around, I give Molly access to that one contact and add them to Molly. My jmp.chat runs on Cheogram, and I only use it for my US and Canada contacts, so I don’t have to provide Cheogram access to anyone outside North America. Same thing with my VOIP service for work and so on.
The level of granularity achieved on permissions is just epic. I even tried to use stock pixel 4 days ago, kept it for 3 days, and had to roll back to Graphene last night because I couldn’t stand the constant nagging on the phone (and I disabled everything Google in it except the Play Store, for which I did disable everything but network).
I have no respect for Micay and his band of narcissistic developers with a god complex, but that doesn’t remove the fact that GrapheneOS is light years ahead of any mobile OS out there in terms of user control for privacy.
Rotary.
The tin can phone inherently provides end-to-end encryption. The acoustic signals, which are essentially longitudinal mechanical vibrations, travel directly through a taut string or wire. This physical medium ensures that the sound waves are converted into mechanical vibrations at the transmitting end and reconverted into sound at the receiving end, effectively eliminating any possibility of electronic eavesdropping or interception.
One of the most significant advantages of the tin can phone is its complete absence of a digital footprint. Unlike modern telecommunication devices that rely on electronic signals and data packets, tin can phone operates purely on mechanical principles. This means there are no digital records, metadata, or logs that can be hacked, traced, or subpoenaed.
The simplicity of the tin can phone renders it immune to a wide array of cyber threats. There are no software vulnerabilities, no firmware to update, and no risk of malware or ransomware attacks. The device’s operation is entirely analog, relying on the physical properties of sound waves and mechanical vibrations, making it impervious to digital exploits.
The physical nature of the tin can phone also contributes to its security. The string must be kept taut for effective communication, and any attempt to tap into the line would be immediately noticeable due to the loss of tension and degradation of sound quality. This provides a built-in tamper-evident feature, ensuring that any unauthorized access attempts are easily detected. On top of that, if someone attempts a man in the middle attack, you should be able to see it happening during the call and act accordingly before any sensitive data gets exposed.
The operational simplicity of the string and cans phone is another layer of security. With no complex interfaces or user authentication mechanisms, the risk of user error leading to security breaches is virtually nonexistent.
How? Literally uses the same phone lines that have always been not secure or private
No google, samsung, or apple services in the background or separate carrier operating system. Plus the audio is always worse on the old phones. Unless law enforcement is out to get ya, the only thing being tracked is what time and number called you, or whom you called and at what time.
Somehow that posted as an entirely empty comment… Here’s what was supposed to be in it:
I actually don’t agree with this video; and firmly believe it is more than a little biased.
For example, the Pixel, AOSP and Android are given several undeserved points due to lack of proper information or understanding of how certain features work. I imagine this is the case too for the iPhone; if a bit less so.
The review apparently doesn’t deep dive into settings or attempt to maximize privacy by turning off unwanted ‘features’ when settings switches are available to the user; nor does it assume that you set up accounts in as private of a manner as reasonably possible or toggle off as many default-on consent switches as needed.
While I would support scoring and dinging each case or instance for “Privacy Settings that don’t actually work”…this video really doesn’t do a lot of legwork and leans on the anecdotal evidence of scary news stories too much.
Worse was the fact that the entire video felt like they were shilling for Graphene OS; which is known to have a slightly unfriendly maintainer and community surrounding him to say the least.
No mention of Lineage or other privacy oriented Android ROMs were analyzed. AOSP too, was unfairly lumped in and dinged for specific points of the Default Pixel configuration…and yes there are major differences between AOSP and Pixel Android; even though Google tries to be less in-your-face invasive than the other OEMs. Not enough credit is given for the “On-Device” smart features implemented properly on the Pixels.
Out of personal experience; I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock. Not quite as private as Graphene; but not quite as invasive and much more enforcing of privacy. The debloating provided by a clean AOSP-like ROM, such as Lineage, as opposed to a “Stock Android” configuration from a major OEM is stark.
Worse was the fact that the entire video felt like they were shilling for Graphene OS; which is known to have a slightly unfriendly maintainer and community surrounding him to say the least.
Correction, the developers, not the community, are flat out pricks (not “slightly unfriendly”), but this does nothing to remove how amazing the OS is for anyone wanting to remove themselves from all the mainstream garbage in the mobile devices scenario while being able to keep productivity with a few workarounds.
Out of personal experience; I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock. Not quite as private as Graphene; but not quite as invasive and much more enforcing of privacy. The debloating provided by a clean AOSP-like ROM, such as Lineage, as opposed to a “Stock Android” configuration from a major OEM is stark.
You will see me speak about Grapheme as if it was the Holly grail of mobile OSs, and that is because I actually move between CalyxOS, stock android, grapheme and Lineage every few months, and the fact remains that you have less than half of the control on your privacy you can get on anything other than Graphene. Additionally, show me one mobile OS that has less bloat then Graphene.
Every time I see posts slamming GrapheneOS over the toxic community (which it is not) or the devs (who are extremely toxic in my opinion), all I see is butthurt overly a sensitive individuals that are looking at the wrong thing. GrapheneOS is what Android should be, it’s that simple. All these rants about how toxic x or y is only serves to keep people starting in the privacy or security (or both) path away from what is effectively a huge leap from being invaded and helpless in the current tech and surveillance scenario to having near-complete control over their digital lives.
Correction, the developers, not the community, are flat out pricks (not “slightly unfriendly”), but this does nothing to remove how amazing the OS is for anyone wanting to remove themselves from all the mainstream garbage in the mobile devices scenario while being able to keep productivity with a few workarounds.
Yep. I’m willing to deal with a prick developer who’s taking this on their shoulders. Theyve really produced something incredible with GrapheneOS. I’m not willing to deal with the pricks who sell my data to anyone and everyone. Especially pricks who have had contracts with various intelligence agencies.
I’d actually rate a proper Lineage OS install of 4 whole Android versions ago to be more private than stock.
Its always the lineageos stans that can’t take the truth.
Would a research paper change your mind?
https://infosec.exchange/@rene_mobile/113431029855652363
According to this table, Google Pixels beat other devices listed there by far. Even Samsung S-series doesn’t look good
What about a security expert?
Overall, LineageOS does not leave a privacy-friendly or truly secure impression
Spoiler: It’s a banana phone.