11
posted ago by CoolAsACucumber ago by CoolAsACucumber +11 / -0

PRIVACY-BASED ALTERNATIVES TO BIG TECH - The best list I've found so far! https://ghostbin.co/paste/hwzn6

I would recommend an unlocked Google Pixel 3 ($150) or 4a ($350) (Pixel 4 XL is also supported now) and install GrapheneOS. The only thing Google about Google Pixels is the software (the hardware is HTC Taiwan and Qualcomm American-based companies, as good you'll get for the price atm) and for some reason they leave it open for you to uninstall the OS and add in your own. GrapheneOS is much more secure than your stock Android or Apple software and gives you complete control. A phone with GrapheneOS will run like lightning compared to what you have now because it's not sucking up data.

For Linux based instructions, will be on their website somewhere and there will be youtube videos on what to do. https://grapheneos.org/install/

GRAPHENE OS INSTALLATION INSTRUCTIONS USING WINDOWS COMP.

--Web-Based installer-- IS RECOMMENDED (Less chance for screw up) Officially supported operating systems for the web install method:

  • Windows 10
  • macOS Big Sur
  • Arch Linux
  • Debian 10 (buster)
  • Ubuntu 20.04 LTS
  • Ubuntu 20.10
  • ChromeOS
  • GrapheneOS
  • Google Android on GrapheneOS-supported devices

https://grapheneos.org/install/web


Officially supported operating systems for the CLI install method:

  • Windows 10
  • macOS Big Sur
  • Arch Linux
  • Debian 10 (buster)
  • Ubuntu 20.04 LTS
  • Ubuntu 20.10

https://grapheneos.org/install/cli


  1. Install or update the Android SDK Platform Tools:

    • Download and unpack the Standalone Android SDK Platform-Tools package: https://developer.android.com/studio/releases/platform-tools
    • Add a PATH Environment Variable to the unpacked folder (Windows 10: Control Panel > Advanced System Settings > Environment Variables)
    • Make sure that there are no other versions of Android SDK Platform Tools in your computer. Old versions will result to failures in image flashing.
    • (I saw LeAndroid in Device Manager once this was working)
  2. Install or update the Google USB Device Driver:

    • Download the Google USB Device driver: https://developer.android.com/studio/run/win-usb
    • Open Start menu, press power button, hold Shift and restart computer, Select Troubleshoot > Advanced options > Startup Settings and click Restart.
    • Open Windows OS Device Manager and find the new device that shows up when you plug in your phone
    • Update device driver (Windows 10: Device Manager > Universal Serial Bus devices > [Device Name] > Update driver) using the Google USB Device driver
    • (If you haven't been able to get this to work, I think being able to see results for "fastboot devices" in Powershell script later on means everything for this step is already good.
  3. Prepare the system image:

    • Download the factory system image that is appropriate for the device:
    • If possible, verify the system image ( open sunfish-factory-xxxxxxxxxxxxx.zip.sig file in notepad and look at SHA256 (sunfish-factory-xxxxxxxxxxxxx.zip.sig) = "Some Hash Tag". Now open up command prompt (start -> cmd -> enter) then type "certutil -hashfile "ZIP FILE LOCATION AND NAME" sha256" and press enter. Both numbers should be the same from zip.sig file and cmd prompt)
  4. Flash the system image into the device:

    • Notes:
      • First make sure that the stock system image is updated to the latest release to avoid any problems.
      • There is no need to turn on USB Debugging in Developer Options to flash a system image (even when sideloading with ADB in Recovery Mode.)
      • Enable OEM unlocking in Developer Options (Important: This requires internet access on devices with Google Play Services as part of Factory Reset Protection (FRP) for anti-theft protection.)
    • Unlock the bootloader:
      • Put the device in Fastboot Mode (Turn off the device then press and hold the Power and Volume Down Buttons at the same time until you see the Fastboot Mode Screen)
      • Connect to the computer and verify the connection on Powershell (Admin): "fastboot devices"
      • Unlock the bootloader: Open a Powershell (Admin) and type in "fastboot flashing unlock" (use the Volume then the Power buttons to confirm)
      • Unlock the bootloader: in Powershell type in"fastboot flashing unlock" (use the Volume then the Power buttons to confirm)
      • The device performs a factory reset then boots back to Fastboot Mode
  • Install the system image: - Open a Command window, go to the unpacked system image folder and run the flash-all.bat script (Go to the grapheneOS or sunfish-factory.xxxxxxxxx folder, click flash-all.bat) ( If you get a windows smartscreen error that doesn't let you run flash-all.bat, search in apps "windows security", go to "virus & threat protection", click manage settings, turn off "Real-time Protection", go back and click flash-all.bat, click more info on smartscreen window, then press run anyway) - During the update, the device will reboot to fastbootd. Do not do anything and let the update continue - After it is done, choose option 'Reboot to bootloader' from the fastbootd menu to go back to Fastboot Mode
    • Re-lock the bootloader:
      • Lock the bootloader: In Powershell, type in "fastboot flashing lock" (use the Volume then the Power buttons to confirm)
      • The device performs a factory reset then boots back to Fastboot Mode
    • Complete the device configuration
      • Unplug the device from the computer and choose option 'Start' in Fastboot Mode to load the device OS
      • Perform device configuration

Find FOSS apps, use F-Driod to find apps, OpenOSM for maps, Newpipe/Freetube for Youtube, Signal/Session/Element for Messaging/Calling, Exodus to see if your apps have trackers (delete ones that do).

I also recommend Swiss-based VPN like Protonmail and Mullvad, I don't trust the PIA Chief Tech Officer with his history in the Mt Gox hack (the first major cryptocurrency exchange and it got hacked for millions of Bitcoin, investigations found that some part of the company was involved in their own hacking).

Comments (18)
sorted by:
2
rosie 2 points ago +2 / -0

Don't bother with all of that. Use the GrapheneOS supplied Web site installer and FOLLOW THE INSTRUCTIONS TO THE LETTER.

2
CoolAsACucumber [S] 2 points ago +2 / -0

You need linux tho don't you?

Ah ok no you don't

Officially supported operating systems for the CLI install method:

  • Windows 10
  • macOS Big Sur
  • Arch Linux
  • Debian 10 (buster)
  • Ubuntu 20.04 LTS
  • Ubuntu 20.10

https://grapheneos.org/install/cli

--Web-Based installer-- Officially supported operating systems for the web install method:

  • Windows 10
  • macOS Big Sur
  • Arch Linux
  • Debian 10 (buster)
  • Ubuntu 20.04 LTS
  • Ubuntu 20.10
  • ChromeOS
  • GrapheneOS
  • Google Android on GrapheneOS-supported devices

Make sure your operating system is up-to-date before proceeding. https://grapheneos.org/install/web

2
rosie 2 points ago +2 / -0

Note that the GrapheneOS devs (read, Daniel Micay) STRONGLY discourage the use of the CLI install method, because it's too easy to screw it up. Note that you REALLY need to use the USB-C to USB-C cable that comes with the phone. Other cables WILL NOT WORK. I ended up using a Samsung 8 Android phone as my host install device, because of the cable issue. It worked, although it overheated my Samsung phone temporarily.

The grapheneos support chat is an immense help (especially a user/admin named TheJollyRoger), but whatever you do, don't second-guess strcat (Daniel Micay)--he's pretty paranoid, and for Heaven's sake don't even mention other alternatives such as LineageOS or CalyxOS. VERY quick way to get banned as a "concern troll".

3
CoolAsACucumber [S] 3 points ago +3 / -0

Good to know, glad I didn't screw it up

2
rosie 2 points ago +2 / -0

You won't be sorry you switched. Battery life is awesome now!

1
Hullohoomans 1 point ago +1 / -0

Harumph. That is a very short list of supported devices.

4
CoolAsACucumber [S] 4 points ago +4 / -0

There's just something about Google Pixels, idk why there isn't a larger phone base but it is likely because all the work involved to make updates for all the different phone models would be too much for a team to handle.

With GrapheneOS you essentially have no Google Play Store so you are completely free of Google services and I don't know if that's the same with LineageOS (the other contender for a private secure alternative OS).

Regardless, GrapheneOS is praised as being much more secure than LineageOS and I encourage you to do your own research and post any good info you find.

3
CoolAsACucumber [S] 3 points ago +3 / -0

Watch the first 3-4 minutes of this to know

"It's Worse Than We Thought" - Edward Snowden https://youtu.be/-KR91gNEyuY

Now there are a huge amount of vulnerabilities in Android primarily because if they were patched up, many of Google services wouldn't work. So google keeps these vulnerabilities. However, the sheer number of different android phones keeps most people safe because making a hack for an Android phone would have to be specific to the model. The same is true for making an OS. GrapheneOS is much more secure because it patches up all the holes in Android software and takes out Google Play Services for your security.

However, they are releasing new versions all the time to keep as much up to date with security and Android compatibility as possible. To do this, they don't have time to be messing with the different ways they need to write an OS for HTC, OnePlus, Samsung, blah blah blah. So they just use the Google Pixel series for their OS. Around a new model every year, give it a few months, and bam it's already out on GrapheneOS.

3
inspir3dgenius 3 points ago +3 / -0

My next phone will be a Pixel for this reason

3
CoolAsACucumber [S] 3 points ago +3 / -0

If I could turn the tide for at least 1 then I've succeeded

1
rosie 1 point ago +1 / -0

Google Pixels are the ONLY phones that allow the bootloader to be unlocked, then relocked after installing an alternative OS. NOTE: rooting your phone makes it LESS secure, not more so!

1
redtoe-skipper 1 point ago +1 / -0

It has to do with the firmware the devices connected to your phone are running on.

Compare it to Lineage. For every device there is a different lineageOS.

Or, compare it to ubuntu touch. Every device responds differently to the OS and the level of function differs from phone to phone, depending on the device.

What I do notice is that the process of unlocking the bootloader and rooting the phone, has become much easier, and the easiest method remains CLI.

Meaning, if Graphene is better installed with windows, you might want to scratch you head as to what fuckery is going on under the hood.

That said, LineageOS and MicroG go a long way to put a spanner in the wheels of Google and apple, depending on your digital hygene and operational security settings.

2
rosie 2 points ago +2 / -0

Not sure where you got the idea that Graphene is better installed with Windows. The preferred host is Arch Linux. I did it with a Samsung 8 Android phone.

I guess LineageOS and MicroG are better than stock Google Android and the Play Store, but not by much. Here are some drawbacks of LineageOS (also other OSes that require rooting the phone):

Disables verified boot Weakens SELinux policies Lacks proper update security, including rollback protection Adds substantial attack surface (i.e. FFmpeg along libstagefright) Merges in questionable alpha-quality code Leaves the bootloader unlocked Users must flash the firmware and vendor partitions monthly

1
redtoe-skipper 1 point ago +1 / -0

I did not claim so. The OP did. Personally, I used LMDE and a Xperia Z5, works like a charm.

However, I did make a remark in the IF state.

Next to LineageOs, there is e, with differing states to the matters you mention.

There may be drawbacks on anything. Then the question becomes whether or not a purchase of a pixel phone is desirable and feasible. If not feasible, then the next best thing as a temp solution.

Within constrains, everybody chooses what works at that point to aid a transition.

Security is a matter of "what is the risk" you want to address. And then logically, a risk assessment and a mitigation plan. It yields quite a lot of simple solutions in practice.

0
Newuser99 0 points ago +1 / -1

Graphineos sucks balls when it comes to supporting the popular apps such as maps, however there are alternatives such as Magic Earth which can sometimes get the job done. There are also no push notifications

3
CoolAsACucumber [S] 3 points ago +3 / -0

I don't want Google maps, that's the point. I'll use OsmAnd and not be tracked by Google.

Also if you're really that dumb, you can download Aurora store on Grapheme OS and start fucking up the OS. The reason its so secure is because it doesn't use Google software at all

1
Newuser99 1 point ago +1 / -0

Lmao good luck with Osmand. Sounds great until you have to use it or search for places around town. Real bummer

1
CoolAsACucumber [S] 1 point ago +1 / -0

It is a pain I gotta say but you can download streetcomplete, sign up for a profile, and start filling in the blank spots on the map yourself.

I'm not going back to google and all the FAG companies