Intro & Context
My old dumb Flip Phone is dying. It can hold a charge about 1/2 a day, maybe, and the indexed orientation collar on the charger port is now loose and comes out with he plug 1/2 the time. So it’s time for me to move on to a “smart phone” or accept that I need to find a dumb phone that’s not buggered too.
My first step into this world was to try out a “Burner Phone” from Tracfone. It’s nice, and for all of $80 I got a Samsung ‘smart phone’ device. Service has been quite good and given that I don’t talk or text much, fairly economical. About $10 to $15 / month keeps it alive and with usage time / text volume left over (for me…). As I’ve not installed any Google Apps on it, and don’t have a Google Email address on it (or really any identifying apps) it is modestly private.
THE major exposure it has is the Google Snoop process. Google sniffs all the devices on a given WiFi network, determines the location (via geolocation if turned on, or via other devices if not – so if YOU have turned off geolocation / GPS services, but “that guy over there” has them on, and you are both on the same Starbucks WiFi, Google knows where you are…). So, by now, Google has figured out from that phone and some Google Services on other devices like visitors, that this phone lives at my house, it knows my WiFi names, and it knows where that is. BUT, it doesn’t have any PII Personal Identifying Information. So it won’t know just who is using this phone. Me? Spouse? Renter? Neighbor Kid doing a hijack?
So privacy is OK, but not great
I’d been hoping I’d not have to “build my own” phone (folks do that, you know…) as the Pi Phone is a bit clunky. Yeah, it works, but I’d rather not carry an ugly brick around…
Using a Pi compute board and a nice plastic case could make it somewhat better, but I’d really rather have something more like a “real phone”.
Good hardware, but now China Origin
I’d been waiting for the Pine Phone for a good while, thinking the Pine Laptop and Pine Phone would make a nice combo. Note that the Pine Phone has hardware switches to disable things like camera, microphone, etc. It is really a nice hardware design.
An Open Source Smart Phone Supported by All Major Linux Phone Projects
Perhaps you’re in a line of work where security is a must, or a hard-core Linux enthusiast, or perhaps you’ve just got enough of Android and iOS and you’re ready for something else – the PinePhone may be the next Phone for you. Powered by the same Quad-Core ARM Cortex A53 64-Bit SOC used in our popular PINE A64 Single Board Computer, the PinePhone runs mainline Linux as well as anything else you’ll get it to run.
The purpose of the PinePhone isn’t only to deliver a functioning Linux phone to end-users, but also to actively create a market for such a device, as well as to support existing and well established Linux-on-Phone projects. All major Linux Phone-oriented projects, as well as other FOSS OS’, are represented on the PinePhone and developers work together on our platform to bring support this this community driven device.
Here the hardware is reasonable and you can BYO software layer (but with lots of others in the “Y” group). However, I just recently discovered that Pine packed up and moved their HQ to China. No longer a Silicon Valley Company with some stuff fabbed in China. It uses a Chinese Allwinner SOC chip. For me, trading the USA / Google for the CCP / China Inc as my Big Brother is not a winning situation. So unfortunately, just as the Pine Phone becomes real and available, I become resistant.
Well, in the world of alternative tech, patience is a big friend. By waiting to the Bitter End of my old LG Flip Phone, I now have several fairly nice options.
There’s a “BYO Hardware” use their OS from LineageOS
Software Install& Go
LineageOS Android Distribution
A free and open-source operating system for various devices, based on the Android mobile platform.
This is a “De-Googled” Android with an open source “App Store” that runs on a bunch of phones (mostly older models). Just “some assembly required” to put the OS on your phone (IFF it is one that’s supported) and DIY on the config / test / etc. They run on a LOT of phones:
But what if I’m not interested in a “Roll My Own”? Well, you can now buy one already built.
Buy & Go
Your data is YOUR data!
We build desirable, open source,
privacy-enabled smartphone operating systems.
We are /e/
Your smartphone is harvesting your data all day long, capturing with great detail where you are, who you are, and what you’re doing 24/7.
Time to escape from Mobile Surveillance!
Not cheap, since there is no Telco doing a buy-down on the hardware in exchange for selling your information.
Prices range from about 250 € to 500 €.
/e/OS Fairphone 3+
The deGoogled Fairphone 3+ is the next evolution in privacy conscious and sustainable phone. It features 2 new camera modules with 48MP camera and 16MP selfie camera for higher quality pictures and videos and it is made of 40% recycled plastics, the most post-consumer recycled plastic of any Fairphone.
Like the Fairphone 3, it features a removable 3000 mAh rechargeable battery and with its replaceable modules, you can repair it your self with a single screwdriver.
If you love to take beautiful pictures and care about fairer technology, this is your perfect companion.
For me, that price is a bit steep for a phone, so I’m more likely to do the LineagOS on old phone as a DIY project. There are LOTS of old phones for cheap as folks are trained to toss them and buy a new one every year or two.
Here’s a review of the /e/ Phone:
You can also get a LineageOS phone assembled and tested by a customizing service. This video goes over the various issues with using a de-Googled phone, alternative apps, and he also sells phones he’s configured with LineageOS:
There are other privacy oriented phone projects “in the works” but most of those are not yet shipping.
Update: Phase 2, The more hacker friendly options
There’s a wiki that lists the Open Source Phone choices.
Looking down the current status column (far right down the page in the chart) only the Pine Phone is currently shipping. Many are discontinued. That’s a really big trend in secure phone projects. Either they are done by big companies for government & military (and, so, terribly expensive or not available to mere citizens…) or they are seat-of-the-pants and, without a hoard of free support and enthusiasts, tend to die out as they discover most folks just don’t give a damn about privacy or security (thus enriching Google / Android, Apple, … and making powerful the TLAs of the world with their data Hoovers and databases…)
I’m not going to say anything much about the discontinued set. You can “hit the link” to look at them if you like. From the current list of projects, I’m not going to discuss the cancelled, or paused either. Those with some hope of continued life, I’ll discuss.
Open Pandora, GMBH, is “taking pre-orders”, so not quite real yet.
Like the predecessor OpenPandora, the Pyra includes features from several architectures making it a cross between a handheld game console, a subnotebook, a PDA, and a smartphone.
The operating system will be based on the common open source Linux distribution Debian which allows the use of already available desktop open-source applications from the Debian ARM repository, for instance Firefox, Thunderbird, LibreOffice, GIMP, etc. The around 1,500 applications, created for the mostly open source OpenPandora software ecosystem, are expected to be available for the Pyra in short time by source ports.
To me, it looks like the kind of fun gizmo I’d love to play with. But is it something the spouse will slide into her purse? Not so much…
Purism is based out of San Francisco. The Wiki lists it as
“Birch, Chestnut, and Dogwood batches shipped; Evergreen batch delayed due to COVID-19, but taking orders”
So in that “awkward stage” having shipped one set of products but with an empty pipeline for the new one and pipeline not moving during shutdowns…
Purism, SPC is a computer technology social purpose corporation based in South San Francisco, California and registered in the state of Washington.
Purism manufactures the Librem personal computing devices with a focus on software freedom, computer security, and Internet privacy. In addition to hardware, Purism also maintains PureOS, an operating system along with Librem One, a social networking service based on open standards.
The PureOS is based on Debian. Their hardware also has hardware kill switches:
Purism devices feature hardware kill switches to allow users to shut off the camera, Wi-Fi, Bluetooth, and cellular or mobile broadband modem on devices that have one (or can be purchased air gapped).
Whenever they have product again, this could be a very interesting option (based on actual hardware…)
“On December 6, 2019, Purism announced Librem 5 USA–the same phone, with Made in USA electronic fabrication.”
So made in the USA. Nice. Their “tablet” is Intel based but with the Management Engine turned off. I could see buying that.
Under their Products tab:
A Security and Privacy Focused Phone
The Librem 5 represents the opportunity for you to take back control and protect your private information, your digital life through free and open source software, open governance, and transparency.
The Librem 5 is a phone built on PureOS, a fully free, ethical and open-source operating system that is not based on Android or iOS (learn more about why this is important).
Introducing Librem AweSIM
The Purism cellular plan that works with the Librem 5
Unlimited talk, text, and data for just $99/mo
So they have an available plan / sim card. Might be worth reading about what added features it has…
Pine, as mentioned above, is shipping their “Community Edition”, but I’m no longer enthusiastic about an All China Origin hardware, and management company.
“Necunos Solutions” is listed as “Can not be ordered right now, first batch is awaiting manufacturing”
“Meizu” running a version of Ubuntu or Ubuntu Touch is of limited geography:
“In stores in Egypt, Russia, Ukraine, and Asia Pacific; online in Egypt, Russia, India and Sri Lanka.”
So if you happen to live in one of those countries, you may wish to explore it. Not for me, though.
So that’s pretty much the state of things for the integrated solutions. You can, of course, roll your own.
Roll Your Own Phone
Again from that wiki list:
Distributions for existing phones
postmarketOS, Ubports, and KDE Neon are open-source distributions running on existing smartphones originally running Android. Maemo Leste is available for Nokia N900 and Motorola Droid 4.
There exists a database listing which older phones will run which open-source operating systems.
To that, we also must add the SailfishOS option.
The mobile OS solution for corporations and governments
The only mobile operating system offering a regional licensing model
Sailfish OS offers governmental and corporate customers a comprehensive solution, which can be adapted to specific customer needs. It is the perfect solution for building mobile payments and banking, secure communications and corporate solutions, as well as citizen services.
So proprietary, and has a licence…
But it does have some degree of open source attitude:
Sailfish OS Source
Please see Sailfish OS Architecture for a comprehensive list of the various components which make up the Sailfish OS stack, including links to the source repositories for those components.
Here is a table that contains the information about different code locations, how to get an account and what is the contribution policy.
Account can be created by asking lbt or sage at #sailfishos IRC channel at Freenode
NOTE: Only repository maintainers can do pull requests from a branch of the main git tree.
So quasi-open semi-proprietary. OK… Not exactly my cuppa tea. It does run on a lot of devices, though:
As of May 2020, over two hundred devices are able to boot the operating system, including 92 with WiFi support. This includes many smartphones and tablets that originally ran Android, wearable devices such as Google Glass, smartwatches including the LG G Watch and some Linux-based Nokia smartphones, such as the N900 and N9. After Corellium ported Linux to the iPhone, pmOS also gained support.
I’m not against it. Just not fond of things that don’t let me pull the whole source tree.
PostmarketOS is more interesting to me. Then again, I do things like compile an OS image…
PostmarketOS (stylized as postmarketOS and abbreviated as pmOS) is a free and open-source operating system under development primarily for smartphones, based on the Alpine Linux distribution.
PostmarketOS was launched on May 6, 2017 with the source code available on GitLab. It is capable of running different X and Wayland based user interfaces, such as Plasma Mobile, MATE, GNOME 3, and XFCE,; later updates added support for Unity8 and Phosh. The project aims to provide a ten-year lifecycle for smartphones.
Alpine Linux was chosen as the base distribution due to its low storage requirements, making it more suitable for older devices. Excluding the kernel, a base installation takes up approximately 6 MB.
Alpine is the OS I chose to use on my R.Pi original v6 board for a DNS / Time /etc. server.
Alpine Linux is a Linux distribution based on musl and BusyBox, designed for security, simplicity, and resource efficiency. It used a hardened kernel until release 3.8 and compiles all user-space binaries as position-independent executables with stack-smashing protection.
Much harder to hack and crack.
We are sick of not receiving updates shortly after buying new phones. Sick of the walled gardens deeply integrated into Android and iOS. That’s why we are developing a sustainable, privacy and security focused free software mobile OS that is modeled after traditional Linux distributions. With privilege separation in mind. Let’s keep our devices useful and safe until they physically break!
Runs on 200+ devices. Likely the solution I’d go for to do a Roll My Own. It runs on a Raspberry PI (several versions) so I’d likely start with just putting it on one of mine without the phone bits attached.
This is the UBuntu Touch version of the OS.
Frequent fliers here will not I’m not real fond of Ubuntu. It has SystemD in it (though most of the OS choices for phones here have it… though Alpine ought not.) It had a serious SystemD / fstab interaction that caused me to think 2 of my computers were failed when it was just “hung with blank screen” when a disk was listed in fstab and not plugged in. It is fat, in general. (Efficiency is not their focus). AND Canonical has a couple of times done things that harvest information. Their track record on strict privacy is not good.
Yet this is a community maintained port, so may be cleaned up. Ubuntu also (modulo that hung / dead bug) prone to “just works”. So make up your own mind and preferences.
What is Ubuntu Touch
Ubuntu Touch is the touch-friendly mobile version of Ubuntu. This operating system is developed and maintained by UBports : An international community of passionate volunteers. This means Ubuntu Touch is 100% community driven and independent.
They have 3 officially supported devices (at this time) and a long list of “community supported” and “experimental” devices that includes the Raspberry Pi:
The Raspberry Pi is an affordable ARM-based linux single-board computer. An experimental Ubuntu Touch image is available. You can find installation instructions on GitLab.
The Raspberry Pi is not supported by the UBports Installer yet. You can help us by contributing a config file.
Folks who like Ubuntu and are comfortable with SystemD will likely find this a comfortable option.
I’m not going to say a whole lot about this one. It’s a KDE version on top of an Ubuntu version. Just a bit of tweeking of particulars vs UBports, IMHO. Most of my opinions will be the same as for UBports. I’d only note that KDE is a high weight look and feel layer.
Introducing KDE neon
The latest and greatest of KDE community software packaged on a rock-solid base.
Now rebased on Ubuntu 20.04 LTS, upgrade now.
This is one I’m not very familiar with, but definitely needs a good “Dig Here!”.
Maemo Leste is an operating system currently in development. It is a modernised and liberated version of Maemo 5, rebased on top of Devuan with a mainline Linux kernel. The first operating system images were released in February 2018.
It is currently in a usable state with support for various targets such as the N900, Motorola Droid 4 and the PinePhone.
That “in development” is a bit of a worry, but it is also tagged as a page in need of an update.
The project is currently not usable as a daily driver for your device. Maemo Leste is currently in development phase and we are actively searching for developers.
For some devices, we have development images available, such as the N900. So far we have set up Devuan/Debian repositories for our packages, with builds for armhf, arm64 and amd64. We have FOSS replacements for some closed Maemo packages, further building on the Maemo community efforts to replace all closed bits by open software.
So still more Hacker Haven than Daily Driver COTS.
They have a Devo Raspberry Pi M2 image (that will run on a Pi M 3):
By request in comments.
CopperheadOS is a proprietary mobile operating system for smartphones, based on the Android mobile platform. It adds privacy and security features to the official releases of the Android Open Source Project by Google.
So not FOSS. The choice between Proprietary and Free and Open Source Software is both philosophical and practical. Generally, companies want to buy something and have commercial support available. They don’t like buying something other folks get for free. (though are starting to ‘get it’ that the free users are their devo and QA crowdsource). The vendor also gets enough money to properly do maintenance and release devo. Win-Win.
But it comes with thistles and stickers. Red Hat became ever more stingy the bigger it got. Now, as a vassal of IBM, it’s started doing annoying things (like SystemD) that please giant shops with a 1000 VMs running and a staff of dozens doing operations, while making it a PITA to the home gamer and “experienced systems admin” cohort. They have one release for the paying customer, and a more difficult to get release to maintain a veneer of FOSS.
Will this go the same way? Who knows…
Project inception and initial releases
The CopperheadOS project was started in 2014 by Copperhead, an information security company based in Toronto, Canada. The company was founded in the same year by James Donaldson, the CEO, and Daniel Micay, the CTO and lead developer, and initially served clients in the Canadian legal and intelligence industries. During this work, the founders noticed an absence of secure, open-source operating systems for mobile devices, and they created CopperheadOS under an open source license to try to address this need.
So, OK, Canadian is good. Legal & Intelligence folks need someone on the hook and have money to wave at them. This could be good. They also have low tollerance for failure of security. It IS Open Source (even if not fully free).
At first, CopperheadOS was licensed under the GNU General Public License,
From October 2016, for versions of CopperheadOS based on Android 7.0 Nougat, Copperhead changed the CopperheadOS license to the Creative Commons Attribution-NonCommercial-ShareAlike (BY-NC-SA) license. According to Donaldson, this was to prevent other companies from using the CopperheadOS code without paying Copperhead for licensing, in order to keep the project sustainable.
So the licence wars have begun…
Copperhead began selling Google Pixel phones pre-loaded with CopperheadOS in March 2017, in addition to their lineup of Nexus phones. For Nexus devices, users could download and install CopperheadOS for free; however, this option was not made available for Pixel phones. For Pixel phones, users could either buy a phone from the Copperhead store with CopperheadOS pre-loaded, or send their own phone to Copperhead for the operating system to be installed on it. This was done to prevent violations of CopperheadOS’s non-commercial license; Copperhead competitors had been selling Nexus phones with CopperheadOS installed without obtaining a commercial license, and Copperhead wanted to avoid this issue with the Pixel. The issue came to a head in November the same year, when Copperhead briefly shut down the update server for Nexus devices in order to stop the continued license violations. The company restored the update server after two days.
Gee, at any time you might find your update / upgrade path “goes away” for a while. You have a company being a bit obsessive about assuring they can do “local monopoly pricing” on their phones rather than let a few scammers sell at lower margins.
Um, at this point the notion I can buy one from their web site at what must be higher prices just isn’t all that attractive. I understand that as a commercial operation they have to turn a profit, but once again trying to be “half free” gets into “issues” that impact the customers.
Oh Boy! AND you get “Founder Food Fights!” for sweetner!
Disagreements between the two founders over business policy became increasingly heated over the first few months of 2018, and led to Donaldson firing Micay in June of that year. Micay responded by posting his dismissal notice on Reddit, and by deleting the cryptographic keys necessary to release updates for the project. Micay said that he considered “the company and infrastructure to be compromised”, and that he would “prevent [Donaldson] from harming any users”. Copperhead failed to provide CopperheadOS updates for several months afterwards. Micay continued the development of the open source parts of CopperheadOS as the Android Hardening project, which was later rebranded as GrapheneOS. According to Donaldson, as of February 2019 he and Micay were in a legal dispute over the incident.
OK, at this point “I’m out”. Legal entanglements. Industrial quasi-sabotage. MONTHS of no updates possible. It may be the best thing ever, but I’m not going to embrace those issues and make them my own.
That’s a “quick and dirty” (and likely too long…) dip into the FOSS / Free Cell Phone Options.
At the moment, for me, I’d be most likely to buy a premade LineageOS phone provided the $Bucks were reasonable, or put a copy of PostmarketOS on either a R.Pi (if interested in HW Hacking a bit) or on an old phone (if wanting something cheap and workable).
In the longer run, Maemo Leste has promise as a Devuan based option, but not today unless you are a developer.
That’s my view of things. If you want me to look at any other particulars, leave a comment and I’ll add them down in comments.