Things that make me angry about my current smartphone Samsung Galaxy S21Ultra on a Verizon plan is the mandatory software updates in which they install WITHOUT MY PERMISSION stupid apps like Netflix and addictive gambling games and stacking block games and Candy crush. God knows what else they install without my permission. I don’t want any of it!

Next phone I buy I want to start with a clean slate, I’m not going to affiliate with any conglomerate like Verizon or AT&T or Sprint or T-Mobile etc, I prefer to go rogue somehow,

which smartphone do you recommend that has no bloatware and it’s customizable?

  • @GasMaskedLunatic@lemmy.dbzer0.com
    link
    fedilink
    63
    edit-2
    1 year ago

    The only recommendation I can provide is a Google Pixel device with GrapheneOS. Graphene is only designed to work on Pixels because they are (allegedly) the most secure mobile phone hardware-wise. Once you flash Graphene, it’s up to you to install any apps beyond the basic browser (Vanadium), gallery, camera, caller, SMS, PDF viewer, contacts, file manager, and security/system apps. No Google involved without your permission, though you will have to install Google services, available via a Graphene mirror and sandboxed for privacy, IF you want to install an eSIM after flashing Graphene. If you’re interested in further information, please let me know. I use it, love it, and am happy to provide any information you may need to decide if it’s a good fit for you or not.

    • NightFantom
      link
      fedilink
      71 year ago

      Not OP but interested in both privacy and high-tech features. My current (stock) pixel 4a device has a worse camera than many other phones, but the software compensates a lot, netting better picture quality overall very often. I’m wondering how much of that is lost when using graphene instead of stock android, do you know?

      Similarly with the latest gen pixels having AI features built in, I’m assuming much of that is software that’s not as easily installed somewhere else…

      • I’m not sure what the GrapheneOS stock camera app does under the hood, but if it’s not enough for you, you have the option of installing Google’s Pixel Camera app from the Play/Aurora store if you want to compare. I don’t imagine it would require Google Play Services to run on devices older than 8 since they don’t have the AI integration, but I could be wrong. You can easily deny the app network permissions to ensure that the app isn’t sending your photos to Google. As far as the AI features go on newer devices, I could see those requiring Google Services installed to work, but again, they’re available through a Graphene mirror, run sandboxed for privacy, and can be denied network permissions. I’m satisfied with how my pictures turn out (7 Pro), but I may try Pixel Camera out just to see what the difference is.

        • NightFantom
          link
          fedilink
          41 year ago

          If you do that I’d be very interested to see the results! Especially things like night sight, my gf’s camera is as night blind as she is 😅

      • Midnight Wolf
        link
        fedilink
        English
        41 year ago

        It’s been a couple years since I tried the graphene camera, but (at the time) it’s essentially trash in comparison to the Google camera. I just use the gCam without internet permissions and call it a day.

        But I’m not hardcore tin-foil ‘the NSA will use your office mirrors reflection to precisely heat up a 2mm space on the side of your phone that somehow enables Bluetooth and with that the G + glowy bois will exfiltrate your data at 10Kb/s’. I want additional security hardening and some privacy additions, but I also use the play services and store, like a typical user. Yada yada threat model yada yada - I just want my phone to simply function at the end of the day. Middle of the road, if you will, between stock os users and the guy that’s now boarding up all his windows because of the 2mm Bluetooth mystery vulnerability.

        Unknown about the claimed AI features - my 8 pro is in transit. But I can check in a few days, if interested.

    • iamak
      link
      fedilink
      41 year ago

      What is the root scene on Graphene? I know the dev is pretty against it but I like having root access after being used to it. Is it possible to easily root it without any integrity issues later on?

      • xep
        link
        fedilink
        121 year ago

        It’s not supported. According to the devs rooting defeats the purpose of Graphene OS.

        • iamak
          link
          fedilink
          11 year ago

          Yeah I have read that. And couldn’t find any reason why. When I ask about root people only say "if you want root, graphene isn’t for you"😅

          • Lemongrab
            link
            fedilink
            51 year ago

            Rooting defeats androids security model and allows for further exploitation. Graphene most likely does support it because any AOSP OS that is geared towards security isn’t going to leave a big hole in their security allowing malware or bad actors to modify system files (or install a rootkit).

            • iamak
              link
              fedilink
              11 year ago

              Desktop Linux allows root access and is still secure. Allowing root access doesn’t make it insecure.

              • Lemongrab
                link
                fedilink
                51 year ago

                Desktop linux isn’t the same as Android, which is why I said the “Android security model”. Android is a mobile operating system and must protect against the fact that it will be in unknown environments all the time. It must protect against physical attacks, software attacks, and partially sandbox apps. Root breaks app sandboxing and allows for modifying system files and reading internal app storage. The system image is immutable and modifications/settings are made on top.

                Linux desktop isn’t more secure out of the box. The general user account shouldnt be a sudoer. Immutable OSes are more secure and help pervent rootkits and other attacks. PCs are most often stationary and stored in a private location. Laptops are weak against attacks because you can boot to a different OS from usb without passworded BIOS. Desktop OSes are the geared for the same kinds of protections.

                There is good reason why Android is far more secure than Linux mobile.

      • It looks like the verified boot security feature of Graphene effectively prevents rooting the OS. I understand wanting root access, it does provide some nice features, but I don’t have any need for it. I don’t have any bloatware embedded to remove, and I don’t need to mod any system apps, so I haven’t looked into it much. I know the dev says it isn’t planned because it massively increases attack surface, which I personally agree with, but it would be nice to have the option via a separate version of the OS or something. If you need root access, I would suggest looking into LineageOS. It’s similar in privacy to Graphene and last I knew could be rooted. Graphene is very focused on security as well as privacy, and for me is a best of both worlds, but if you want to modify the system for various power-user type features, it might not be for you.

        • iamak
          link
          fedilink
          51 year ago

          Yeah I’m currently running LineageOS. I wanted root mainly for adblock (modifying /etc/hosts) and AppOps. Does Graphene have those features built in?

          • @BearOfaTime@lemm.ee
            link
            fedilink
            6
            edit-2
            1 year ago

            Check out DivestOS. It’s a fork of lineage with a focus on better security and privacy. Not restrictive like Graphene. Rootable via magisk.

            So far I’m liking it. Great battery life (lowest I’ve ever seen) even on my 5 year old phone.

          • No, it doesn’t. I use 95% FOSS software, so anything that might have ads just gets denied network permission entirely. As for AppOps, I just looked it up, and that would be something I’d like to see developed as a feature of Graphene. It seems like a genuinely useful, and at the very least privacy-protecting, app. I don’t use copy/paste via keyboard, and despite it not having network permissions, I’d still deny it clipboard access simply because it doesn’t need it.

      • trevor
        link
        fedilink
        English
        51 year ago

        You can root on GrapheneOS. You do it exactly the same way you’d do it for the stock Google ROM:

        1. Have an unlocked bootloader. Yes, this means that it “”“defeats the purpose of GrapheneOS”“”, if the purpose of GrapheneOS isn’t for you to avoid Google’s privacy nightmare. I use GrapheneOS for privacy moreso than security, and not being able to block ads properly is irritating.
        2. Install the Magisk app.
        3. Extract the boot.img from the GrapheneOS image and patch within Magisk.
        4. Flash the patched boot image in the bootloader.

        The main annoyance with this is that you’ll have to do that dance every month when a security patch gets released, but for me, it’s better than vomiting from exposure to ads on mobile.

        • xep
          link
          fedilink
          1
          edit-2
          1 year ago

          What is the patching process when running with Majisk, without OTA? It looked like quite a PITA to me, but I’m using Graphene for the same reason you are.

          Edit: I found this

          https://grapheneos.org/usage#updates-sideloading

          After sideloading an update I’d probably have to do what Trevor posted.

        • iamak
          link
          fedilink
          11 year ago

          Oh okay. Thanks! Does it pass the integrity checks?

  • @library_napper
    link
    311 year ago

    Get a used pixel for $100. Factory reset on arrival, and install Graphene OS. Do not install gapps.

      • @library_napper
        link
        11 year ago

        Why? By default gapps doesn’t come with ROMs. Its usually more work to install gapps.

          • @library_napper
            link
            11 year ago

            Nope. Never needed it. Just dont use that crap.

            I wouldn’t put anything financial on a phone, anyway. Use a secure laptop for that.

            • @iturnedintoanewt@lemm.ee
              link
              fedilink
              11 year ago

              Except, in my country, the banking website will NEED a token generated on the banking app. Internet banking assumes a smartphone with their app…or it’s completely blocked what you’re allowed to do.

              • @library_napper
                link
                01 year ago

                Which country? All countries I know about like this allow hardware tokens as an alternative to a smartphone with a TPM

    • @LemmyKnowsBest@lemmy.worldOP
      link
      fedilink
      61 year ago

      everyone’s recommending Pixel. That’s good to know.

      ok but we’re all here because we’re interested in privacy, so please tell me what does Google Pixel have anything to do with privacy??

      “Google” & “Privacy” are contradictions.

      • qaz
        link
        fedilink
        171 year ago

        GrapheneOS, a privacy/security focused operating system is compatible with a limited amount of devices. The pixel series is part of those compatible devices.

      • @Undertaker@feddit.de
        link
        fedilink
        15
        edit-2
        1 year ago

        They use Graphene. That’s the point. Pixels are unfortunately the only supported devices. That’s why I won’t use Graphene as I would never support google. A pity, many do

        • @Quintus@lemmy.ml
          link
          fedilink
          21 year ago

          I personally think this might be a “vote with your vallet” situation. Signaling to Google (and to other manufacturers) that people appreciate openness in their smartphones. Knowing Google though, it’s unlikely they will get it.

      • @RogueBanana@lemmy.zip
        link
        fedilink
        111 year ago

        People or rather I didn’t buy pixel as its more privacy friendly but its the only one available here that let’s me install another ROM on day 1 without voiding warranty. And grapheneos being one of the best privacy focused ROM only available for pixel and that pretty much every ROM is available on pixel is another reason. I was basically forced into buying a google product as everyone else void warranty on unlocking boot loader or they don’t have much of a custom ROM scene.

  • @LemmyHead@lemmy.ml
    link
    fedilink
    161 year ago

    Another vote for fairphone here, but for reasons others failed to mention: replaceable battery, so even after 2 years, it can feel like new and keep most of its value (to resell if wanted); 5 years of updates + warranty; support for after market roms. Then there’s also the fair ethics part of it

    • @Blackmist@feddit.uk
      link
      fedilink
      English
      41 year ago

      How are you killing your battery after two years?

      Even my cheapshit Honor 9 lasted six before it started getting random shutoffs.

      • @LemmyHead@lemmy.ml
        link
        fedilink
        11 year ago

        Not killing, but degrades in performance because batteries have a limited amount of charge cycles. The more intensive you use your phone, the faster the battery degrades

    • @init@lemmy.ml
      link
      fedilink
      111 year ago

      Heads up, the bootloader cannot be unlocked if you buy a pixel through Verizon. You have to buy it straight from Google if you want to install anything custom.

      Source: I have a pixel 6 pro from Verizon that I got originally thinking to try out grapheneOS.

      • @stewie3128@lemmy.ml
        link
        fedilink
        21 year ago

        And if your bootloader is unlocked, VZ is likely to lock you out of VoLTE/HD Voice/WiFi calling/etc.

        I mean, you could go to T-Mobile who don’t currently play these specific games with devices, but then you’re trading coverage for features/freedom.

        All carriers, wired and wireless, need to be regulated as DUMB PIPES. Title 2 for everyone. That’s what we’re paying for: Not “the Verizon experience” or “the pride and accomplishment of being an AT&T customer.” Let me buy a phone, and do with it whatever it is technologically capable of doing on your network. The network provider doesn’t need to provide any Android/iOS tech support if they keep it simple and stay out of the customer-fuckery business.

  • @Octagon9561@lemmy.ml
    link
    fedilink
    151 year ago

    For best privacy AND security, Pixel 8 or 8 Pro with GrapheneOS. Nothing else compares. The Pixel 8 series are also the first that support hardware memory tagging, basically making them immune against 70% of all exploits.

  • MudMan
    link
    fedilink
    14
    edit-2
    1 year ago

    I have a Xperia 1.

    It has a flagship SoC, but it also has a SD card slot, a headphone jack, no notch or cutout, front firing stereo speakers and a nice blocky look without a massive camera bump.

    The downside is software support can be a bit spotty and the cameras are made for manual use, as opposed to being AI-driven point-and-shoot things. That last one could be a positive depending on your preference, though.

    But overall? I’m very satisfied, and I went there specifically because I was tired of the ongoing Apple-ification of Samsung in the first place. You may want to consider coming to the dark side and incentivizing Sony to keep making a phone with a feature set, instead of copy-pasting Apple’s or Samsung’s playbook.

    • Daaric
      link
      fedilink
      41 year ago

      Same boat here, I have the 5 II and I absolutely love it. Great size, the camera is OK on auto but can do wonders in manual mode (depending on your skill).
      The lack of software support is a bummer though. I was surprised it’s not in LineageOS’ official support anymore…

      Do you use any custom ROM on your Xperia?

      • MudMan
        link
        fedilink
        11 year ago

        Nope. Honestly, I stopped tinkering with that stuff altogether ages ago. It’s a candybar that gives me text messages and takes photos, I don’t need to make it my own.

    • Benign
      link
      fedilink
      141 year ago

      Short summary:

      • no bloatware
      • 5y waranty
      • easily Repairable
      • Planned to receive 5 android major version upgrades
      • @Undertaker@feddit.de
        link
        fedilink
        81 year ago

        Addition:

        • several unsolved (hardware) issues in the past
        • security patches are far too late
        • 8 years support
        • Using the promoted /e/ results in loss of support (you habe to flash back FairphoneOS). Maybe this has changed as they are sellig phones with preinstalled /e/ by themselves
        • Screws in the FP4 where very low in quality
        • above-average batterie drain
        • @zilla@lemmy.world
          link
          fedilink
          61 year ago

          I have the fp5 and flashed e/os myself. Im very happy with it. You need to flash it back when you want to sent it in (they have the instructions on there own page). Build Quality is nice. Repairs are simple. The price for spareparts is reasonable. And they really try to make a difference here and that is why i support them. Are they perfect? No? But who is? And you need to start from somewhere i think.

        • @Undertaker@feddit.de
          link
          fedilink
          3
          edit-2
          1 year ago

          It is google Android but they do not pay for the name so they call it ‘FairphoneOS’. It comes with all the standard GApps.

          • @EddoWagt@feddit.nl
            link
            fedilink
            41 year ago

            It is google Android but they do not pay for the name so they call it ‘FairphoneOS’.

            That’s not how that works, they call it FairphoneOS because they added their own customizations. Default Android is pretty barebones nowadays so nobody uses that. You dont have to pay Google to use the Android name

    • @TheSun@slrpnk.net
      link
      fedilink
      11 year ago

      They really need to sponsor graphene to get it officially supported on fairphone. Cant recommend fairphone when you are stuck with google tracking everything you do on stock android.

    • @unexpectedteapot@lemmy.ml
      link
      fedilink
      61 year ago

      I keep seeing this idea everywhere. Buy a Google phone and install another OS.

      It is completely absurd to fund the exact adversaries you are running away from, while consuming, without contributing a dime, merely a piece of free software. (It is only a small piece of freedom because none of the hardware is free, and some binary blobs [incl. potential backdoors] will still be present in the alternative OS no matter which one it is.)

      This is unsustainable, terrible, damaging advice. Stop giving it.

      • mihor
        link
        fedilink
        31 year ago

        Well, the only viable alternative then seems to be some sort of Linux phone, then.

        • @unexpectedteapot@lemmy.ml
          link
          fedilink
          3
          edit-2
          1 year ago

          Fairphone, Librem, PinePhone, f(x)tec, etc. are available alternatives, yes.

          Even a OnePlus is better than directly funding and supporting the adversary organisation that is one of the biggest surveillance capitalism corporations on earth.

          • mihor
            link
            fedilink
            21 year ago

            Fair point, I suppose the only thing preventing me from going for Linux phone are banking apps which want to run on unrooted android. 🤷🏼‍♂️

      • @thayer@lemmy.ca
        link
        fedilink
        English
        11 year ago

        The bottom line is that GrapheneOS is the most security-focused mobile operating system available, and the Google Pixel is pretty well the only mainstream phone with an unlockable bootloader.

        If Alphabet were to ever lock down the Pixel’s bootloader, the GOS devs would undoubtedly jump ship to a lesser available platform in order to continue the project. But until then, no other hardware comes close with respect to embedded security.

      • @Boring@lemmy.ml
        link
        fedilink
        -21 year ago

        Buy a pixel off marketplace then. You can brag about saving e-waste.

        Google isn’t a bad company, just a product of poor regulation. They have amazing engineers and produce valuable hardware and that should be praised.

        Its the business side of things which needs massive regulation and an ethics check.

        • @unexpectedteapot@lemmy.ml
          link
          fedilink
          3
          edit-2
          1 year ago

          It is not about “bragging” or whatever. Nor is it about “bad” or “good”.

          By funding or promoting the use of Google products, you would be funding litigation and influence such as lobbying to keep poor regulation as it is, if not worse. You would be funding their acquisitions of great tech and startups that might offer a more ethical and/or free technology. You would be funding their poaching of said engineers and valuable hardware intellectual property.

          Simply put, it is a counterproductive and an unsustainable practice.

          That being said, their amazing engineers, and technical value of their hardware are irrelevant to this community, post and comment. That simply doesn’t excuse their entire business model being built on breaches of privacy and other forms of curbing user freedoms.

    • Omnissiah
      link
      fedilink
      11 year ago

      Im going to do this and leave every social media except some federated instances.

      Already went with Linux and FOSS years ago. Finally time to say good riddance to everything that doesnt align for what I stand for. I like it better anyway

    • @LemmyKnowsBest@lemmy.worldOP
      link
      fedilink
      01 year ago

      I’m just trying to avoid getting bloatware installed on my phone every time they run a mandatory software update. that was probably a Samsung thing and had nothing to do with Verizon but whatever the case,

      It’s time to upgrade.

      I’mma get starlink.

      • @Wes_Dev@lemmy.ml
        link
        fedilink
        51 year ago

        As cool as the technology is, I wouldn’t trust Starlink to handle my breakfast order. It’s leadership is corrupt, arrogant, and evil. You can find all sorts of news stories about it online.

      • Sume
        link
        fedilink
        English
        11 year ago

        I have never heard of phone updates installing bloatware. The only time bloatware is present is when you first use the phone

        • @LemmyKnowsBest@lemmy.worldOP
          link
          fedilink
          11 year ago

          Yup, I’m telling you, when I first got this phone, first thing I noticed was fucking candy crush et al, and immediately uninstalled all that junk. And every time it runs a software update, i kid you not, within a couple days I’m looking through my phone and I notice more shit they installed. Monopoly, Candy crush, block stacking games, I didn’t ask for any of this! delete delete delete.

  • Free Palestine 🇵🇸
    link
    fedilink
    101 year ago

    A Google Pixel running GrapheneOS is your best option. Graphene doesn’t have any Google services by default, no bloatware at all, maximum privacy and security. It’s super easy to install, you can check out this video guide or just read their official documentation.

    Another video about GrapheneOS that I totally recommend: https://youtube.com/watch?v=yTeAFoQnQPo

    I recommend this after the install: https://youtube.com/watch?v=BymH90zFe30

    • @DreadPotato@sopuli.xyz
      link
      fedilink
      1
      edit-2
      1 year ago

      How well does apps that require locked bootloaders, non-rooted device etc. work on grapheneOS? We have an official 2FA app in my country that’s used for digital identification for everything from banking to social security services. Right now it isn’t working on my oneplus 9p with lineage, despite using magisk and passing safetynet check, because it still detects that my phone is rooted.

      • Free Palestine 🇵🇸
        link
        fedilink
        31 year ago

        GrapheneOS is built to work with a locked bootloader, in fact, relocking the bootloader is a step in the installation guide. It’s not rooted by default and the GOS team highly recommends against rooting, all apps should work as long as they only require SafetyNet basic integrity. If they require full integrity, they won’t work on GrapheneOS because the OS has to be manually whitelisted by Google in order to pass the full integrity check. Most apps (including banking or government apps) only mandate basic integrity though, full integrity is rarely required. It should definitely work better than LineageOS.

        • @DreadPotato@sopuli.xyz
          link
          fedilink
          2
          edit-2
          1 year ago

          Hmm, my lineage OS phone passes basic integrity check, and my banking apps all work as intended, as do other government apps. But this damn 2FA app is still complaining and refuses to work, saying the phone is insecure.

          • Free Palestine 🇵🇸
            link
            fedilink
            21 year ago

            Yeah, that’s because your phone is rooted. By default you can’t get root on GrapheneOS so it should work there.

  • @PanaX@lemmy.ml
    link
    fedilink
    81 year ago

    Just a tip, you can debloat your galaxy without rooting it with adb tools. You can remove any apps you want this way fairly easily.

    Not a long term solution, and all the other comments are great options for replacement. Until then, you can remove almost anything you want until you’re ready to switch.

    • @lemmyingly@lemm.ee
      link
      fedilink
      11 year ago

      The none root method that you mentioned is just removing the application from your profile. It’s still present in the OS.

      • @PanaX@lemmy.ml
        link
        fedilink
        11 year ago

        I don’t think that’s true. From XDA forums, you can choose to disable the app or completely remove it. I have completely destroyed the system from uninstalling critical apps. I have had to do a complete factory reset due to uninstalling core apps. No root whatsoever.

        • @lemmyingly@lemm.ee
          link
          fedilink
          11 year ago

          I’ve read it a few times over the years. Maybe I keep reading people say the same misinformation. I suppose without root we’ll never know.

          Your anecdotal evidence could just be that you’ve ruined your profile; although of course, you could be entirely correct.

          I’ve only used it to remove annoying apps, e.g. Facebook. I’ve never gone crazy with it as I don’t care about the manufacturer’s pre-installed apps as they’ve remained silent for me.

  • @pound_heap@lemm.ee
    link
    fedilink
    81 year ago

    Lots of good advice here, but many might be too extreme. I find such all-or-nothing approach intimidating for people who just started to think about improving their privacy situation.

    Let’s see… you are angry about bloatware. It can come from two sources - mobile service carrier and phone manufacturer. How to get rid of it?

    1. Buy only “unlocked” phones. Then the carrier will not be able to push anything to your phone. You will also be free to change the carrier as you wish.
    2. Buy phones from manufacturers that don’t install too much bloatware. Google Pixel has only Google apps, Motorola also is almost vanilla Google. Fairphone is more exotic, but an interesting option. iPhone is OK too if you want Apple ecosystem, but customization is not a thing there.

    Now, we are in a privacy focused community and I saw your later comments about Google being an opposite of privacy. I would argue that vanilla Pixel is much better than bloated and locked Samsung already. I see you get recommendations to replace the OS that your new phone might run, and these are valid, but come with significant downsides. There are other ways to improve your privacy stance by changing the way how you use your phone without changing what phone or what OS you run on it.

    • @stewie3128@lemmy.ml
      link
      fedilink
      4
      edit-2
      1 year ago

      Warning about bringing an unlocked phone to Verizon (even if it’s a current flagship Apple/Samsung/Google device): 50/50 they’ll lock you out of WiFi calling/HD voice, etc. Because they’re dicks.