- cross-posted to:
- android@lemmy.world
- cross-posted to:
- android@lemmy.world
You must log in or # to comment.
This is sad. I’m clinging to my GrapheneOS Pixel 7 until it completely breaks. By then I hope there will be decent Linux phone options or I might not get another phone at all.
Google can go fuck itself. The state stock phone from most major manufacturers come in with all that increasingly intrusive spyware that you can’t uninstall or turn off should be illegal.
If you’re on Graphene for security, Linux mobile will be the last thing you want as the security of those devices is akin to carrying around a bootloader unlocked android with no app sandboxing. You’d be better off buying a fair phone and using iodé until they can’t develop any further.
It depends on what your requirements are. Is physical security important, or is preventing data collection more important? Not all security is the same.
I never implied it was, however if someone is using graphene as a way to achieve mobile security, it can generally be assumed they want said security if they switch to a different OS. Iodé and CalyxOS both support more than just pixels, and don’t do data collection, nor do they sacrifice physical security. Mobile Linux on the other hand, has very little physical security, and very poor application sandboxing compared to the aforementioned android forks. It wouldn’t make sense from a security perspective to skip over android forks directly to {postmarketos, Ubuntu touch, armbian/mobian, manjaro mobile…} unless your goal is to use a Linux phone without caring about physical security and app sandboxing (which would not make sense if you are using Graphene, and don’t want to change your threat model too much while not supporting Google.)
That’s fair. Hopefully in time mobile Linux will be comperable. I’d prefer it over Android if all else were equal. Maybe as Google keeps fucking around with users people will want to get as far away from them as possible and mobile Linux will really get going.
I agree with you, in fact the only reason I know about the security differences is because I wanted to jump ship when they started down this closing AOSP path. I found that at the current moment the security model won’t work for me, and that I’d also have to buy a new phone just to get support. I really want to try out plasma mobile though, it looks nice.
Yeah, Plasma mobile looks like where we should be right now, but yeah, sadly too many tradeoffs to actually have users. I’m still hopeful that some day we’ll get the Linux mobile we all want. Maybe when some Android devs retire and want a hobby…
I require my banking app to work.
you can use the bank website
I love that banks have tight requirements on where I can use their app, but I can visit their website from anywhere such as a public kiosk (not that you ever should!) and they’re all come on in!
fully agree, it’s ridiculous
How will that work exactly? Do you carry your TANs or secure token around all the time?
no different than your banking app. most websites have a remember me option
I use a hardware TAN generator which I could use with any browser. I use my banking app (which works on LineageOS so will presumably work on GrapheneOS) just to generate TAN for authentication. My banking cards support NFC.
Not everyone runs dangerous proprietary apps that need sandboxing. Does my offline puzzle game need sandboxing? Firefox has its own sandbox built in.
Some people consider unlocked bootloaders a feature.
Everyone does run proprietary hardware with its own hardware vulnerabilities that could very easily be exploited and escalated without proper security. Unlocked bootloader leaves you open to very easy physical attacks. Phones batter is low and you need to charge it in a public space? You better hope no one had modified the charger with something like an RPI to silently exploit your phone. Crossing a border into a country and they suspect you’re some sort of threat? There goes all your personal information directly to their government. Not running software that updates the hardware’s proprietary software drivers? One text message and you’ve got a rootkit.
You are more than welcome to run less secure and/or insecure software. No one is telling you you can’t. If someone is on GrapheneOS however, they’re probably not using it to be on a less secure os. Most people don’t want a less secure os. I’m glad you currently have the option to do what you want, but this response to someone using a secure OS about how to stay secure didn’t really need an “um ackshually” about people who don’t want a secure os.
need to charge it in a public space? You better hope no one had modified the charger with something like an RPI to silently exploit your phone
Any secure Android device should be starting each USB session in device mode, set to charge only. It is usually not possible to change this mode without unlocking the screen. I don’t know what this has to do with sandboxing or unlocked bootloaders.
Crossing a border into a country and they suspect you’re some sort of threat?
How does this attack work? Are you saying they’d replace the operating system by using the unlocked bootloader? There are plenty of ways to prevent this with full disk encryption. Of course you need to check for modifications when you get it back, but that’s true even if you have a locked bootloader, because of hardware modifications and leaked keys.
Not running software that updates the hardware’s proprietary software drivers? One text message and you’ve got a rootkit.
In any of the open source Android distros, like LineageOS or GrapheneOS, those updates come as part of the operating system. The updater is open source, and doesn’t care whether your bootloader is locked. I assume a Linux Mobile system would be closer to Debian’s Apt system, which is also an open source updater than can install proprietary drivers, and also doesn’t care if your bootloader is locked.
didn’t really need an “um ackshually” about people who don’t want a secure os
This is pointlessly condescending.
That’s dangerously close to something Microsoft would say, like
“LiNuX is tHe LaSt ThInG you WaNt FoR sEcUrItY”
But I’ll give you the benefit of the doubt and hope you just meant that Linux mobile isn’t ready for use as a daily driver yet.
(sent from iodé)
As someone who only uses fedora on all my PCs and iodé on my phone, I’m not sure why you think I’d say this just to stir up drama. I’ve done the research into what would be available on mobile relative to my current threat model and found its not ready, and will most likely not be ready for a long time unless were somehow blessed with another Steam deck like moment for phones.
Also, can we stop the stupid spongebob chicken mocking text? It makes your response seem a lot more negative than it needed to be.
Just get a flip phone for calls/SMS. Then pinephone for cool stuff.
What prevents you from sandboxing in linux? Ever heard of cgroups?
I can’t imagine someone who wants to use their phone wants to spend that time using it setting up sandboxing by hand.
There are a few for sure, but the point was the technology is there, it’s “just” a matter of implementing it.
I wish mobile Linux was in a better state too, this sucks.
The government represents private interests so I think the legality is exactly where it’s intended, another fuck you to the consumer so congressional stock portfolios go up.
I read something on masto a while back that said something like “tech companies would remove the customer if they could” and I am very quickly adopting that as true in my brain.
deleted by creator
Nothing better than people onboarding themselves and also onboarding others for you.
CalyxOS didnt Pause Updates bEcAusE iTS sOoOo hArD now.
They did it because they Senior Devs are Retiring and they are switching out the Cryptographic Keys, so their Security wont be compromised.
Source: https://calyxos.org/news/2025/08/01/a-letter-to-our-community/
Yeah this article read as more of a hit piece and promotion of GrapheneOS than anything else. All the “news” in the article is weeks old too.
2026, year of the Linux phone
Not with these tariffs. 🤣
Linux sucks on ones especially from a security and usability perspective
Edit: For those down voting, what OS do you use on your phone? Everything I’ve tried has left a lot to be desired.
I think one the biggest sells, especially for these custom rom’s is privacy to be honest. I don’t really trust Google or Apple with the data they probably collect. During COVID parents were being reported to law enforcement for CSAM when sending pictures of there kids medical issues to doctors(Archive Link).
One I guess could argue that sure shit happens when it comes to that scenario, but with the political climate in America combined with the fact that some of the largest tech companies seem to be kowtowing to whatever the current administration is doing, probably makes a lot of people rethink privacy and to find alternatives.
Degoogled android has way more potential from what I can tell. Android has a solid ecosystem of apps while protecting security and privacy. Google is the core problem. Why throw away years of work on AOSP and F-droid.
Would you care to elaborate with specific examples?
Since the original user doesn’t actually know the answer to the question asked, its because
Mobile Linux doesn’t support any sort of verified boot like android does, leaving it open to evil maid attacks
Mobile Linux doesn’t sandbox applications as well as android, leaving it open to spyware (Think Facebook intercepting Snapchat DMs, not old school steal your credit card spyware)
and I feel like there’s a third major big thing but I can’t recall it at the moment. Android’s security model is genuinely one of the most secure out of any modern operating system. I’m all for Linux phones, but they need to prioritize parity with Android security before I daily drive one.
Yeah, I though of those two & it’s just a thing that would get/will get developed if we get to daily drive Linux phones, imho.
Its not like it didn’t take Android years to get those two aspects covered.
I mean if you want to get technical, KitKat (4.4 in 2013) introduced verified boot. So from Android 1 to 4.4, it took about 5 years. I believe some form of sandboxing has always existed in Android, but the earliest version I can find online was in Android 5.
I feel like with the backing of Google, they were able to implement such tight security in their mobile OS without much pushback. Mobile Linux in it current state is entirely hobbyists with very few daily drivers. Unless someone can release some stunning Linux mobile hardware that a lot more enthusiasts buy I don’t think we will see any sort of major progression in mobile Linux for some time, as the current method most mobile Linux uses is replacing the bootloader on the phone with an open source implementation which takes a lot of man power to achieve, and it would take even more to make it secure.
I would absolutely love to be proven wrong about the time frame however. The sooner secure Linux phones hit the market, the better the world will be.
Didn’t know/remember about KitKat verified boot, but the sandboxing thing was prob just to kernel & perhaps some system files, def not user or hardware such as cameras. Including between apps & phone contacts, etc.
And I totally agree about lack of Linux phones (as hardware), the phone market with its size & megacorp subsidies to preinstall spybloatware is a giant hurdle.
And the real reason for closed sauce drivers (as a practice, not as if they should open-sauce old hardware now - that’s a security risk for unsuspecting folk & iot … but we could def transition the practice).
Thank GOD. Application sandboxing makes my Android phone UNUSABLE as a daily driver.
Let the people who can’t manage their own software vetting stay with Android and GIVE ME ACCESS TO MY FILE SYSTEM.
I’m not really sure what about the sandboxing makes it difficult to use. Most of the permissions are switches you can just toggle on or off. You can also root phones that run custom Roms (which are the only phones that are worth a damn IMHO) if you really want access to the entire fs.
You’re more than welcome to use a less secure system, but most people would generally prefer a secure one.
There’s no “mobile Linux”. Linux supports Secure Boot just fine, and if a distro wants to sandbox applications that too is done by just configuring Linux to do so (after all, that’s what Android does).
Find me a phone that supports secure boot (which is not the same as verified boot btw), and a distro that will run on that phone that properly sandboxes applications (Flatpak does not count, as there are still many security flaws and missing xdg-portals in its implementation.)
Why? That has nothing to do with the topic we’re discussing. You can configure Linux as Android does it, or choose not to.
(Secure Boot is what enables “Verified boot” - which is just Android’s name for a common sense secure boot loader implementation which is the norm in well protected IoT systems etc)
/ex Sony Mobile dev, nowadays IoT hw/fw ethical hacker
2026 is year of Linux phone
Linux sucks on phones for security
Why?
Linux security on phones is not equivalent due to these factors
but Linux supports these things which are either not exact equivalents or would take an entire Dev team with full time funding to do
Can you find me a phone & OS that meets those requirements
Why? that has nothing to do with the topic of Linux security on phones?
are you being serious with me right now? what about my question wasn’t “on topic”? If the hardware and software don’t exist, its not going to happen and you’re making a hypothetical argument to a factual statement.
Android boots in layers that are encrypted with different keys. The first key in the TPM enlocks the base OS up to the lock screen. From there a pin is entered and the rest of the system is decrypted.
If a compromise happened in the OS the phone would just fail to boot since the integrity of the system is validated by the TPM.
Linux doesn’t have the same permission controls. SElinux profiles would need to be manually configured for each app which would take a lot of time.
Mobile linux also doesn’t support measured boot which is what is used to protect the system in the case of theft. Before I consider mobile Linux it would be nice if there was a detailed security review of the entire system.
I think this will sort itself out quicker if you show me what “mobile linux” is.
A Linux distro made for mobile devices? Like Plasma mobile, or Ubuntu touch, or Sailfish os
Ubuntu Touch, Postmarket OS and others
The mobile linux tends to leave root access enabled plus it doesn’t sandbox apps in the same way as Android. If you visit a web page that manages to exploit your web browser all bets are off since lateral movement is trivial inside the OS.
Android on the other hand has strong sandboxing and permission control which means that a compromise in one place shouldn’t be able to jump to other places. Android also restricts filesystem access so even if an app is compromised it is difficult to maintain persistence.
Phones has lots of sensors and are great for tracking people. I would rather that my phones OS be extremely secure so that I’m not the victim of spyware.
One thing Google seems to be able to do right is security. Android has a strong security architecture that is highly robust. You can straight up download malware or lose your phone and everything stays safe.
I’m not saying it would be impossible to create a OS that is as secure as Android. However, it would take some very serious work and would likely mean building something from scratch with APIs for permission requests.
Do you have examples where that isn’t the case?
Linux phones tend to just be the desktop versions of desktops adapted for a smaller screen.
Android has well built ecosystem with strong privacy and security features not really found anywhere else. The entire system focuses on least privilege with strong security isolation so even if you do download something bad it will have a hard time doing real damage.
Errrrmmmm I think this is just an issue either with your choice of distro or your approach to security.
The Linux ecosystem has by far some of the greatest security technologies available for modern operating systems. Android is a Linux distribution after all.
Most of the issues with Linux on a phone so far is more the hardware and architecture to support and integrate the hardware.
Major mobile device manufacturers have secure enclaves, cryptographic co-processors, advanced face/depth cameras, fingerprint readers, etc. The system architecture needs to be tailored to the hardware and security architecture for the threat models mobile devices face that you want to mitigate.
iOS is Unix deep under the hood, Android is Linux deep under the hood. The issues here aren’t with the kernels, they’re with userspace, hardware selection, and perhaps the odd supporting driver, service, or interface.
Current Linux doesn’t come close to Android. I wish it did but you still need root access and permission controls leave something to be desired. I think that is mostly fine for desktop but on mobile the stakes are much higher since spyware could have much more access.
I’m not trying to be rude but none of these points are true. I imagine you’re confusing a single Linux distribution and their architecture with being representative of Linux as a whole. You can indeed spin an unprivileged, immutable distribution with SELinux for MAC, hardened kernel, and so much more, which would blow Android et al out of the water.
Source?
I’m basing this all on the Android documentation along with my experience on desktop Linux. I would love if there was a Linux system that was as solid as Android but I haven’t seen anything as of yet.
Android is Linux, and uses regular Linux security mechanisms.
That’s not the case. Android is extensively modified in order to have sandboxed applications only and restrictive hardware permissions.
Run any executable on Linux. Likely by default it can access ~/Photos and the webcam. Android doesn’t allow that
Flatpak?
And some level of immutability?It doesn’t seem like much of a step for Linux distros to cover the “gap” if/when we get any sort of viable mobile options for eg 1% of the market.
Flatpak has promise but the sandbox much weaker than Android. I wouldn’t run anything untrusted with it as sandbox escapes are likely possible. Bubblewrap is highly portable at the cost of being less secure. Kernel level sandboxing such as SElinux and Namespaces are much more bulletproof since they leverage the kernel.
Honestly if you are building something from the ground up I would instead focus on virtualization since the Linux kernel isn’t exactly free of security issues.
I’ve looked at a couple linux phones and those tend to be designed with hardware switches for antennas and cameras, which I would argue are more secure
A hardware switch for software accessing a directory?
“uses regular Linux security mechanisms” is true regardless of whether any distributions you use configure them the same way or not.
The Android platform takes advantage of the Linux user-based protection to identify and isolate app resources.
As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root or superuser privileges (Linux capabilities).
Android also doesn’t require root for basic functionality
Sort of
It does use SElinux but the user space software is all Android specific.
Usability makes sense. Security is a real head scratcher here.
Android has very strong security sandboxing and tight permission control. It also tracks the integrity of the system so it is very hard to tamper with the boot process. Everything is encrypted and the entire system is very hard to break into even with physical access.
Android is really impressive if you dig into the bolts. While I would love to see something on Linux do something similar I haven’t seen any OS come close.
One thing that is neglected with android vs Linux is the application style. Mainstream Linux distros direct compile from source, this means users can read the source code and report any malicious code which has happened, with incredible speed. We don’t have that with androids APK files, therefore android needs a much more robust security system. There are other reasons too, like google opening its flood gates to banking apps, if Linux is ever even semi successful (I doubt it will out compete apples or google) in mobile os, banking and high security commercial services will be relegated to the browser.
This is a frankly a bad take. Just because something is foss doesn’t mean that it can’t poss a risk. Software tends to have security vulnerabilities and supply chain attacks. From a security perspective you want to follow best practices such as least privilege and defense in depth. Blinding trusting software is not a good idea regardless of the source.
I really don’t get the doomsayers in this thread, all boasting about how android is secure and private – that’s bullshit. Android may be secure, and Google has a rep of doing secure stuff, but it’s hardly private, 'cos Google.
Then they go on about how you just can’t do that with regular linux. Wtf?
For the most part, mobile linux distros are adapted desktop distros and all the tools you can use on android for sandboxing et al you can use on regular linux.Are there linux distros for mobile that are on par with android? No, not at the moment and not with that attitude. Can there be? For sure, and Google’s pushing it in that direction.
If you’re gonna be doomsayers bitch about hardware drivers, that’s indeed an issue and even that, it’s, like regular linux, a matter of time until someone reverse engineers them.
Mobile phones are not secure. By design
Got to grassroots a more open platform over some decades like desktop Linux. Once a RISC-V phone comes out running some relatively normal Linux distro is out, I’ll buy it as a tinker with phone. At least it’ll be a portable battery powered device to run full desktop Linux when docked
What is RISC-V going to do?
Once a RISC-V phone comes out running
some relatively normal Linux distro is out, I’ll buy it as a tinker with phone. At least it’ll be a portable battery powered device to run full desktop Linux when dockedthe boot sequence in five minutes.But seriously, right now RISC-V’s performance sucks, to the point of daily driving Linux is a suffering.
deleted by creator
This person clearly would have stolen a car
Phones with unlockable bootloaders but no one makes ROM for: You are welcomed to smash wallnuts with me when I retire.
Last month postmarket got 4G modem AND recieve voice working at the same time.
It’s gonna be a hot minute, but more competition is for the best
Sad opensource and consumers are shafted!
No use developing a monopoly (and having its future profits valued on the market) if you don’t plan to use it for
hurting the consumers, society, & environmentprofits.And anyone using Google related products is feeding the beast.
Now explain that to eg Chrome users.I’m probably going to spam this around a bit, since most people don’t seem to know about it, but a reminder that FuriLabs has a (GNU+)Linux phone with decent spec.s and the ability to run Android app.s (from what I’ve heard) pretty decently: https://furilabs.com/
Biggest drawback is it’s based on Halium. Usual growing pains of a new product/company apply but apparently the company is pretty responsive and their dev.s have worked with customers to get things like calling working with the carrier and bands of their country where it hasn’t worked before so improvements move pretty quickly.
Collection of different experiences I’ve variously seen online over the last year or so:
- https://clehaxze.tw/gemlog/2025/07-20-flx1-actually-usable-linux-phone.gmi
- https://news.ycombinator.com/item?id=41839326
- https://www.reddit.com/r/linux/comments/1fa1ljn/furilabs_flx1/
- https://www.reddit.com/r/linux/comments/1j46f2w/flx1_linux_phone_display_out/
- https://www.theregister.com/2025/02/03/furiphone_flx1/
I don’t own one, myself, so I can’t give any personal experience but I’ve seen it around for a few years now but most people don’t seem to even know about it. Maybe there’s a reason for that? But none I’ve ever seen anyone say.
Halium
whats wrong with that
Basically, you’re tied to whatever Google-modified version of the Linux kernel you start with. All the complaints about not being able to get updates on Android apply and you’ll never get to run mainline kernel.
Not a deal breaker for me (especially when improvements here could go upstream) but it is, for some, so I just wanted to be upfront for anyone reading.
On the plus side, it’s probably part of why they’ve been able to get Android app.s working so well.
Very sad state. Maybe hope lies in emulation? What I want ideally for my phone is for it to run a Linux-type desktop OS, and have light VMs (if containers won’t do) running fully locked garbage Android systems for those apps that require them.
As an exclusive Linux user since the early 2000s I remember well the days programs were unavailable and website only supported Internet Explorer. Wine and virtualization remedied much of that pain.
Nah, companies besides google make phones
Not a lawyer or anything, but how possible would it be for a phone company, any no matter how big or small is, to just sell phones with lineageOS preinstalled (or any other similar custom ROM) assuming that company does not own custom ROM. This is more hypothetical question, because I really like Samsung phones and was thinking how a phones like Samsung S or even A series with lineageOS preinstalled (and working like stock ROM would work) would actually be a beast of a phone, like by both privacy, security, gaming and other aspects.
Like Fairphone shipping with e/OS? https://shop.fairphone.com/the-fairphone-gen-6-e-operating-system
Yeah, that too. Forgot about them :)
The issue being phone manufacturers don’t give a shit 'cos only a few will moan about this.
Regular users don’t even know what a custom ROM is or why they should use one./e/OS does this already, and I believe you can already buy phones (second hand) with Lineage on them.
Legally, it wouldn’t be a problem.
The problem is that whatever company sells custom ROM cell phones is going to need to eat the support costs for these phones. You’re also going to need to deal with customers who are going to lose access to a mainstream app store.
Yeah, I get that. I was just thinking, because I like how Samsung has beast of phones, in terms of hardware, but their software is bloated so I was thinking how cool would be if there is phone with Samsung hardware, but software like lineageOS and others similar.
The problem is the economics of what you want.
It is going to cost money to buy phones, unpack them, upload the OS, test the product, then repack them and ship them. I would expect that to cost at least $20, probably more.
Then, after that, you have to maintain the phone software for several years. That includes testing the builds, which will likely be at least tens of thousands of dollars for each update.
So, you’re adding all this cost to a phone and for what? A phone that will be less capable than what is currently sold? And, likely, those who would be more likely to purchase this service can do it themselves.
It is going to cost money to buy phones, unpack them, upload the OS, test the product, then repack them and ship them. I would expect that to cost at least $20, probably more.
Well, proxysto.re does that with GrapheneOS: https://shop.proxysto.re/de/i/pixel/
€50, based on the discount on stock ROM, although €20 out of that goes to GrapheneOS apparently. Based on donation amounts, they sold 67 of them in 2024
There is a market for it. I have been selling secondhand phones with custom ROMs installed on eBay for several years, though for me it has never been more than a hobby. There are quite a lot of people out there who are interested in having a more private operating system on their phone but feel uncomfortable installing one by themselves. Unfortunately, it is also a market that attracts grifters because it’s so easy to prey on people’s fear and paranoia and rush them into paying for massively overpriced hardware.
There’s a few companies that do this currently.
