DeGoogled Phone Comparison

Fairphone / Murena / Freedom / BraX2 / Volta / Librem / Pinephone

Be Informed ➤ Choose Wisely

Be Informed ➤ Choose Wisely

A DeGoogled Phone + VPN will drastically reduce spying by Apple, Google and the Mobile Phone Networks against you the user, however, unfortunately many DeGoogled Phones currently being sold are seriously compromised due to the phone hardware and/or the operating system. The reason I chose the Pixel Graphene phone is that it is very well done and I expect Edward Snowden chose Pixel + Graphene OS for similar reasons.

FAIRPHONE

I suggest you avoid buying the Fairphone 4, which only has just over 2 years of full security updates since its release date despite being advertised as significantly more. This is because the System on a Chip they use [Snapdragon 750G] only has 3 years of support from Qualcomm, and the SoC was already old when the phone came to market. This is not to mention the Fairphone 4 uses the Android Verified Boot Test Key as their OEM keys, effectively making Verified Boot of no value. In general, you should check how long the SoC a phone uses is supported for, rather than only refering to phone manufacturer’s marketing literature.

MURENA PHONES / eOS

I also suggest you avoid buying the eOS phones, now branded as the Murena phones. eOS in itself is extremely insecure, not supporting verified boot, shipping userdebug build, shipping months old version of Chromium and bundling years old version Orbot into their operating system. They have recently also had an incident where their cloud service mishandled session keys and gave users access to each other’s files, and they were NOT end-to-end encrypted.

BRAX2 / FREEDOM PHONE / VOLTA PHONE

I also suggest you be very wary of low quality privacy branded phones like the Freedom Phone, BraX2 Phone, Volta Phone, and similar. These are cheap Chinese phones with the Mediatek Helio P60 chip from 2018, which has already reached end-of-life or is near end-of-life. It would also be wise to avoid any vendor who claims they are Zero-day proof as some do.

LIBREM 5 PHONE / PINEPHONE ➤ LINUX OS

Linux OS phones such as the Librem 5 or Pinephone have serious security issues which concern me. They simply lack any significant security model. There is not yet a single Linux OS phone with a sane security model. They do not have modern security features, such as full system MAC policies, verified boot, strong app sandboxing, modern exploit mitigation and so on, which modern Android phones already deploy.

Simply stated, the current state of "Linux for Smartphones" is not sufficiently developed for the majority of users. To ensure our customers receive a reliable, secure, and professional-grade phone, we offer Graphene OS on the Pixel 8 Series phones.

PIXEL GRAPHENE OS

The Pixel Phone + Graphene OS is leading the market in Privacy and Security.

DeGoogled for Data Privacy

• Sandboxed Google Play Services can be installed without special privileges if needed. This innovative technique offers improved compatibility compared to less secure solutions like microG while maintaining top-level security.

• Tracking Protection as apps are unable to access device IMEI, serial numbers, SIM card serial numbers, subscriber ID, MAC address, etc.

• MAC Randomization [options] prevent identification by wireless network scanners.

• Firewall [Fine-grained network and sensor permissions toggle per app].

• System Default Indicators for active camera, microphone, and location access.

Why Google Pixel Series Phones

Unlike most devices, Pixel phones feature a Titan M secure element for Verified Boot. Pixel phones have native Android support, enabling swift security update distribution. Pixel smartphones support custom software installation, such as Graphene OS, making them ideal for Google-free smartphones.

Comparison to Lineage OS, Calyx OS, eOS and Others

Lineage OS, Calyx OS, eOS, and similar Android distributions mainly rely on standard Android with their own app selection. Conversely, Graphene OS is a diligently hardened Android OS, and should be considered its own operating system. Additionally, the previously mentioned distributions often provide security updates late.

Physical Phone Security

• Encryption and Titan M security chip protect your device and data against intricate physical attacks.

• Verified Boot guarantees that your operating system remains unaltered.

• Auto Reboot restarts phone after a certain period of inactivity.

• Secure Fingerprint Sensor is recommended rather than PIN layout scrambling which we discouraged for security reasons.

Spyware and Zero-Day Exploits Defense

• Significantly Enhanced Android OS for high-security requirements (e.g., hardened stock apps, libc, malloc, compiler toolchain, kernel, filesystem access, WebView).

• Sandboxing of All Apps to protect against vulnerable and malicious applications.

• Hardened Browser, WebView, and PDF viewer implementation.

• Rapid Security Updates to maintain extreme security.

• Over-the-air Exploits Protection through baseband radio processor isolation using IOMMU and an optional LTE-only mode, which massively decreases the cellular radio attack surface.

Effortless Usability

• No bloatware. Minimal secure system with only a few default apps. Additional apps can be manually installed; updates must be authorized.

• End-to-end encrypted backups to USB drive or cloud storage [eg Encrypted Proton Drive].

Open Source & Verified Boot

• Open Source software allowing public verification [no hidden backdoors].

• Verified Boot hardware supported validation of phone software's authenticity and integrity.

Who Can Benefit

• Professionals requiring a secure phone for safeguarding sensitive data and communication.

• Individuals seeking a privacy-friendly phone [without Google or Apple].

• Organizations aiming to equip their employees with a high security phone.

• Journalists, Activists, and NGOs seeking protection for themselves and their contacts.