So recently my moto G60 reached the end of life with respect to security updates. That was the reason I was using to prevent myself from switching to a custom rom(actual reason is laziness). This phone has rom support for pixel experience and lineage OS. So my questions are if pixel experience has any privacy advantages when compared to the stock rom the phone ships with¿? Also if I flash GApps along with lineage OS will all the privacy advantages I get with lineage disappear¿? I might need Google play services for some banking applications.
The only way to use google play services and retain any privacy is to completely sandbox them, and the only OS that actually does this is GrapheneOS.
deleted
DivestOS (a Lineage fork) permits you to run MicroG as a user app, so it can be run within a user profile (e.g.the work profile).
How do you think this compares to the Graphene approach? (This stuff is above my pay grade, hence the question).
Edit: Divest is only available for a handful of devices, fewer than what Lineage supports.
micro g, just like google play, is a privileged app and will have special access to your phone. This is just swapping one middle man with privileged access for another.
So are you saying that privacy wise there is no difference between a device running stock rom and a rom like lineage with GApps??
It depends on your threat model. If you simply want fewer targeted ads, there is a benefit. If you are a journalist under a dictatorship, there is little to no benefit.
as you didn’t mention Calyx, are there any security/privacy benefits of using it?
Calyx with Micro G does have benifits, but isn’t quite as good as sandboxing, and also doesn’t have some of the other degoogling and security Graphene does.
If you use gapps you basically screw the privacy benifits. Use yourbank.com from a browser or get a new bank
What if I use the aurora store¿? Will that protect my privacy
deleted
Its better than using gapps for sure
Motorola phones are very easy to mod(root,custom rom) and even if you brick the phone in most cases you can just use the lenovo recovery tool. I personally use crdroid but lineage is fine too. I recommend you use microg with magisk to hide that the device is root/has custom rom. You can also just use shelter for the banking apps.
Root is great for some rare cases, but not needed for privacy and make your phone less secure.
There are great apps only working with root though
deleted by creator
LineageOS really doesn’t do much to protect your privacy. The only things Lineage will do for your privacy is 1. Remove Google Play Services 2. Remove your OEM’s built in tracking. Installing Google Play Services will negate 1. If you are serious about your privacy and is willing to make sacrifices, your best option would be GrapheneOS, followed by DivestOS. The latter support many of the devices supported by LineageOS, so check if your device has support.
My device doesn’t have support for graphene or Divest unfortunately. Which is why I made this post. I am guessing that lack of Google play and Google location services alone would be a massive improvement for my privacy.
Lineage does not have any special privacy features besides not having gapps. You can use Microg for a balance between privacy and convenience.
Use aurora store and don’t login with any account. You will need the lineage for microg version or root to get it working
deleted by creator
Just remember there is a balance between security and privacy that these types of communities forget and typically greatly increase the attack surface of their devices for minimal privacy gains.
This is why, in general, giving special access to your phone with privileged apps (Google Play, Micro G) or severely reducing the security of the phone by rooting it is almost always something you should avoid.
The OS itself is private because it’s DeGoogled. I also installed GApps because I wanted the convinence of the App store and core feature I’ve been used to for so long.
I also knew the moment I did the google-fication privacy was out the window.
I was fine with LineageOS and would happily go back when my Pixel7a becomes EOL.