
Show HN: RattlesnakeOS – build and run your own privacy focused Android OS - danvittegleo
https://github.com/dan-v/rattlesnakeos-stack
======
danvittegleo
This cross platform tool provisions all of the AWS infrastructure required to
build your own personal privacy focused Android OS on a continuous basis with
OTA updates. It currently supports Pixel phones (Pixel, Pixel XL, Pixel 2,
Pixel 2XL). Highlights include:

* Verified boot ([https://source.android.com/security/verifiedboot/](https://source.android.com/security/verifiedboot/)) like stock Android (almost all ROMs disable this) and with your own signing keys

* Latest monthly security updates from Google

* OTA updates from S3

* No Google services

* Latest F-Droid as open source alternative to Google Play store

* Latest Chromium w/ adblocking and privacy patches

~~~
IE6
> * No Google services

Question about this - my blackberry q10 had an android vm on it but the
limitation of "no google services" meant that unless the app used none of
those APIs it would not run. Surprisingly this was very limiting - have you
had a similar experience?

~~~
danvittegleo
That's a great question. I would say it is a bit limiting, and there are
definitely some bumps in the road for the average user coming from stock
Android. There are a lot of great open source applications in the F-Droid app
store, but it definitely doesn't cover everything you'd expect from a stock
phone these days. There is an app, Yalp Store (it downloads APKs directly from
Google servers), that can be used to supplement this with normal Play Store
apps. Many apps in the Play Store will rely on Google services though, so you
will have a wide variety of results ranging from apps running just fine,
crashing on boot, or not supporting push notifications. For me, not getting
push notifications in Slack was an issue as it relies on Google Cloud
Messaging (GCM). Luckily the encrypted chat messengers that I use
Signal/Telegram have support for their own polling mechanism and don't rely on
GCM. For Slack I ended up just writing a quick tool
([https://github.com/dan-v/slack-to-telegram](https://github.com/dan-v/slack-
to-telegram)) to forward messages to Telegram so I get immediately alerts. But
it's things like that this that you will definitely run into when running
without Google services.

------
bubblethink
Once you rip out any non-free CoS code, it would make sense to offer binaries
to people, perhaps through donations or a small fee, if you need to cover
hosting/cdn costs. While this is cool, it's still cumbersome and quite
wasteful for everyone to reinvent the wheel.

~~~
danvittegleo
Thanks for the response! Unfortunately, I'm personally not interested in
distributing binaries of the OS for public consumption, as I think installing
an OS from a unknown person on the internet is probably not the best approach
for a privacy/security focused Android OS. I personally would prefer to do my
own builds with my own keys so that I know what is running on my phone - hence
why i created this tool. That said, it doesn't mean someone else can't spin up
a public version of this setup using this tool.

~~~
bubblethink
>installing an OS from a unknown person on the internet

Eventually, what is needed is something like reproducible builds so that you
can claim that this binary corresponds to this source tarball. I don't know
where AOSP stands in that regard. The keys should be the only thing that users
should ideally manage. i.e., You get the generic binary (that is known to
correspond to source tarball), sign it with your keys, and flash it. Just
throwing ideas. This may not be in the scope of your project.

~~~
danvittegleo
I like this idea and could definitely get behind something like this. The
signing process is done after builds complete, so it might be possible.
Although on Pixel and Pixel XL it is likely not possible as the kernel must be
built with the signing key to support the earlier version of Android Verified
Boot (AVB 1.0).

------
wpdev_63
If the underlying hardware of the phone is compromised, then it doesn't matter
what you run on top of it.

I am not saying that you shouldn't try rattlesnakeos just that the people you
would be installing it for, still have access to everything on your phone.

If you value your privacy you would buy a simple dumb flip phone, solder out
the microphones and cameras and use a wired headset. They can still get an
approximate location of you through stingrays and such but it's better than
nothing.

~~~
danvittegleo
Agreed that if lower level hardware is compromised it doesn't matter what you
run on top of it, and RattlesnakeOS doesn't protect from that other than
keeping components up to date with latest security patches. I think if you are
going to buy a dumb flip phone and solder out components for privacy, you are
probably better off just not having a phone at all. This project is more about
having a useful smartphone experience while still focusing on privacy and
security.

~~~
wpdev_63
Yeah but everyone needs to use a cellphone in this day an age so if you don't
want to be tracked like a sheep then a dumb phone with the microphone and
camera removed will do the trick. They(3 letter agencies) can only track you
to an approximate location and probably are unable to run it in fake off mode
if you want to turn it off.

It's actually pretty liberating to have a purpose driven cellphone to only
communicate with.

------
grizzles
It would be cool if you could get this stack going on a <$100 phone. There are
some really cool products I could sell around that price point that I couldn't
sell at anywhere near Pixel prices.

A company that did the heavy lifting for startups that want to reimagine the
user facing side of (eg. LineageOS compatible devices) would be an interesting
proposition.

------
busterarm
Any plans to add remote hardware attestation verification to the EC2
infrastructure?

[https://github.com/AndroidHardeningArchive/Auditor/releases](https://github.com/AndroidHardeningArchive/Auditor/releases)
(though sadly Copperhead's fdroid repo is dead)

~~~
danvittegleo
I haven't spent much time looking at this part of the project as my phone
isn't supported but it does look really neat. On my next phone upgrade I will
probably investigate.

------
dangerface
This is fucking cool.

How difficult would it be to port this to another phone like the 1+n?

------
hiccuphippo
What would adding support for other phone models entail? Just adding drivers
for their different parts?

~~~
danvittegleo
Unfortunately there aren't very many phones that currently support verified
boot
([https://source.android.com/security/verifiedboot/](https://source.android.com/security/verifiedboot/)),
which would be a requirement to be supported by this project.

------
Tepix
Please add Nexus 5x support like CopperheadOS had.

~~~
danvittegleo
Nexus 5x is end of life unfortunately, which means it won't get security
updates from Google and therefore isn't a great fit for this project.

~~~
busterarm
What about Nokia 6.1? :D

