Looking through the GrapheneOS source, the servers may not be Google servers but the system is still designed to phone home. As such, have they solved the problem or is this just another case of "Dont' trust them, trust us instead."
Has anyone succeeded in running multiboot on "smartphone" hardware, i.e., where the user can boot into a choice of kernel/userland. One choice might be Android, another might be GrapheneOS/LineageOS, another might be an OS that does not rely on any third parties whatsoever (no conveniences, "app stores", "connectivity checks", etc.) and is fully controlled by the user. In other words, the third choice lets the pocket-sized computer be used more like a pre-smartphone era desktop/laptop OS. Basic functionality.
Eh, if you want an airgapped phone, use it in airplane mode. Obviously, the phone needs some network infra for things like updates or timekeeping. You can route it over vpn if you want and you can build everything yourself and host all the servers yourself too if you so prefer. This type of pedantry is more harmful than useful to casual users who would be far better served with grapheneos than some non-existent ideal phone.
"...if you want an airgapped phone, use it in airplane mode."
Right, that's what I do. In fact this post comes from a smartphone sans SIM with airplane mode on, with a firewall against apps phoning home, no Google or Gmail account, all Google Gapps nuked including playstore - in fact all Gapps have been completely removed - not to mention that most replacement apps come via F-Droid.
Yes, technically it's not fully airgapped but it is against Google and that's my main aim.
Of course there's a penalty: I also carry around both a pocket router with WiFi and SIM to which the smartphone connects as well as the dumbest of dumb phones just for phone calls.
Yes, it's a little inconvenient in that the combined paraphernalia is about equivalent to two normal smartphones (both the router and dumb phone being somewhat smaller). Next step is to upgrade to a Fairphone or equivalent. (I've often wondered where I'd fit on a percentage scale of users who'd go to such lengths - somewhere between 0.1 and 0.001% I suspect.)
You may well ask why I've gone to such lenghts. It's more principle than privacy really. It's because governments around the world completely abrogated their responsibility when they deregulated the once-private telephone networks in the 1980s, when they did they let the Wild West take over. This 'vacuum' then led to a depreciation in the value of privacy on telephone networks. The ultimate insult came when the vacuum was filled by the likes of Google and others who usurped the last vestiges of our telephone privacy for good - and these damn governments just stood by and let it happen without so much as whimper. Remember, we telephone users were never first consulted about our privacy - governments just let Google and Apple et al take over the whole damn caboodle without question. (In the future after all the world has finally woken up to the disaster then we'll have dozens of historians trying to figure out what the hell happened and why. When realization finally dawns everyone will be flabbergasted.)
Now, long after the horses have bolted and without so much as an apology, governments are trying to reign in the likes of Google and Facebook. Right, our governance is a fucking farce - it has to be when governments simply allow Big Tech to not only effectively overrule longstanding law but also to go on and do whatever they damned well feel like with impunity.
Is the pocket router battery powered. Really we need an suitable open source, easily compiled OS to run on a suitable "smartphone" that can be re-purposed into a "pocket router". This to function as the gateway through which our "phones" reach the internet.
The router/modern is battery powered or it will run continuously off a USB charger. The one I'm using currently is a Vodafone (Huawei) R216. Here are the specs: https://wirelessgear.com.au/vodafone-pocket-wifi-4g-r216-mod....
That link is the first one I found, if it doesn't work for you just search the modem's model number.
The R216 lasts for at least 6 hours on battery, often much longer (and the battery is removable, so you can have spares to extended its operational life). Whilst this modem is principally an ISP one (Vodafone) it comes unlocked. I note that that link says it's locked but it's likely not - as most assume ISP-supplied stuff is but to be sure you'd better check that's so where you are. Also, if you aren't using a Vodafone SIM then first just check that it works even if it's guaranteed unlocked (some other SIMs may need setting up).
If the R216 isn't available or its locked in your country - or you have that common aversion to using Huawei equipment - then there are several other brands that are essentially equivalent. If you want the details I'll provide them.
Note this is a real router/modem and it'll run up to five smartphones/PCs at a time (which can be very handy). Some others that are a little more expensive can connect 10 devices to each other by their WiFi LAN and or to the SIM's mobile network. Also the R216 will take a micro SD card (one's mobile NAS so to speak :-)). Given its small size size and usefulness I'd never be without one (I've three of this model and several earlier types).
That Mudi GL.iNet router/modem combination seems a very substantial device with excellent specs. I've not seen it previously (but I've not been looking of late either), with specs like that I'd certainly consider it when deciding my next purchase.
Here, it seems to me the key issue of whether to buy that one in preference to, say, a somewhat lesser model with fewer features will depend on how you use it. Right, that's stating the damn obvious but from experience I've found it's very important when it comes to mobile stuff, all too often I (and others) have glanced over this important portability factor.
If your intended use is to, say, carry it in your luggage and only use it after you arrive in your hotel or conference room then I'd reckon there'd be nothing better than to buy the Mudi GL.iNet device. On the other hand, if you intend to use it like I use my Huawei R216 router/modem, that being as part of my kit to replace a normal default-type Android phone (as per my previous posts to 1tSlEv and 1vuio0pswjnm7), then a physically smaller device would seem preferable.
As mentioned, carrying around three devices instead of a single smartphone is rather inconvenient in that there's more bulk to carry around, also there's more chance of losing one of the devices. I'm pretty adept at doing so now but when I first started some years back I'd sometimes only take the smart and dumb phones and forget the router/modem—thus I'd have phone access but no internet (right, being Don Quixote and always tilting at windmills isn't necessarily the easiest way to run one's life) :-)
My 'combo phone' isn't the only stuff that I carry around, it has to share my pockets with other junk like screwdrivers, pliers, thumbdrives, multimeters, etc. so physical size is major consideration. From the specs, I've noticed the size of the Mudi GL.iNet router/modem is 145 x 77.5 x 23.5mm and weighs 285 grams; by contrast, my R216 is 95 x 58 x 11mm and weighs only 77 grams. Thus my R216 is only about 22.9% the volume of the Mudi unit and weighs just a nudge over a quarter of its weight. This difference is very significant if one is trying to carry it in, say, one's jeans' pocket along with both a dumb and smart phone.
This brings me to one of my pet peeves; that being the ongoing and progressive decrease in the depth of men's trouser pockets over recent decades. This is no joke or trivial matter; I lost an almost brand new HTC smartphone after going to a concert and sitting in laidback seating, it just slid out of my pocket without me noticing its loss, by the time I had then it was too late. If I were a conspiracy theorist rather than someone who understands that such negative occurrences are 95% the consequence of fuckups then I'd believe there was a conspiracy between phone and clothes manufactures to sell more phones! I cannot understand why the average guy isn't up in arms over the continual withering of his pockets; after all, surely the cost of extra cloth necessary to correct the problem would hardly be measurable in the overall schema of things (BTW, this pocket problem even extends to coveralls/overalls). Anyway, as someone who's been sartorially challenged from birth, I've largely overcome the problem by ignoring fashion altogether and taken to wearing ex-military BDs or equivalent cargo pants. Penny-pinching accountants haven't yet sufficiently infiltrated their manufacturing to have made much difference.
The upshot of this is that I keep the smartphone in one of my trousers side pockets and the dumb phone in the other whilst the R216 router/modem I put into one of my shirt pockets. The caveat here is that it's important to have shirts whose front pockets can be buttoned or zipped up to stop the device falling out whenever one leans over. Given the average size of shirt pockets—and they too have been shrinking in recent years—then there's no way the Mudi GL.iNet router/modem would fit in them.
Which goal gets served by the separate router? I've been thinking here for a while, but the only thing that comes to mind is a very restrictive "allow-list only" firewall.
Which dumbphone are you using? The majority thereof seem to be KaiOS based, which frankly is not sufficiently dumb for me to warrant the switch.
First, the dumb phone is just that—voice and SMS only sans internet but more on that in a moment.
The router was designed to serve three purposes and I use all three of them: (a) to simultaneously connect up to five devices (smartphones/PCs etc.) to the internet via normal WiFi connection which it then routes to the internet via a mobile SIM card; (b) it's also a WiFi LAN switch in that it will allow local interconnection between the five connected devices; and (c), it has provision for an onboard SD card to which the five devices have access (i.e.: it acts as one's local mobile mini NAS). You'll see reference to detailed specs of the Hauwei R216 that I use in my previous post in reply to 1vuio0pswjnm7.
In my case, I use a fully-fledged reasonably current Android smartphone operated without SIM card and set to airplane mode for normal app usage, location and maps when needed, as well as internet browsing and non-Google email (POP/IMAP)—thus, the phone's only internet access is by either WiFi (to the router—my usual way) or Bluetooth—to another phone's internet connection (normally off).
Note: the phone is never used for telephone calls and it cannot be used as such as the router's SIM is a data-only type (that's to say one has a mobile phone number that cannot be used to make normal phone calls). Moreover my ISP, as many do, differentiates a data-only SIM/service from a normal one that does both. (In data-only services, one trades normal voice phone for extra data/cheaper data rates—you know, the usual ISP con job of artificially inflating a mobile phone's data charges. Nuking phone/voice access in data SIMs somehow—as if by magic—justifies ISPs to sell you data at a much cheaper rate. Furthermore, normal SIMs often won't work in routers for similar nefarious reasons).
As mentioned, I deliberately avoid Google services but using a phone this manner doesn't preclude one from doing so. I've found that if you use Google services, etc. then there's an added privacy advantage of disconnecting the phone from the actual telephone number as that now belongs to the router, moreover any app that that reads the phone's IMSI number will not be able to find a corresponding telephone number. I've several phones that I connect to the internet in this manner and every one of them has never had a SIM in it so Google is unable to link the phone's current ISMI-only configuration to any former IMSI/telephone number combination as there's never been one. Furthermore, in one instance when rooting one of my phones I accidentally formatted the partition containing the IMSI information, etc. and whilst I had the means of putting the info back I decided not to—thus apps no longer have even an IMSI number as an ID reference. Incidentally, this is still legal as far as regulations are concerned as the router and router SIM now provide the IMSI/phone number combination.
My phones also gain extra privacy from the fact that they're rooted, one can use the many Xposed Framework tools and such to improve privacy, nuke ads etc.
On the matter of firewalls, I normally use one on the smartphone itself rather than say installed in the router for purely practical reasons in that it's easy. The drawback of course is that if the firewall stops for any reason, which on occasions does happen (especially so after a full restart), then any apps that have a collection of data will use the opportunity to send it (my default is that no apps have internet access unless it's specifically needed as part of the app's function and the firewall is set accordingly—this also acts as extra method of nuking ads although I mostly use F-Droid's ad-free apps). This risk can be essentially eliminated with a rooted phone but I've not time to go into that here. BTW, I use several Android firewalls apps (not on the same phone of course) but I've found the easiest to use is Karma Firewall.
Re my dumb phone, I've been using an Aspera F28: https://asperamobile.com/phones/easy-phones/aspera-f28/ and its later incarnation the R30 but I'd not recommend them and they're unlikely to be available in many places. Their batteries are too small and of inferior quality and have to be replaced often (at least they're removable). Nor would I recommend other Aspera phones for similar reasons. I doubt that they use KaiOS, if they do then I've seen no sign of it. I reckon you're right to be worried about KaiOS especially so since Google has invested millions into the project.
Incidentally, I've other better flip phones such as Motorola ones that I can no longer use as they're only 2G (which is ideal for dumb phones) but unfortunately where I live they've now killed 2G. Doro dumb/feature phones may be worth considering as they've have always had a reasonable reputation (in the past I've thought about getting one but I've no practical experience of them). I know that Doro used to use their own OS but I cannot tell you much more than that except to say they do use KaiOS on at least some of their phones, the 7050/7060 for instance.
Of course, much depends on what you actually want to do. As I've mentioned in my previous post to 1vuio0pswjnm7 that carrying three devices instead of one can be rather inconvenient as there's more bulk to carry around and also the chances of losing one of the devices is potentially higher—one needs sufficiently large pockets to carry them thus size and bulk matters. As a person who's always carrying around lots of technical junk this is a hobbyhorse of mine and I'll address it in more detail when I reply to Iolaum.
"Network time can be disabled with the toggle at Settings System Date & time Use network-provided time."
Connectivity checks are enabled by default but can be disabled.
"Connectivity checks designed to mimic a web browser user agent are performed by using HTTP and HTTPS to fetch standard URLs generating an HTTP 204 status code."
"You can change the connectivity check URLs via the Settings Network & internet Advanced Internet connectivity check setting. At the moment, it can be toggled between the GrapheneOS servers (default), the standard Google servers used by billions of other Android devices or disabled."
Why these are enabled by default, i.e., opt-out instead of opt-in, is strange considering this OS is aimed at technical, security and privacy-conscious users. Users who would surely know what services they want and be capable of enabling them.
Yeah I agree, these settings should be disabled by default and require explicit opt-in. That said, I am impressed by how privacy/security-conscious the OS seems to be otherwise!
You can't really get rid of connectivity check, because it is a part of public API. Applications use it to check whether a network has internet access. Android itself uses it to detect captive portals and prompt user to authenticate when network requires authentication/payment via a web page.
I'm not suggesting they get rid of connectivity check. They already provide the option to disable it. All I'm suggesting is that it's not enabled until the user indicates they want it to be. This could be asked during a "first time" setup flow like most smartphones have.
* Usability: An OS without network connectivity checks and time sync might not be usable by non-geeks
* Obscurity: The threat from these pings is low. The threat of having a phone that behaves differently than "billions of other Android devices", indicating that it's GrapheneOS or some other security-oriented OS, is arguably higher.
I'm a little confused: GrapheneOS is the exception; almost every OS successfully implements connectivity checks. Also, the answer to the problem seems obvious: check again. Check every second or every 30 seconds, etc. It's just a ping.
Did you actually find any examples of GrapheneOS phoning home?
GrapheneOS doesn't rely on any third-parties I'm aware of. The only service provided is over-the-air security updates. It doesn't even come with an app store (although you can install F-Droid).
For that reason, GrapheneOS alone fits all three categories you mentioned: It is Android, it is GrapheneOS, and it is fully controllable / doesn't ship bloatware.
It is not controllable at all: It still enforces any app author's will against the user's. Root is not offered, and the grapheneos maintainer seems to be personally offended by the thought that root could be helpful.
What I mean: I cannot see the app's files, I cannot edit them, I cannot backup the app locally, only by uploading data unencrypted to googles cloud. Adb backup was unreliable in the past, could be switched off by the app against my will, an is deprecated anyway. I cannot screenshot an app if the app doesn't want me to. I cannot block ads properly, only via some fake VPN app, but then I cannot use an actual VPN at the same time. I cannot firewall an app, except with a hack using another fake VPN app. I cannot disable an app into background. I cannot give a fake GPS to an app.
I cannot have f-droid auto-update my apps. All of these things I should be able to do, but the anti-user "security" enforces this against me, actually hurting my security in order to make googles and shady app vendor's business models possible. And then they claim it's for my own good.
A lot of the "root is bad mkay" is fueled by this more or less hidden agenda. That it helps to idiot-proof devices is a nice side effect only. Historical proof of this hypothesis is: When TCPA was first introduced it was explicitly made for DRM. People fought it a lot, so today they are introducing it disguised as security measure.
For your later linked examples, those can be changed.
But as for the microG/GApps question, GrapheneOS provides a sandbox for the actual GApps, so that almost everything can run properly, with very strong control over what is seen by Google.
How is Pinephone coming along toward this year's end?
I check in every now and then, but I need it to be where current Lineage/Graphene are. I don't need trivial software (games et al), but I need it to be automatic enough* that I don't have to spend an evening or weekend unbreaking things – and reliable all the same.
* barring basic things like package manager updates
And nowhere near the security of even stock Android, unfortunately. Every app is free to spy on everything else on the system, just like most desktops.
Has anyone succeeded in running multiboot on "smartphone" hardware, i.e., where the user can boot into a choice of kernel/userland. One choice might be Android, another might be GrapheneOS/LineageOS, another might be an OS that does not rely on any third parties whatsoever (no conveniences, "app stores", "connectivity checks", etc.) and is fully controlled by the user. In other words, the third choice lets the pocket-sized computer be used more like a pre-smartphone era desktop/laptop OS. Basic functionality.