Librem seems to have the correct way forward, reject the big mess of Android and catch up to it with completely Open pieces.<p><a href="https://puri.sm/products/librem-5/" rel="nofollow">https://puri.sm/products/librem-5/</a><p>They're making good progress and I can't wait to be able to update my handheld device with mainline pieces for as long as anyone who still uses one cares to update it. Currently my Samsung Android device is at Dec 2018 patchlevel and nothing I can do about it.
A very condensed version of the messy CopperheadOS implosion is: <a href="https://en.wikipedia.org/wiki/CopperheadOS#History" rel="nofollow">https://en.wikipedia.org/wiki/CopperheadOS#History</a><p>It's good that the tech person is moving on, but Android doesn't seem a great starting point if privacy&security are the top priorities (as opposed to remaining captive in the Android camp, with some belief that you're a bit more secure than default).
Creator of CopperheadOS [0] and now GrapheneOS, Daniel Micay, was a prolific contributor to rustlang-core [1] but did rub off the rustlang community the wrong way? If I'm not mistaken he has a history of contributing to Arch Linux, as well.<p>What happened with CopperheadOS was unfortunate [2]. I hope Daniel [3] is able to work on GrapheneOS on his own terms [4]. The work that was done had garnered a lot of following and there's hope, given his exploits in the past, that he'd be able to steer this non-profit to heights where industry leaders building SilentCircle [5] and CyanogenMod failed.<p>Sure will be following the project from afar and routing for its success.<p>Good luck Daniel.<p>[0] <a href="https://www.reddit.com/r/CopperheadOS/comments/8qdnn3/goodbye/" rel="nofollow">https://www.reddit.com/r/CopperheadOS/comments/8qdnn3/goodby...</a><p>[1] <a href="https://news.ycombinator.com/item?id=9551937#9552769" rel="nofollow">https://news.ycombinator.com/item?id=9551937#9552769</a><p>[2] <a href="https://news.ycombinator.com/item?id=17289536" rel="nofollow">https://news.ycombinator.com/item?id=17289536</a><p>[3] <a href="https://news.ycombinator.com/user?id=strcat" rel="nofollow">https://news.ycombinator.com/user?id=strcat</a><p>[4] <a href="https://news.ycombinator.com/item?id=19501643#19559969" rel="nofollow">https://news.ycombinator.com/item?id=19501643#19559969</a><p>[5] <a href="https://news.ycombinator.com/item?id=12047219" rel="nofollow">https://news.ycombinator.com/item?id=12047219</a>
<a href="https://grapheneos.org/#roadmap" rel="nofollow">https://grapheneos.org/#roadmap</a> is pretty interesting:<p>> Details on the roadmap of the project will be posted on the site in the near future. In the long term, it aims to move beyond a hardened fork of the Android Open Source Project. Achieving the goals requires moving away from relying the Linux kernel as the core of the OS and foundation of the security model. It needs to move towards a microkernel-based model with a Linux compatibility layer, with many stepping stones leading towards that goal including adopting virtualization-based isolation.
It supports the Google Pixel range of phones only so far.<p>So in order to get that is more secure and more independent from Google I have to buy a Google phone?
For anyone interested in doing their own customizable builds of AOSP for Pixel devices check out: <a href="https://github.com/dan-v/rattlesnakeos-stack" rel="nofollow">https://github.com/dan-v/rattlesnakeos-stack</a>. This doesn't have any of the security hardening features of GrapheneOS, but does have some of the same security properties like verified boot, OTA software updates that included updated firmware/drivers, support for remote attestation, etc.
Stock-ish Android that gets updates is good enough for me. I'm looking forward to wider support of U2F over NFC in general though, I don't keep data on the phone itself.<p>You can buy a contactless smartcard for $15 each and install this on it <a href="https://github.com/tsenger/CCU2F" rel="nofollow">https://github.com/tsenger/CCU2F</a>
What does it matter if you are still running proprietary software with direct memory and CPU access on your network, camera, ...<p>Android can give you privacy and enough security for most people. This can't add much more as long as its running on the same devices.<p>This is a great effort and I support it, but let's not imagine this will make our phones that much more secure.
"Android compatibility" implies that it's something entirely new. It appears to be an Android fork that simply hasn't done away with compatibility. There are neat ideas and all, but the title implies that it's something that it isn't.<p>Lastly, I wonder how this will do over time considering Fuschia.
I can see what the focus is, but I couldn't find a page that clearly spelled out differences with AOSP. I realize that's a missing target, but as a potential user it's interesting to know how it's going to be different than stock Android (beyond what the "focus" is).
I need to try this, I also need to get a Librem 5, and build my project for it. Anyone know of any good projects for replacing google services with FOSS services that do the same basic things?
I shouldnt be commenting. But os with new kernel like chrome os would be ideal for security, privacy and performance. Only thing left is open hardware not sure how to go about it.