That is a vast oversimplifications. Custom Android builds either rely on reverse engineered drivers, or vendor kernels, or mostly undocumented drivers and custom kernel patches.
Custom “ROMs” are often very insecure, as they use the outdated stock vendor kernel of the original OS, as it is so customized. Not always, but often.
Then you have firmware, which is responsible for a ton of tasks on Android phones, way more importantly than on a PC. There is an entire separate, proprietary chip in there, connecting to sensible and insecure networks like 2G and 3G (the modem/baseband).
And yours is a vast exaggeration.
You do realize all of these phones are using either Qualcomm or Mediatek chips and designs which already have those tracking firmwares right?
All of these companies are using these firmwares.
As for the Custom ROMs it depends on the device and the custom ROM you’re using. So, calling them entirely working on reverse engineered is a bit much.
That’s why these so called free phones need hardware kill switches.
Even that article you linked states this. So, unless these guys come up with 100% pure homemade hardware and Linux based OS they will never be free from tracking. Even then they won’t be free from tracking.
Hence my point: You can get the same level of de-google and untraceable stuff with using a proper Custom ROM suitable for your device.
I don’t think we do… I already addressed your firmware point and I believe I said proper Custom ROMs.
If you’re calling GrapheneOS, DivestOS, CalyxOS or LineageOS and many more as unsecure and claim they don’t have up to date security patches I don’t know what you’re talking about.
Considering that the big Android brands such as Samsung, OnePlus, Xiaomi etc… Lags behind in such security updates as far as one year or never provide such security updates for old devices. You must be ignorant of this fact.
I have an OnePlus 7T Pro which was released in October 2019 and I bought it in 2020 and I still use it with the latest Android and security patches thanks to Custom ROMs. Mean while OnePlus doesn’t provide any updates since January 2023. So, by your claim my phone would be more secure with 2023 security patches than having a proper Custom ROM that has 2026 security patches. Tell me you see what’s wrong with your claim please.
These Custom ROM projects are followed very closely by the community, like Linux project. They provide proper support via Android Open Source unlike your claims to reverse engineered drivers, because the companies are legally forced to provide their source codes. Some companies do it in a timely manner some do it late. From my personal experience phones that have Qualcomm chip sets don’t have problems with having the drivers and source codea. Only the proprietary chipset such as Samsung’s exynos and Mediatek are the problem that needs the revers engineered drivers.
So, to sum up, no, we don’t talk past each other! It’s clear you don’t know what you’re talking about when it comes to Custom ROMs, Android Open Source, how the software and firmware works on Android.
DivestOS is dead. CalyxOS is paused. I specifically meant Android builds that have up-to-date build systems but support devices that are EOL from their creators.
They cannot sign firmware and thus not install it even if it was reverse engineered. And they might not patch an updated kernel to work, and ship an outdated kernel instead.
That is a vast oversimplifications. Custom Android builds either rely on reverse engineered drivers, or vendor kernels, or mostly undocumented drivers and custom kernel patches.
Custom “ROMs” are often very insecure, as they use the outdated stock vendor kernel of the original OS, as it is so customized. Not always, but often.
Then you have firmware, which is responsible for a ton of tasks on Android phones, way more importantly than on a PC. There is an entire separate, proprietary chip in there, connecting to sensible and insecure networks like 2G and 3G (the modem/baseband).
I found this article to explain the situation well
And yours is a vast exaggeration. You do realize all of these phones are using either Qualcomm or Mediatek chips and designs which already have those tracking firmwares right?
All of these companies are using these firmwares. As for the Custom ROMs it depends on the device and the custom ROM you’re using. So, calling them entirely working on reverse engineered is a bit much. That’s why these so called free phones need hardware kill switches. Even that article you linked states this. So, unless these guys come up with 100% pure homemade hardware and Linux based OS they will never be free from tracking. Even then they won’t be free from tracking. Hence my point: You can get the same level of de-google and untraceable stuff with using a proper Custom ROM suitable for your device.
This is not about tracking but basic security patches. I feel we are talking past each other
I don’t think we do… I already addressed your firmware point and I believe I said proper Custom ROMs. If you’re calling GrapheneOS, DivestOS, CalyxOS or LineageOS and many more as unsecure and claim they don’t have up to date security patches I don’t know what you’re talking about. Considering that the big Android brands such as Samsung, OnePlus, Xiaomi etc… Lags behind in such security updates as far as one year or never provide such security updates for old devices. You must be ignorant of this fact.
I have an OnePlus 7T Pro which was released in October 2019 and I bought it in 2020 and I still use it with the latest Android and security patches thanks to Custom ROMs. Mean while OnePlus doesn’t provide any updates since January 2023. So, by your claim my phone would be more secure with 2023 security patches than having a proper Custom ROM that has 2026 security patches. Tell me you see what’s wrong with your claim please.
These Custom ROM projects are followed very closely by the community, like Linux project. They provide proper support via Android Open Source unlike your claims to reverse engineered drivers, because the companies are legally forced to provide their source codes. Some companies do it in a timely manner some do it late. From my personal experience phones that have Qualcomm chip sets don’t have problems with having the drivers and source codea. Only the proprietary chipset such as Samsung’s exynos and Mediatek are the problem that needs the revers engineered drivers.
So, to sum up, no, we don’t talk past each other! It’s clear you don’t know what you’re talking about when it comes to Custom ROMs, Android Open Source, how the software and firmware works on Android.
DivestOS is dead. CalyxOS is paused. I specifically meant Android builds that have up-to-date build systems but support devices that are EOL from their creators.
They cannot sign firmware and thus not install it even if it was reverse engineered. And they might not patch an updated kernel to work, and ship an outdated kernel instead.