Privacy: Linux Phones

"Thanks, I hate you," you might say. "I'm terrified of my phone and every app on it." First off, excellent. Second, don't be.

The advice I've listed on this site is designed to reduce the amount of tracking and the risk of your mobile device. If you use the settings, apps, and habits I suggest, you're actually doing incredibly well, regardless of your operating system. But if you want to go even one step further, you can actually flash Linux on your phone, which will help to even further reduce the amount of data being recorded, as well as reduce your attack surface (people generally don't try to build malware for Linux because a) the users tend to be more tech-savvy, b) relatively few people use it, and c) there's so many different versions that building a malware that works on all of them is virtually impossible).

Keep in mind that no matter the operating system you use, your phone will always transmit location and usage data that will be recorded by your service provider. However, using a Linux phone means that there's no Apple or Google collecting additional data, so the amount of data you send will be dramatically reduced.

The Flavors

There's four main flavors of mobile Linux, and those can be divided into two categories. The first category is "out of the box." This would be phones that are maintained by an actual company, and includes the Librem 5 and the Pinephone. The main advantage to these phones is that they come ready to use out of the box with no additional effort on your end (besides the normal amount of setup) and that there's a company who can provide support for the product. Between the two of them, Pinephone is basically in open beta so while it is significantly less expensive, it is expected to come with small glitches and some self-sufficiency. The Librem 5 is a more polished product, but the backorder places a ship date at approximately six months away.

The second category would be "DIY," and this includes LineageOS and GrapheneOS. There's a few others, but those two seem to be the only ones that are actively maintained. The reason I call these phones "DIY" is because they require you - the end user - to purchase the desired device and flash the operating system onto the device yourself. Unlike the "out of the box" devices mentioned before, these don't come ready to roll with a Linux distribution on them. Between the two main distributions I mentioned above, Lineage has a much wider audience and is more focused on privacy and features (for example, one of my favorite features is that the phone doesn't log "sensitive" phone numbers such as women's shelters) while Graphene is focused on security and making the phone as "unhackable" as possible.

Getting Started

As much as it pains me to say, I hesitate to recommend either of the "out of the box" varieties. Unless you're willing to jump through some extra hoops to enable to Google Play store and subscribe to a MySudo subscription, the phones are stuck with their SIM numbers. They have almost no SIM capabilities and are both still very much in the testing phase. Expect bugs, frequent updates, and a lot of work to make them work. Between the two remaining distributions, both seem to be fine choices. Lineage does enjoy much wider adoption, but anyone confident enough to take the leap into self-flashing a Linux phone is probably tech-savvy enough to figure out how to make it work. From there it's purely a matter of preference and what physical device you want.

If you've suddenly realized that all of this is over your head and you'd prefer to stick with a mainstream, stock mobile phone, go back to here to start from the beginning on which one I recommend and which changes I suggest.