I have been slowly degoogling my life by reducing my use of Google apps and switching to FOSS alternatives. I recently created a Proton account and tried to keep it completely isolated from my default Google account so as to not let it know what my Proton mail identity is. I have finished my transition in my desktop to the best of my ability and am planning to start the same with my mobile. The only thing I have done in my Android phone related to Proton is having downloaded ProtonVPN and signed into my account within the app. However I fear by downloading ProtonMail and signing into it, my Android phone would identify the email account, which could make this entire transition useless. Is there a way to avoid this situation or has the damage already been done. What does Google know about my Proton account, if at all?
Now about OSs.
Most privacy oriented mobile OSs are based on AOSP. Ubuntu touch may qualify as an option that is not, but due to it’s lack of the added security layer that Android provides, I would strongly advise against it.
The “golden standard” for Security and Privacy on a smartphone is GrapheneOS. GrapheneOS has extensive hardening, uses their own servers for services that are usually provided by Google and if a vulnerability is detected they are the first to patch it. I remember reading Kuketz’s security blog, where he contacted the Graphene devs about the fact that at system start, their OS, by default, asks Google servers for the time. He analyzed a few OSs and all had this issue iirc, but it took the team of Graphene mere hours to make the device call their own Server and roll out an Update. They regularly patch vulnerabilities before Google does. What’s the catch? It currently is only developed for Google devices due to their superior security. This includes the tablet. While GrapheneOS has a lot of amazing stuff, my favorite is the fact, that by default, no app has any permissions and I have even finer control over those permissions than I have on stock Android. The big one here is internet access permission. I would play Graphene badly though by just leaving it at that, so I would advise you to check the feature page. Graphene will support a device, as long as it gets security updates by it’s vendor and fulfills their device requirements. This includes new Android versions and is another reason why the Graphene team chooses Google devices, as these logically always have the newest version first.
CalyxOS is a rom often compared to GrapheneOS. I believe this could be, because Calyx and Graphene favour Google devices. Calyx however is nowhere near as secure and as hardened as Graphene, though it is hardened well. The people behind Calyx are incredibly good at networking and by default you get an incredibly fine tunable firewall. It is often used to block certain IPs, say a Google Server. Unlike Graphene, Calyx has support for Microg, which all of the following roms have. This is bad for security and good for usability. Choose your poison. Calyx is also more performant than Graphene, as it is not quite as hardened. Taking Kuketz’s blog as an example again, the answer of the Calyx institute on the question about the Google server call for time was that it is “intended behaviour”. While I don’t doubt that it is, I do not like this at all, especially as this service is easily replacable without consequence. The Calyx institute has a very friendly community and is more than just the OS. They have other tools at their disposal, most of which focus on networking, including the free VPN, that is not a scam, but really slow. Calyx works on the Fairphone, Pixels and the Shift phone. Please do check out the feature page.
Lineage is a rom that was created out of the need to bring devices that have lost update support from their vendors back to life. As a result, it is neither specifically made for security or privacy nor should it really be used for other reasons than it’s reason for creation. It is supported over a wide range of devices and as such does not support specific security features offered by the hardware. It is made to just work on everything.
DivestOS is one of the few mobile OSs that is not built on top of AOSP. It is only by extension, as it is built on top of LineageOS. It too has a wide range of supported devices. What sets it apart from LineageOS is that it has a lot of the hardening that Graphene has. It still has the issue of the widely treaded support, but it would be my second choice for security. The “team” of this project is only made up of one very knowledgeable guy though, so as always be careful. Divest also has incredibly useful resources on their website where they e.g. compare browsers in privacy and security in a concise manner. As Divest does not have a singular feature list, just look through their website to find out if it’s a match.
iodé is an OS created in one of the nordic countries. I believe it was sweden? They have a giant, system wide ad and tracker blocker that is incredibly configurable. This approach is not very beneficial, as this is not privacy friendly but ad reducing. The issue is, that there is one point of defense. That is not enough. Calyx has something like this with its firewall on top of it’s great hardening and google reduction. While iodé does reduce the use of proprietary apps, their goal was never to provide a private experience, but to provide an adless one.
/e/ os is weird. I like it, but it’s weird. I will call it æ from now on as that is faster to type. Project æ, the project behind æ OS, has the right goal. They want you to have a google free experience. I believe the OS has some hardening. Not on the same level of Graphene, Calyx and Divest however, which themselves are on differing levels. With this OS, you get some benefits. Project æ has created an app store. Inside this app store are reviewed and approved apps, which they apparently did by hand. I have never had an æ os device, but I believe that in this app store proprietary software is also available. You get a similar rating to the software that F-Droid and Exodus provide, just done by humans, so they have given the apps points in different categories and explain why, which is indeed more advanced than the alternatives. æ OS also comes with a possible cloud subscription. I do not recommend this, as it just seems to be a Nextcloud reskin. Nextcloud does not have a good encryption method, as the key for decryption of the files that are encrypted at rest is saved in clear text. Murena, which I think is the same group behind æ also sells phones with æ OS preloaded. They have partnered with fairphone to make the newest Fairphones available at their shop. All of this capitalism is not important for you though, that’s to keep the project going. æ OS supports a wide range of devices which, again, is not desirable for security purposes. Check it out here.
A note on Copperhead. The creator of CopperheadOS and the creator of GrapheneOS used to both develop for Copperhead. The current Copperhead owner has made bad choices back then, so the creator of GrapheneOS has split himself from the project and made his own. Do not trust Copperhead, it may still be recommended in some old post.
If you know german, please take a look at Kuketz’s blog, where he currently is comparing these custom ROMs. I am not in any way affiliated with him.