DivestOS used to be recommended and it looked like a good option for anyone who couldn’t get a Pixel or had to use an older Android. It has been a while since it ended development and Privacy Guides still only has the GrapheneOS recommendation so I am looking for alternatives myself. It looks like most people here don’t prefer LineageOS or /e/OS but opinions on IodeOS are not clear. The accepted answer is just a large comparison chart that is hard for me to interpret so I wanted to ask more directly if IodeOS is now the next best option after GrapheneOS?
I see people in other threads claiming anyone can afford a Pixel if you just buy used but that isn’t true everywhere. There are many countries where most people have to use outdated Samsung or Chinese phones. Even getting an old Pixel can be too expensive or rare to find.
yeah it seems the general consessus is if a Pixel simply cannot be an option, feel free to get a phone and try using LineageOS or iodeOS, better yet just get an android phone and debloat it if you got that capacity, Im hoping to work on a guide but I am getting a little indecisive lately so idk when will that be.
Any major OEM with original operating system is better than iodéOS, /e/OS, or LineageOS. Especially phones from profitable companies which claimed to be focused on privacy like Murena and Jolla(they spread misinformation about GrapheneOS).
I think the reason you haven’t seen an easy answer to this is because it depends on who you are, what your needs are, and what your threat model is. Without GOS, there’s not really an easy recommend for everyone because GOS is just so much better than everything else. For regular people with a low threat model, I would be inclined to say look for anything you can find that GOS still allows you to install GOS on and make use of GrapheneOS extended support which provides software updates but not firmware updates. Even without firmware updates, the privacy is going to be better than anything else out there and the security will still likely be better than most if not all of the alternatives.
If a pixel with GrapheneOS is truly an impossibility, major phone manufacturers with stock android are likely going to be the better option for security and usability over custom ROMs. Degoogled ROMs like the ones you mentioned are significantly less usable than GrapheneOS because they don’t have sandboxed google play services. So it depends on what apps you need. These ROMs are also significantly less secure than stock android and GrapheneOS because they tend to lag behind on updates and I don’t believe any have verified boot.
As for which of the ROMs are best, I would probably personally lean towards LineageOS because it is just the most well established option and I believe the most private as well.
These were recently delisted from the website since they are all over afaik.
Pixel 6 at minimum is necessary but EOL in October. Best to get at least an 8 so you have MTE.
Oh wow I checked just the other day and they were still there. Never mind OP.
In that case, I would say, if GOS is not an option and security matters at all or the apps you need won’t work without google play services → stock android
If security and usability don’t matter and you just want the most private (purely in terms of OS-level snooping) non-GOS option → likely LineageOS is best
This is a misconception that mostly stems from OEMs dragging their feet in supporting frequent Over-the-Air updates (it is expensive, especially if multiple devices across multiple AOSP versions need to be supported by large OEMs).
The Android Security team promises to push out security patches every month, including backporting it. On any (certified) Android, the security patch level information is useful to verify just how removed one’s installation is from the current patch level.
Since Android 8 (or whenever Project Treble was rolled out), Google has sought to make it easier for OEMs to update the Android Commons Kernel/OS separately from breaking any vendor-specific modifications.
And since Android 10, some of the core AOSP components (like the Android RunTime) have been independently updatable (that is, without the involvement of OEMs). I think, may be I’m wrong, OEMs and silicon vendors can (have?) adopt the same setup Google follows for their own components, including device drivers.
Google definitely makes it pretty confusing for what Android versions get security updates and yeah it’s then up to OEM’s to distribute it. According to Android OS | endoflife.date Android 13 is the oldest version to still get updates which checks out with Google’s last security bulletin. It seems like Android 13 will be EOL soon, so moving to 15 is a good call.
Google does not backport all security patches, only high and critical.
Google barely bothers to fully utilize the latest GKI on their own Pixels last I checked.
If you’re not on Android 16 QPR2 right now, you’re missing patches.
If you’re running GrapheneOS (security preview channel) right now, you get patches that aren’t going to be released until June 2026.
I strongly urge people to move to either of those, preferably the latter.
The situation is downright abysmally horrendous.
High & Critical seem to cover a fair ground for the parts that Google maintains (ACK/GKI + Framework/Platform)? I haven’t been following, but do Moderate and Low end up being a severe concern, especially post Stage Fright (Android 6+) and sandboxed HALs (Android 8+)?
At least from experience, the OEM I worked for (Bender/Cupcake through to Marshmallow), did contract silicon/SoC vendors to backport most if not all patches, while the OEM also had a dedicated team working across the entire framework & platform (including the Kernel & parts of BSP) evaluating and even making patches (interestingly, some of these people now work on AOSP at Google in leadership positions, with one of them in charge of ACK/GKI…). In several high-profile cases though, it was the vendor themselves who had to be patching their own code, anyway.
I always thought Google built GKI for other SoC vendors… as they themselves never had to convince their own selves shipping latest Kernels to Pixels? That said, latest GKI may also not be the most stable version out there for the combination of drivers a Pixel or any device may need to support?
Isn’t it better to use a custom ROM on a phone no longer receiving updates from the manufacturer? Even the cheapest phones still receiving updates like the Samsung Galaxy A03 and A04 receive security updates every 3-6 months, but IodeOS receives them in 2-4 weeks and LineageOS receives them in 1-2 weeks. Or am I misunderstanding?
LineageOS doesn’t but IodeOS supports it when the device supports it. I’m confused about /e/OS.
I think LineageOS is definitely better if your device can’t support verified boot with IodeOS, but for devices supporting it I guess we have to choose between quicker updates with LineageOS or verified boot with IodeOS.