Porting Android to PCs (Desktop Security)

Yes, you heard me right. Desktop operating systems have been constantly criticised for being inferior to iOS and Android security-wise, because they still have an outdated security model as a foundation, and they don’t make as much use of modern exploit mitigations. Windows and macOS have been making some progress on remedying their problems, but it’s a very slow process as these issues stem from fundamental weaknesses in the core design of these systems.

https://madaidans-insecurities.github.io/security-privacy-advice.html#desktop-os

That got me thinking - if Android (AOSP), being a secure OS, and being open-source, were ported to PC, it might solve a great deal of issues for a daily driver. Obviously it’ll still have hurdles to clear, but if it were to be done, we’d finally see a secure desktop OS by design. Besides, even GrapheneOS started from Android because it provides such a strong foundation for a strong operating system.

Now, Android being a mobile system cannot support a lot of desktop functionality, but again, it doesn’t need to for every type of user.
The average PC user can do most of the tasks they do on their PC on Android or iOS anyway, like browsing the web, using messaging and communication software, purchasing things and online banking, etc.
It won’t be able to do heavy-duty industry work like programming or running CAD software or playing video games. But it doesn’t need to.

Chromebooks sell as cheap laptops with basic functionality - an Android PC won’t be too different.
Besides, for larger landscape-oriented screens, Android already has support for tablets. Considering it also has built-in keyboard and mouse support by default, this would be possible to use with the ecosystem of apps on Android.

I started looking for attempts to port Android to PC (not counting proprietary emulators like Bluestacks) and found only one - BlissOS, a fork of the now largely inactive Android-x86. However, it sadly doesn’t seem to have a focus on security, and provides rooted builds by default, which is a security risk. Still, their work is very impressive regardless, and considering that it’s open-source, provides a good starting point.

https://madaidans-insecurities.github.io/android.html#rooting

This post is meant to start some discourse and get the community’s thoughts on such an approach - would it be worth trying to obtain a GrapheneOS-like hardened Android system but for PCs so that security on desktop would improve? It would sidestep a lot of the issues with building a “hardened” Linux distro that will ultimately be incompatible with the lack of security the ecosystem provides by default.

It won’t have the same hardware-based protections that iOS and GrapheneOS provide, but it’s a start.

P.S. Porting ChromiumOS occurred to me too, but it turns out running Android apps on it requires you to use ChromeOS, not ChromiumOS. If you stick to ChromiumOS, the software library will be very limited, far less than an Android fork.

2 Likes

Secure hardware and firmware are foundations for a secure OS and device. Using Android on desktop hardware will not cut it. That’s why Google Pixel devices are the only devices that are supported by GrapheneOS.

Even then, software-wise, Android just has too much of an edge over desktop Linux and Windows not to consider it. Stronger sandboxing by default, a largely memory-safe codebase, better permission control, better exploit mitigations. And those are just some of the larger advantages.

It’s not going to be as good as a Pixel, but it would still be too good of an improvement to pass up.

(Edit: Also, it’s not like a secure boot chain or TPM-based protection would be impossible to code in. It won’t be as good as it is on phone hardware, but again, compared to the state of the desktop ecosystem, it is still worth considering.)

A workaround could be use scrcpy to have your pixel with GrapheneOS on desktop. You could do basic tasks in mobile and anything else on the desktop os.

1 Like

If you have a Pixel 8 or later, then you can just connect a mouse, keyboard, and monitor because Pixel 8 or later supports DP.

If you have something older than you could use scrcpy, but if you wanted to mirror the screen on your monitor, it requires enabling developer options and grating your PC access to USB debugging, which basically lowers your security to desktop level, I wouldn’t recommend it.

If you aren’t a developer, then developer options should be disabled, especially USB debugging.

That’s not a substitute, sadly.
scrcpy requires you to turn on USB debugging on your phone which is a clear security risk. Developer options shouldn’t be left on by default. It only multiples attack surface, and at what cost?

The question here is whether porting Android to PC would result in better security. It need not be on par with an Android phone, but it would still massively improve security on desktop regardless.
Using an insecure desktop OS to remote-control an Android phone while worsening the security of both is worse than just using them separately.

So the question remains: would natively running Android on a PC be worth it for the substantial increase in desktop security?

No, get a Chromebook or a MacBook.

Regardless of the intentions and goals, the software side of things is going to be really bad. Many mobile apps suck, and Android Chromium doesn’t support extensions upstream (Kiwi exists, but as I mentioned - upstream). Hell, you even lose stuff like user-exposed virtualisation tooling (like using QEMU/KVM with libvirt) or anything related to system maintainence like firewall configuration, disk partitioning, system logging etc.

You could argue some of these, like system logs, are more of “developer utilities”, but what if you need a hosts file to block adware domains? You’re still going to root Android desktop to achieve something like that. This just seems redundant.

1 Like

What is Desktop Linux even missing at this point, other than verified boot and other hardware-related security features? Is there a comprehensive list somewhere?

There are projects that implement MAC for most root processes, Flatpak/Firejail/Bubblejail exist to create sandboxes of unprivileged apps with minimal effort, some Wayland compositors are secure display servers afaik, and you can always use something like Gentoo and compile everything that is possible with clang and hardened flags.

Exactly. Even for more average users, there’s functionality that is completely missing from Android unless you root it, like audio effects. There are some workarounds/hacky solutions but these are not perfect.

Android is fine for phones because you don’t do that many things on it, but running it on a desktop would probably be very painful. Maybe usable for some, but painful.

1 Like