Show HN: RattlesnakeOS – build and run your own privacy focused Android OS (opens in new tab)

(github.com)

37 pointsdanvittegleo7y ago19 comments

19 comments

18 comments · 8 top-level

danvittegleoOP7y ago· 2 in thread

This cross platform tool provisions all of the AWS infrastructure required to build your own personal privacy focused Android OS on a continuous basis with OTA updates. It currently supports Pixel phones (Pixel, Pixel XL, Pixel 2, Pixel 2XL). Highlights include:

* Verified boot (https://source.android.com/security/verifiedboot/) like stock Android (almost all ROMs disable this) and with your own signing keys

* Latest monthly security updates from Google

* OTA updates from S3

* No Google services

* Latest F-Droid as open source alternative to Google Play store

* Latest Chromium w/ adblocking and privacy patches

IE67y ago

> * No Google services

Question about this - my blackberry q10 had an android vm on it but the limitation of "no google services" meant that unless the app used none of those APIs it would not run. Surprisingly this was very limiting - have you had a similar experience?

danvittegleoOP7y ago

That's a great question. I would say it is a bit limiting, and there are definitely some bumps in the road for the average user coming from stock Android. There are a lot of great open source applications in the F-Droid app store, but it definitely doesn't cover everything you'd expect from a stock phone these days. There is an app, Yalp Store (it downloads APKs directly from Google servers), that can be used to supplement this with normal Play Store apps. Many apps in the Play Store will rely on Google services though, so you will have a wide variety of results ranging from apps running just fine, crashing on boot, or not supporting push notifications. For me, not getting push notifications in Slack was an issue as it relies on Google Cloud Messaging (GCM). Luckily the encrypted chat messengers that I use Signal/Telegram have support for their own polling mechanism and don't rely on GCM. For Slack I ended up just writing a quick tool (https://github.com/dan-v/slack-to-telegram) to forward messages to Telegram so I get immediately alerts. But it's things like that this that you will definitely run into when running without Google services.

bubblethink7y ago· 2 in thread

Once you rip out any non-free CoS code, it would make sense to offer binaries to people, perhaps through donations or a small fee, if you need to cover hosting/cdn costs. While this is cool, it's still cumbersome and quite wasteful for everyone to reinvent the wheel.

danvittegleoOP7y ago

Thanks for the response! Unfortunately, I'm personally not interested in distributing binaries of the OS for public consumption, as I think installing an OS from a unknown person on the internet is probably not the best approach for a privacy/security focused Android OS. I personally would prefer to do my own builds with my own keys so that I know what is running on my phone - hence why i created this tool. That said, it doesn't mean someone else can't spin up a public version of this setup using this tool.

bubblethink7y ago

>installing an OS from a unknown person on the internet

Eventually, what is needed is something like reproducible builds so that you can claim that this binary corresponds to this source tarball. I don't know where AOSP stands in that regard. The keys should be the only thing that users should ideally manage. i.e., You get the generic binary (that is known to correspond to source tarball), sign it with your keys, and flash it. Just throwing ideas. This may not be in the scope of your project.

1 more reply

wpdev_637y ago· 2 in thread

If the underlying hardware of the phone is compromised, then it doesn't matter what you run on top of it.

I am not saying that you shouldn't try rattlesnakeos just that the people you would be installing it for, still have access to everything on your phone.

If you value your privacy you would buy a simple dumb flip phone, solder out the microphones and cameras and use a wired headset. They can still get an approximate location of you through stingrays and such but it's better than nothing.

danvittegleoOP7y ago

Agreed that if lower level hardware is compromised it doesn't matter what you run on top of it, and RattlesnakeOS doesn't protect from that other than keeping components up to date with latest security patches. I think if you are going to buy a dumb flip phone and solder out components for privacy, you are probably better off just not having a phone at all. This project is more about having a useful smartphone experience while still focusing on privacy and security.

wpdev_637y ago

Yeah but everyone needs to use a cellphone in this day an age so if you don't want to be tracked like a sheep then a dumb phone with the microphone and camera removed will do the trick. They(3 letter agencies) can only track you to an approximate location and probably are unable to run it in fake off mode if you want to turn it off.

It's actually pretty liberating to have a purpose driven cellphone to only communicate with.

Tepix7y ago· 2 in thread

Please add Nexus 5x support like CopperheadOS had.

danvittegleoOP7y ago

Nexus 5x is end of life unfortunately, which means it won't get security updates from Google and therefore isn't a great fit for this project.

busterarm7y ago

What about Nokia 6.1? :D

busterarm7y ago· 1 in thread

Any plans to add remote hardware attestation verification to the EC2 infrastructure?

https://github.com/AndroidHardeningArchive/Auditor/releases (though sadly Copperhead's fdroid repo is dead)

danvittegleoOP7y ago

I haven't spent much time looking at this part of the project as my phone isn't supported but it does look really neat. On my next phone upgrade I will probably investigate.

hiccuphippo7y ago· 1 in thread

What would adding support for other phone models entail? Just adding drivers for their different parts?

danvittegleoOP7y ago

Unfortunately there aren't very many phones that currently support verified boot (https://source.android.com/security/verifiedboot/), which would be a requirement to be supported by this project.

grizzles7y ago

It would be cool if you could get this stack going on a <$100 phone. There are some really cool products I could sell around that price point that I couldn't sell at anywhere near Pixel prices.

A company that did the heavy lifting for startups that want to reimagine the user facing side of (eg. LineageOS compatible devices) would be an interesting proposition.

dangerface7y ago

This is fucking cool.

How difficult would it be to port this to another phone like the 1+n?

j / k navigate · click thread line to collapse

19 comments

18 comments · 8 top-level

danvittegleoOP7y ago· 2 in thread

* Verified boot (https://source.android.com/security/verifiedboot/) like stock Android (almost all ROMs disable this) and with your own signing keys

* Latest monthly security updates from Google

* OTA updates from S3

* No Google services

* Latest F-Droid as open source alternative to Google Play store

* Latest Chromium w/ adblocking and privacy patches

IE67y ago

> * No Google services

danvittegleoOP7y ago

bubblethink7y ago· 2 in thread

danvittegleoOP7y ago

bubblethink7y ago

>installing an OS from a unknown person on the internet

1 more reply

wpdev_637y ago· 2 in thread

If the underlying hardware of the phone is compromised, then it doesn't matter what you run on top of it.

I am not saying that you shouldn't try rattlesnakeos just that the people you would be installing it for, still have access to everything on your phone.

danvittegleoOP7y ago

wpdev_637y ago

It's actually pretty liberating to have a purpose driven cellphone to only communicate with.

Tepix7y ago· 2 in thread

Please add Nexus 5x support like CopperheadOS had.

danvittegleoOP7y ago

Nexus 5x is end of life unfortunately, which means it won't get security updates from Google and therefore isn't a great fit for this project.

busterarm7y ago

What about Nokia 6.1? :D

busterarm7y ago· 1 in thread

Any plans to add remote hardware attestation verification to the EC2 infrastructure?

https://github.com/AndroidHardeningArchive/Auditor/releases (though sadly Copperhead's fdroid repo is dead)

danvittegleoOP7y ago

I haven't spent much time looking at this part of the project as my phone isn't supported but it does look really neat. On my next phone upgrade I will probably investigate.

hiccuphippo7y ago· 1 in thread

What would adding support for other phone models entail? Just adding drivers for their different parts?

danvittegleoOP7y ago

Unfortunately there aren't very many phones that currently support verified boot (https://source.android.com/security/verifiedboot/), which would be a requirement to be supported by this project.

grizzles7y ago

It would be cool if you could get this stack going on a <$100 phone. There are some really cool products I could sell around that price point that I couldn't sell at anywhere near Pixel prices.

A company that did the heavy lifting for startups that want to reimagine the user facing side of (eg. LineageOS compatible devices) would be an interesting proposition.

dangerface7y ago

This is fucking cool.

How difficult would it be to port this to another phone like the 1+n?

j / k navigate · click thread line to collapse