from Hacker News

Show HN: RattlesnakeOS – build and run your own privacy focused Android OS

by danvittegleo on 7/5/18, 9:30 PM with 19 comments

  • by danvittegleo on 7/5/18, 11:42 PM

    This cross platform tool provisions all of the AWS infrastructure required to build your own personal privacy focused Android OS on a continuous basis with OTA updates. It currently supports Pixel phones (Pixel, Pixel XL, Pixel 2, Pixel 2XL). Highlights include:

    * Verified boot (https://source.android.com/security/verifiedboot/) like stock Android (almost all ROMs disable this) and with your own signing keys

    * Latest monthly security updates from Google

    * OTA updates from S3

    * No Google services

    * Latest F-Droid as open source alternative to Google Play store

    * Latest Chromium w/ adblocking and privacy patches

  • by bubblethink on 7/6/18, 3:20 AM

    Once you rip out any non-free CoS code, it would make sense to offer binaries to people, perhaps through donations or a small fee, if you need to cover hosting/cdn costs. While this is cool, it's still cumbersome and quite wasteful for everyone to reinvent the wheel.

  • by wpdev_63 on 7/7/18, 5:36 PM

    If the underlying hardware of the phone is compromised, then it doesn't matter what you run on top of it.

    I am not saying that you shouldn't try rattlesnakeos just that the people you would be installing it for, still have access to everything on your phone.

    If you value your privacy you would buy a simple dumb flip phone, solder out the microphones and cameras and use a wired headset. They can still get an approximate location of you through stingrays and such but it's better than nothing.

  • by grizzles on 7/7/18, 12:22 AM

    It would be cool if you could get this stack going on a <$100 phone. There are some really cool products I could sell around that price point that I couldn't sell at anywhere near Pixel prices.

    A company that did the heavy lifting for startups that want to reimagine the user facing side of (eg. LineageOS compatible devices) would be an interesting proposition.

  • by busterarm on 7/13/18, 8:51 PM

    Any plans to add remote hardware attestation verification to the EC2 infrastructure?

    https://github.com/AndroidHardeningArchive/Auditor/releases (though sadly Copperhead's fdroid repo is dead)

  • by dangerface on 7/6/18, 1:58 PM

    This is fucking cool.

    How difficult would it be to port this to another phone like the 1+n?

  • by hiccuphippo on 7/6/18, 5:21 PM

    What would adding support for other phone models entail? Just adding drivers for their different parts?

  • by Tepix on 7/6/18, 6:38 AM

    Please add Nexus 5x support like CopperheadOS had.