Odds are that in this day and age, you've got a smartphone. Odds also are that your smartphone is either an iPhone (iOS) or some flavor of Google Android (but still an Android.)
Unfortunately, it can be said that neither are exactly the best for your privacy. Between these two, which mobile operating system is worse for your privacy is a continuous discussion that boils down to a mix of recent news and updates, personal circumstances, and threat models.
All operating systems listed here are for compatible Android devices and are free and open source.
Long story short, you can't install a new operating system on iDevices. This is primarily due to the closed-source bootloading "defense" mechanisms employed by Apple on the iDevices themselves.
This isn't a "death sentence" for those that prefer iOS devices. If you're on iOS, you can take steps to reasonably harden the device in terms of privacy. A good start is to install a reputable device-wide tracker blocker, such as Adguard.
Simply speaking, your iDevice will not execute anything not "signed" by Apple on boot, so installing a third-party and custom operating system remains more in the realm of impossible. At least for now.
Therefore, when talking about alternate and privacy-friendly mobile operating systems around the privacy community, you'll generally see Android referenced only. The same will hold true for this post.
Typically, you'll find that in the greater privacy community,jailbreaking an iDevice is not advised. This is mostly due to the risk vs. reward for jailbreaking in today's threat landscape... the risk is far greater than the reward for many people's threat models. Generally, the biggest risk that comes with jailbreaking is that your device cannot receive iOS updates -- therefore you may be leaving yourself open to known exploits and vulnerabilities that could be patched by simply updating.
Now, some of you may be thining - Wait, what is jailbreaking? Jailbreaking refers to escaping the walled garden of Apple's iOS devices. Jailbreaking an iDevice gives you root privileges of the device, which in turn allows you perform tasks such as sideloading apps and other third-party software. On a slightly more technical level, you're actually taking advantage of a privilege escalation exploit... which, when executed, gives you the "jailbreak."
"Jailbreaking" actually applies to more than just iOS - but you'll most commonly see jailbreaking in reference to skirting around the locked-down environment of iOS itself. Though similarities between rooting and jailbreaking an iOS exist, there are some fundamental differences that exist.
Jailbreaking was far more common in the early days of the iPhone and the iPod Touch due to the heavily limited customization options available at the time. For example, the super early iPhone didn't have an official app store, so downloading apps was something you could only do on a jailbroken iPhone. Jailbreaking has also proved useful in unlocking carrier-locked iPhones but it has also been used for more "dubious purposes" such as installation of malware/spyware and/or software piracy.
Interestingly, a lot of features gained by jailbreaking iOS have been subsequently adopted by Apple over the years. These adoptions have arguably reduced the appeal of jailbreaking for many "main stream" or "everyday" users. This is in addition to Apple consistently fighting against jailbreaking techniques with major iOS updates.
CalyxOS aims to embody "Privacy by Design." It aims to retain the easy functionality of a smartphone while maintaining the security of the device and respecting the privacy of the user (you.)
More specifically, CalyxOS aims to encrypt the the content of communications where possible and take countermeasures against metadata collection and geolocation tracking. This is reflected in the privacy features baked right in and the default app choices bundled with the operating system.
Some of CalyxOS's highlighted features include:
- In-built app firewall that gives you solid control over the network access for all apps on your smartphone
- microG (optional) which replaces some functions of Google Play Services with privacy in mind
- Verified Boot, which helps ensure your device's operating system hasn't been tampered with
- "Trusted Agent" - see apps and their requested permissions, uninstall apps swiftly, and maintain the privacy of sensitive numbers (domestic violence, child abuse helplines, etc)
- Over-the-air security updates, automatic encrypted backups, and secure management of encryption keys
CalyxOS is only available for the Pixel Line of devices and a very limited selection of Xiaomi devices as of writing.
CalyxOS is developed and maintained by the non-profit Calyx Institute and a large community of support.
LineageOS has a strong focus on privacy and customization. It's mostly open source, but does have some proprietary components (blobs) such as for various device drivers.
LineageOS is the successor to the now defunct ROM CyanogenMod. It was officially launched near the end of 2016.
Some of LineageOS's highlighted features include:
- Trust interface for supported devices
- Privacy Guard & Permission Controller, which allows the users to explicitly see and control what permissions are given to each application installed
- Protected Apps, which allows given apps to be hidden behind a lock
- Can permit apps to function with root access in order to perform more advanced tasks
- Features System Profiles, Styles, and LiveDisplay customization options
LinageOS is available for a wide range of devices - and not just smartphones! These devices include tablet computers and set-top boxes.
LineageOS is developed by the large and thriving LineageOS open-source community.
GrapheneOS focuses on both privacy and security but offers more security-oriented features than the other Android operating systems in this post. If you're looking for the best security-focused mobile operating system for your Android device, then GrapheneOS is your best bet.
The project was originally founded in 2014 under a different name. In fact, the project itself has undergone a number of reorganizations and renaming since its birth. Most notably, GrapheneOS used to be called CopperheadOS. You may be aware that CopperheadOS is currently a closed-source project that isn't related to GrapheneOS and that there has been some drama regarding the new CopperheadOS using previous branding and code established/owned by now-GrapheneOS.
Some of GrapheneOS's highlighted features include:
- Hardened libc and malloc - improved defense against common memory corruption vulnerabilities
- Enhanced verified boot - helps ensure executed code comes from a trusted source
- Hardened kernel
- Option for PIN scrambling and default support for longer passwords (64 characters)
- Enhanced sandboxing capabilities, even for Google Play services (which are a core reason that privacy within Google Android is terrible)
GrapheneOS only supports Pixel devices as of writing. The project doesn't aim to have the most broad device support. Rather, the project as a whole chooses devices based on standard requirements as outlined on GrapheneOS's official website.
GrapheneOS is maintained by the non-profit GrapheneOS Project and the open source community at large.
It's important to understand that in today's landscape, smartphones simply aren't geared for privacy as much as they should be. This is a serious issue across the board of smartphones and most mainstream (iOS and Google Android) operating systems. Ultimately, it desperately requires addressing from a point above the consumer and even developer level.
Additionally, while smartphones can be "hardened," doing more "advanced" tweaking can break some real core functionality and completely detract from the user experience.
Therefore, it's important to understand that glitches and hiccups will come with installing a different operating system on your mobile device(s) and that there will be an adjustment period on your end.
This isn't too say that it's too difficult for you to adjust - but you should be aware that you are giving up some aspects of convenience and "simplicity" for far superior privacy and security. The extent of this tradeoff is dependent upon your personal circumstances, preferences, and threat model.
At the end of the day: be sure to pick an operating system that works for you. The operating systems included on this list are all good picks and will go far in helping you protect and improve your online privacy.
So, with that said, stay safe out there!