➡ Android 16 can be combined with older Android versions to work on existing Pixel models, but this isn’t a long-term solution. The Brax3 project, which includes EOD OS and Ubuntu Touch, has a secure boot feature that can only be used on self-manufactured phones like Brax 3. However, secure boot, which detects OS modifications, isn’t seen as necessary since data is erased during OS updates, making data theft unlikely. Despite Google Pixel’s touted security features, concerns exist about its privacy due to Google’s tracking habits and the Titan M chip, which creates a unique phone identity and communicates with Google, potentially compromising privacy.

➡ If your phone’s operating system (OS) changes or breaks, it’s important to have your data backed up to avoid loss. Switching to EOD OS for the Pixel, a Linux-based system, can provide long-term support and better privacy than other systems like Lineage OS. However, be aware that you can’t downgrade an Android version, and some apps may not work on non-Google devices due to certain regulations. Lastly, consider using privacy-focused products like the Brax 3 phone and services offered on braxtech.net to enhance your digital privacy.

There’s a lot of turmoil happening in the Android custom ROM community, particularly among the privacy and security focused custom ROMs. A month ago I announced in a video that Google made a decision to eliminate providing access to the full source code of a Google Pixel which normally includes not just the Android Open source project or aosp, but also the full Linux distribution on the phone that includes all all the device drivers. This level of access was typically referred to as including the device tree. Well that turmoil is more apparent now and in the open as just a month later we now hear that Calix OS is pausing operations and even telling people to go ahead and install alternative OS on their phones.

The original founder has left the project and and the lead developer has also moved on to other projects. By all external appearances the Calix Institute appears to be reorganizing and they claim that it will be a six month hiatus. While some of course will start looking for alternatives and focus on grapheneOS for example, that OS has the same exact difficulties because of Google blocking Access to the device 3 source code for the Pixel and something not so obvious is that there will be no way to put these operating systems into new pixels that will be released in the fall, at least using the old method.

Even before all this the de Googled OS divest OS also shut down, so it doesn’t seem to be a good year for privacy and security focused Android custom ROMs. I’m sure many of you wonder what the effect of all this is on the long term options for privacy phones, and maybe we can discuss some other future headwinds by understanding future changes that may supply further bad news. So I want to assess all these goings on for you and give you guidance with future choices as well as know how to deal with situations where you find that your OS is no longer supported.

Is this cause for panic? Especially for those of you using Calix os? What should you do if you’re using this OS and what are the future choices? Let’s try to figure this out. Stay right there. I really like Kallax os. In fact I used it on my Pixel phones for a long time and I thought it was user friendly and did not over promise it was a very good option for privacy. I’ve recommended Kallaxos to many of my followers, but for some unknown reason the founder of Calaxos didn’t seem to be interested in making a connection and just didn’t respond to me.

Oh well. In spite of that I’m saddened by the state of affairs in the Android Custom ROM Community there’s just this grapheneos group that’s wasting energy focusing on attacking others instead of building a collaboration that will bring more people in. The Calixos community seems like a good normal crowd, so it is not a good feeling to see them struggle and hopefully not following the footsteps of divest OS for what I push here on this channel, which is Internet privacy Projects like Calixos definitely fulfills the need of the privacy community, but this does not signal the end of privacy based operating systems and many are not affected.

So there’s no immediate need to panic. And later on I will give you my opinions on what to do if your OS is no longer supported. In general, there is no need to overreact, but let’s start the story with the current concern, and that is Google blocking access to the Google Pixel source code. This is one that has led to the most bad press and has made people worry about their de Googled phones. The Pixel Promise the privacy and security community is small to begin with, but instead of working together, communities are fighting each other and pushing claims that they’re better, and the result is just confusion and a lot of negative material.

This negative material is fodder for the AI to pull from Reddit, and it isn’t very positive for this community. It’s sad, but that’s the way it is. The reason for this extra division in the Android custom ROM world is that the GrapheneOS founder has focused himself on telling the world that GrapheneOS is better and that everything else is crap. Though under a more discerning analysis, one never really gets the true answer of better for what? In order to sound really unique, both grapheneos and Calixos pushed the concept of the Google Pixel promise. In other words, it’s better because it’s a pixel.

Now. I don’t know why anyone interested in privacy would boast of their reliance on Google, but that’s where we are. And then again, I’ve always looked at GrapheneOS as disconnected from the privacy threat and more focused on particular security threats. Because the GrapheneOS founder had a particular penchant for low level C programming, he started focusing on fairly obscure threats on the phone and really went beyond the Android framework. Many of the features this guy modified in the source code were actually Linux functions, though one wonders why such changes haven’t been pushed to mainline Linux. If they’re so critical, did Linus Torvalds not agree to them? In any case, this attracted a particular group of cybersecurity people who enjoyed this sort of thing.

But interestingly enough, these changes to Graphene were so specialized that really no one copied it and moved it, for example to Calixos which had access to the same source code. So Calixos is pretty much a plain vanilla Linux provided by Google together with their modifications to the Android framework itself. That’s fine. As I will explain again in a future video, the real privacy benefit of a D Google Phone is that it is a no identity phone. This is really enough to get the benefits that I push for my community. The real unique offering though of the Google pixel based custom ROMs which Galaxos was able to claim was the feature called Secure Boot.

Lineage OS cannot do secure boot. EOD OS on Lineage OS cannot do secure boot. So yes, this was a unique feature. By the way, this is actually not some unique capability of Graphene or Calyx to allow this. The Brax 3 uses EOD OS and later it will use ubuntu Touch and Brax 3 has secure boot. This is completely dependent on the project having access to the entire source code. The that’s really it. Limitations of Lineage OS the main OS and the most popular that competes against the grapheneos and Calixos solutions is Lineage os. Lineage OS has been around a long time and was really the first custom rom.

The construction of an Android distribution for a Google Pixel is a bit different. The OS maker, like a Calix OS in the past, had access to the complete source code, all of it, including the Android portion, Linux and the device trees. This is really not that different from, let’s say the Brax 3, which also has the entire source code available. We can compile the entire distribution from source. This means that any changes made at the level of grapheneOS could also be done on a Brax 3, just like the Pixel. But that’s not the way Lineage OS is constructed.

Instead, the Lineage OS approach is to take the original files from the original OEM, whether it be Motorola, a OnePlus, a Sony or a Pixel, and basically recreate the original image from a production model. And then Lineage OS replaces the Android framework portion with its own system image and this allows them to change the Android user interface while ensuring that everything else on the phone works as before. And this is fine since the Google spyware is actually in the Android framework and it will work as before. Since the Linux and device trees are original, it was not recompiled, it was just copied.

Because the entire distribution is not built together from scratch and it is instead a modified image, the bootloader will sound an alarm that the modules are not original and display a Secure boot error or warning. This is something we are all familiar with when installing custom ROMs, and of course we just ignore that since we know it is the reality on Lineage os. Now, because the source code for the Pixel is no longer available, an OS like Calaxos can no longer provide a secure boot solution since it will be left only with the same approach as Lineage os.

So for the long run it will be possible for Calixos to work using the same approach as Lineage os, and it should work for the foreseeable future. There’s nothing here to suggest that Kallax OS will die even in its new composition if it carries on secure boot. The problem of course is that the GrapheneOS community will go around claiming that even if Calixos survives, that it is no longer going to feature Secure boot. So I’m sure you’ll never hear the end of the bad press on that. But what’s funny is that I have no idea how grapheneos will be able to do any new model Pixel with secure boot with the full source code.

So it turns out that their main claim to uniqueness could now be their Achilles heel. For the short run. They are able to mix and match older device trees from older versions of Android and mix it with the newer Android 16. But this is not a long term solution, it is basically a jerryrig to keep going and it only works on existing Pixel models. As I said, they will not have a device three to use for a new model Pixel. That should be apparent when new pixels drop later in the year and then you will see what I mean.

Now as I already said, Brax3 has secure boot and that is now the advantage given to EOD OS who has joined the Brax3 project. The Ubuntu Touch project is also on board, so they will have that advantage as well. If the newly constituted Calixos wishes to compile a version for Brax 3 with secure boot, I’m sure we can help with that. And we had already asked them months ago. At the time they weren’t interested. But that’s with the old dealership. To clarify, you can only do secure boot on phones you manufacture yourself. And of course we manufacture the Brax 3.

Now the real question is, is Secure boot even a necessary feature? The purpose of Secure Boot is for the phone to detect that the operating system has been modified, which of course would be nice to have. However, in the real world, whenever you update the OS of an Android phone, the data area is erased, so there’s actually no way that I know of to acquire the data on the phone by replacing the os. From a privacy point of view, you will know someone altered your phone because all your data would be gone. Which of course is a senseless kind of attack if someone were trying to take your data.

This is why I never really focused on the fancy feature of secure boot as I did not see it as a legitimate way to attack a phone. You do not attack a phone to destroy the OS since it can obviously be reinstalled. You attack the phone to capture the data. And as I said, even without secure boot you can’t. There’s more to this and the whole concept of hardening a phone, but I’ll get to that later. Anyway, if Kallaxos continues on using the lineage OS approach without secure boot, I will continue to push them as usual and I think that for a privacy focused individual, it will do everything needed as a no identity phone.

The Pixel Blobs now aside from being able to boast about the secure boot issue, which currently is something that even Brax 3 can boast off, the real question is why push a Pixel? A Pixel of course is made by Google. Google, you know, the king of privacy invasion. Google, the entity that tracks every click on the Internet. Google, the one that stores your locations 24. 7 in the Google sensor vault. It just seems weird to push a Google Pixel as the superior device for privacy and security, right? I think Calix OS should continue with the same framework but take the same approach as IO and then also support more devices.

I don’t think a Pixel is superior. Despite claims of its superiority in the security arena, I have actual issues with the newer Pixels on the privacy front. First, for any OS interested in privacy, clearly the Pixel has the Device 3 section, or specifically the files in System lib64 or OEM lib64 and such areas on the phone. They’re actually filled with executables that have no source code. This means that no one, not even the graphene OS guy, knows what’s in those blobs. Granted, all phones have this driver blobs with no source code, so one could claim that there’s nothing unique about the Pixel.

But yes, there is one unique thing about the Pixel. It is made by Google. So while other entities may not gain much from hidden surveillance code on a phone, this is Google we’re talking about here. This is their raison d’. Etre. The Pixel Titan M chip, one of the biggest features claimed to be important to a lot of cybersecurity types is the claim that the pixel is unique because it has the Titan M security chip, which is equivalent to the Apple Secure enclave. The security advantage of a separate security module is that the security keys used to encrypt the phone and its files are not stored in the main memory but is locked away in a dedicated chip.

Thus the understanding is that this hardens the phone against decryption attacks. But unlike the people who do the theory, I have access to the people who manufacture the phones. And apparently the Titan M chip is specifically a Google chip. You cannot install it on any other phone other than Google. Actually, the latest Mediatek flagship found motherboard features a government certified security chip as well, so this should be common in a couple of years for the major OEMs. However, the way that Titan M chip works and even the Apple Secure enclave is that the security chip creates a unique identity for the phone.

The security key signatures are customized into each chip. So this means we will now possibly have a new IMEI like identifier but embedded in the security chip. And here’s the other disturbing part. The Titan chip has to talk to Google. It has to validate signatures through Google. So now we’ve actually lost the privacy advantage with these security chips, starting with the Pixel 6, Pixel 7 and Pixel 8, meaning specifically the Tensor models of pixels. So even with a privacy modification to the os, the Titan chip its will identify itself to Google separately and exchange keys. Thus, while perhaps adding to security, this is where it breaks from privacy objectives, the Titan M chip may destroy the feature that makes it a no identity phone if some API allows this communication to occur.

Phone hardening as a goal by the way, the Calixos project hasn’t claimed any objectives related to phone hardening and of course oses based on Lineage OS do not have additional access to grant it any hardening capabilities outside of what’s provided by the OEM of the phone. But let’s focus on the importance of phone hardening. While it’s a lofty goal and maybe has little to do with privacy issues I discuss, it is still worthwhile to analyze. I recently made a video showing the possible hacks on the phone or which is very detailed. But if you look at the attack vectors you will notice that none of the areas that are being attacked are segments being modified by GrapheneOS.

What is interesting is that the government appears to be able to break into any phone using tools like Gray Key and Pegasus continues to be a threat to all phones. The thing is that all These state level players are really all utilizing zero days to perform their attacks. A zero day is an undiscovered flaw, so while hardening continues, so do the hacks and governments can still extract all the data from your phones. So basically it appears to be that it’s a losing battle to compete against intelligence agencies. It is cocky for anyone to claim they have the abilities to beat some three letter agency, thus it is not a goal I push for my followers.

None of the attacks I’ve documented really are at the level that’s available to normal hackers like SS7 attacks, Simjacker and baseband modem attacks. In fact, none of these are under the control of even Google. They’re at the Qualcomm level and there’s no source code, so the graphene guy doesn’t even have access to the code that matters. I focus instead on the no identity feature as that is the most important ingredient to phone privacy. Disappear by having a phone that has no identity that will not announce what the user is doing or track the user’s locations. Updating old Kallax OS Pixel phones so it appears that those people with Kallax OS on their Pixel phones will reach a dead end on that soon and there’s a bit of panic and concern, I’m sure, and everyone is wondering what they should do.

The purpose of my giving this kind of background on the subject of the issues with phones is to assure you that there really is no crisis. If you’re a follower of mine, the reason you got the phones was to have a no identity device and whether you update the phone or never update the phone, there really isn’t going to be a change. It will still be a no identity device. The reason you update a phone is to fix bugs. Some are security related bugs and some are usability bugs. As a general rule, the number of security level hacks in a phone that are not state level attacks like Pegasus or Grey Key are pretty minuscule and unlikely for normal people, but are focused on high value targets.

So I don’t know why these cyber security types push this fud on users like there’s some serious crisis. I still have an old iPhone X that I’ve not updated. I still have an old Samsung Android that’s not updated. I hardly use them, so it’s not important to update if nothing is particularly broken. There’s no rush to change anything and you can revisit this topic a year from now and see if something has changed. Meaning if something is broken. It is my expectation that with a new Calax os. If they’re able to reconstitute in a new form then likely it will be like installing a new OS and that means loss of data.

My counsel on this is to make sure you backed up your contacts and your photos somewhere else so that if you have to reinstall all there’s no crisis. Don’t wait for the last minute to discover you can’t access your phone in some way. This isn’t going to happen directly based on what’s going on with Kallax, but can happen due to other issues like the phone itself losing battery and so on. If you want to play it safe, I advise that you shift to using EOD OS for the Pixel. This is based on Linux OS so this should have long term support.

You will lose data so you can bite the bullet and backup and restore the data. Now there will be no secure boot, but as I already said this is not really a concern for normal people. Lineage OS is updated with the latest drivers encode from the original Google Android installed on the Pixel and this receives regular updates so EOD OS will automatically receive all those fixes. EOD OS is much better than Lineage OS for privacy because of several limitations of Lineage OS in its base form. Lineage OS does not allow major version number updates over the air.

Lineage OS does not have privacy respecting apps and app stores like Aurora Store, F Droid and Micro G integration. This is the stuff you find in EOD OS and of course you you also had it on Calix os. So for this reason I also do not recommend installing a base Lineage OS on the phone regardless of the promises of the Grapheneos community. I would not change to that OS since they are just jerry rigging the source code for now and without future source code access. So you’re just opening yourself up to further pain in the future on a Pixel.

By the way, you can go from one Android custom ROM to another like Calixos to EOD without issues. The real point of concern is that you can never downgrade a version of Android. So if the new OS you’re installing is older than the Kallax version then you might actually have to reinstall the original Google Android that came with the phone just to start at a lower version number though. You never have to log into Google though. But for this reason I wouldn’t rush to install the newest Calax. Like if there’s an Android 16 I would not install that since Eode is still on Android 15.

This is an example where putting the latest and greatest actually Adds to the risk. Other headwinds though they’re perhaps unrelated to the Calixos eventually but related to government manipulation of systems. Some of you may have heard that the EU is designing systems for age verification. Basically you record your identity and age with a central authority and it is now your ID card on the Internet without revealing your name. The problem with these kinds of systems is that they will often force you to work with specific modules, ones that are closed source and work only with a production Google Phone.

An example where this has already happened is in places like Sweden and some other parts of the EU where banking apps are tied to Google Safety net. This means that those EU banking apps will fail on devices that are not connected to Google like the Google phones. You can see the level of frustration among those who develop privacy operating systems. Stuff like this is constant. It wouldn’t Surprise me if IDs were tied to the Titan M chip and iOS Secure Enclave since as I said, these actually supply unique identifiers. There’s much more I need to learn about the dangers of these security chips with privacy.

When I discovered that security chips talk to hq, I was flabbergasted. In summary, I really wish for Calixos to survive this loss of their leadership and development lead. Hopefully this source code will be there to guide the next team. I again repeat my call to the Calix Institute. They can port calixos to the Brax 3 and perhaps future models we release. They will get access to the full source code. If there are skilled programmers willing to do this, then we have the tools and we welcome you all. Folks, in this video I mentioned several solutions that are actually directly tied to this topic.

Again, for those that don’t know this channel, I don’t spend much time asking for donations. I instead just create products that compete in the open market and hopefully you find them of value. One of the newest products is the Brax 3 phone which is an open source phone and is a community project. This phone uses open source ESIM code, no identity and does not connect to Google. A future product we will offer soon is a data only SIM card with no KYC. Both these products will be handled on the site braxtech.net we have our main social media site Braxme and this site has a store offering several important services.

There’s the Brax Virtual phone. This is a recently launched product that offers voiceover IP numbers with sms but is KYC free, no identity and it is very inexpensive. You can use this for two factor authentication to keep your numbers private. We have other products that are important in the privacy battle. We have Bytes VPN to protect your IP address and encrypt your traffic. We have braxmail to allow you to create unlimited aliases. We have Brax routers. Please visit our social media site braxme. The store is there after you join. There’s a large group of people in the community who are there to help you in your privacy journey.

Thanks for watching and see you next time.
[tr:tra].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.