Developer | The Calyx Institute |
---|---|
OS family | Android (Linux) |
Working state | Current |
Source model | Open source |
Latest release | 6.2.0 [1] / 5 December 2024 |
Repository | gitlab |
Update method | Over-the-air (OTA), ROM flashing |
Package manager | APK-based |
Platforms | arm, arm64 |
Kernel type | Monolithic (Linux) |
Official website | calyxos |
CalyxOS is a Android-based operating system for select smartphones, foldables and tablets with mostly free and open-source software. It is produced by the Calyx Institute as part of its mission to "defend online privacy, security and accessibility." [2]
CalyxOS preserves the Android security model, using Android's Verified Boot system of cryptographic signing of the operating system, and running with a locked bootloader. [3] [4] CalyxOS also features an installer that guides the user through the process of unlocking and then re-locking the bootloader. [5]
The Calyx Institute annual reports [6] state CalyxOS was publicly launched during their 2018–2019 fiscal year. Inspiration included Tails and Qubes OS, and goals were said to be "completely open source", removing proprietary Google tracking, and including apps Tor, Signal and CalyxVPN for increased privacy. [7]
CalyxOS supports select Google Pixel, Motorola and Fairphone devices, While offering "extended support" for some older Google Pixel devices and the SHIFT SHIFT6mq. [8]
Around April 2022, CalyxOS announced support for the Fairphone 4, OnePlus 8T, 9, and 9 Pro. [9] However, in May 2022, CalyxOS announced OnePlus builds were pulled because the bootloader could no longer be relocked on newer device firmware. [10] [11]
In March 2024, CalyxOS added support for the Fairphone 5. [12]
name
CalyxOS ships with MicroG as an open-source alternative to the Google Mobile Services, including Mozilla Location Services as an optional replacement to the location services provided by Google, but gives the user the option to disable microG and its location services. [23]
In October 2020, Moritz Tremmel reviewed CalyxOS. [24] A month later, Tremmel explained why he preferred CalyxOS over LineageOS. [25] A year later in September 2021, Tremmel further explained how CalyxOS was different from other ROMs because it did not require as much "fiddling". [26] Rahul Nambiampurath, writing for MakeUseOf in March 2021, termed CalyxOS, "[one of the] best [Android] ROMs for privacy ... offers the perfect middle ground between convenience and privacy". [27] In August 2021, Android Authority wrote CalyxOS "puts privacy and security into the hands of everyday users." [28]
In 2022, the book c't Sicher ins Netz: How to block out monitors and attackers, said "CalyxOS is one of the youngest custom ROMs, it will only celebrate its second birthday in summer 2022. With a built-in Datura firewall, VPN and Cloudflare DNS, Calyx promises more security than some other mobile systems." [29]
In 2023, CalyxOS was the one alternative phone operating system recommended by Carey Parker in the book Firewalls Don't Stop Dragons. [30]
Rooting is the process by which users of Android devices can attain privileged control over various subsystems of the device, usually smartphones and tablets. Because Android is based on a modified version of the Linux kernel, rooting an Android device gives similar access to administrative (superuser) permissions as on Linux or any other Unix-like operating system such as FreeBSD or macOS.
Fastboot is a communication protocol used primarily with Android devices. It is implemented in a command-line interface tool of the same name and as a mode of the bootloader of Android devices. The tool is included with the Android SDK package and used primarily to modify the flash filesystem via a USB connection from a host computer. It requires that the device be started in Fastboot mode. If the mode is enabled, it will accept a specific set of commands, sent through USB bulk transfers. Fastboot on some devices allows unlocking the bootloader, and subsequently, enables installing custom recovery image and custom ROM on the device. Fastboot does not require USB debugging to be enabled on the device. To use fastboot, a specific combination of keys must be held during boot.
Nicholas Merrill is an American system administrator, computer programmer, and entrepreneur. He is the founder of Calyx Internet Access, an Internet and hosted service provider founded in 1995, and of the non-profit Calyx Institute. He was the first person to file a constitutional challenge against the National Security Letters statute in the USA PATRIOT Act and consequently the first person to have a National Security Letter gag order completely lifted.
MIUI is a deprecated mobile operating system by Xiaomi for its smartphones and devices, from 2010 to 2023, prior to the launch of its successor Xiaomi HyperOS.
Fairphone is a Dutch electronics manufacturer that designs and produces smartphones and headphones. It aims to minimise the ethical and environmental impact of its devices by using recycled, fairtrade and conflict-free materials, maintaining fair labor conditions throughout its workforce and suppliers, and enabling users to easily repair their devices through modular design and by providing replacement parts. As of April 2024, the company's most recent smartphone is the Fairphone 5, which it plans to provide with security updates and software support, including 5 OS updates, for 10 years.
The Calyx Institute is a New York-based 501(c)(3) research and education nonprofit organization formed to make privacy and digital security more accessible. It was founded in 2010 by Nicholas Merrill, Micah Anderson, and Kobi Snitz.
Custom firmware, also known as aftermarket firmware, is an unofficial new or modified version of firmware created by third parties on devices such as video game consoles, mobile phones, and various embedded device types to provide new features or to unlock hidden functionality. In the video game console community, the term is often written as custom firmware or simply CFW, referring to an altered version of the original system software inside a video game console such as the PlayStation Portable, PlayStation 3, PlayStation Vita/PlayStation TV, PlayStation 4, Nintendo 3DS, Wii U and Nintendo Switch. Installing custom firmware on some devices requires bootloader unlocking.
The Huawei Honor 5X is a mid-range Android smartphone manufactured by Huawei as part of the Huawei Honor X series. It uses the Qualcomm Snapdragon 616 processor and an aluminum body design. It was first released in China in October 2015, and was released in the United States and India in January 2016.
LG V20 is an Android phone manufactured by LG Electronics, in its LG V series, succeeding the LG V10 released in 2015. Unveiled on September 6, 2016, it was the first phone with the Android Nougat operating system. Like the V10, the V20 has a secondary display panel near the top of the device that can display additional messages and controls, and a quad DAC for audio. The V20 has a user-replaceable battery, unlike its successor, the LG V30, unveiled on 31 August 2017.
LineageOS is a open source Android distribution for smartphones, tablets, and set-top boxes. It is community-developed and serves as the successor to CyanogenMod, from which it was forked in December 2016, with the source code available on both GitHub and GitLab. As of 2023, there are about 1.5 million devices running the LineageOS operating system.
Shiftphone is a modular, easy-to-repair smartphone brand created by the company SHIFT in Germany. The company emphasizes fair trade and ecology, similar to Fairphone. Instead of tantalum capacitors made from coltan, ceramic capacitors are used for their manufacturing. So far, eleven model series have been released. The most recent release was the SHIFT6mq in June 2020. The upcoming device will be the SHIFTphone 8, scheduled for release in 2024.
/e/ is a fork of LineageOS, an Android-based mobile operating system, and associated online services. /e/ is presented as privacy software that does not contain proprietary Google apps or services, and challenges the public to "find any parts of the system or default applications that are still leaking data to Google."
GrapheneOS is an open source, privacy and security-focused Android operating system that runs on selected Google Pixel devices, including smartphones, tablets and foldables.
MicroG is a free and open-source implementation of proprietary Google libraries that serves as a replacement for Google Play Services on the Android operating system. It is maintained by the German developer Marvin Wißfeld. He describes microG as "the framework to create a fully-compatible Android distribution without any proprietary Google components".
iodéOS is an Android-based mobile operating system developed by French company iodé. The operating system is a fork of LineageOS and does not include Google Play Services, instead using MicroG as a free and open-source replacement.
Bootloader unlocking is the process of disabling the bootloader security that makes secure boot possible. It can make advanced customizations possible, such as installing custom firmware. On smartphones, this can be a custom Android distribution or another mobile operating system. Some bootloaders are not locked at all and some are locked, but can be unlocked with a command or with assistance from the manufacturer. Some do not include an unlocking method and can only be unlocked through a software exploit.
SafetyNet consists of several application programming interfaces (APIs) offered by the Google Play Services to support security sensitive applications and enforce DRM. Currently, these APIs include device integrity verification, app verification, recaptcha and web address verification. It is an extension of AVB2.0 and dm-verity.
DivestOS is an open source, Android-based operating system. It is a soft fork of LineageOS that aims to increase security and privacy with support for end-of-life devices. It removes many proprietary blobs and pre-installs open source apps.
Bei der Installation wird auch der Geräteschlüssel von Google gegen einen von CalyxOS ausgetauscht. Das ermöglicht einen verifizierten Bootvorgang und stellt sicher, dass sich nur von CalyxOS signierte Updates installieren lassen. Um den Schutz zu aktivieren, fragt der Installer am Schluss, ob er den Bootloader wieder sperren soll, was es zu bestätigen gilt. Anschließend ist die CalyxOS-Installation startklar.
{{cite web}}
: CS1 maint: bot: original URL status unknown (link){{cite web}}
: CS1 maint: bot: original URL status unknown (link)Instead of not shipping the Google Mobile Services (GMS) and leaving users to figure stuff out by themselves (flashing gapps etc), CalyxOS ships with microG. However, you can choose to enable/disable it, thus, giving you total control. [...] Uses Mozilla Location Services instead of Google's Location Services