CalyxOS

Last updated

CalyxOS
Developer The Calyx Institute
OS family Android (Linux)
Working stateCurrent
Source model Open source
Latest release 6.2.0 [1] / 5 December 2024;11 days ago (2024-12-05)
Repository gitlab.com/CalyxOS
Update method Over-the-air (OTA), ROM flashing
Package manager APK-based
Platforms arm, arm64
Kernel type Monolithic (Linux)
Official website calyxos.org

CalyxOS is a Android-based operating system for select smartphones, foldables and tablets with mostly free and open-source software. It is produced by the Calyx Institute as part of its mission to "defend online privacy, security and accessibility." [2]

Contents

CalyxOS preserves the Android security model, using Android's Verified Boot system of cryptographic signing of the operating system, and running with a locked bootloader. [3] [4] CalyxOS also features an installer that guides the user through the process of unlocking and then re-locking the bootloader. [5]

History

The Calyx Institute annual reports [6] state CalyxOS was publicly launched during their 2018–2019 fiscal year. Inspiration included Tails and Qubes OS, and goals were said to be "completely open source", removing proprietary Google tracking, and including apps Tor, Signal and CalyxVPN for increased privacy. [7]

CalyxOS supports select Google Pixel, Motorola and Fairphone devices, While offering "extended support" for some older Google Pixel devices and the SHIFT SHIFT6mq. [8]

Around April 2022, CalyxOS announced support for the Fairphone 4, OnePlus 8T, 9, and 9 Pro. [9] However, in May 2022, CalyxOS announced OnePlus builds were pulled because the bootloader could no longer be relocked on newer device firmware. [10] [11]

In March 2024, CalyxOS added support for the Fairphone 5. [12]

Software

Software

name

Feature(s)Notes
Aurora StoreAlternative to the standard Google Play StoreAurora Store uses the same standard catalog of apps and installs apps directly from the Google servers to phone. [13] CalyxOS gives Aurora Store special privileges so that app updates can be automatically installed.
Chromium FOSS web browserBromite fork, succeeded DuckDuckGo mobile browser as the default web browser in June 2022. [14]
F-Droid BasicRepository of FOSS applications for the Android platformCalyxOS includes a version of F-Droid called "F-Droid Basic" which allows for streamlined app updates, installs, and uninstalls without elevated privileges. [15]
MicroG FOSS implementation of proprietary Google Play Services Some apps dependent on Google Play Services may not work with MicroG, use of MicroG is optional. [16]
Organic Maps Navigation app with privacyA privacy-focused navigation app for driving, hiking, and cycling. The application uses OpenStreetMap for its map data. It can download maps on the device to be used for location information and navigation without an internet connection. [17]
SeedvaultEncrypted backup and restore application for AndroidThe Calyx Institute sponsored development of SeedVault [18] and an annual report states they "debuted SeedVault" during their 2019-2020 fiscal year. [19]

SeedVault is also used by LineageOS. [20] [21]

Signal Encrypted calling/messaging appFree, privacy-focused messaging and voice talk app, preinstalled as messaging app in CalyxOS. [22]

CalyxOS ships with MicroG as an open-source alternative to the Google Mobile Services, including Mozilla Location Services as an optional replacement to the location services provided by Google, but gives the user the option to disable microG and its location services. [23]

Reception

In October 2020, Moritz Tremmel reviewed CalyxOS. [24] A month later, Tremmel explained why he preferred CalyxOS over LineageOS. [25] A year later in September 2021, Tremmel further explained how CalyxOS was different from other ROMs because it did not require as much "fiddling". [26] Rahul Nambiampurath, writing for MakeUseOf in March 2021, termed CalyxOS, "[one of the] best [Android] ROMs for privacy ... offers the perfect middle ground between convenience and privacy". [27] In August 2021, Android Authority wrote CalyxOS "puts privacy and security into the hands of everyday users." [28]

In 2022, the book c't Sicher ins Netz: How to block out monitors and attackers, said "CalyxOS is one of the youngest custom ROMs, it will only celebrate its second birthday in summer 2022. With a built-in Datura firewall, VPN and Cloudflare DNS, Calyx promises more security than some other mobile systems." [29]

In 2023, CalyxOS was the one alternative phone operating system recommended by Carey Parker in the book Firewalls Don't Stop Dragons. [30]

See also

Related Research Articles

Rooting is the process by which users of Android devices can attain privileged control over various subsystems of the device, usually smartphones and tablets. Because Android is based on a modified version of the Linux kernel, rooting an Android device gives similar access to administrative (superuser) permissions as on Linux or any other Unix-like operating system such as FreeBSD or macOS.

<span class="mw-page-title-main">Fastboot</span> Recovery mode included in Android mobile operating system

Fastboot is a communication protocol used primarily with Android devices. It is implemented in a command-line interface tool of the same name and as a mode of the bootloader of Android devices. The tool is included with the Android SDK package and used primarily to modify the flash filesystem via a USB connection from a host computer. It requires that the device be started in Fastboot mode. If the mode is enabled, it will accept a specific set of commands, sent through USB bulk transfers. Fastboot on some devices allows unlocking the bootloader, and subsequently, enables installing custom recovery image and custom ROM on the device. Fastboot does not require USB debugging to be enabled on the device. To use fastboot, a specific combination of keys must be held during boot.

<span class="mw-page-title-main">Nicholas Merrill</span> Free speech and privacy advocate

Nicholas Merrill is an American system administrator, computer programmer, and entrepreneur. He is the founder of Calyx Internet Access, an Internet and hosted service provider founded in 1995, and of the non-profit Calyx Institute. He was the first person to file a constitutional challenge against the National Security Letters statute in the USA PATRIOT Act and consequently the first person to have a National Security Letter gag order completely lifted.

<span class="mw-page-title-main">MIUI</span> Android-based mobile OS developed by Xiaomi

MIUI is a deprecated mobile operating system by Xiaomi for its smartphones and devices, from 2010 to 2023, prior to the launch of its successor Xiaomi HyperOS.

Fairphone is a Dutch electronics manufacturer that designs and produces smartphones and headphones. It aims to minimise the ethical and environmental impact of its devices by using recycled, fairtrade and conflict-free materials, maintaining fair labor conditions throughout its workforce and suppliers, and enabling users to easily repair their devices through modular design and by providing replacement parts. As of April 2024, the company's most recent smartphone is the Fairphone 5, which it plans to provide with security updates and software support, including 5 OS updates, for 10 years.

The Calyx Institute is a New York-based 501(c)(3) research and education nonprofit organization formed to make privacy and digital security more accessible. It was founded in 2010 by Nicholas Merrill, Micah Anderson, and Kobi Snitz.

Custom firmware, also known as aftermarket firmware, is an unofficial new or modified version of firmware created by third parties on devices such as video game consoles, mobile phones, and various embedded device types to provide new features or to unlock hidden functionality. In the video game console community, the term is often written as custom firmware or simply CFW, referring to an altered version of the original system software inside a video game console such as the PlayStation Portable, PlayStation 3, PlayStation Vita/PlayStation TV, PlayStation 4, Nintendo 3DS, Wii U and Nintendo Switch. Installing custom firmware on some devices requires bootloader unlocking.

<span class="mw-page-title-main">Honor 5X</span> Android smartphone

The Huawei Honor 5X is a mid-range Android smartphone manufactured by Huawei as part of the Huawei Honor X series. It uses the Qualcomm Snapdragon 616 processor and an aluminum body design. It was first released in China in October 2015, and was released in the United States and India in January 2016.

<span class="mw-page-title-main">LG V20</span> Android smartphone by LG Electronics

LG V20 is an Android phone manufactured by LG Electronics, in its LG V series, succeeding the LG V10 released in 2015. Unveiled on September 6, 2016, it was the first phone with the Android Nougat operating system. Like the V10, the V20 has a secondary display panel near the top of the device that can display additional messages and controls, and a quad DAC for audio. The V20 has a user-replaceable battery, unlike its successor, the LG V30, unveiled on 31 August 2017.

<span class="mw-page-title-main">LineageOS</span> Free and open-source Android-based operating system

LineageOS is a open source Android distribution for smartphones, tablets, and set-top boxes. It is community-developed and serves as the successor to CyanogenMod, from which it was forked in December 2016, with the source code available on both GitHub and GitLab. As of 2023, there are about 1.5 million devices running the LineageOS operating system.

<span class="mw-page-title-main">Shiftphone</span> Modular easy-to-repair fair-trade smartphone series.

Shiftphone is a modular, easy-to-repair smartphone brand created by the company SHIFT in Germany. The company emphasizes fair trade and ecology, similar to Fairphone. Instead of tantalum capacitors made from coltan, ceramic capacitors are used for their manufacturing. So far, eleven model series have been released. The most recent release was the SHIFT6mq in June 2020. The upcoming device will be the SHIFTphone 8, scheduled for release in 2024.

/e/ is a fork of LineageOS, an Android-based mobile operating system, and associated online services. /e/ is presented as privacy software that does not contain proprietary Google apps or services, and challenges the public to "find any parts of the system or default applications that are still leaking data to Google."

<span class="mw-page-title-main">GrapheneOS</span> Android-based mobile operating system

GrapheneOS is an open source, privacy and security-focused Android operating system that runs on selected Google Pixel devices, including smartphones, tablets and foldables.

<span class="mw-page-title-main">MicroG</span> Free and open-source alternative to Google Android libraries

MicroG is a free and open-source implementation of proprietary Google libraries that serves as a replacement for Google Play Services on the Android operating system. It is maintained by the German developer Marvin Wißfeld. He describes microG as "the framework to create a fully-compatible Android distribution without any proprietary Google components".

iodéOS Android-based operating system

iodéOS is an Android-based mobile operating system developed by French company iodé. The operating system is a fork of LineageOS and does not include Google Play Services, instead using MicroG as a free and open-source replacement.

<span class="mw-page-title-main">Bootloader unlocking</span> Process of disabling secure device booting

Bootloader unlocking is the process of disabling the bootloader security that makes secure boot possible. It can make advanced customizations possible, such as installing custom firmware. On smartphones, this can be a custom Android distribution or another mobile operating system. Some bootloaders are not locked at all and some are locked, but can be unlocked with a command or with assistance from the manufacturer. Some do not include an unlocking method and can only be unlocked through a software exploit.

SafetyNet consists of several application programming interfaces (APIs) offered by the Google Play Services to support security sensitive applications and enforce DRM. Currently, these APIs include device integrity verification, app verification, recaptcha and web address verification. It is an extension of AVB2.0 and dm-verity.

<span class="mw-page-title-main">DivestOS</span> Android-based operating system

DivestOS is an open source, Android-based operating system. It is a soft fork of LineageOS that aims to increase security and privacy with support for end-of-life devices. It removes many proprietary blobs and pre-installs open source apps.

References

  1. "Android 15, December 2024 Security update, Partial". calyxos.org. Archived from the original on December 13, 2024. Retrieved December 14, 2024.
  2. "About The Calyx Institute - Calyx Institute". calyxinstitute.org. Retrieved November 2, 2021.
  3. "Security FAQ". calyxos.org. Retrieved March 3, 2023.
  4. "Android Security Bulletins". calyxos.org. Retrieved March 3, 2023.
  5. "CalyxOS: Google-freies Android". Linux-Magazin (in German). Retrieved April 13, 2023. Bei der Installation wird auch der Geräteschlüssel von Google gegen einen von CalyxOS ausgetauscht. Das ermöglicht einen verifizierten Bootvorgang und stellt sicher, dass sich nur von CalyxOS signierte Updates installieren lassen. Um den Schutz zu aktivieren, fragt der Installer am Schluss, ob er den Bootloader wieder sperren soll, was es zu bestätigen gilt. Anschließend ist die CalyxOS-Installation startklar.
  6. "Financials and Annual Reports - Calyx Institute". calyxinstitute.org. Retrieved July 26, 2022.
  7. "Annual Report 2018-2019" (PDF). Archived from the original on July 26, 2022. Retrieved September 19, 2022.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  8. "Device Support". calyxos.org. Retrieved October 11, 2023.
  9. "Fairphone 4, OnePlus 8T, OnePlus 9 test builds now available". calyxos.org. Retrieved July 30, 2022.
  10. "May 2022 Security update - Fairphone 4, OnePlus 8T, 9, 9 Pro". calyxos.org. Retrieved July 30, 2022.
  11. "OnePlus Android 12 firmware - relocking no longer works". calyxos.org. Retrieved July 30, 2022.
  12. "Fairphone 5, March update progress". calyxos.org. Retrieved May 11, 2024.
  13. "Aurora Store". calyxos.org. Retrieved September 29, 2022.
  14. "June 2022 Security update - Pixels". Archived from the original on October 25, 2022.
  15. "F-Droid". calyxos.org. Retrieved September 29, 2022.
  16. "microG". calyxos.org. Retrieved August 1, 2022.
  17. "Organic Maps: Offline Hike, Bike, Trails and Navigation". 13ea2c58.organicmaps.pages.dev. Retrieved August 24, 2023.
  18. "SeedVault - Calyx Institute". calyxinstitute.org. Retrieved July 23, 2022.
  19. "Annual Report 2019-2020" (PDF). Archived from the original on July 26, 2022. Retrieved September 19, 2022.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  20. Hazarika, Skanda (November 4, 2020). "LineageOS adopts SeedVault as its open source backup solution". XDA Developers.
  21. Hazarika, Skanda (March 31, 2021). "LineageOS 18.1 based on Android 11 is here for nearly 60 devices". XDA Developers. Retrieved April 13, 2023.
  22. "Signal". calyxos.org. Retrieved September 29, 2022.
  23. "5 De-Googled Android-based Operating Systems". It's FOSS. November 13, 2021. Retrieved April 13, 2023. Instead of not shipping the Google Mobile Services (GMS) and leaving users to figure stuff out by themselves (flashing gapps etc), CalyxOS ships with microG. However, you can choose to enable/disable it, thus, giving you total control. [...] Uses Mozilla Location Services instead of Google's Location Services
  24. Moritz Tremmel (October 19, 2020). "CalyxOS im Test: Ein komfortables Android mit einer Extraportion Privacy". Golem.de (in German). Retrieved February 2, 2021.
  25. Tremmel, Moritz (November 10, 2020). "Bye-bye, Lineage OS!". www.golem.de (in German). Archived from the original on November 12, 2020. Retrieved November 2, 2021.
  26. Tremmel, Moritz. "CalyxOS: Google-freies Android". Linux-Magazin (in German). Retrieved November 2, 2021.
  27. "What's the Best Privacy-Focussed Android ROM?". MUO. March 29, 2021. Retrieved November 2, 2021.
  28. "Gary Explains: Linux turns 30, Tesla's D1 chip, Power⚡️ over Ethernet & more!". Android Authority. Retrieved November 2, 2021.
  29. c't-Redaktion (May 18, 2022). c't Sicher ins Netz: So sperren Sie Überwacher und Angreifer aus (in German). Heise Medien GmbH & Co. KG. ISBN   978-3-95788-313-1.
  30. Parker, Carey (2023), Parker, Carey (ed.), "Odds and Ends", Firewalls Don't Stop Dragons: A Step-by-Step Guide to Computer Security and Privacy for Non-Techies, Berkeley, CA: Apress, pp. 541–558, doi:10.1007/978-1-4842-9036-1_13, ISBN   978-1-4842-9036-1 , retrieved April 13, 2023