Editor's note: CopperheadOS is licensed under the Creative Commons Attribution-NonCommercial-Shar
Several years ago, I made the decision to replace proprietary technologies (mainly Apple products) with technology that ran on free and open source software (FOSS). I can't say it was easy, but I now happily use FOSS for pretty much everything.
The hardest part involved my mobile handset. There are basically only two choices today for phones and tablets: Apple's iOS or Google's Android. Since Android is open source, it seemed the obvious choice, but I was frustrated by both the lack of open source applications on Android and the pervasiveness of Google on those devices.
So I entered the world of custom ROMs. These are projects that take the base Android Open Source Project (AOSP) and customize it. Almost all these projects allow you to install the standard Google applications as a separate package, called GApps, and you can have as much or as little Google presence on your phone as you like. GApps packages come in a number of flavors, from the full suite of apps that Google ships with its devices to a "pico" version that includes just the minimal amount of software needed to run the Google Play Store, and from there you can add what you like.
I started out using CyanogenMod, but when that project went in a direction I didn't like, I switched to OmniROM. I was quite happy with it, but still wondered what information I was sending to Google behind the scenes.
Then I found out about CopperheadOS. Copperhead is a version of AOSP that focuses on delivering the most secure Android experience possible. I've been using it for a year now and have been quite happy with it.
Unlike other custom ROMs that strive to add lots of new functionality, Copperhead runs a pretty vanilla version of AOSP. Also, while the first thing you usually do when playing with a custom ROM is to add root access to the device, not only does Copperhead prevent that, it also requires that you have a device that has verified boot, so there's no unlocking the bootloader. This is to prevent malicious code from getting access to the handset.
Copperhead starts with a hardened version of the AOSP baseline, including full encryption, and then adds a ton of stuff I can only pretend to understand. It also applies a number of kernel and Android patches before they are applied to the mainline Android releases.
It has a couple of more obvious features that I like. If you use a PIN to unlock your device, there is an option to scramble the digits.
This should prevent any casual shoulder-surfer from figuring out your PIN, although it can make it a bit more difficult to unlock your device while, say, driving (but no one should be using their handset in the car, right?).
Another issue it addresses involves tracking people by monitoring their WiFi MAC address. Most devices that use WiFi perform active scanning for wireless access points. This protocol includes the MAC address of the interface, and there are a number of ways people can use mobile location analytics to track your movement. Copperhead has an option to randomize your MAC address, which counters this process.
This all sounds pretty good, right? Well, here comes the hard part. While Android is open source, much of the Google code, including the Google Play Store, is not. If you install the Play Store and the code necessary for it to work, you allow Google to install software without your permission. Google Play's terms of service says:
"Google may update any Google app or any app you have downloaded from Google Play to a new version of such app, irrespective of any update settings that you may have selected within the Google Play app or your Device, if Google determines that the update will fix a critical security vulnerability related to the app."
This is not acceptable from a security standpoint, so you cannot install Google applications on a Copperhead device.
This took some getting used to, as I had come to rely on things such as Google Maps. The default application repository that ships with Copperhead is F-Droid, which contains only FOSS applications. While I previously used many FOSS applications on Android, it took some effort to use nothing but free software. I did find some ways to cheat this system, and I'll cover that below. First, here are some of the applications I've grown to love from F-Droid.
Even before I started using Copperhead, I loved K-9 Mail. This is simply the best mobile email client I've found, period, and it is one of the first things I install on any new device. I even use it to access my Gmail account, via IMAP and SMTP.
Copperhead runs only on rather new hardware, and I was consistently disappointed in the quality of the pictures from its default camera application. Then I discovered Open Camera. A full-featured camera app, it allows you to enable an advanced API to take advantage of the camera hardware. The only thing I miss is the ability to take a panoramic photo.
Amaze is one of the best file managers I've ever used, free or not. When I need to navigate the filesystem, Amaze is my go-to app.
I was unhappy with the default music player, so I checked out a number of them on F-Droid and settled on Vanilla Music. It has an easy-to-use interface and interacts well with my Bluetooth devices.
I am a big fan of Nextcloud, particularly Nextcloud News, a replacement for the now-defunct Google Reader. While I can access my news feeds through a web browser, I really missed the ability to manage them through a dedicated app. Enter OCReader. While it stands for "ownCloud Reader," it works with Nextcloud, and I've had very few issues with it.
The SMS/MMS application of choice for most privacy advocates is Signal by Open Whisper Systems. Endorsed by Edward Snowden, Signal allows for end-to-end encrypted messaging. If the person you are messaging is also on Signal, your messages will be sent, encrypted, over a data connection facilitated by centralized servers maintained by Open Whisper Systems. It also, until recently, relied on Google Cloud Messaging (GCM) for notifications, which requires Google Play Services.
The fact that Signal requires a centralized server bothered some people, so the default application on Copperhead is a fork of Signal called Silence. This application doesn't use a centralized server but does require that all parties be on Silence for encryption to work.
Well, no one I know uses Silence. At the moment you can't even get it from the Google Play Store in the U.S. due to a trademark issue, and there is no iOS client. An encrypted SMS client isn't very useful if you can't use it for encryption.
Enter Noise. Noise is another application maintained by Copperhead that is a fork of Signal that removes the need for GCM. While not available in the standard F-Droid repositories, Copperhead includes their own repository in the version of F-Droid they ship, which at the moment contains only the Noise application. This app will let you communicate securely with anyone else using Noise or Signal.
Copperhead ships with a hardened version of the Chromium web browser, but I am a Firefox fan. Unfortunately, Firefox is no longer included in the F-Droid repository. Apps on F-Droid are all built by the F-Droid maintainers, so the process for getting into F-Droid can be complicated. The Compass app for OpenNMS isn't in F-Droid because, at the moment, it does not support builds using the Ionic Framework, which Compass uses.
Luckily, there is a simple workaround: Install the FFUpdater app on F-Droid. This allows me to install Firefox and keep it up to date through the browser itself.
This brings me to a cool feature of Android 8, Oreo. In previous versions of Android, you had a single "known source" for software, usually the Google Play Store, and if you wanted to install software from another repository, you had to go to settings and allow "Install from Unknown Sources." I always had to remember to turn that off after an install to prevent malicious code from being able to install software on my device.
With Oreo, you can permanently allow a specified application to install applications. For example, I use some applications from the Amazon Appstore (such as the Amazon Shopping and Kindle apps). When I download and install the Amazon Appstore Android package (APK), I am prompted to allow the application to install apps and then I'm not asked again. Of course, this can be turned on and off on a per-application basis.
The Amazon Appstore has a number of useful apps, such as IMDB and eBay. Many of them don't require Google Services, but some do. For example, if I install the Skype app via Amazon, it starts up, but then complains about the operating system. The American Airlines app would start, then complain about an expired certificate. (I contacted them and was told they were no longer maintaining the version in the Amazon Appstore and it would be removed.) In any case, I can pretty simply install a couple of applications I like without using Google Play.
Well, what about those apps you love that don't use Google Play Services but are only available through the Google Play Store? There is yet another way to safely get those apps on your Copperhead device.
This does require some technical expertise and another device. On the second device, install the TWRP recovery application. This is usually a key first step in installing any custom ROM, and TWRP is supported on a large number of devices. You will also need the Android Debug Bridge (ADB) application from the Android SDK, which can be downloaded at no cost.
On the second device, use the Google Play Store to install the applications you want. Then, reboot into recovery. You can mount the system partition via TWRP; plug the device into a computer via a USB cable and you should be able to see it via ADB. There is a system directory called
/data/app, and in it you will find all the APK files for your applications. Copy those you want to your computer (I use the ADB
pull command and copy over the whole directory).
Disconnect that phone and connect your Copperhead device. Enable the "Transfer files" option, and you should see the storage directory mounted on your computer. Copy over the APK files for the applications you want, then install them via the Amaze file manager (just navigate to the APK file and click on it).
Note that you can do this for any application, and it might even be possible to install Google Play Services this way on Copperhead, but that kind of defeats the purpose. I use this mainly to get the Electric Sheep screensaver and a guitar tuning app I like called Cleartune. Be aware that if you install TWRP, especially on a Google Pixel, security updates may not work, as they'll expect the stock recovery. In this case you can always use fastboot to access TWRP, but leave the default recovery in place.
Must-have apps without a workaround
Unfortunately, there are still a couple of Google apps I find it hard to live without. Google Maps is probably the main Google application I use, and yes, while I know I'm giving up my location to Google, it has saved hours of my life by routing me around traffic issues. OpenStreetMap has an app available via F-Droid, but it doesn't have the real-time information that makes Google Maps so useful. I also use Skype on occasion, usually when I am out of the country and have only a data connection (i.e., through a hotel WiFi network). It lets me call home and other places at a very affordable price.
My workaround is to carry two phones. I know this isn't an option for most people, but it is the only one I've found for now. I use my Copperhead phone for anything personal (email, contacts, calendars, pictures, etc.) and my "Googlephone" for Maps, Skype, and various games.
My dream would be for someone to perfect a hypervisor on a handset. Then I could run Copperhead and stock Google Android on the same device. I don't think anyone has a strong business reason to do it, but I do hope it happens.
Devices that support Copperhead
Before you rush out to install Copperhead, there are some hurdles you'll have to jump. First, it is supported on only a limited number of handsets, almost all of them late-model Google devices. The logic behind this is simple: Google tends to release Android security updates for its devices quickly, and I've found that Copperhead is able to follow suit within a day, if not within hours. Second, like any open source project, it has limited resources and it is difficult to support even a fraction of the devices now available to end users. Finally, if you want to run Copperhead on handsets like the Pixel and Pixel XL, you'll either have to build from source or buy a device from Copperhead directly.
When I discovered Copperhead, I had a Nexus 6P, which (along with the Nexus 5X) is one of the supported devices. This allowed me to play with and get used to the operating system. I liked it so much that I donated some money to the project, but I kind of balked at the price they were asking for Pixel and Pixel XL handsets.
Recently, though, I ended up purchasing a Pixel XL directly from Copperhead. There were a couple of reasons. One, since all of the code is available on GitHub, I set out to do my own build for a Pixel device. That process (which I never completed) made me appreciate the amount of work Copperhead puts into its project. Two, there was an article on Slashdot discussing how people were selling devices with Copperhead pre-installed and using Copperhead's update servers. I didn't appreciate that very much. Finally, I support FOSS not only by being a vocal user but also with my wallet.
Putting the "libre" back into free
Another thing I love about FOSS is that I have options. There is even a new option to Copperhead being developed called Eelo. Created by Gaël Duval, the developer of Mandrake Linux, this is a privacy-based Android operating system based on LineageOS (the descendant of CyanogenMod). While it should be supported on more handsets than Copperhead is, it is still in the development stage, and Copperhead is very stable and mature. I am eager to check it out, though.
For the year I've used CopperheadOS, I've never felt safer when using a mobile device to connect to a network. I've found the open source replacements for my old apps to be more than adequate, if not better than the original apps. I've also rediscovered the browser. Where I used to have around three to four tabs open, I now have around 10, because I've found that I usually don't need to install an app to easily access a site's content.
With companies like Google and Apple trying more and more to insinuate themselves into the lives of their users, it is nice to have an option that puts the "libre" back into free.