Living with an open-source phone

A few months ago, I decided to make a radical change to my smartphone lifestyle. I wanted a phone that would limit the amount of personal data I was broadcasting to third parties – namely Apple or Google – and decided to run a more-or-less vanilla version of Android, without any Google Play Services (i.e. no Google Maps, GMail, Google Play, or Google Search apps).

I’ve been living with this setup for a few months, and to my surprise, it’s really not that bad. It doesn’t feel like a return to the Stone Age, nor does it feel like I’ve sacrificed all the niceties of a smartphone to the point where I’m carrying around a glorified flip phone.

However, it’s a bit non-obvious how to get all of this stuff to work, and especially how to get by with a Android phone that doesn’t have the Google Play Store. So in this post, I’d like to talk a bit about my smartphone setup, in the hope that it might help someone who’s looking to make a similar switch.

Choosing an Android ROM

There are various flavors of Android out there: you can choose LineageOS (the spiritual successor to CyanogenMod), Paranoid Android, CopperheadOS, or you can even just build AOSP (the Android Open Source Project) from source.

After fumbling around with building AOSP from source (which was much more difficult than I thought – lots of requirements for the build environment, CPU horsepower, and storage), I also tried LineageOS and CopperheadOS, and eventually settled on LineageOS.

Why LineageOS? Well, mostly because it was easy, it offered fast security updates, and I like the minimalist interface and built-in apps. LineageOS was also familiar to me, as I had previously used Cyanogen for many years. (I forgot how much I enjoyed the small creature comforts, such as long-pressing the volume up/down keys to skip tracks!)

Screenshot of default homescreen on LineageOS

Default homescreen on LineageOS

I also needed a recovery image in order to install the ROM, and it seems that TWRP has become the de-facto standard these days, replacing the venerated ClockworkMod.

As it turns out, none of these options will result in a 100% open-source phone, as you’ll still be running the vendor binaries for your particular phone. But this is about as close as you can get to a smartphone that runs only free/libre open-source software.

Choosing a phone and installing a ROM

This isn’t going to be a guide to unlocking or rooting your Android phone. The process is different for every phone, and it would take too long to describe all the various steps. Suffice it so say that it’s still a painful process, and your choice of phone can either make it easier or harder.

I’ve been rooting, unlocking, and tinkering with Android phones for a long time, since the days of the HTC Dream and HTC Magic around 2009/2010. Since then, I’ve worked as an Android and mobile web developer, and I’ve become very comfortable with tools like the Android SDK, adb, fastboot, and Android Studio. And yet, to this day I still find installing custom ROMs to be a frustrating and time-consuming experience. I wish it were easier for casual folks to do this stuff.

The Nexus line of phones (now Pixel) have always been the easiest to customize, and for many years I stuck with the tried-and-true Nexus 5, which is still a surprisingly capable phone despite having been released in 2013. (I swear it ran faster than my 5X, which also kicked the bucket after only a year or two of use.) However, my aging Nexus 5 just couldn’t cut the mustard anymore due to hardware issues (the USB port was too loose; it had become tricky to charge it), and so I decided to buy a new phone instead.

I settled on the Samsung Galaxy S5, mostly because I could get it for cheap (<$200 on Amazon) and with full support for my carrier (T-Mobile). In retrospect, choosing a non-Nexus device made my life a lot harder, and after several hours of research on unlocking Samsung phones (including building Heimdall from source on a Windows machine, because the prebuilt binaries were out of date but the software was too old to build on a Mac), I finally had my LineageOS phone up and running.

The second thing you'll want to do is ensure that your device is encrypted, which you can enable in the security settings. Unfortunately this ended up making my phone unable to start the OS, but after booting into recovery and doing a factory reset, I had both encryption and the OS up and running just fine.

Screenshot of my LineageOS home screen

My LineageOS home screen

Getting apps

Without the Google Play Store, you'll have to use F-Droid, which has the added benefit of only hosting free and open-source apps. In fact, a couple of my own apps were previously on there (Catlog and KeepScore), and as far as I can tell, they were built directly from source. (I’m not sure why they were removed; possibly because I stopped maintaining them.)

To get F-Droid, you just download it directly from You'll also have to allow installation from "unknown sources" in the security settings.

For the odd app that isn't available on F-Droid, you can also use the Yalp Store, which can either use your Google account or an ephemeral account to download apps from the Play Store. It’s not clear to me whether or not this violates the Google Play Terms of Service, though, so proceed with caution.


I use Signal as my default SMS app and for most messaging with family and friends. Unfortunately it isn't available on F-Droid, but you can download it directly from the Signal website, or use the Yalp Store technique above.

Update: if you’re wondering how to verify the SHA256 fingerprint of the APK downloaded from the Signal website, here’s an example.

Like most Android apps, Signal normally uses Firebase Cloud Messaging (FCM, formerly GCM) to send push notifications. If you don't have Google Play Services installed, Signal will offer to switch to a less battery-efficient background polling mechanism.

I've used this mechanism for months and only had occasional problems where a large backlog of old messages was suddenly delivered all at once. It also hasn't had a visible impact on battery life. (I usually end the day with half a charge left; the GS5 has a great battery!)

Web browser

For a web browser, I mainly use Firefox via the FFUpdater tool, which is clunky but gets the job done. I’ve set DuckDuckGo as my default search engine, and I have uBlock Origin installed as an add-on, which undoubtedly makes my browsing faster and easier on the battery.

Occasionally though, I do find sites that don’t run so will with mobile Firefox, and for that I use Auto Updater for Chromium, which automatically installs Chromium and updates it. This is a bit nicer than FFUpdater because it does its work silently in the background, rather than requiring you to manually check for updates.

The built-in browser doesn’t support “Add to Homescreen,” so I find it fairly useless.


I use OsmAnd~, which is nice because it allows you to download maps in advance for offline use. Unfortunately it’s still nowhere near as feature-complete as Google Maps, so if you’re looking for something to help you navigate your car, you may be out of luck. (Update: actually, OsmAnd~ supports turn-by-turn navigation.)

I also frequently use in Firefox, which works surprisingly well. Besides some minor performance issues, it’s fairly indistinguishable from the native app for basic directions, bus timetables, and store lookups.

Screenshot of Google Maps running in Firefox

Google Maps running in Firefox

Living in Seattle, one of my favorite apps is also OneBusAway, which provides up-to-date arrival times for Seattle buses. Unfortunately this app requires Google Play Services in order to work, so I’ve had to do without.


Speaking of Seattle, it’s also important for me to know how much it’s going to rain in a given day. (Spoiler alert: a lot.)

This happens to be one of those things about LineageOS that’s a bit non-intuitive. To get weather to work, you have to go to the “extras” page and download a weather provider. (In my case, I’m using OpenWeatherMap.)

Unfortunately, though, even after installing the weather provider, I couldn’t get the built-in “cLock” widget to show the weather. (It keeps saying “network geolocation is disabled,” even though it’s not.) So I ended up installing Forecast widgets, which gets its data from the National Weather Service rather than the built-in weather provider.

Maybe this is just some bug with my installation or with the hardware itself, but in any case I’m satisfied with this workaround. The Forecast widget looks and works fine.

Screenshot of weather and time widget on my homescreen

Weather and time widget on my homescreen


The only non-standard features I really want from a keyboard are 1) emoji support, and 2) swipe input.

Unfortunately I couldn’t find any open-source keyboard that can do both of these things, and the AOSP keyboard doesn’t seem to support either. The closest I found was AnySoftKeyboard, which at least has an emoji screen. It doesn’t allow you to search for emoji, though, which is a bit frustrating.

Screenshot of sending an emoji via AnySoftKeyboard and Signal

Sending an emoji via AnySoftKeyboard and Signal

Overall, the keyboard experience has been my least favorite part of the LineageOS experience. I didn’t realize how much I had become accustomed to swipe input until I had to revert back to tapping, which feels to me like hunt-and-peck. Input is extremely laborious and slow, although on the plus side I’m spending less time texting, so maybe that’s a good thing.

Update: actually, AnySoftKeyboard does support searching emoji! You just need to type : and then the search term.

Music and podcasting

I’m a fairly old-school music consumer. I prefer to listen to albums from start to finish, and I never really got into services like Pandora or Spotify. Instead, I buy my MP3s from Amazon (old habit, my entire library is there) and then sync them from my desktop computer to my phone using adb-sync.

For browsing and listening to my music library, I’ve found Vanilla Music to be fantastic. It has a cover art downloader, the interface is minimal and clean, and it can play an album from start to finish, which is all I really ask.

Screenshot of Vanilla Music with some of my albums

Vanilla Music with some of my albums

Oh, and of course Vanilla Music sets the cover art on the lock screen. It’s the little things that count.

I’m also something of a podcast addict, so I use AntennaPod to download and listen to podcasts. I’ve tried several podcast apps on F-Droid, and I found this one to be the easiest and most reliable overall. I particularly like that it allows me to search on iTunes, since some podcasts can be hard to find elsewhere.

Social media

I stopped using Twitter, but if you absolutely must, their mobile website is not bad in either Firefox or Chromium. I’m told Facebook’s mobile website is also pretty functional.

I spend most of my social media time these days on Mastodon, and as it turns out the mobile websites work perfectly fine in both Firefox and Chrome, so you can just pin it to your homescreen. There’s also Tusky if you prefer the native app experience.


I don’t use Uber, but Lyft has a mobile webapp that works just as well as their native app. So when I need a ride, I just open in Firefox. It’s a PWA, and as far as I can tell it works just as well as the native Android app.

Somewhat bafflingly, though, if you go to directly, the site may try to route you to their driver portal or to the app store instead.

Screenshot of Lyft's website offering "Lyft in Firefox,"

Lyft’s website may offer “Lyft in Firefox,” which is the PWA

In case you get confused, you may need to look for the “Lyft in Firefox” link. To me, this seems like a bizarre way of saying “Lyft for the web,” but you do you, Lyft.

Email, calendar, and contacts

I switched to FastMail recently for my primary email account, and I’ve been really happy with the service. It’s fast, it’s simple, and it has a clear business model where I pay them 5 bucks a month and they host my email. Simple.

To get my email on my phone, I use K-9 Mail, as I’ve found it a bit more reliable and feature-rich than the built-in Email app. If you prefer a simpler interface, though, the built-in app works fine too.

FastMail also supports calendar and contact sync, and this is where it gets a bit trickier. If you’ve ever connected an email client to your email server by manually typing the IMAP and SMTP settings (which, incidentally, you’ll have to do for K-9 email), then it’ll feel pretty familiar. FastMail supports CalDav and CardDav, and so to hook these up to my phone I used DavDroid.

Honestly this was probably the most tedious process of setting up my LineageOS phone. It involved creating app passwords for each client (I use separate passwords for email, calendar, and contacts, in the interests of security), and manually typing in the server names and ports for the various FastMail endpoints. This was a long and error-prone process, but in the end I do have full email, calendar, and contact sync, so I can’t complain.

Passwords and two-factor auth

For nearly a decade I’ve stored my passwords using the Joel Spolsky method, which is to use PasswordGorilla on desktop and PasswdSafe on Android. I like this method because it’s simple, it works cross-platform, and I maintain control of the password file.

For two-factor authentication (other than basic SMS), there’s FreeOTP, which essentially takes the place of Google Authenticator.

The web works for everyone

One of my main reasons for switching to a non-Google Android phone was to see how capable the web is as an application delivery system. And aside from the native apps listed above and some minor utilities (e.g. a barcode scanner and a notes widget), I do pretty much everything in a web browser.

Media sources like Hacker News, Ars Technica, and others don’t need an app – you can just pin a website to your home screen. (Although for Hacker News, I use the excellent The main exception for me is NewsBlur, which I access via the open-source client app.

For videos, both YouTube and Vimeo also work great as mobile webapps. In Firefox, they can run both in fullscreen mode and in the background.

For file sync, I use Dropbox’s mobile webapp for quick file downloads from my Dropbox account and Firefox Send for sending more ephemeral files. I need a better solution to backing up photos, though; for now I’m just using adb-sync to sync to my Dropbox folder on the desktop.

I also do work at Microsoft, and although I have a personal policy of not syncing my work email to my phone, I can make a temporary exception by loading in Firefox, which works surprisingly well. For those odd moments when I need to send an email or check the location of a meeting, it gets the job done.

As a guitarist, I also needed a way to tune my guitar, and sadly the excellent g-strings is both paid and closed source, so it was a no-go. So I use Paul Lewis’ guitar tuning webapp instead, which is a good substitute.

Screenshot of

Me singing a bit off-key into a guitar tuner

Turns out the web of 2017 is capable of quite a bit, from hailing a taxi to tuning your guitar!


I hope I’ve demonstrated in this blog post that it’s not only possible to use an open-source phone without any of the pervasive tracking, spyware, or bloatware that we’ve come to expect from most smartphones, but it’s actually quite viable and even enjoyable.

When I booted up my Galaxy S5 for the first time, I was immediately greeted with a barrage of ads for Samsung and T-Mobile services and upsells, all in the 5 minutes it took to turn on USB debugging so I could install custom software and mercifully silence all of the nagware. My clean and stripped-down LineageOS setup is about as far from that horrendous out-of-the-box experience as you can get.

Note though, that this is the setup that works for me, and your mileage may vary depending on how much you rely on various software and services. If you use GMail and GDocs, you may be better off just using a Google-flavored Android phone. And if you’re bought into the iTunes and iCloud ecosystem, it may be more trouble than it’s worth to switch from an iPhone.

Also, despite my attempts to de-mystify some of the less obvious parts of this setup, I’m in no way claiming that any of this is accessible to the non-geek, non-hacker crowd. The mere process of installing LineageOS is so far beyond the capabilities of the average non-techie that it actually fills me with a kind of despair.

This is probably a subject for an entire post, but I’m becoming concerned that my friends and I in the open-source, pro-privacy hacker scene are building a two-tiered world, where the tech elite can successfully install and configure software that maintains their security and privacy, whereas the average person is stuck either paying a premium for a privacy-respecting but closed-source iPhone, or paying a reasonable price for an Android phone where their security and privacy are far from assured.

That said, maybe if more of us inhabit this (admittedly neophyte-unfriendly) world, then maybe we can work to make it more accessible to those of us who don’t know how to use a command line and have no patience to type out IMAP server URLs into their smartphone. Let’s hope so.

31 responses to this post.

  1. Posted by Daniel on November 27, 2017 at 1:34 PM

    Did you opt for LineageOS and just refuse to install Google Play services or did you use the microG version of LineageOS?


    • I’m not using MicroG. I gave it a shot, but it didn’t fix OneBusAway (which was the main app I missed from Google-flavored Android), so I just opted for vanilla LineageOS.


  2. Posted by Matt on November 27, 2017 at 3:30 PM

    “without any of the pervasive tracking, spyware, or bloatware that we’ve come to expect from most smartphones”

    Unless you forgot to mention auditing all those source code repos (and keeping them audited!), this seems like you’ve traded pervasive tracking by known actors for surprise tracking by whoever can get control of the source…


  3. […] via Living with an open-source phone — Read the Tea Leaves […]


  4. Using web apps, I see. Well enjoy it while it lasts. I’m taking away net neutrality.


  5. May I suggest you check out Brave browser? It’s an open-source, Chromium-based browser created by the co-founder and ex-CEO of Mozilla. It has a built-in ad blocker and in my experience works way better than Firefox for mobile.


  6. You could also check out Bitwarden as a password management tool. It is open source, can even self host. It has OTP support and an autofill service which comes in handy.

    Highly recommend checking out. You can download the apk on their website.


  7. I need a better solution to backing up photos

    I’ve been using Syncthing, it’s great (not just for phone, but computer to computer). 100 % decentralized. I actually just sync the whole phone, since the phone can only store so much anyway.


  8. I had no idea Signal could work without Google Play Services! For months this has been the only thing stopping me from going 100% Google free on my phone!

    This post made me very happy.


  9. Posted by Marco on November 28, 2017 at 7:51 AM

    Nice post Nolan! I want to follow your steps with a Samsung J5. Do you have a recipe to share? Also I suggest you to share a TWRP image of your installation to allow other Samsung S5 users to skip the hard work and go straight to result. I will do it in case of success.


  10. did you have yet a look at some SailfishOS phone?


  11. Posted by Dror on December 20, 2017 at 3:06 AM

    You should try Moovit as a replacement for OneBusAway – I use their mobile website with Firefox for a long time now. Not sure how their perform in Seattle specifically, though.


  12. “… building a two-tiered world …”

    A podcast called Free as in Freedom discusses this from time to time. Very interesting topic. You might like the podcast.

    Unrelated question:

    There are currently some efforts to further develop plasma-mobile and ubuntu touch (especially with halium). Do you think that it is fragmenting the community’s efforts at providing people free software on their phones, or do you think that independence from android is a good thing?

    Ubuntu touch works pretty well so far on my nexus 5 btw, just worried about whether I can trust it to be my mfa device and whether the inconvenience has any value compared to just using lineage.



    • I haven’t looked much into it, to be honest. I gave Ubuntu Touch a shot on my Nexus 5, but I wasn’t super impressed (can’t recall why). I also tried Firefox OS back in the day, but the performance was sub-par.

      I think any non-Android FLOSS OS will have to deal with an app gap, which is the main reason I’m on LineageOS – I want a good podcast app, for instance. OTOH this becomes less pressing as the web adds more and more capabilities. Assuming you have a good mobile browser, you might not be missing out on much.

      Thanks for the podcast recommendation as well! I’ll check it out. :)


  13. Posted by Alasdair on February 7, 2018 at 7:27 AM

    For you passwords you may want to switch to (Linux/Mac/BSD) it saves your passwords as files encrypted with your GPG keys and has git support. So you can transfer all your passwords to that, push the files to your private git repo then use PasswordStore on your android device (from F-Droid) and pull your passwords from your git repo


  14. Posted by Brad on February 19, 2018 at 11:35 AM

    Thanks so much for this post; I actually went through the same process myself very recently with a refurbished Motorola G3 that was no longer receiving security updates on the stock Android 6. Lineage is working out great for me. I initially installed it with open gapps, but then decided to try “pure” Lineage and F-Droid. It’s meeting my needs for now.

    The process for installing Lineage was very intimidating and seemed way over my head; there are actually people in my city who’ll do it for you, for a fee, but I decided to try it myself and after more than 6 hours of effort I succeeded…and learned a lot along the way. If I have time later this spring I’d like to write up a more user-friendly set of instructions for people who have no experience using the terminal on their computer, who don’t know what “adb” or “fastboot” or “recovery” mean. I suspect the number of people using Lineage to extend the lives of their phones could easily double or triple if the instructions were written out in a more approachable, understandable way. Plus I think there’s a market for people to offer Lineage installations as a service. We have repairathons in my city where people bring their old phones and computers in to learn how to fix them, and Lineage installations could easily be added to that experience.


    • Posted by Brad on February 20, 2018 at 7:27 AM

      Actually, a better (but maybe less feasible) idea than instructions would be an app that does at least some of the work for you. I don’t think you could use an app to get and apply your unlock code, but an app might be able to take care of some of the other steps in the process.


  15. FWIW, the OpenWeatherMap provider with the cLock widget needs a geocoder and reverse geocoder to work. That is, it needs something that can take lat/lon from your GPS or network location provider and turn it into a city name. Or, given a city name, turn that into lat/lon to get the forecast.

    Normally the geocoder and reverse geocoder APIs are provided by some of the Google libraries provided in the gapps package.

    However microG provides the same API and I can say that the cLock weather widget works perfectly on the Lineage with microG on my phone


  16. Posted by Free Russia on March 3, 2018 at 6:19 PM

    Can these remaining vendors’ binaries monitor your textboxes or twits?


  17. Posted by Free Russia on March 4, 2018 at 11:24 PM

    About above question I mean textfields not to be confused with text messages


  18. Posted by Woi on April 20, 2018 at 9:00 AM

    Nice blog post. But there are some nice Apps I like to point to:
    * andOTP: Has some features I miss in FreeOTP like backups. And also looks nicer :)
    * Fennec instead of FFUpdater:
    * Maps: Not sure if I really like it better than OsmAnd~, but it’s nice to have alternatives:


  19. Posted by Michal on August 5, 2018 at 1:05 PM

    This is a great post! Thx


  20. […] devices, as long as you’re using the same YubiKey. This is great for me, because I have a weird Android setup, and so I’m frequently factory-resetting my phone, meaning I’d normally have to go […]


  21. Posted by freeman on October 4, 2018 at 12:22 PM

    I have a pixel 1 in the mail, and it will have LineageOS on it within the week

    I’m worried about installing the microG version of it. Apparently there is some risk of signature spoofing if you let it spoof the google services. Does anybody know if that is a real problem or not?

    (Alternatively, I would just go without google services)


  22. Posted by Anonymous on November 20, 2018 at 11:37 PM

    Can you use Whatsapp in Lineage OS?


  23. Posted by Stewart Daniels on November 22, 2018 at 9:11 AM

    Great article! A pity the masses cannot see the giant downside (Despite the mounting evidence of reckless corperate invasiveness) to installing a suite of Trojans (Google Apps) for our ‘Convenience’ on their devices.

    It’s not that I have something to hide, I simply have nothing I wish to share.

    Anyways, I am running Resurrection Remix Oreo (No Google/ MicroG installed), and for a month now, I have not missed one bit of Google. Amaze (File explorer), Booky McBoooflkace (Epub Reader), Etar (Calendar), Firefox Klar (Browser), Newpipe, and OSMand (Nav). I use Viper4Android, such makes the most basic media player…wonderful. No FB, Twitter, ect because…really?

    With a root firewall (Which now gets very little action), I feel so much better that my device(s) no longer emit logs that are filled with hundreds of server addresses, and reasons why my battery drains at abnormal rates.

    I’m still new to open source, and haven’t ventured past F-Droid yet, but so far, I am quite happy to be free (Sort of). Now, on to the productivity apps…

    Dumb phones are underrated.


  24. […] year ago I wrote a blog post about living with an open-source phone. A commenter on Reddit described this as “tech veganism,” and I thought it was a great […]


  25. Posted by Damon on August 12, 2019 at 2:05 PM

    Hi! I think things are improving for people doing this type of thing. There is an open source keyboard with swiping: SwiftKey, and for maps, I’ve been impressed with Here(We Go!) (from Garmin). I don’t think it’s open source, but I feel better about that app than accessing Google Maps.


  26. Posted by JB on August 2, 2022 at 7:05 PM

    Sadly a number of big tech giants have made their mobile websites useless in recent years, frequent dirty tricks include covering a lot of screen space with requests to sign up and/or install their dubious apps. For some, entire websites have been set up to act as secure frontends for independent viewers.
    For those other commenters touting their favorite alternative password managers, please note that passwdsafe is the original that stores everything in an encrypted local file, not the mess that is gpg based scripts or the spyware that is online password managers.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.