The phone situation
I need to write something about this or I'll burst.
I have a new phone. It's an old iPhone SE 2022. Yes, I know. Evil, evil Apple. Won't someone please think of the privacy issues? Right, well, Apple has at least better reputation about these things than Google does, but we'll come to that.
It feels like I'm betraying the FLOSS cause. I feel horrible, although probably not just because of this.
Let's recap:
My main phone has been a de-googled (not even microG) Fairphone 4 with CalyxOS. CalyxOS recently almost collapsed when the founder and lead developer left. Even if the project itself left a blog post explaining stuff, at least one of them left behind a short message basically saying "Android is changing. Bye!".
CalyxOS recommend everyone to install something else, perhaps stock Android, until they get their act together. Until then, no security updates for quite a while.
Yes, I know Nicholas is now busy with his new project, the phone operator Phreeli. Best of luck with that!
- Extra phone, a Fairphone 3 with stock Android. Used for banking apps, ID apps, reimbursements for work, all that stuff. Almost always turned off and kept at home, except when I need it on travels. Hate, hate, hate.
- Google is fighting back against the alternative Android distros. It's more or less sabotaging the Android Open Source Project (AOSP) by withholding source and specs. My guess is that this will get worse.
Google recently decided to fight against directly installing (aka what the enemy calls "sideloading") apps in Android. This takes different forms. One of them is only allowing apps signed by a developer registered with Google. Naturally, F-Droid is very worried.
https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html
- EU's Chatcontrol proposal is still going forward, although in a slightly changed form. This still means that all messaging systems, even E2EE ones, will have to have client-side screening, even if mandated mass screening is now off the table.
Sweden's national proposal of a new law for lawful intercept is suggested to become law in spring of 2026. It's still in Lagrådet ("Council on legislation"?), but an early version of their reply to the proposal is available (in Swedish).
There was news recently that this has been postponed, but it's still on the table.
TL;DR: It's horrible. It means all service "providers" (whatever that means) will have to be able to do lawful intercept, possibly even in advance, regardless of encryption. This means copies of messages and images will be stored in the clear somewhere. Of course, if it's stored in the clear somewhere it's not just the police that will be able to access it. Who knows who might see it?
It's not clear who is required to provide the intercept. It might mean those who operate servers. It might mean those who wrote the software. It might mean those who distribute the software. They can use "the provider" however they want. Very scary.
Most likely, though, they will target publically available big services first. Yes, that means Signal, too. Signal has already said they will withdraw from Sweden if this passes, which probably means they won't be available on AppStore or Google Play. If you also consider Google's fight against direct installation, this gets complicated for ordinary people.
Of course, people like us will always manage to message each other safely somehow, but what about my dad?
Some alternatives:
Stop using a phone altogether. For many years I didn't use a mobile phone even after mobile phones had become popular. Of course I didn't have a landline phone either. Speaking on the phone is evil.
I got rid of my dumphone sometime in the late 1990's and didn't get a new one. It frustrated my family and girlfriends immensely. People wore often worried. And well, yes, it was sometimes true that they should be worried. In the end I inherited one of P's phones and started using a mobile again.
Doesn't seem realistic, if I don't want to upset those close to me.
- Use a dumbphone. Possible, but awkwards since a lot of the evils of modern society more or less demand a smartphone. I notice this a lot more when travelling.
Use a Linux phone. Options are things like Jolla, Pine Phone or using Ubuntu Touch and postmarketOS on Android hardware. Hardware support is poor, though. For instance, postmarket boots on my FPs, but it doesn't yet support loading the battery.
I was quite surprised when Jolla just announced a new phone!
- Give up and use stock Android. This means a company which is famous for collecting data about individuals and selling it will see everything I do on the phone. Not acceptable.
Install some other AOSP distro, like eOS or iodéOS.
I considered this for a long time. Given that AOSP is possibly being sabotaged by Google and installing apps will only be possible through their control this didn't seem so much better than stock.
Give up in a different way and use an iPhone. This means Apple, in theory, can see whatever I do on the phone. On the other hand Apple doesn't have quite the evil track record that Google does.
Combined with the realisation that Signal will most likely will withdraw from Sweden and that I will probably be using iMessage to chat to, for instance, mom, this seems like a good idea.
Also, since I won't trust it that much, I will probably stop using the phone as much as before, which also seems like a good idea.
Conclusion: Buy an old iPhone. I can't bare to give Apple a lot of money, so I'm not buying a new one, just one new enough that updates are still a thing. I will most likeley keep sensitive communication away from the device, like I probably should have anyway.
Yeah, sensitive communication… About that. Perhaps another blog post, but I'm again investigating alternatives.
Written by MC on Prickle-Prickle, the 62 day of The Aftermath in the YOLD 3191 ().