8
submitted 1 year ago by nlm@beehaw.org to c/foss@beehaw.org

I've been a long time Android user and have been flashing custom roms on older phones when they end of life from their manufacturer to keep them up to date.

I started thinking.. how far should we trust custom roms?

There's a whole other debate how much you should trust the OEM roms as well but right now I'm focusing on custom roms.

Sure, they're open source but I'm not sure exactly how many eyes there are on the source code itself for a given rom. Many of them are "just" tweaks of some bigger more basic rom too, like Lineage OS for instance, then there's usually just one guy managing his particular rom.

Someone could theoretically add some nasties in there without people noticing if the code isn't vetted.

Sure, you could say that that's possible in all open source projects, like Linux Distros and so on, but there we have a ton of people working on the code so there's a much higher chance of bad stuff being found.

I'm not necessarily saying I don't trust Lineage OS or other roms, I was just hit by a train of thought and wanted to see what you guys think.

For my part I'd give more credibility to LOS than roms based on it that are managed by just one or a few persons for instance, but still.

I don't know. Was I suddenly hit by the paranoia stick or are these valid concerns?

Thoughts?

you are viewing a single comment's thread
view the rest of the comments
[-] eskuero@lemmy.fromshado.ws 6 points 1 year ago

I generally don't trust custom roms you can get from individuals in XDA unless they have a really strong reputation. If they are supported "officially" by someone like LineageOS it might be safer.

I always went safer by compiling it from source.

[-] nlm@beehaw.org 3 points 1 year ago

It might be a bit safer.. but you still have to trust the source?

But yeah, I flashed an official Lineage OS nighly that I got from their own site.. It still bugs me though and I kind of wish it didnt. :P

[-] eskuero@lemmy.fromshado.ws 5 points 1 year ago* (last edited 1 year ago)

LineageOS roms are probably as safe (regarding bad actors) as they can get with custom ROMs.

They undeniably have declined in popularity, partially because Stock Android now contains lots of features that used to be exclusive to custom roms and partially because those people more privacy minded have moved to alternatives like Pinephones and such.

[-] nlm@beehaw.org 1 points 1 year ago

True, these days I wouldn't really flash a phone that's till supported.. but when they hit end of life it's another story. Using an unpatched android phone isn't exactly optimal.

this post was submitted on 13 Jul 2023
8 points (100.0% liked)

Free and Open Source Software

17550 readers
56 users here now

If it's free and open source and it's also software, it can be discussed here. Subcommunity of Technology.


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS