In September 2022, Optus handed over the personal details of 9.5 million Australians to whoever was clever enough to ask for them. Names. Dates of birth. Home addresses. Driver’s licence numbers. Passport numbers. Gone.
Every single one of those people had a phone in their pocket. Most of them were running standard Android or iOS — operating systems built by companies that earn billions of dollars knowing everything about you. The breach wasn’t the start of the problem. It was just when Australians noticed.
If you’ve started researching deGoogled phone operating systems, you’ve probably already found yourself in a rabbit hole of options, technical comparisons, and YouTube videos that all seem to contradict each other. GrapheneOS. CalyxOS. /e/OS. LineageOS. BraX3. Each claims to be a legitimate deGoogled phone operating system. They’re not all equal Some bloke online telling you they’re all basically the same. They’re not.
We’ve built deGoogled phones on the Gold Coast for years. We’ve followed every one of these projects closely. This post is what we actually think — no sponsored opinions, no affiliate marketing, just a straight assessment of what works, what doesn’t, and why only one of these operating systems earns the label ‘deGoogled.’
One thing worth clearing up before we start. At FreedomTech, when we say ‘deGoogled phone,’ we mean a specific thing: a Google Pixel running GrapheneOS, with the bootloader relocked and verified boot operating. The other options in this post are more accurately called alternative Android operating systems. They’ve removed Google apps. That’s not the same as removing Google’s infrastructure — and the difference matters more than most people realise.
Most people start thinking about phone privacy the wrong way. They turn off location permissions on Instagram. They delete Facebook. They install a VPN. All reasonable steps. None of them fix the actual problem.
Your phone’s operating system is the foundation everything else runs on. It decides what your apps can access, what gets sent to whose servers, whether the software loading on startup has been tampered with, and whether anyone with physical access to your device can install malware without you ever knowing. Fix the apps and ignore the OS, and you’re putting a better lock on a door with no walls.
Standard Android phones send your location to Google’s servers up to 340 times in a 24-hour period, according to research from Vanderbilt University. Not when you’re searching. Not when you’re using Maps. While the phone is just sitting in your pocket. That’s not a bug. That’s what the operating system was designed to do.
Alternative operating systems break this at the foundation. But they don’t all break it equally — and some of them barely break it at all.
GrapheneOS is built by a Canadian non-profit that has been at it since 2014. Edward Snowden uses it and recommends it publicly. The Irish Times called it the system “tech experts give top marks for balancing security with usability” as recently as March 2026. We install it on every phone we sell.
It is, in our view, the only one of the deGoogled phone operating systems that earns that label without qualification.
It’s built on AOSP — the Android Open Source Project, which is the open-source foundation underneath the Android you know. Here’s the thing most people don’t realise: the Android on your current phone and raw AOSP are not the same thing. Google has been gradually replacing open-source components with closed proprietary software since 2007. GrapheneOS takes AOSP and goes the other direction — stripping out everything that phones home to Google and replacing it with its own infrastructure.
By default, GrapheneOS uses its own servers instead of Google’s for connectivity checks and location assistance. The browser it ships with — Vanadium, a hardened variant of Chrome — doesn’t talk to Google. Nothing on the phone reaches out to Google’s servers unless you specifically set it up to do so.
Here’s something that almost never comes up when people research deGoogled phones, and it’s the most important question of the lot.
After you install a new operating system on a phone, can you lock the bootloader again?
Every Android phone has a bootloader — software that runs before the operating system loads, and whose job is to check that the OS hasn’t been tampered with. To install a custom OS, you first have to unlock it. And once unlocked, the phone can no longer verify the integrity of what it’s running. Anyone who gets their hands on your phone, even briefly, can install compromised software without you ever knowing. Verified boot — the check that confirms your OS is intact every time the phone starts — requires a locked bootloader to function.
GrapheneOS, on Google Pixel hardware, lets you relock the bootloader after installation using GrapheneOS’s own signing keys. Every time your phone starts, it confirms the OS is exactly what it should be and hasn’t been touched. That’s the same security architecture as a stock Pixel. Just without Google’s software.
This is why we only build on Google Pixel. Not because we love Google — we obviously don’t. It’s because Pixel is the only consumer Android hardware that supports proper bootloader relocking with a custom OS installed, and because Google specifically engineered their Pixel motherboards with an IOMMU — a piece of hardware that keeps the phone’s cellular modem in its own isolated lane, away from your apps and data, even if the modem firmware itself gets compromised. Most Android hardware doesn’t have this. It’s not a setting. It’s a physical design decision made at the board level.
You may have seen reports that Google is locking down sideloading on Android from March 2026 — requiring all apps on certified Android devices to come from verified developers. That sounds like bad news for open-source app stores like F-Droid.
GrapheneOS is not a certified Android device. It doesn’t include Google’s certification framework. The Register confirmed in February 2026 that this policy ‘does not affect alternative Android or AOSP builds like /e/OS, LineageOS, or GrapheneOS.’ F-Droid, Aurora Store, and direct APK installs all continue to work on GrapheneOS exactly as they do today. On a standard Android phone, the window for installing privacy apps freely is closing. On GrapheneOS, there’s no window to close.
View our range: freedomtech.com.au/store/degoogled-phones-tablets
CalyxOS was, at best, a reluctant fallback. On the rare occasion a customer pushed back hard on GrapheneOS, it was the least-bad alternative — built on AOSP, supporting bootloader relocking on Pixel hardware, and using microG instead of Google Play Services. We never recommended it with any confidence. Then August 2025 happened, and the question became moot.
The Calyx Institute published a letter to their community that started with: “We want to assure you that we have no reason to believe the security of CalyxOS and its signing keys have been compromised.”
When a privacy project opens a letter with that sentence, something has gone wrong. The founder — Nicholas Merrill — had left the organisation. So had the lead developer. The reasons weren’t explained publicly. The project immediately paused all development and security updates, estimated four to six months of downtime, and told its own users they’d be better off uninstalling the OS.
Think about that for a second. A privacy operating system telling its users: uninstall us.
By the time of the announcement, CalyxOS was already stuck on the June 2025 security patch level. Researchers confirmed at least two remotely exploitable vulnerabilities were present — not theoretical ones, but actual holes that get used in mass attacks against anyone running unpatched software, not just people who’ve been specifically targeted.
Users who stayed on CalyxOS through the hiatus will need to wipe and reinstall from scratch to receive future updates. As of February 2026, the project is still rebuilding its signing infrastructure and release pipeline. Recovering is not the same as recovered. We’re watching it closely, but we’re not recommending it.
Before we compare the remaining deGoogled phone operating systems, it’s worth understanding microG — because it comes up with all of them.
microG is open-source software that mimics Google Play Services. Apps that need Google’s infrastructure — push notifications, location services — can use microG instead of the real thing. The code is entirely open, maintained by a German developer called Marvin Wißfeld, and contains no Google code.
But when microG is enabled with push notifications turned on — the default on CalyxOS and /e/OS — your IP address and device model are sent to Google when microG first registers. Google’s advertising ID is disabled. But it’s not zero contact. CalyxOS are honest about this. They describe it as ‘harm reduction’ — vastly better than standard Android’s 340 location pings a day, but not a clean break. GrapheneOS doesn’t use microG at all. It uses a fully sandboxed version of Google Play Services instead, which can’t access anything outside its own container
/e/OS is made by a French company called Murena, founded by the bloke who created Mandrake Linux back in the day. The idea is sound — take Android, strip out Google’s tracking, make it accessible to regular people, and offer a cloud workspace so you don’t need to hand your data to Google or Apple. The problem is in the execution.
/e/OS is built on LineageOS, which means it can’t relock the bootloader. It uses microG by default with push notifications enabled, so there’s limited Google contact baked into the standard setup. And the security updates run behind — the Register’s June 2025 review of /e/OS 3.0 noted it shipped with the May security patch, already behind at the time of publication. Murena themselves are upfront that /e/OS isn’t a security-hardened OS.
Then there’s the cloud problem. In October 2024, virtually every Murena cloud service went offline simultaneously — email, calendar, contacts, file storage, the works. The cause was ageing infrastructure that couldn’t cope with user growth. The cloud file storage was offline until February 2025. Four months. The CEO confirmed to the Register that around 120,000 accounts were affected. Some emails were permanently lost. Users weren’t notified for weeks after it started.
It wasn’t a hack. But Murena’s own documentation confirms the files are encrypted server-side — Murena holds the decryption keys, not you. True end-to-end encryption is listed as a future feature. We don’t install /e/OS and we don’t recommend it.
LineageOS runs on hundreds of phones from dozens of manufacturers. It’s open-source, well-maintained, and genuinely excellent at what it’s designed to do: give older Android phones a new lease of life and give developers a clean base to work with. It’s not a deGoogled phone operating system. That label gets attached to it sometimes, but it doesn’t fit.
The bootloader problem is the same as /e/OS, because /e/OS is built on it. LineageOS’s own FAQ says explicitly: if you try to relock the bootloader after installation, you will most likely end up with a phone that doesn’t boot, and there may be no way to recover. An unlocked bootloader means the phone cannot confirm on startup that its OS hasn’t been tampered with. For everyday use that’s fine. For privacy, it’s a problem that can’t be fixed at the software level.
You’ve probably seen it on YouTube. The BraX3 is a phone sold by Brax Technologies, associated with American content creator Rob Braxman — ‘The Internet Privacy Guy.’ It was launched via Indiegogo crowdfunding in April 2025. It runs iodéOS — a fork of LineageOS combined with microG. So straight away: no bootloader relocking, and limited Google contact via microG by default. The same issues as everything else built on LineageOS.
But the BraX3 has an additional hardware problem that the marketing absolutely doesn’t mention.
The phone is built on a MediaTek Dimensity 6300 chip, manufactured in China. The Dimensity 6300 does not have an IOMMU — the hardware isolation layer that keeps the cellular modem away from your phone’s memory and data. On Pixel hardware, even if the modem firmware gets compromised, it can’t access your apps or data. On a phone without IOMMU, the modem and the OS share memory space. If the modem is exploited, everything is potentially exposed.
MediaTek’s own September 2025 security bulletin listed CVE-2025-20708 — a high-severity remote privilege escalation flaw in their modem firmware requiring no user interaction. If you’re connected to a rogue base station and your hardware has no IOMMU isolation, that’s not a hypothetical risk.
Independent researcher 12bytes.org asked Brax Technologies directly, multiple times, whether the BraX3’s modem was properly isolated from user-space memory. The first response was a reference to a MediaTek technical document that didn’t answer the question. After that, no further responses. Their assessment as of June 2025: do not buy this phone.
As for iodéOS itself — as of November 2025, the core framework repository hadn’t received a code commit in 18 months. A team that small cannot realistically apply monthly security patches across 20-plus supported devices on that cadence.
No independent security researcher — no one unaffiliated with iodéOS or Brax Technologies — has endorsed the BraX3. Edward Snowden endorses GrapheneOS on Pixel. That’s not a close comparison.
We’re not attacking anyone here. We just think Australians spending real money on privacy deserve to know what they’re actually getting.
Here’s how the main deGoogled phone operating systems compare at a glance.
| OS | Based On | Bootloader Relock | Google Contact | Status march 2026 | Freedomtech |
|---|---|---|---|---|---|
| GrapheneOS | AOSP | Yes — verified boot on Pixel | Minimal — own servers | Actively maintained | Recommended |
| CalyxOS | AOSP | Yes — on Pixel (project collapsed August 2025. Not recommended | Via microG (optional) | Recovering from 2025 hiatus | Not recommended |
| /e/OS | LineageOS | No | Via microG (default on) | Active — lags patches | Not recommended |
| LineageOS | AOSP | No (standard builds) | Optional via microG | Active — not privacy OS | Not recommended |
| iodéOS / BraX3 | LineageOS fork | No | Via microG | Uncertain — 18mth gap | Not recommended |
Fair question, and one that comes up a lot.
AOSP — the open-source Android foundation — is what GrapheneOS, CalyxOS, /e/OS, and LineageOS are all built on. And yes, Google has been chipping away at the open-source parts of Android for years, replacing them with proprietary closed-source software. That’s a real trend and a legitimate concern.
GrapheneOS addresses it as thoroughly as it can be addressed. Their own servers replace Google’s for all standard connectivity checks. Their custom browser replaces Chrome. Where Google components remain in AOSP, GrapheneOS strips them or routes around them. The team has also contributed a significant amount of their security work back into AOSP — improvements that now run on billions of devices without those users ever knowing GrapheneOS existed.
At the hardware level, you’re still using a phone with a Qualcomm chip and Google’s Titan M2 security chip. GrapheneOS is clear-eyed about this. The reason they chose Pixel hardware is precisely because Google engineered it well from a security standpoint — good hardware isolation, proper bootloader relock support, long security update windows. The irony isn’t lost on anyone. But it’s the pragmatic choice.
Every phone we sell is a Google Pixel running GrapheneOS. Pixel 7 through Pixel 10, including Pro, XL, and Fold variants. The Google Pixel Tablet as well.
We install GrapheneOS from official sources. We relock the bootloader. We pre-install Brave, Signal, ProtonMail, Aegis Authenticator, and a set of privacy apps we’ve tested and use ourselves. We test every phone before it leaves us. Every client gets a FreedomTech manual covering how we set it up, what each app does, how to use the phone, how to transfer your data, and what to do when you have questions.
The phones work on every Australian carrier. Telstra, Optus, Vodafone — all of them. You can port your existing number across. 4G and 5G both work. Banking apps work. Maps work. GrapheneOS is a full-featured smartphone operating system. It just doesn’t spend its day reporting on you.
For the full picture on why a deGoogled Pixel matters for Australians specifically — the data broker industry, what happened to Optus, what’s changed with biometric data collection — read our guide: Why Google-Free Smartphones Are the Future of Digital Life
Of all the deGoogled phone operating systems available, GrapheneOS is the only one we recommend. It's the only option that removes Google's infrastructure entirely, supports bootloader relocking with verified boot, and receives consistent security updates. Every phone we sell at FreedomTech runs GrapheneOS.
No. GrapheneOS only runs on Google Pixel hardware. The reason is technical — Pixel is the only consumer hardware that supports proper bootloader relocking with a custom OS, and has the IOMMU architecture that isolates the modem from user memory. A Motorola partnership announced in March 2026 should bring compatible Motorola devices by late 2026 or early 2027, but nothing is available yet.
Most likely yes. GrapheneOS includes an optional sandboxed version of Google Play Services, which means you can install Play Store apps — including most banking apps — without giving Google system-level access to your device. A small number of apps that use aggressive device verification may have issues, but this gets better with each GrapheneOS update.
The short version: the two people who ran the project left in 2025, security updates stopped for months, and the project told its own users to consider uninstalling it. As of early 2026 it’s in recovery. Users who stayed on it through the hiatus will need to reinstall from scratch. We are not recommending CalyxOS at this time
No. microG is fully open-source and contains no Google code. But when enabled with push notifications — the default on CalyxOS and /e/OS — it does make limited contact with Google’s servers when it first registers. Your advertising ID is disabled. Think of it as a heavily filtered, semi-anonymous connection rather than the full Google surveillance setup. GrapheneOS doesn’t use microG at all.
Depends which one. Several — Above Phone, Ghost Phone, and similar — are Google Pixels running GrapheneOS or a GrapheneOS-based OS. Those are essentially what we build, usually sold at a premium to the US market. Others use LineageOS forks on Chinese-manufactured MediaTek hardware without proper modem isolation. The hardware matters as much as the software.
Yes. Telstra, Optus, Vodafone — all of them. You can port your existing number across. 4G and 5G both work. The phone behaves like a normal phone. It just doesn’t report your location 340 times a day.
Every phone we sell ships with the FreedomTech manual — covering how we set it up, what each app does, and how to use it from day one. We provide ongoing support at [email protected] and through our Telegram community. We’re Australian based and we’re available to our clients.
The Medibank breach affected 9.7 million Australians. The Optus breach affected 9.5 million. The OAIC reported 1,100 data breaches in Australia in 2024 — up 25 per cent on the year before. In almost every case, the data was collected legally, stored on systems that weren’t good enough, and accessed by people who shouldn’t have had it.
Choosing the right deGoogled phone operating systems starts with understanding what each one actually does — and doesn’t — protect you from. None of them stop breaches at companies you deal with. But it stops your phone from being a surveillance device in your own pocket. Your location stays on your device. Your app usage isn’t sold. Your contacts aren’t profiled. The OS is verified every time the phone starts. And if someone gets hold of your device, the bootloader tells them nothing useful.
Browse our range of deGoogled phones and tablets — Google Pixel 7 through Pixel 10, including Pro, XL, and Fold variants.
Questions? Email us or find us on Telegram.
