CopperheadOS — One Pixel at a time!
Recently the team behind CopperheadOS (COS) has announced support for a new device line, namely the Pixel. The Nexus 5X and 6P pre-loaded with COS are unfortunately not for sale anymore, Google has stopped selling the 5X and 6P in October 2016. This was to be expected because Google is nearing the date of EOL, meaning they will soon terminate support for the Nexus lines in future AOSP releases.
So what does the Pixel have in store of us?
Verified Boot is one of nice features that COS inherited from upstream AOSP, which is currently only available for the Pixel line. Other hardware vendors do not care about providing verified boot, showing yet again the negligence of security in the smartphone manufacturing industry.
Pixels are also the only supported devices supporting the new file-based encryption format with per-profile keys and significantly improved key derivation. They are compatible with significant future improvements to encryption leveraging the new format.
File-based Encryption (FBE) is another major improvement over older versions of CopperheadOS. The decryption key for every file doesn’t sit in memory anymore, the new approach is more segmented. FBE allows some files necessary for the minimal operation of the phone to remain decrypted, while your sensitive data remains locked, due to that key not being in-memory at all.
Why use CopperheadOS over stock Android?
Privacy. The stock Android ROMs are often packed with analytic tools that only benefit the phone vendor. CopperheadOS has disabled the features that phone back data to corporations. It also does not come pre-loaded with any of Google’s proprietary software such as the Google Play Store, GCM etc.
Hardened operating system! The kernel has been improved to accommodate self protecting features, the standard C library and compiler toolchain have received several security patches. SELinux policy has been fine tuned to act stricter, providing greater sandboxing and isolation of applications and services.
How long is support planned for Pixel by Google?
Security updates are guaranteed until October 2019 (3 years). Upgrades to the latest major Android version are guaranteed for versions released before October 2018 (2 years).
