housemate and I are sick of smartphone AI and spyware!! looking for cheap, refurbished cellphones from the 00s
- the problem: all models we have found run on 2G, which is rapidly being phased out by all US carriers
- desired features: basic call and text functionality, durability, physical buttons, fits in pocket
As Admiral Patrick said, KaiOS phones are a viable alternative to traditional smart-phones, and tend to fill a space between a dumb phone and an android phone.
However, a downside of Kai OS is limited application support, which can be a particular downside when it comes to privacy-respecting encrypted texting apps. From what I can see, KaiOS does not offer any options there on their store.
SMS is now a pretty insecure way to communicate due to the infrastructure being compromised. Having access to a reliable encrypted chat application, like Deltachat or Conversations is a big plus for Android phones.
The downside of Android phones is that the OS is controlled by Google, and many manufacturers force bloated software or offer fairly short lifetimes for security updates, making the phone insecure to use past the End of Life date.
Personally I would suggest getting a Google Pixel phone, which is ironically the most open to having its OS replaced with a privacy respecting OS like GrapheneOS (which is quite easy to install). GrapheneOS is the only OS that can you can really trust to completely turn off the radio chip when you turn on airplane mode, cutting any and all communication with cell towers (but GPS will continue to function).
This would also give you access to F-droid, which only contains open-source software with no paywalls or malware, and access to the best possible privacy communication apps.
Google Pixel phones offer some of the longest support timelines for security updates, which is 7 years from the date of release. A Pixel 9a, as an example, would lose support 6 years from now in 2032. You could continue to use the phone past that point if you stay offline most of the time and don’t log into any sensitive accounts. If your battery degrades or screen breaks, the phone is popular enough that you will easily be able to replace either of those at a local phone repair shop, keeping it alive for a very long time.
The only downside is Pixel 10 support is coming via alternative methods from standard, as Google stopped shipping the binary blobs to run the hardware. Pixel 9 series may be the last to have truly native Graphene support. Graphene is looking into long-term solutions though, although last I heard they were looking at Qualcomm-based chipsets which is bad news on some level, as they’re a US military contractor.
follow up Q; can Graphene run Signal? I know it’s not the most secure app out there, but it’s what most of my collaborators use
There’s an alternative client for Signal called Molly, that has additional privacy options, is fully open source, and doesn’t use Google for notifications.
Yes, you can get Signal using the Aurora Store, which lets you download and install apps from the Google Play Store without an account.
Alternatively, you can add the Guardian Project repo to F-droid, which AFAIK also has Signal available.
awesome!!! thank you again
To piggy back onto what @ProdigalFrog@slrpnk.net has said, it may be worthwhile for you (depending on your threat model) to also add the Molly repo to your f-droid client of choice and install Molly as your Signal client. It’s wholly compatible with signal with some additional security features. However, the more repo sources you add the more risk you’re at for a bad actor taking control of one of those repos. It’s not a question I can answer for you directly, it’s just what I’m doing.
(and I realize now after writing all this that @acockworkorange@mander.xyz already said this)
this is the sort of thorough answer I was hoping for, thank you so so much