Comment by xzxz
8 hours ago
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
Financial apps like banking ones sometimes refuse to work on rooted phones and you have to follow if you want to run them.
I just have no time and knowledge to build ROM myself. 100% open projects also suffer supply chain attacks.
Well then you're in luck because many of the ROM projects provide step by step build instructions. It's almost entirely automated thus quite straightforward; the primary hurdle is having a capable enough system. Unfortunately given current RAM prices you'll need a system worth as much as a cheap car to properly optimize some of the components.
I'd suggest not using apps that fail to respect your autonomy.
For Samsung phones, depending when the phone was released, you may be getting security updates months after they are provided by Google.
Honestly LineageOS is probably a more secure root than the typical random android OEM; unless you're dealing with Samsung or Google.