← Sitemap

Comparison of Android ROMs

This is a comparison of popular Android "ROMs" (or better: AOSP distributions). Please note I'm not affiliated with any of these projects and I am not giving any specific recommendation. If you think anything is factually incorrect, please let me know.

Comparison of Android ROMs

Source: eylenburg.github.io

Last updated: November 2023

GrapheneOS DivestOS CalyxOS IodéOS /e/ LineageOS "Stock" Android
Based on AOSP LineageOS AOSP LineageOS LineageOS AOSP AOSP

Freedom
Free and open source (FOSS)? Yes Yes Yes Yes Yes Yes No
Deblobbed? Yes, somewhat Yes, extensively Yes, somewhat No No No No

Features
Network controls for appsThe controls on LineageOS-based operating systems are leaky as their approach only disabled direct network access (socket) but doesn't disable indirect access via the INTERNET permission, which provides multiple ways of bypassing them not requiring collusion between apps. This functionality is regularly used by apps with no malicious intent. Collusion between apps is an issue for all kinds of granted access, permissions, etc. and not specific to the INTERNET permission. If INTERNET permission is not blocked though, no collusion is required. Direct and indirect accessIn addition to blocking indirect access via INTERNET APIs, the GrapheneOS Network toggle also emulates the network being down and avoids running scheduled jobs which require the network. Direct and indirect access Direct access only Direct access only Direct access only Direct access only No
Network-based location Emulated default, or Play ServicesEmulated by default (redirect to GNSS-based location), can use sandboxed Google Play via toggles when installed No UnifiedNLP UnifiedNLP UnifiedNLP No Play Services
System-wide connection/tracker blocking Private DNS setting, or via VPN app hosts file, Private DNS, or VPN Private DNS setting, or via VPN app iode-snort app, Private DNS, or VPN Private DNS setting, or via VPN app Private DNS setting, or via VPN app Private DNS setting, or via VPN app
E2E-encrypted phone backups Yes (Seedvault) Yes (Seedvault) Yes (Seedvault) Yes (Seedvault) Yes (Seedvault) Yes (Seedvault) Yes, but requires Google login
Notification forwarding from other user profiles Yes No No No No No No
Android Auto compatible No No No No No No Yes
Google Pay compatible No No No No No No Yes

Degoogling (connections to Google)
eSIM activation Google EUICC (disabled by default) OpenEUICC Google EUICC (preinstalled) Google EUICC (preinstalled) Google EUICC (preinstalled) Google EUICC (preinstalled) Google EUICC (preinstalled)
Network location provider Emulated/GNSS default, or GoogleEmulated by default (redirect to GNSS-based location), can use sandboxed Google Play via toggles when installed n/a UnifiedNLP UnifiedNLP UnifiedNLP n/a Google
SUPL GrapheneOS default, Google or none Google default, or none Google default, or none Google default, or none Google (for now)Once /e/ rebases on LineageOS 20, it will be possible to disable SUPL Google default, or none Google
PSDS - Google Pixel 6 and laterThe default server used depends on the GPS chipset, e.g. phones with Qualcomm chips (e.g. Snapdragon) connect to a Qualcomm server, while newer Google Pixels with Tensor chips connect to a Google server, and other phones with Broadcom GPS (e.g. Exynos) connect to a Broadcom server. Some ROMs override these settings.
Click here for details and which device information are sent.
GrapheneOS default, Google, or none Broadcom default, or none Broadcom default, or none Broadcom default, or none Google (for now)Once /e/ rebases on LineageOS 20, it will be possible to disable PSDS Google default, or none Google
Connectivity check/captive portal GrapheneOS default, Google, or none Multiple presets offered Google, but can be changed Kuketz.de /e/foundation Google, but can be changed Google, but can be changed
DNS connectivity check GrapheneOS default, or Google Google Google Google Google Google Google
DNS server fallback Cloudflare Quad9 Cloudflare Quad9 Quad9 Google Google
Network time GrapheneOS default, or none NTP.org poolarbitrary providers and carrier-based time Google and carrier-based time NTP.org poolarbitrary providers and carrier-based time NTP.org poolarbitrary providers and carrier-based time Google and carrier-based time Google and carrier-based time
Hardware attestation provisioning GrapheneOS default, or Google Google Google Google Google Google Google

Google Play Services
Implementation GmsCompat (Google Play) (optional)GrapheneOS does not include sandboxed Google Play, but it includes an open source compatibility layer for users who choose to use it. Users can alternatively install microG on GrapheneOS, albeit GrapheneOS does not support signature spoofing. Not all microG functionality requires signature spoofing, for example FCM works with microG without signatures spoofing to the extent it works without special privileges (e.g. microG needs to use a privileged API to wake apps and keep them awake for a short period of time to handle FCM messages). microG (optional) microG (optional) microG (optional) microG None by default. It's possible to add Google Apps manually during the installation process, but this is not officially supported by LineageOS. Alternatively, there is the LineageOS for microG project that integrates microG in LineageOS. Play Services
FOSS? (see tooltips for details) Google binaries in FOSS sandboxGrapheneOS's sandboxed Google Play compatibility layer is open source, but the Google binaries themselves are proprietary. Yes, but executes proprietary codemicroG still involves running closed source Google Play code since every app talking to microG does so using the full proprietary Google Play Services library. microG can additionally download and execute proprietary programs from Google for Safetynet support, however, DivestOS blocks the use of Safetynet. Yes, but executes proprietary codemicroG still involves running closed source Google Play code since every app talking to microG does so using the full proprietary Google Play Services library. microG can additionally download and execute proprietary programs from Google for Safetynet support. Yes, but executes proprietary codemicroG still involves running closed source Google Play code since every app talking to microG does so using the full proprietary Google Play Services library. microG can additionally download and execute proprietary programs from Google for Safetynet support. Yes, but executes proprietary codemicroG still involves running closed source Google Play code since every app talking to microG does so using the full proprietary Google Play Services library. microG can additionally download and execute proprietary programs from Google for Safetynet support. No
Sandboxed/unprivileged? Yes Yes No No No No
Can be limited to user or work profile? Yes Yes Yes ? (TBC) ? (TBC) No
Signature spoofing needed/allowed? No Only for Google signature Only for Google signature Allowed for any app & signatureClick here for details Allowed for any app & signatureClick here for details No
Push notifications via Google FCM? Yes Optional Optional Optional Optional Yes
Google Play Integrity/Safetynet? Yes No Yes Yes Yes Yes

Privacy
Storage scopes Yes, see here No No No No No No
Contact scopes Yes, see here No No No No No No
Per-app sensor controls Yes Yes No No No No No
Per-connection DHCP state flushing Yes Yes No No No No No
Per-connection MAC address randomization Yes Yes No No No No No
SUPL: IMSI or phone number sent? No No No No Yes (for now)This will be fixed once /e/ rebases on LineageOS 20 No Yes
PSDS: user agent sent?May include chipset serial number, device manufacturer and model, carrier, and Android version. Click here for details and which device information are sent. No No (device-specific), see here Partially for Qualcomm chipsChipset serial number is stripped out but other less unique device information remain Partially for Qualcomm chipsChipset serial number is stripped out but other less unique device information remain for Qualcomm GPS chips (for now)Once /e/ rebases on LineageOS 20, the chipset serial number will be stripped out Partially for Qualcomm chipsChipset serial number is stripped out but other less unique device information remain for Qualcomm GPS chips
Closed cross-profile package leaks? Yes Yes No No No No No
Closed device identifier leaks? Yes, see here No No No No No No
Metadata stripping for screenshots Yes, see here No Yes, see here No No No No
EXIF metadata stripping for photos Yes, see here No No No No No No

Security
Verified boot (if supported by device)? Yes, incl. system app updates Yes, but excl. system app updates Yes, but excl. system app updates Yes, but excl. system app updates w/ test keys; excl. system app updates No Yes, but excl. system app updates
Hardware-based security verification Yes, see here No No No No No Some devices, see here
Secure application spawning? Yes (exec) Yes (exec) No No No No No
Hardened memory allocator? Yes YesPatches taken from GrapheneOS No No No No No
Hardware memory tagging? Yes, if supported by device No No No No No No
Hardened kernel? Yes, highest Yes, high (device-specific)Patches taken from GrapheneOS No No No No No
Hardened libc? Yes, highest Yes, highPatches taken from GrapheneOS No No No No No
Hardened webview? Yes (Vanadium) Yes (Mulch)Patches taken from GrapheneOS No No No No No
Hardened SELinux policy? Yes No No No No No No
Additional hardening Highest, see here Medium, see here No No No No No
Secure TLS for SUPL? TLSv1.2 if supported by deviceOlder Pixels with Qualcomm chips only support TLSv1.1 TLSv1.1 or TLSv1.0 TLSv1.1 or TLSv1.0 TLSv1.1 or TLSv1.0 TLSv1.1 or TLSv1.0 TLSv1.1 or TLSv1.0 TLSv1.1 or TLSv1.0
Fallback DNS server with DNSSEC? Yes Yes Yes Nouses Quad9's unsecured endpoint (9.9.9.10) with provides no security blacklist and no DNSSEC Yes Yes Yes
Secure connection to network time server? HTTPS via GrapheneOS server NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication NTP w/o NTS and carrier-based timeinsecure because cellular networks lack proper authentication

Updates
Security update speedClick here for details <2 days 1-3 weeks ~1 week, sometimes longer delays ~1 month, sometimes longer delays ~2 months, sometimes longer delays 1-2 weeks, sometimes longer delays Depends on phone vendor
Partial security updates (ASB) after EoL datemissing most driver and firmware patches after the phone's end of life date ~1 year Several years 1-3 years Several years Several years Several years By definition: No
Number of Android versions supportedOnly the latest major release of AOSP has full security patches. Most privacy fixes are in fact only included for the new OS versions, not in the security patches. The ASB patches patches rarely include fixes for permission model / sandbox flaws resulting in privacy leaks since they're given Moderate severity and often require invasive changes including potential compatibility breaks. Usually 1 Android version 7 Android versions (incl. backports) Usually 1 Android version Usually 1 Android version 2-3 Android versions Usually 3 Android versions Usually 3 Android versions
Webview update speedClick here for details <2 days <2 days <1 week, sometimes longer delays <2 weeks Several weeks/months <2 weeks Depends on phone vendor

Supported devices
Asus No Older devices only No No Older devices only Older devices only Yes
Fairphone No Yes Yes Yes Yes Yes Yes
Google Yes Yes Yes Older devices only Yes Yes Yes
Motorola No Older devices only No No Yes Yes Yes
Oneplus No Older devices only No Older devices only Older devices only Older devices only Yes
Samsung No Older devices only No Older devices only Older devices only Older devices only Yes
Sony No Older devices only No Older devices only Older devices only Older devices only Yes
Xiaomi No Older devices only No Older devices only Older devices only Older devices only Yes