FSF announces Librephone project
153 comments
·October 14, 2025bigstrat2003
autoexec
> What does it matter if you can run a completely free software stack on your phone, if your bank software (or your required government ID, as is looking depressingly likely) requires you to run a Big Tech approved phone OS?
What does it matter if you can use any OS you want if your phone is filled with SoCs which are bugged and backdoored by the state? The reality is that you need both free hardware and free software. I can always tell my bank to fuck off and move my accounts to one that gives me freedom to use the mobile OS of my choosing, and if there isn't a single bank on earth willing to do that I can always simply refuse to use my cell phone for banking. I'd much rather have to limit myself to only the options of desktop, or laptop or, ATM, or phone call, or drive thru, or walking into my branch than put up with having no control over or trust in the hardware and software I use on a mobile device I carry with me so often.
wafflemaker
Banks and national id apps already work on GrapheneOS. Sometimes you just need to msg devs and ask them to use a different OS attestation method - see link 1. This battle is won already.
1.: https://grapheneos.org/articles/attestation-compatibility-gu...
hedora
There is one solution to this problem that many people reading this message can contribute to:
Make sure your app has a progressive web app version that has feature parity with the store apps. That way, the app will work on phones like the librephone, and, if Apple or Google decide to kick you off the store, you and your users have some recourse. As a bonus, it’s compatible with open source — users can modify the app and install it without jailbreaks, root or (for now) sideloading.
React Native supports this (and can mostly be bundled with electron for mac/win/linux support).
Are there other stacks people can recommend?
thedumbname
You are mixed up 3 different tech stacks: 1. React Native has nothing in common with web apps except JS runtime. It uses "native" widgets for Android and iOS. You need to add a new "native" runtime for your free OS. There are some third-party attempts to add mac/win/linux support, but they are not feature complete as officially supported platforms. Again, your free OS will be step behind. 2. Yes, you can write PWA with React (Web), but PWA still have many missing features which offered by platform APIs of Android and iOS. Your app will not be in "feature parity" with "native" app. Especially banking app. 3. Electron apps are integrated with desktop platform APIs, you cannot easily port Electron app to mobile. Every time big company with big investments wins.
scheeseman486
This won't help if Google/Apple/Microsoft roll out integrity checks for browsers, something which they have already suggested they want to do.
mikestorrent
It won't just be them. I foresee Cloudflare and other CDNs offering a free checkbox: [] Require age of majority verified user
And it will in turn depend on Secure Attestation, Web Credentials, and other recent W3C work to provide proof that you're the registered owner, age of majority and verified by thumbprint or other biometrics, running an unmodified device. Your ID might be escrowed with your OS vendor, email provider, bank, ISP, or even Twitter/X, who knows. Either way, as an end user you'll be mollified that you don't have to provide your ID to the adult site, and the adult site will be happy that they don't have to implement any of this themselves.
And, of course, this will mean that an intelligence service could have ironclad proof of exactly what person visits what website, effectively killing a lot of online anonymity.
SapporoChris
I'm in complete agreement. In addition, I try to only use services that be accessed via web browser.
kovac
I think this is the right place to start.
A free OS will empower developers to implement technical workarounds that could trick these apps into working there. If the OS is tightly controlled, we have no recourse.
Even in the worst case scenario, we could use a cheap big-tech-approved phone for these applications (a glorified digital token) and use the free phone for everything else. When there's enough adoption and trust in the new phone, non-technical avenues are available to influence these organizations to accept the alternative.
hnuser123456
And I feel like it undermines any effort to make free, featureful applications if the hardware itself can't be trusted.
kiratp
Should the app builder’s ability to “trust” that the hardware will protect them from the user supersede the user’s ability to be able to trust that the hardware will protect them from the app?
In other words, should the device be responsible to enforcing DRM (and more) against its owner?
munchlax
You can trust hardware and software that's easy to inspect.
If you can't be sure what's going on and unable to inspect or debug the hardware and software, how can you trust it's doing what you want?
Proprietary hardware and software is already known to work against the interests of the user. Not knowing exactly what's going on is being taken advantage of at large scale.
Let's put it this way: if you can choose between making your own lasagna with a good recipe vs ready-made microwave lasagna. What would you choose? How about your suit? And would you trust an open known to work well pacemaker vs the latest Motorola or Samsung pacemaker? Would you rather verify the device independently or pay up for an SLA?
HexDecOctBin
Trusted to do what? Work against user's interests? Prevent user from even expressing their interests?
endgame
It becomes much harder to force attestation on people if there's a significant user base that runs alternative operating systems.
bombcar
Do you really NEED to be forced to attest if you can make your phone look like any damn PC using a browser?
SchemaLoad
These days browsers are becoming increasingly distrusted. My bank logs my browser out after 30 minutes inactivity and then to log back in I have to confirm the login on my phone.
wongarsu
My bank doesn't let me do anything in the browser without 2FA, and the only 2FA they offer is their smartphone app.
My other bank offers 2FA via chip reader as an alternative. I guess that's somewhat viable for an alternative phone OS, if you want to carry the reader around with you
That might just be European banks though
null
kube-system
I can’t tap my PC to buy a burrito at Chipotle.
jojobas
Some banks require app confirmation for PC-initiated transactions, using play integrity requiring apps. Cause security, you know.
Bender
I hope all the things you mention never become mandatory some day because I currently use my phone for voice and text only. Sooner than later I plan to get rid of my phone all together. I'm gonna surprise the phone company and get a land line. That means any online service that uses SMS/text to verify me will fail.
hypercube33
If you're being serious, you're in for a rude awakening. POTS lines are dead and being replaced with VOIP and VoIP to pots modems on the premise. lots of cities have already started to grub the copper out and replaced it a long time ago with fiber.
userbinator
Changing the implementation but not the interface is exactly the point. It doesn't matter how it's delivered; it's just a phone line for voice calls.
0xbadcafebee
Well you're partially right. After all, the "big tech approved phone OS" is actually Linux, so just having a free OS isn't enough to prevent it from being co-opted and turned into a locked-down platform.
But the partially wrong part is, we can make our own platform. PCs let you install and run any software you want, because it's an open platform. If we make an open platform smartphone that can compete on features with the closed behemoths, and that then becomes popular enough, then banks may offer apps on that.
But this is tricky too. Linux already has issues getting official support from corporations. We'd need our open platform to be compatible with the closed ones, so that it's easy for banks to run their apps on our open platform. There are already ways around this, like virtual machines to run Android, or other methods. But the closed behemoths may try and end-run around this, like DRM. So we'll still need to advocate for our rights and compatibility.
matheusmoreira
Yeah... Corporations and governments are starting to push remote attestation. There'll be little point to a free computer if it gets us denied service everywhere. At this point we're gonna end up marginalized, like second class citizens of society.
jMyles
> There'll be little point to a free computer if it gets us denied service everywhere. At this point we're gonna end up marginalized, like second class citizens of society.
Given the apparent trajectory of the corporate/government model of organizing society, it seems like they're going to be the ones that will be second-class citizens.
nullbyte808
I highly doubt this will takeoff. I'm betting it never works beyond a couple outdated phones.
neilv
> The FSF has been supporting earlier free software mobile phone projects such as Replicant,
Hopefully this project will go better than Replicant. Here are my notes on running Replicant on the (then already very old) flagship Samsung GT-I9300:
https://www.neilvandyke.org/replicant/
The hardware was a little difficult to obtain in the US, and WiFi worked only with a blob of questionable provenance.
It looks like Replicant has been stuck for several years, and they recognize that they need to find a new device, funding, etc.
(After Replicant, I spent some time on PostmarketOS with various devices, and then gave up and bought iPhones, and then got ticked off and moved to GrapheneOS.)
I wonder whether the FSF is already collaborating with Purism on this, to leverage their work on the Librem 5 and PureOS, which I believe the FSF is well aware of. If the FSF manages to muster a lot more open source volunteers on a more affordable hardware, but that work is also usable for Librem 5, then it could be a win-win. (And Purism also has something called Liberty Phone, which is a made-in-USA Librem 5 phone, so their lawyers should talk about trademarks in any case.)
le-mark
> Practically, Librephone aims to close the last gaps between existing distributions of the Android operating system and software freedom. The FSF has hired experienced developer Rob Savoye (DejaGNU, Gnash, OpenStreetMap, and more) to lead the technical project. He is currently investigating the state of device firmware and binary blobs in other mobile phone freedom projects, prioritizing the free software work done by the not entirely free software mobile phone operating system LineageOS.
The time is right for this project I hope they succeed.
criddell
The time is right, but I still don’t think this project can accomplish much because people are generally happy with their phones.
That said, the phone market is huge. They could sell enough devices to fund future development which might be good enough even if it doesn’t slow down Apple or Google. At least then there will be a device for those of us who are not happy with the state of things.
jMyles
> The time is right, but I still don’t think this project can accomplish much because people are generally happy with their phones.
Is there survey data available on this? Anecdotally, everybody I know hates their phones. In fact, I think if you asked, "what's the biggest pain point in your life right now?" I think most people will point to their phones.
frogperson
Indeed, this is the right time. I really want to daily drive a linux phone, but i dont want to buy a used phone. I hope this brings more hardware support for newer phones.
I'm willing to suffer a rough beta or alpha experience, but let me use modern hardware of my choice.
monero-xmr
If rich techies on this website want to support something worthwhile, here you go
lostmsu
Not rich but is there a way to contribute specifically to this project? The donate button on the website does not work.
r283492
As the first project FSF has launched in years with a current budget of one developer I expect they will be happy to spend new donations on further funding for it. However, it is very uncommon for a nonprofit to have a separate fund for a project that is part of the organization itself, rather than a project which makes semi-independent decisions and is fiscally sponsored by a related nonprofit. The exception is usually when some very large donor which insists on that arrangement.
tjr
I would have expected an online means to contribute specifically to Librephone, but indeed, seems like nothing yet. Hopefully it is forthcoming.
Otherwise, their website suggests you can specify a particular project via the memo line of a check:
bsimpson
Interesting that they chose Android as a base and not one of the desktop-Linux-for-mobile ports like postmarketOS.
o11c
If prior "Linux phone" projects have taught me, it's that "based on desktop Linux" is a great way to have a ton of apps that install just fine, but can't meaningfully be used.
Not even just "requires a mouse/keyboard", but a lot of things of the form "assumes a reasonable screen size", ...
crossroadsguy
If they wouldn’t have then X years later there would have been first beta release and zero apps on it except for a calculator app, a notes app, a calendar app, and maybe a mail app developed by the core developer team. The post would have definitely reached the top of hn, so that’d be a plus.
rjdj377dhabsn
It makes a lot of sense to me. There's a huge amount of work that's already been put into the Android ecosystem that can be used in a free software phone.
Trying to build a non-Android Linux phone that is competitive is just not practical at this point. It would require an enormous amount of funding.
ray_v
Inertia is a hell of a thing.
Seems like a smart decision to me since that's what everything phone related builds to as a lowest common denominator anyway.
ocdtrekkie
It's an incredible waste and an amazing example of how useless the FSF is today. Instead of supporting real Linux phones they're focusing on trying to degunk Android even more.
gertop
> It's an incredible waste
Funny, I would have used those exact words had they chosen anything BUT Android as their base.
All the other "freedom" Linux phones are failures (yes I'm sure fsflover will now chime in to but akshually). I know because I bought them all. They all have one thing in common: the software sucks.
And I don't even need apps. Just basic phone functionality (several Linux phones still can't do MMS), a web browser, and no crashes. Unfortunately no Linux phone has been able to give the to me yet. Whereas Android has been delivering for over a decade.
ACCount37
App compatibility is a thing, you know.
I like postmarketOS, but it always felt to me more like a pet project than a real OS, for that reason.
beeflet
waydroid
_blk
yes, but it's probably the quickest path to market with a reasonably certain customer satisfaction.
Doesn't stop you on working from there once that milestone is reached.. I would certainly welcome more alternatives in light of the recently announced changes from do-no-evilG
ACCount37
Unfortunately, even if you could completely de-blob the kernel itself (and for many chipsets, that would require a considerable amount of reverse engineering work!), smartphones bear the Curse of the Modem.
In a modern smartphone, modem is often a part of the SoC itself - and it runs some of the biggest and fattest blobs you've ever seen.
kube-system
This is the big barrier here, and unfortunately, it is legally impossible to open source.
In most countries, the spectrum that cell phone carriers use is licensed to the carrier, under the condition they only connect devices that are guaranteed to comply with the requirements of using that spectrum. The end user (i.e. the person with the phone) has no license to use the spectrum. So in order to get regulatory certification, basically every modem has to be locked down so that the end user cannot operate it in a way that would violate any rules or regulations for using that spectrum.
So basically, it's illegal to have open source modem firmware. At least, as long as cell phones are operating on spectrum that isn't open for public use.
Ultimately, if you want to open source a modem, you first need to build your own cell phone network.
bouncycastle
this is the same thing with wifi. There are different channels and transmission power rules depending on country. Something you cannot change even if you are root or build your own kernel, as it's built in to the wifi hardware (eg. raspberry pi)
jMyles
Hopefully open mesh wifi will supplant cell phone networks anyway.
kube-system
Haven't there been projects trying to do this since 802.11b? I think the last time I looked one of these mash networks up, there wasn't even decent coverage in the dense city I lived in.
tguvot
theoretically, there is lte cbrs where spectrum not licensed.
kube-system
Don't cbrs devices need to be part 96 certified? The spectrum might not be licensed but you still may need a certified device to legally use the spectrum. Which you could do, but that is a tall hill to climb for a FOSS enthusiast. And when you're done -- what network are you going to connect it to? A cheap SIM from the corner store is probably out of the question :)
null
null
femto
Not insurmountable, given the availability of srsRAN.
hypercube33
I for one am up to the idea of breaking android off Google due to the same reasons of chrome - conflict of interest since Google is an advertising company.
arminiusreturns
Yep, with DMA sometimes. I've heard this same thing on the Pinephone forums iirc during the early years.
CMCDragonkai
The phone is the critical root identity anchor for most of the world now. And many countries outside of the west has already made the Sim card a root identity. Additionally to make it trustworthy (think Google wallet and digital wallets and so on) to work they cannot trust the end user because effectively you the user don't own your own identity. So that's why the phone has to be proprietary - so that it's secure element can be trusted in interactions with the state-big-tech nexus. I talked about my experience with this while attempting to cross borders in SEA. https://polykey.com/blog/architecting-anti-fragile-trust-at-...
glitchc
It's a great idea. Why not join forces with the PinePhone and Librem folks? They're building the hardware and I'm sure they could use more software folk to help out with the firmware and OS.
null
Terr_
This seems pretty relevant on the heels of yesterday's popular discussion on how "Free software Hasn't Won" [0] in terms of tools available to the average consumer.
Just because pieces are open-source (or "free software") doesn't mean the autonomy and capabilities we want are necessarily present in the overall system.
its-summertime
https://librephone.fsf.org/FAQ.html
Currently scope only seems to go as far as the operating system
soupy-soup
That's really as far as they need to go; if the userland is compatible with Linux, it can use all of the work that KDE and other organizations have put into building mobile interfaces.
These projects have stuff that works, but the lack of firmware for chips that can connect to modern cell infrastructure means that they can't really create an appealing product. The OS layer is where all previous Linux phone efforts have failed, and I hope the FSF makes it farther than everyone else has.
seba_dos1
> The OS layer is where all previous Linux phone efforts have failed
The OS layer is where the existing projects are thriving, with various distros and shells to choose from to match one's needs and tastes. It's the appropriate hardware that's in undersupply. I'm using a Librem 5, a 2019 design, and if I wanted to switch to something newer I can't because there's no viable upgrade path on the market. No other hardware vendor has invested significant resources into mobile GNU/Linux since then, everything else is either purely community-based or uses Halium.
jancsika
Does webrender work with the Librem 5? Last time I checked it didn't-- Firefox disallowed it because the etnaviv driver didn't have all the features available needed to enable it. It appears there's been a lot of work on etnaviv recently but I don't know if it affects this issue.
null
matheusmoreira
Took them long enough... The free software movement was still stuck on PC despite the fact the whole world moved to mobile. Glad to see they're finally starting to catch up.
They should probably prepare themselves to make ideological concessions... The situation is very ugly here in mobile land. Treacherous computing, remote attestation, DRM, all ubiquitous and normalized...
Ultimately, I don't think the most important challenge is in binary firmware blobs, but the software which people depend upon to run their lives. What does it matter if you can run a completely free software stack on your phone, if your bank software (or your required government ID, as is looking depressingly likely) requires you to run a Big Tech approved phone OS? Perhaps the FSF can't do much about that, but that is where I feel they could truly make the biggest difference for freedom for the average user.