Full disclosure: I am an Apple user (haters gonna hate). Also, I was not paid nor compensated in any way by Copperhead. This is just my take and review on the Android OS variant produced by some hard working people.
This is the first part of this review. I plan on using this OS as a daily driver and making a follow up post.
First off, what the heck is CopperheadOS?
From their site:
A hardened open-source operating system based on Android
Is it really that simple? yes. It is what they say it is. No more, no less.
These people really have gone above and beyond. With features such as MAC randomization and buffer overflow protections provided by
_FORTIFY_SOURCE, this OS really got my attention.
Copperhead's Android site: https://copperhead.co/android/
- Installation process: 5/5 (clearly documented)
- UI: 4/5
- Features: 5/5 (features are as described)
- Carrier Support: 3/5 (Limited/no Sprint support and having to mess with my APN settings to get data working. This will improve with time and may be mostly my issue)
- App Experience: 3/5 (rated as a general user. 4/5 otherwise)
- Support: 5/5 (GitHub issue tracker allows dev and community support. +1 for transparency.)
In order to use CopperheadOS, you will need a recent Nexus device.
Current supported devices for CopperheadOS:
- Nexus 9 WiFi
- Nexus 5x
- Nexus 6P
You can always just buy a device with CopperheadOS preinstalled from Copperhead here:
Have a Nexus and ready to try it out? Here's a link to their installation guide:
If you decide you don't like it, you can download factory images from Google:
Instant Issue (Personal, not a Copperhead one)
Setup was pretty easy. As a GoogleFi user, support for the carrier was rather limited. Sprint support is also lacking, however, a quick Google search will explain why. That being said, this means larger issues for GoogleFi are ahead. I was able to find a quick workaround. MMS, at least for me, isn't working either.
- Force Carrier to TMobile (Decent coverage in my area) open dialer and enter:
- Go to Cellular Settings and force your APN Protocol to be IPv4
Once I did those steps, everything seemed to be fine and LTE quickly started working. Though, this also means that you now have just a basic TMobile phone that won't auto switch carriers nor auto join verified open wifi and establish a VPN connection. Honestly, it might just be easier for me to get a TMobile sim, as I'd like to continue using this OS without the unnecessary Google services.
Don't let this small issue remove your desire to install the OS; read the section below.
Understand the security paradigm problem
First off, it is important to note that THIS OS IS NOT FOR EVERYONE, currently. Improving/enhancing security will generally cause a great drop in general-user practicality/usability. General users just looking for a basic smart phone for facebooking, sharing all their personal info, and taking advantage of apps that degrade privacy security will not like this OS. Sure, you can install an APK. That, however, is your decision...remember, this OS is for security.
Example of security vs. usability:
The team working on CopperheadOS has done a decent job understanding this paradigm, however, there have been some sacrifices to general usability. Again, nothing that is surprising nor effects the full functionality of the operating system itself.
Aside from just understanding the security paradigm problem, this OS is still relatively new; bugs are to be expected.
The boot logo
It's pretty slick
Okay, aside from the minor issue with GoogleFi, what exactly sets this OS apart?
- Default full disk encryption (AES-256-XTS)
- MAC address randomization
- Verified boot
- Use of BSD's malloc (there's a lot to write on about the malloc implementation)
- Protected function pointers - eliminates basic memory corruption vulnerabilities
- Stronger ASLR thanks to PaX
- Maximum password length of 64 characters - normal is 16.
- 32 bytes for ext4 encryption file names
Full list of all the technical features: https://copperhead.co/android/docs/technical_overview
There are some other compliments to the OS via the bootloader. I quickly realized that when you lock or unlock the bootloader (at least on my Nexus 6p), the device is wiped. This means that if someone comes in physical contact with your device and attempts to flash something via bootloader (and you remembered to lock it), they would encounter a full disk wipe. This is a pretty handy feature.
Theses are some amazing features and it show's you how serious they are taking it. Did I mention that this is currently free??
Some side notes
I worry about version support. One must remember that it is not feasible to support phones as newer ones come out and things get EoL'd. Just sucks knowing that support is going to end. There will always be new devices to use with Copperhead, however. :)
It is also important to understand that, while this OS is a security-centric OS, it is not necessarily a privacy OS. While there are large pushes in privacy, simply due to enhancing security and removing services, privacy it still up to you. This isn't a Blackphone.
The OS is enabled with OTA updating capabilities, a bit of a plus for those that can't always be at a computer to download and flash a new image. Not to mention that OTA updates make this OS become more practical for general users and supporting this as a daily driver.
Would I recommend this OS?
This is a tough question to answer. I would recommend it to people who truly need a secure Android platform, at least for now. To me, it seems that it will be difficult for average consumers or those not familiar enough to install the OS themselves to get on the bandwagon. Though, the fact that you can readily buy devices with the OS preinstalled shows that Copperhead may be aware of this and is prepared to take the challenge on.
In general, however, If I know someone that IS looking to secure their mobile experience, I will be recommending CopperheadOS.
What would I like to see?
Wider adoption of this OS. Not by Copperhead, but of the Android user base. I think there is some serious potential here, however, inherent limitations of having a security-centric OS will forever be here; Copperhead can only make so many sacrifices before they end up removing protections that they stand behind. I doubt they would compromise integrity to remove limitations.
Stay tuned for part 2!