One caution about changing the captive portal as described in various de-Googling guides is you can shoot yourself in the foot, as ime the entire cellular (and even Wi-Fi) connection can fail to work if the captive portal domain doesn't return the correct 204 status code (which can happen when some independent servers randomly fail or their HTTPS cert isn't renewed), which becomes frustrating to troubleshoot as the issue can be intermittent.
Additionally the guide I've seen referenced the most (from Reddit, which a popular Youtube video is directly based upon and which this article covers the main points of) suggests an outdated HTTPS URL which no longer works. I'd imagine many are just blindly copying adb settings and encountering problems (the burden of which often falls onto LineageOS community support as people spend time trying to identify an issue).
>But I’m not paranoid. I don’t think Google is out to get me, or is in league with people who are.
they are a data selling company. anybody now or in the future who deems that data valuable can acquire it. worrying about such data falling into the wrong hands sooner or later is not paranoid but knowing history and learning from it.
i agree that if you are serious about de-Googling that GrapehenOS is a much better fit not to mention superior security, however that is only the first step.
I think privacy and security are orthogonal, and I'm not convinced that GrapheneOS does a lot more than LineageOS isn't already doing for me in the privacy aspect - some of graphene's touted features are geared towards being able to use google's services in a secure and moderately private manner, but I'd much rather not use them at all. Meanwhile, its security features complicate life a lot with no tangible benefit to me, as I don't have a threat model that makes it interesting. I find my own freedom to modify my device as easily and freely as possible (e.g. by properly rooting it) much more important than locking myself down in the name of security.
Putting aside the validity of arguments on either side of that issue, runtime patching allows me to very quickly excise large swaths of anti-privacy code across every app on my phone.
If I was to switch to GrapheneOS I'd have to accept that I'd be giving up a fair amount of privacy for the added security.
the "private" way to remove ads and spyware from apps is not using them or revoking android.permission.INTERNET permission which GrapheneOS offers. not playing cat and mouse with the illusion of privacy.
"By default, GrapheneOS only makes remote connections to GrapheneOS services and the network provided DNS resolvers. There aren't any analytics/telemetry in GrapheneOS. The only information revealed to the GrapheneOS servers are the generic device model (such as Pixel 7 Pro) and OS version which are necessary for obtaining updates. The default connections provide the OS and apps with updates, set the system clock, check each network connection for internet connectivity, download a global database (does not vary based on location) with predicted satellite locations when using Location and obtain attestation chain signing keys for the hardware keystore needed for the hardware-based attestation feature."
- Using hardware that is ultimately controlled by Google
- Hardware replacement costs every time Google support runs out, instead of when the hardware stops working
- Ongoing environmental impact from replacing your hardware every time Google support runs out
It might make sense to accept those problems if your threat model can only be addressed by Graphene, but for the rest of us, something else might be a better (and more responsible) choice. At least for now.
I would love to see non-Google devices with the features that GrapheneOS requires.
You can find used Pixels almost anywhere (I know because I'm using one), which saves you from giving money to Google.
About software support, isn't that true for all devices and all manufacturers? Google guarantees 7 years of android updates and security patches, which is way better than most competitors, and Graphene adds in some years of extended support.
Not to mention that once all support is over, if you don't care about the fact that firmware, kernel and vendor code will never be updated, you can still switch to LineageOS, which still has nightly builds even for the first Pixel with extremely updated security patches.
The only valid point is that hardware is controlled by Google. There could be some sort of extremely-low-level backdoor or spyware, and we would never know. That's also true of each and every other CPU, modem or device with vendor-specific code.
I don't think this is a very compelling argument. The main argument I can see against GrapheneOS on Pixel is that Pixels are just damn expensive phones.
I don't mind giving Google, or any other company, my money. Especially not in exchange for something like hardware. What I object to is giving Google (or any other entity) my data.
You can buy anonymized user data of searches by zip codes. You can get it fairly targeted if you clean room it against other data sets (set top boxes for instance).
I used to work for a media agency’s analytics dept and we got feeds from G, F, and others we dumped into a giant DB for modeling and analysis of our clients ad reach effectiveness.
Do you have a cite for that? That would be very surprising if so, the intent behind the RTB stuff is that it's anonymized. I really don't think this is correct.
I would absolutely LOVE to have a linux smartphone, but as far as I'm aware, there really isn't one that can be used as a competent daily driver. Has that changed recently? For me, a competent daily driver is a device that can last all day on a single charge, do gps mapping, reliably make and receive calls/texts, and install a handful of apps such as Signal and a banking app.
I wish I could support Purism, but they've got a bad rap for not shipping devices when promised. Also, there's no way I'm paying $1K for a phone that has just 3GB RAM and 32GB storage in 2024.
> they've got a bad rap for not shipping devices when promised
The development of their phone was extremely slow, but today they ship within 10 days.
> there's no way I'm paying $1K for a phone that has just 3GB RAM and 32GB storage in 2024
Fair enough, although I don't know about any other GNU/Linux phone with all free drivers and mainstream Linux support (which effectively means lifetime updates).
I love my L5, but would never suggest or even imply to anyone that it's usable as a daily driven phone.
The battery life is terrible and the software still buggy as hell.
It's a great host for Linux phone development though. I haven't had any major problems with the hardware being unstable or anything along those lines.
But once you start expecting the whole package to function more as a primary phone than a portable devkit you're using to further the state of Linux phones, it gets ugly pretty quick IME.
It all depends on your specific usage patterns. I can replace the battery during the day if I need (I don't do it every day). I find software sometimes buggy but usable as a daily driver.
Roughly: They're not PCs. For one thing, they all have limited battery life. For another, not everyone can afford brand new flagship phones, so folks who keep cheaper phones for long enough can easily find CPU and RAM to be stretched as new app versions start to demand more of the hardware. Conserving resources is beneficial in general, and especially so on mobile devices. Every little bit helps.
Why I consider smartphones constrained is unimportant here, though. The question isn't whether GNU libs/utils can run on a smartphone. The question is why the person above said GNU specifically.
I'm trying to suss out whether they are aware of some special case that would make GNU better than e.g. musl on a phone, or were just repeating a bit of that "GNU/Linux" rant that was (incorrectly, I think) attributed to Stallman. If it's the former, it seems like information worth sharing.
Thanks for the detailed explanations. I wrote GNU because I meant it. I'm talking about running an original desktop OS on phones, which unifies the software stack and allows to have a full desktop in a pocket. It's much more convenient to have the same software running everywhere. You can connect a screen/keyboard and get a full desktop [0]. Firefox on my phone is a desktop one without a rewritten codebase. You can use all GNU utilities in a terminal on the go. If you are talking about saving resources, then why do you think we need several devices when we can have just one? All existing desktop software doesn't have to be rewritten from scratch but should "only" be made fit for both large and small screens. Doesn't it save resources?
Concerning the battery life, we need to improve it for laptops, too, anyway. Also, currently, it already allows to have a one day of use, which is mostly sufficient.
Which one? I'm a light phone user but the main reason I carry it is texting my family and (to a surprisingly lesser extent) making and receiving phone calls.
I've been running Lineage with microg for a couple years now, and for the same reasons as the author. I don't consider myself a tin-foiler, either. I think the concerns he expresses are perfectly valid. Anyway, FWIW, I have noticed a night and day difference in the targeted advertising. It's a little amusing, because my wife has an iPhone, and she'll get nearly instant targeted ads based on conversations we have, while I don't. Anecdotal, sure, but there seems to be something to it.
Apple's long-term play with iOS is to shut all competing ad networks out of the data flow that iPhones generate. This is not solely for privacy reasons. We know Apple runs their own ads in the App Store, and they do collect data on those ads, which they conveniently do not consider to be "tracking" because it doesn't cross an organizational boundary.
And to be clear, every other big tech company operates on this same logic. "Tracking" to both Apple and Google is this really specific technical definition rooted in the same-origin policy of web browsers, in the same way that "malware" to Apple is "anything we didn't sign, including useful developer tools, third-party JIT compilers, and games that won't pay us 30% of their microtransaction sales". In fact, this sort of "we'll protect you from the competition's - and ONLY the competition's - malfeasance" bullshit is why Google isn't allowed to block third-party cookies. The UK CMA is legally enshrining third-party cookies - at least in Google browsers - because all of Google's own privacy posturing with that was just to shut off the data flow in Chrome.
Tracking how many times someone requested an API endpoint while using the App Store seems acceptable to me. Very comparable to server side logging which I also don't have any problem with. I don't do it much anyways, I have installed the apps I use when I got the phone and never opened the App Store again.
What you describe sounds like the data on both of you gets stored due to your choice of messaging app, and you just don't get shown ads due to your choice of OS. Data may still be there.
Not seeing relevant ads is literally my use case. If you see relevant ads it means at best that somewhere there's a list of all your history and preferences, and at worst your devices are actively listening to you
Or that the ads are relevant to the content. Slashdot in the early 'noughties had ads from companies selling products of interest to a tech-interested audience. Relevant ads without needing any tracking, like magic (because individual tracking wasn't widespread yet). The issue is with broad-interest sites like regular news, where matching the ads to the content is impractical because the content is extremely general.
- don't root your phone, because that'll definitely require more effort fuzzing around with Magisk and Zygote deny lists etc.
There are of course apps that won't work with MicroG, period. Anything requiring hard DRM (Netflix EDIT: according to below list, it's actually working now, but I cannot test), games (Pokemon Go for instance), also quite a few banking apps, so if you can't live without some of those, check beforehand for instance on
I'm referring to the location based on wifi and lte information. This location is less accurate than GPS, but also much faster to acquire.
Usually, Google would determine this location based on its database of networks and there's no way to set another location provider without installing microg as a system app or patching Android.
The microg installer I mentioned [1] does this configuration so you can use microg as your network locations provider.
No, just because I find the default Google experience in Android annoying, and I don't see why they should know everything about me. Thanks to ublock, adaway and pi.hole I don't see ads anyway.
What a disingenous question, yuck. No, whether ads are relevant or not was never the core issue, so that alone wasn't the cause of his actions (btw, doesn't sound like much effort tbh). The relevance of ads is just a symptom of underlying cause.
It actually makes me feel good when I see irrelevant ads. Because it means the advertisers don't have a clue who I am so my measures work.
Not that I see many ads because I block them of course. I even use a pihole to filter all my android phone traffic and it's very effective against in-app ads on android. In most cases even the whole bar where the ads would have appeared is gone so the app uses the full screen space.
Keep in mind that when the industry says "relevant ads", it means "more able to influence your actions".
If it results in you buying a T-shirt, it might have been more relevant to you than an ad for something you didn't need. But if it results in you, say, not voting, that would also be considered a success.
I have no idea why people have been convinced targeted advertising is some kind of net good not just for them individually but also for the world at large. The purpose is to find weaknesses in your personality and exploit them to manipulate you using this knowledge. There are some mostly benign uses but even if those are the majority you don't get to pick and choose, its an all or nothing affair.
I understand that's the popular narrative, but that's not really the main point of targeted ads.
There's an old saying in advertising: "I know I'm wasting half of my advertising dollars. I just don't know which half".
The main point of targeted advertising is to avoid wasting money showing ads to people who will almost certainly not purchase your product, and redirect the money to ads shown to people who are more predisposed to purchasing your product.
Examples of the former include showing ads for Depends to teenagers, or for McDonalds happy meals to the elderly. Examples of the latter would be gaming PCs for people who own lots of video games.
I think you're both saying the same thing. Ads are manipulative and by targeting they are only more effective at said manipulation. Because most of the people who it would not work on are excluded.
DivestOS is based on lineageOS and while not as good as grapheneOS, does support a number of other devices [0]. I think its the next best alternative to GrapheneOS.
I really want to use Lineage, I really do. I have a device thats supported and can easily unlock the bootloader, but I'd need my bank apps all to work, and I know that they don't. Even if they did, I don't want the uncertainty of them not working when a few don't have a internet banking without an app, and others require an app for 2fa, otherwise I'd use Lineage in a heartbeat.
This feels like an issue for the EU to step in on, a functional duopoly created by apps for essential services that almost everyone needs requiring one of 2 platforms to work.
Same. The hardware attestation made it so no open source os can run with full functionality. Not grapheneos, not lineageos.
I'm stuck on normal android, and probably stuck on a pixel because I want updates and Samsung keeps delivering horrible uis and phones that break on my wife
> This feels like an issue for the EU to step in on, a functional duopoly created by apps for essential services that almost everyone needs requiring one of 2 platforms to work.
Never going to happen, for the same reason the EU forced Apple to open the NFC chip: They're working for European businesses, not European people. European banks depend on a having a trustable platform for their apps. They are going to lobby hard against such rules because they don't want to be overrun by fraud.
Maybe Apple will help you out if you're lucky. They seem to hold a grudge, and maybe they will lobby the EC for such a rule just to fuck over the banks who forced them to open up the NFC chip.
> They are going to lobby hard against such rules because they don't want to be overrun by fraud.
The vast majority who run a degoogled phone knows what they're doing. And it's such a niche phenomenon anyway. They're not going to be overrun by anything.
> I just keep it disabled, and live with the disadvantage of longer GPS start-up times.
The reality is that it is extremely painful to spend minutes locating satellites -- it is a battery drain and very difficult to deal with, almost in every case you need to use GPS (location, navigation etc). It is a dealbreaker for me personally and probably most of people.
Yes but MicroG does allow to use AGPS and cellular location through services other than Google.
Unfortunately Mozilla was the biggest one and they just shut theirs down. But there's a plugin for apple's and you can also use one that automatically caches cells wherever you have been, which works really great if you end up in the same places a lot.
CalyxOS is another option, though I haven't tried it personally.
If you need Google services and just want an OS closer to ASOP, I'd recommend Lineage. If you want a de-Googled device and are okay with the limitations that comes with, go with Graphene.
I've been using Graphene for a few years now and have always been happy with it.
Honestly except occasional location service/embedded maps not working in some app that only implemented google maps APIs - I have like one app that actually doesn't work (is not usable) and I am using grapheneOS as daily driver for at least 3 years now.
Been using it for almost 2 years myself, and I can say the same. Everything just works pretty much. For the couple Play Store things I need, I just get them via Aurora Store. So the actual Play Store app isn't even installed on my phone.
On the maps topic: other than finding locations via address, OsmAnd+ is better than Google Maps in my opinion. Even tells you what lanes to be in ahead of time when driving. I'm pleasantly surprised by it. Sure, you also lose out on the traffic heatmaps, but that's an acceptable loss to me as it means my phone isn't part of a spyware botnet anymore. Plus my state runs its own traffic heatmap website. If I need to see it, I can go there.
I guess it depends a bit on your definition of "phone" and "realistic". I have a pine64 phone I mean to revisit - probably with a version of https://postmarketos.org/ .
I think we might get there unless fuchsia and google abandon the Linux kernel completely - for a more apple like lockdown - but I don't think we're there yet.
I used CyanogenMod/LineageOS for the better part of a decade and switched to GrapheneOS a couple years ago and haven't looked back.
When it comes to security (and privacy), GrapheneOS blows LineageOS out of the water in pretty much every way, e.g.:
- Arbitrary-length encryption passphrases
- General security hardening: Memory hardening, sandbox hardening etc.
- Non-rooted (i.e. much higher security barriers for malicious apps to take over control over your phone)
- No userdebug mode (LineageOS ROMs are often development builds which weaken the security of the OS, see e.g. https://github.com/GrapheneOS/os-issue-tracker/issues/284#issuecomment-690417436 )
- Fully secured boot chain (in other words: A thief won't be able to do much with your phone)
- Sandboxing of Google services (*if* you want to use them), i.e. Google no longer has admin access to your phone
- Being able to restrict internet access for certain apps (that's a huge one in my book)
- Being able to grant apps access only to select contacts from your contact list (contact scopes), and only select files/folders (storage scopes)
Now that I'm thinking about it, some of the above features have become so natural to me, that I find it wild that other AOSP-based ROMs (including Google's) don't have them. Moving away from GrapheneOS would be incredibly painful for me.
Depends on where you stand. I could always build GrapheneOS myself and enable root again but I just don't have any need for it and prefer the stronger security guarantees disabling root comes with.
I've given up on Lineage, mostly because updates are a pain. Switched to GrapheneOS and am pretty happy so far. I think their approach of sandboxing the Google-foo is pretty sensible, as it strikes a balance between usability and privacy.
It's a shame that the mobile phone market is such a complete and utter shitshow. Can't root your device because a boatload of apps will stop working. Can't have an unlocked bootloader because other apps will stop working. You effectively have a choice between two walled gardens (and never the twain shall meet!), with varying degrees of privacy violations.
How did we let it come to this? For a brief moment we had the glorious N900 and Maemo ecosystem, but that's all gone now. Open phones seem impossible now.
Maemo really was impressive, and to think how far it could be with more than a decade development and refinements had Nokia managed keep that team on it.
Sailfish OS still seems to be going, and latest and installable on Sony Xperia 10 V. Though that is based on Meego which was what replaced Maemo and ended up on the Nokia N9 and was no longer Debian based IIRC.
Tizen OS was the other offshoot of Meego and Samsung was working with it, but they appear be abandoning it.
I never had the chance to pick up a compatible device try them out.
I see platforms becoming less fruitful to tinkering as a characteristic of them maturing, especially when a commercial side is linked either by whoever 'owns' the platform or companies that make use of it. Tinkerers are great for pathfinding the platform and a certain amount of evangelism among early adopters, but when the platform is established among the mass market it seems lockdown is inevitable.
Updates a pain? They work really well for me. The only thing is having to run an adb command once a year for a major upgrade but it's really well documented and a 5 minute job. Once a year..
> It's a shame that the mobile phone market is such a complete and utter shitshow. Can't root your device because a boatload of apps will stop working. Can't have an unlocked bootloader because other apps will stop working.
Sure, but it's perfectly understandable. Look at it from the other side: When the majority of your fraud comes from rooted devices and a tiny minority of your users have rooted devices... why would you not ban rooted devices?
The majority of fraud comes from rooted devices? Citation needed.
I suspect the majority of fraud comes from users doing silly things without paying attention, like wiring that money the CEO asked them over text. Or from running hopelessly insecure devices which aren't actively receiving security updates.
> I’ve subsequently learned that hard-core de-Googlers eschew Lineage OS, because it remains too close to the stock configuration of the Android Open-Source Project (AOSP) on which it is based.
This is true, LineageOS is mainly used by people that end up installing Google Play Services afterwards. They have said themselves that 90+% of people install it on top of Lineage.
They are also very afraid of pissing Google off, and thus they are extremely against MicroG which is an open-source phone-side API for Google Play that is more privacy preserving. For example it replaces the location service with alternatives and supports firebase push messaging without sharing too much data. But Lineage hate it, if you so much as mention it in their IRC channel you get insta-kicked.
I view Lineage not really as a privacy ROM but more as a long term support ROM for the people that want normal Android with Google but their phone has fallen out of support from the vendor.
PS: There is a great fork from MicroG itself: https://lineage.microg.org/ . Of course not using Google at all is even better but the problem is that most app backends only speak to Firebase (google) for their push messaging.
> I don’t like Google knowing so much about me, but I don’t believe Google’s data collection is directly harmful to me. My disapproval of Google’s activities (and I know Google is not the only culprit) is mainly one of principle.
For me it's not about harmful or not. I just don't want to be spied upon, whether I receive negative effects from it or not.
> I don’t want to be a source of revenue for Google, or to legitimize their behaviour by my own inaction. I don’t want Google to make the Internet more of a hellscape that it currently is.
Well Google and their model of tracked advertising goes hand in hand with enshittification. They're responsible (though not single-handedly) for establishing the model of 'the user is not the customer but the product'. Kowtowing to their services will certainly make things worse.
Of course it's better if you can find your rom on lineage.microg.org, but you can also install MicroG on Lineage using something like NanoDroid [1]. I see FairPhone has something like this too [2].
No. GrapheneOS (or rather its main dev) has a big thing against CalyxOS. Not so much the other way around it seems. The developer of GrapheneOS seems to think they are attacking him but when I read in the CalyxOS community they really don't seem to care one way or another :? I looked at both a while back but I didn't have the right phone for Graphene and Calyx didn't support my model in the end either although they did have plans to do so. But OnePlus made a nasty twist that made it impossible in the end.
I don't think LineageOS has any issue with GrapheneOS or the other way around. They're not really fishing in the same pond. GrapheneOS is a security hardened OS for pixel phones only, whereas LineageOS is more like a long term support ROM for as many devices as possible.
As much as I would like an alternative, the downsides to not using Google Play Services is too great for me to seriously consider a degoogled phone. This may be a use case for PWAs but until banking apps and ride sharing apps are fully functional on the webs this isn't an option.
This obviously isn't 100% "de-Googled' but I use GrapheneOS with the sand-boxed Google Play Services and Aurora Store for the few proprietary apps that I use. I don't do online banking using my phone so I'm not sure how well that works (GrapheneOS' documentation has some words of warning about banking apps), but for ride sharing and other stuff that I occasionally need it has worked pretty well.
The one thing that didn't work well was Location services when my wife and I travelled to Walt Disney World. The My Disney Experience app worked great for the most part, but occasionally I would get errors related Location claiming that I was outside of the country. Uber worked fine though. Fortunately we were travelling together and had her phone to fall back on when we needed it.
This looks like something microG would handle (a free software reimplementation of Google Play Services, including push notifications and location services). I see GrapheneOS is unwilling to support it.
Yes, because according to the GrapheneOS devs it would weaken the security properties of the OS.
Besides, GrapheneOS already supports the native Google Play Services (with additional sandboxing), so I have a hard time seeing how MicroG would help here. (I used MicroG on LineageOS for years and it certainly wasn't without bugs.)
Also, regarding what GP wrote, I haven't encountered a single app in a long time that wouldn't run on GrapheneOS.
Yes. GrapheneOS can't support NFC payments because Google won't certify the OS nor does it provide any avenue for getting certified / "approved."
I can see how this could be a deal breaker for some.
Speaking only for myself, personally, I'm 42 years-old and have been a very slow adopter of smart phones in general. GrapheneOS let me feel like it's finally my phone and I've started using it more. Mostly as an mp3 player while exercising, and I've got an open source password manager that I've started using a lot. But I've never been comfortable with the idea of my phone replacing my wallet. I mean, sure it can do everything that my wallet can do but it's also susceptible to malware or attack and if I lose it then not only do I lose all of the data on my phone but I lose access to my identification and payment methods as well? That is a terrifying prospect to me. I don't like the idea of single points of failure. Losing my wallet would ruin my day. Losing my phone would suck but nothing catastrophic would happen. For most people losing both would be a nightmare scenario.
But I don't even do online banking on my phone. I probably could. I choose not to.
I wouldn't necessarily consider it a deal breaker - just something to be aware of.
National/Banking id/2fa would be a deal breaker probably - all infrastructure is built around smartphone apps now - and it's a challenge to find an alternative (ie hardware token issued by the bank).
There nominally is a national id system with printed 2fa codes - but my impression is that it is fading in favour of the banking id system. Except for a few government services like social security, where it remains a viable alternative.
For online payments, with a credit/debit card the banking id 2fa system is practically required to spend money online.
So basically it's a situation where you need the smartphone anyway, but wallet is optional.
In Norway practically any place that accept cards also accept Google/Apple pay - as all pos terminals support "tap"/NFC as does practically all debit/credit cards issued here.
I was recently on vacation in France - and only needed my phone there as well.
> Do you not carry a wallet?
No. [Ed: no longer, no]
> What happens if your phone dies?
Either I don't buy anything - or I'd borrow a usb-c charger from the person behind the bar/at the restaurant etc.
I've used both Lineage and Graphene extensively, and contrary to a lot of what I see even here in this thread, I find Lineage (without MicroG) to be a more Google-free experience, at least on the surface. Graphene's sandboxed GApps can still learn information about your usage patterns if you log into the services, albeit far less than they would on a standard Android device. However, it's for the sandboxed GApps that I consider Graphene to be more usable for the average smartphone user.
I'll admit to not really understanding what about the AOSP is inherently bad other than being maintained by Google. To my understanding, it's only the GApps binary that remains shrouded in sinister mystery, and obviously that's not present in Lineage.
I looked into why I was unable to use a secure encryption password on android devices about a year ago and i was shocked to find the AOSP bug that was over a decade old identifying a max 16 character encryption password, and was absolutely floored to see CyanogenFraud now called LineageOS had willingly not patched this until literally the very latest release, which was not available for my one plus device at that time.
16 character max for a decade is a juicy rainbow table for the small cost of a few petabytes, something most law enforcement is easily capable of paying for.
Between the devils I know I much prefer my apple mobile devices, even with a fix applied I wonder about the intentions of a team that ignored security concerns for over a decade (both Alphabet and Lineage)
the way to do mobile privacy well would be to run an android image with a VoIP phone number in a cloud container and then actuate the image using another handheld via wireguard.
I don't know that market well, but it seems like you should be able to run a virtual cloud android devices as a digital twin. secure hardware is a honeypot. disposable hardware with keys you manage is the best possible.
Additionally the guide I've seen referenced the most (from Reddit, which a popular Youtube video is directly based upon and which this article covers the main points of) suggests an outdated HTTPS URL which no longer works. I'd imagine many are just blindly copying adb settings and encountering problems (the burden of which often falls onto LineageOS community support as people spend time trying to identify an issue).