What is CopperheadOS?
CopperheadOS is a security and privacy enabled Android operating system based off the Android Open Source Project. CopperheadOS is not a secure messaging or calling Application, but a hardened operating system for Android Apps like Signal, Telegram, SamouraiWallet, and virtually any other Android App. We have hardened your Android to make these Apps more secure and limit the methods attackers often use to exploit other systems.
What does “de-Googled” mean?
CopperheadOS has been built without Google’s Play Services or Play Store. This is done with the intent of empowering our users to choose what information they disclose to others, and to choose what Apps and services they install on their device. Copperhead does not collect telemetry or other data for the purposes of advertising or any other purpose. The storage on your device is private unless you decide to share something with others, your photos, documents and data will never be uploaded to the cloud. While you may miss out on Google’s creative photo collages, you will never have to worry about what is being done with your data.
If there is no Play Store, how do I find and install Android Apps?
CopperheadOS comes with F-Droid as a replacement for the Play Store. F-Droid provides a selection of Free and Open Source Android Apps. It is also possible to install Apps from the web with the CopperheadOS web browser Chromium and an Application Package or APK which you download.
For example, Signal Secure Messenger APK is available at https://signal.org/android/apk, just download and allow Chromium to install the package. No complicated search for settings, CopperheadOS will prompt you with what you need to know.
Applications that interface with the Play Store exist and are available on F-Droid. Applications that interface with the Play Store are a security risk in that if the application or the application developer is compromised. In some cases Applications may be dependant on Google Play Services for functions like Push Notifications, or reading QR code images. For more information, please see the CopperheadOS App FAQ below.
Note that Copperhead has not verified the author of Aurora Store and cannot confirm their security.
CopperheadOS App FAQ
- I used Google or Microsoft Authenticator on my previous device, can I use them in CopperheadOS?
- Authenticator Apps such as Google or Microsoft Authenticator are not recommended in CopperheadOS as both Apps are dependent on Google’s services for core functions.
- F-Droid offers fully functional Free and Open Source Authenticator Apps such as andOTP and Aegis Authenticator.
- Can I use my banks Android App with CopperheadOS?
- Some Banking Apps may work with CopperheadOS, but users should be mindful that installing Banking Apps through an unverified source such as Aurora Store is not recommended.
- Most Android Banking Apps are identical to the web-app available through your banks website. For that reason, we recommend CopperheadOS users do their mobile banking through our Chromium web browser.
- I found an Application Package (APK) on a third-party web repository such as apkpure.com or apkmirror.com. Is it safe to use?
- Copperhead has not verified any web APK repositories, and therefore we do not recommend installing APKs from these websites. Users do so at their own risk.
- In some cases it may be possible to verify a specific APK file with a cryptographic key, if a public key has been provided by the Application creator. For example, the APK file found at https://signal.org/android/apk can be verified using the SHA256 fingerprint found directly below the download button. In the case of the Signal APK, CopperheadOS will automatically verify the signing signature of the APK on install and block installation if verification fails. For an advanced tutorial on how cryptographic signatures work and how to manually verify a signature, please visit our documentation repository.
What does it mean to use a “security and privacy enabled device”?
Copperhead believes that empowering our users to make informed choices about their privacy and security is our primary role. CopperheadOS by itself is not a “magic bullet”, security and privacy are as much about your habits and choices as the software you use. Choosing CopperheadOS is a good first step, and we hope to teach you the habits which will make your digital life more secure, and more private.
The device you hold in your hand has been “hardened”, but no ship is unsinkable, no fortress too secure.
CopperheadOS compared to “stock” Android.
|Web browser||Hardened Chromium||Chrome|
|App store||F-Droid||Play Store|
|Cloud storage||Your choice to share using Apps like Microsoft Onedrive, Nextcloud, or to keep your files private||Auto-upload to your Google Account|
|Telemetry, Data collection||None||On by default, limited opt-out options, embedded Google Play Services|
Solving Common Issues in CopperheadOS
Are you having difficulty with installing Apps or customizing your CopperheadOS device? It is very important to make sure that your device is updated to the latest stable release from Copperhead if you are having problems. Before updating, ensure that you have disconnected from any VPN services or TOR. Then, open Settings and navigate to System → Advanced → System update settings. Check that the Permitted Networks setting is set to “Unmetered”, and then tap Check for updates. If you have any trouble updating, please check out our guide to common Updater Issues on our support site.