Features
About
AXP.OS is a more private and more secure aftermarket mobile operating system based on AOSP & LineageOS.
The main goal of this project is to strive for a balance between a
privacy and
security-oriented
yet usable
Operating System - and last but not least … even for advanced* users.
*i.e. including full control over your own device - if desired
The Pro flavor of AXP.OS comes pre-rooted which is a major difference between many (if not all) other custom OS and requires to read the documentation properly and acting wisely (i.e. not installing APKs from random sources, open every link in mails you get, etc). While the OS comes pre-rooted it is not active at all and requires to actively install the Magisk companion app + run the requirements installer once to make it usable first. That means if you do not need root you can simply skip that step and there will be no su binary available at all.
The Slim flavor on the other site does not come pre-rooted while it has drawbacks regarding usability and is not that intensively tested as the Pro one.
If you are not sure which one to choose, ask in the support channel.
Divest Notice
Up to Dec 2024 AXP.OS was based on DivestOS, see the EOL notice for Divest and its impact on AXP.OS here.
Due to this AXP.OS started in 2025 offering different flavors.
The Pro one is still the main flavor and so default on new devices but users can request a slim variant which gives a “Divest-like” experience.
Flavor comparison
| Feature | Pro | Slim |
|---|---|---|
| Using Graphene’s hardened malloc (comparison) | X | X |
| OTA (Over The Air) updates | X | X |
| Including ASB patches (see AXP.OS patch level for details) | X | X |
| Hardened and focusing on security and privacy | X | X |
| Hardened Browser & WebView by EXTENDROM_PACKAGES | X | X |
| Extra Privacy by extensive deblobbing and privacy-focused settings (config) | X | |
| Super Privacy by even more extensive deblobbing and privacy-focused settings (config) (while reducing usability) | X | |
| SELinux enforced | X | X |
| Data encryption enforced | X | X |
| Signed (by AXP.OS keys) | X | X |
| Increased key size + hash (8192 / sha512) for signing keys wherever possible (incl. adjustments in recovery and OTA Updater) | X | X |
| Advanced boot debug log (EXTENDROM_BOOT_DEBUG) | X | X |
| Advanced Signature spoofing support by EXTENDROM_SIGNATURE_SPOOFING (must be explicitly enabled) | X | X |
| Using the AOSmium System WebView by EXTENDROM_PACKAGES | X | X |
| Extra Apps included by EXTENDROM_PACKAGES (F-Droid, AuroraStore, FossifyGallery) | X | X |
| extended list of F-Droid repositories (1,2,3,4) (must be explicitly enabled) | X | X |
| eSIM support (A10 and later) for devices supporting euicc (must be explicitly enabled) | X | X |
| Internal DNS content blocker (blocklist) | X | X |
| Re-locking the bootloader on supported devices | X | X |
| Reproducible builds - see the details | X | X |
| MicroG included (requires to explicitly enable signature spoofing) | X | ¹ |
| Current and MicroG compatible Google Play Store included (must be explicitly enabled) | X | ¹ |
| WireGuard VPN Kernel module | X | ² |
| Pre-rooted (Magisk) by EXTENDROM_PREROOT_BOOT - Bootloader re-lock compatible (must be explicitly enabled and activated first) | X | |
| Basic (i.e. w/o SafetyNet) support for Widevine DRM | X | |
| Supporting a FULL(!) app & settings backup & restore | X | |
| Advanced Usability Support by EXTENDROM_PACKAGES (Magisk, MicrogGmsCore, GsfProxy, Phonesky, NeoLauncher) | X | |
| On device* testing before release (*for devices marked as “verified by the AXP Team”) | X |
- ¹ while not supported (and not possible on bootloader-locked devices) you can flash MicroG as in LineageOS.
AXP.OS Phonesky can be installed manually (via a custom recovery: place it in/system/priv-app/Phonesky/).
Regardless if using the MicroG FakeStore or AXP.OS Phonesky you need to follow the setup guide) as well. - ² some kernels have the wireguard patches already included - the Slim flavor will not remove them while you need root to activate it
Simplified OS comparison
The following is just a simplified comparison between some popular custom OS and is meant to give a short overview only (there are dozens of detailed comparisons available elsewhere).
Examples of more detailed comparisons (even though without AXP.OS) can be found:
The Main(!) focus column is a bit vague or better said subjective as all OS claim to be all of these 3: user-friendly, secure and privacy-friendly.
Just some doing it more intensive than others.
| OS | Main(!) focus | Pro | Contra |
|---|---|---|---|
| LineageOS | Usability | wide range of supported devices, very high usability | no focus on privacy + security, only latest 3 major releases supported |
| CalyxOS | Usability, Privacy | wide range of supported devices, high usability | no focus on security |
| GrapheneOS | Security, Privacy | best in class focus on security, good usability | Google Pixel devices only, usually does not support older Android versions |
| /e/ OS | Usability, Privacy | wide range of supported devices, very high usability | no focus on security, does not support devices with older Android versions, late ASB patches |
| AXP.OS - Pro | Usability, Security, Privacy | best balance between Usability, Security, Privacy, supports devices with older Android versions | only a subset of LineageOS devices currently supported |
| AXP.OS - Slim | Security, Privacy | Security, Privacy, supports devices with older Android versions | only a subset of LineageOS devices currently supported, reduced usability compared to the Pro flavor |
Privacy examples:
- reducing/disabling Call-Home functions
- reducing/removing Google dependencies
- deblobbing of proprietary parts
Usability examples:
- allow or even include custom extensions (e.g. MicroG)
- pre-configurations
- including certain Apps
- support installing Apps from F-Droid
- …
Security examples:
- fast ASB patching
- (CVE related) Kernel patching
- intensive hardening (e.g. malloc replacement)