TL;DR: From Unplugged’s Blog:

Two weeks ago, we quietly posted the Unplugged UP01 Kernel Repository to GitHub.

This is the first of multiple announcements and releases. In addition to the kernel, we open sourced the UP Antivirus code in GitHub several months ago.

Our objective is to continue advancing toward a zero-trust model, one in which third-party observers, customers, and security researchers can independently verify our claims by examining our code, rather than relying solely on our word.

We rely on the privacy and security assurances of our own products, and we’re working toward open sourcing more of our operating system. Our goal is to make the platform as transparent as possible.

We welcome contributions from the community to enhance the kernel’s functionality, performance, and security.

-Eran Karpen
CTO, Unplugged

Unplugged UP01 Android Kernel Repository

Welcome to the Unplugged UP01 Android Kernel repository! This repository contains the complete source code for the kernel of the Unplugged UP01 device. At Unplugged, we believe in fostering innovation and transparency through open-source software, and this repository is a reflection of our commitment to those values.

About This Repository

This repository serves as the central hub for the open-source development and maintenance of the Android kernel for the UP01 device. By making the kernel source code publicly available, we aim to:

• Empower developers to customize and improve the UP01 device.
• Encourage collaboration and contributions from the community.
• Maintain transparency and compliance with open-source licensing requirements.

Features

• Fully Open-Source: Access and modify the kernel source code freely.
• Community-Driven Development: Contributions are welcome and encouraged.
• Regular Updates: Stay in sync with the latest kernel improvements and security patches.

Getting Started

Prerequisites

• Familiarity with Android kernel development and Linux-based systems.
• Required tools for building Android kernels (e.g., gcc, clang, Android NDK).

Cloning the Repository

git clone https://github.com/werunplugged/UP01-Kernel cd up01-kernel

Building the Kernel

Follow these steps to build the kernel for the UP01 device:

1. Set up your Android build environment (refer to the Android Open Source Project documentation if needed).
2. Configure the kernel for the UP01 device:

make unplugged_up01_defconfig

3. Build the kernel:

make -j$(nproc)

Contributing

We welcome contributions from the community to enhance the kernel’s functionality, performance, and security.

How to Contribute

1. Fork the repository.
2. Create a feature branch for your changes.
3. Commit your modifications and push them to your fork.
4. Open a pull request explaining your changes.

Contribution Guidelines

• Ensure your code adheres to kernel development standards.
• Test your changes thoroughly before submitting.
• Follow any applicable licensing requirements.

Licensing

This repository is licensed under the GNU General Public License (GPL) v2. By contributing to this repository, you agree that your contributions will also be licensed under the GPL.

Acknowledgments

A big thank you to the open-source community for inspiring our efforts and contributing to the advancement of technology. Together, we build better, freer, and more innovative software.

Contact Us

For questions, feedback, or support, reach out to us:

• Website: unplugged.com
• Email: support@unplugged.com

Let’s make technology open, accessible, and impactful—together!

Please see Unplugged Phone - GrapheneOS Discussion Forum

Much more information became available. Unplugged began repeatedly spreading misinformation about GrapheneOS combined with false marketing for their product so we looked into it and determined that it’s a clear cut scam.

GrapheneOS developers calls it a SCAM

That’s why they’re open-sourcing so that people will hopefully stop seeing them as just a “scam”. Unplugged are hoping by with transparency and accountability they will hopefully gain people’s trust.

But that’s up to the consumer.

This just the first of many things they are going to start open sourcing. They are pretty active on their blogs etc.

With this being the first of many open sourcing users can now contribute to their code.

From the blog:

This is fair skepticism, and if we were in the consumers’ shoes, we would challenge the upstart company with its big privacy claims and promises too.

Some researchers, influencers and technologists in the privacy tech and cybersecurity communities have publicly cautioned or even attacked the UP Phone. Although this is unfortunate and rare, we realize we must earn the public’s trust over time with consistent product development and by our actions.

Now, with this preface, we are pleased to announce the first of a series of open-source announcements regarding the UP Phone software and the LibertOS operating system. This follows our announcement in January that we are unlocking the UP Phone’s bootloader – without voiding the warranty – an industry first.

thanks for update

As someone who has been deeply skeptical of the Unplugged Phone, they deserve credit for doing this.

To be clear, they are legally obligated to do this (because Linux is under the GPL), so they were breaking copyright law until they did this.

And also “LibertOS, our proprietary privacy OS” and “UP Phone’s proprietary app store” from their website does not give me confidence.

I personally wouldn’t use this phone until it had LineageOS available

(oh, and phones don’t need antiviruses)

Brave Leo AI:
Android Phones with Closed Source Kernel

None of the Android phones have a fully closed-source kernel, as the Linux kernel at the core of Android is open-source and licensed under the GNU General Public License (GPL) version 2. However, the kernel used in Android devices can be customized and includes proprietary components known as “binary blobs” which are closed-source. These modifications and additions are made to optimize the kernel for specific hardware and provide additional functionalities

I think from this Unplugged blog announcement about the kernel is that they recently released those proprietary components and are now open-sourced. As you mentioned, the Linux Kernel is open-sourced. Therefore, wouldn’t the open-sourced components they used from the Linux Kernel still have been visible? It was just that they customized the Linux kernel and added those proprietary components. Which they have just now open-sourced? Idk I’m probably wrong.

image1440×3120 242 KB

I don’t own an Unplugged phone, so I’m not familiar with its antiviruses functionality. However, from this picture from GitHub it appears the antivirus also scans for trackers. I’m not sure how effective this is, and I don’t know if the scanning is done manually or in the background.

Here is the GitHub for the UP Antivirus:

I would just say wait and see how much more open sourcing they do. You can still be skeptical or critical.

But at the moment, the open sourcing they did do, I think, is good and shows they might be willing to listen to more feedback.

However, I would still exercise caution if they haven’t provided more positive transparency about what would make you feel comfortable trusting the company in the future

UnPlugged had to open source their “anti virus” as their GitHub Readme (mirror) makes it clear they build on top of TrackerControl & DivestOS Hypatia, both of which are GPLv3. The fact that they didn’t means they violated the license for as long.

Probably the developers of both those FOSS projects to refer UnPlugged to sfconservancy.org.

now if that isn’t suspicious enough idk what is.

Hey all,

Really appreciate the discussion here and the interest in what we’re doing at Unplugged! Just wanted to jump in and clarify a bit about what we’ve released and what we’re trying to achieve:

Antivirus: We’ve fully open-sourced our entire antivirus solution. It includes some existing open-source components, but we put a lot of effort into building a complete, user-friendly experience around them: solid UI/UX, additional logic and features, and real-time notifications that runs fully on-device. The idea is to provide a serious privacy-respecting alternative that works on any Android device and raises awareness that you don’t need to trade privacy for protection.

Kernel & Bootloader Unlocking: As for the kernel—we did release its source as required, but we also went a step further and now allow the UP Phone bootloader to be unlocked. That opens the door for anyone to port other operating systems, verify our work, or just explore under the hood. For us, this is part of a bigger commitment to transparency and community trust. For us, this is part of a bigger commitment to transparency and community trust.

We’re building Unplugged to be more than just a secure phone—it’s about giving users real control, with an open and verifiable foundation.

Happy to chat more or answer any questions!

Hi thanks for coming in, we most need official people that could clarify things!

first: Yes you did open source the antivirus but with that being said android itself if you’re not carelessly sideloading nefarious malware (especially ones that force admin privileges) has really good preventative measures in itself to the point you dont exactly need an antivirus, I think your team and even the creators of the FOSS Projects you violated their GPL on would agree. and I already said the second part I wanted to say.

Kernel: Was honestly mandatory but kernel isn’t enough, we need to be able to see the source code of the operating system, many projects even Calyx and Lineage out of all people fully open source their project. You just did what companies like Xiaomi also does already and for a while out of many companies (source).

With that being said, Graphene did rightfully criticize your choice of SoC, going for Qualcomm or something like that could have been a safer choice (I hear Qualcomm with Custom ROMs/Oses aren’t easy to port I think but that’s besides the point) tbh but more importantly if you were to comply with GrapheneOS’s requirements instead of trying to double down or something, Now that you went as far as to make the bootloader unlockable, This in my opinion would have the biggest impact, especially when you can keep that relationship. Now for what people will criticize Calyx for, if they are willing to support your phone assuming you send them one or otherwise. Great, but otherwise still I feel working for compatibility with GrapheneOS that ensures security and privacy would have been unique for sure.
Open source hardware where you can, not mandatory but is a plus.

Please keep in mind I don’t affiliate with any projects, nor PG, nor Techlore, nor Graphene (in fact I have my own greivances not gonna get into, not the independent mods or anyone else.), etc. I just want to be critical where I feel is mandatory in hopes that if you do improve upon it, anyone or everyone can be happy.

What role does Erik Prince play in your organization?

We hear what you’re saying about MediaTek and completely understand your concerns. While projects like GrapheneOS or CalyxOS focus on specific chipsets, it’s worth noting that they largely rely on Google’s Pixel line — meaning it’s actually Google that determines which hardware they support, not the project maintainers themselves. That’s not a criticism, just a reflection of how the ecosystem currently works.

In our case, we’re building a product from the ground up with a different set of priorities — performance, long-term supportability, supply chain flexibility, and our own privacy hardening. So naturally, our hardware decisions differ.

If someone officially involved in a project like CalyxOS wants to explore porting to the UP Phone, we’d be happy to provide free devices to support that effort. We believe a more open mobile ecosystem benefits everyone.

If someone officially involved in a project like CalyxOS wants to explore porting to the UP Phone, we’d be happy to provide free devices to support that effort. We believe a more open mobile ecosystem benefits everyone.

Erik is a co-founder and an investor. He has also been the most prominent public face of Unplugged and the UP Phone. He actively introduces and promotes the product. He is an ardent advocate of enabling and preserving privacy rights.

Thank you for the direct reply.

That’s all I need to know in order to stay as far away from Unplugged as possible.

Yes I agree.
First I appreciate that you would support someone like Calyx but not work on what is already very well established and especially one that has transparently stated the criteria to support the operating system which is Graphene (in terms of security and privacy) Is super ungenerous and as beef as I would have them I think I would side with them for any criticism. Ok maybe I’m too harsh, but if it’s complicated it can be understandable but it’s up to you if you really wanna miss such an opportunity.

Finally if you understand about the Mediatek Issue then I hope you fix it, even in a new phone line counts but if not maybe wanna act a little faster, you’ll never know…

You never responded about opening the operating system and the backslash (not you but Unplugged in general) you may receive not trusting it may be worse.

Hi there @THUnplugged, thanks for taking the time to comment. I have a few questions that I’d really appreciate if you could answer them based on the way they’re listed.

1.) People are calling the phone/company a “scam.” Why do you believe this to be the case?

2.) I see the company has opened up the Unplugged phone to security audits. Will we ever get public security audits by Cure53 or by any of the best security research companies? 1Password is great at keeping up with security audits, so I will use them as an example:[Security audits of 1Password | 1Password Support]

3.) How does the team at Unplugged see the company in ten years (like new devices, developments, etc.)?

4.) What is the hardening that you claimed “privacy hardening” in technical terms and also what does that mean in layman’s terms? Please be detailed, not just a normal support answer.

5.) People have concerns about the company violating the GPLv3 license. Especially in the phone’s antivirus, was this a mistake or intentional?

6.) How does the company perceive GrapheneOS? As in, how does the company view it as a privacy-focused operating system?

7.) How did the partnership with Brave come about? Will there be future partnerships?

Hello, Terrance. Apologies for the slow response. I needed to sync up with our CTO to get aligned. Here are the answers in the order of the questions:

1. We understand that the privacy and security space is rife with skepticism, which is both healthy and necessary. Given the prevalence of misleading products in this domain, it’s not uncommon for new entrants to be met with suspicion. In our case, individuals have labeled us a “scam” without firsthand experience of our product, and in certain cases, critiques were made even before our phone was available.
   Additionally, as observed earlier in this thread, some criticisms stem from personal opinions about our founders rather than the product itself. Despite this, we’ve seen a growing number of customers who are satisfied with their UP Phones. There are testimonials all over X.

2. Thank you for sharing the 1Password links. This is a nice resource and format. We are actively conducting security audits of our infrastructure and devices to ensure robustness and integrity. While these audits are currently intended for internal use, we recognize the value of public third-party validation and are working toward that in the future.

3. What will Unplugged look like in 10 years? Unplugged is about more than just privacy. Our vision is to establish the company as a leading provider of mobile and computing solutions that are more transparent and more accountable to our users than any of the large tech companies which have dominated the technology marketplace for the last three decades. The Big Tech space is full of monopolistic and abusive behavior. We envision a future that gives people a real alternative, designed to enhance their personal freedoms in every aspect: privacy, security, free speech, ownership of personal data, the freedom to transact, etc.
   While we believe there’s still significant potential to enhance our current hardware, with new features to be announced soon, we also plan to develop multiple generations of UP Phones. Our focus will remain on delivering devices that prioritize user privacy without compromising usability.

4. When it comes to privacy hardening, our approach focuses on real improvements that balance strong protection with ease of use. A key example is our Privacy Center, which gives users a simple way to manage and improve their privacy settings. It includes both privacy and security features that rely on deeper OS-level changes and direct control over hardware components.
   Our built-in firewall monitors and controls network activity, and we are actively working on expanding its capabilities. Upcoming releases will provide deeper visibility into app network behavior and traffic patterns. We’re also investing in system optimization, fine-tuning the OS to reduce unnecessary privacy risks and improve security, all while maintaining a smooth user experience and optimizing battery performance, especially given the absence of GMS.

5. Under GPL, our obligation to provide source code applies when distributing binaries to users, and it must be fulfilled if a recipient USER formally requests it. We did not violate this obligation or the license. While we would have provided the GPL source code to any such requester, our plan has always been to publish the code publicly once our product reached a level of maturity and stability. That is exactly what we did. It was released publicly about three months ago.
   There were general discussions and some criticism online regarding the GPL compliance of our antivirus solution, which includes GPL-licensed components. However, the idea that we were operating outside the license is simply not correct.

6. We have deep admiration for GrapheneOS and for what the core Graphene team and the open source community surrounding the project has accomplished. They have made significant, industry-leading contributions to privacy and security mobile OS technology and to fostering a culture of privacy. They have excellent documentation and a frequent update cadence. They’ve built a sizable user base and community. We do not see the GrapheneOS project as adversaries or even competition. The market for smartphones is very, very large (billions of units), and there is room for multiple companies and open source projects to succeed. This is the classic situation where a rising tide lifts all boats. The more that folks adopt privacy-respecting technologies, the more the whole of society will benefit.
   We have made friendly overtures and respectful conversation on X to the GrapheneOS account. We encouraged the porting of GrapheneOS for the UP Phone, but this was quickly dismissed. Irrespective of our approach and tone, they have attacked us repeatedly on X and in other forums. After one such exchange, they blocked us. However, we bear no ill will. We’ll just keep building our product. Our approach is different when it comes to user convenience, custom privacy controls and the development of our own hardware built to seamlessly support these goals.

7. Initially the relationship with Brave revolved around a handful of get-acquainted calls in the summer of 2024 between members of the leadership teams from both Unplugged and Brave. It gradually led to discussions about how to collaborate.
   Although we have some competing offerings - for instance both companies offer a subscription VPN - we realized that for the most part our products are very complementary. They were impressed with the quality of the UP Phone, and that we were audacious enough to take on the full stack including hardware, the OS, the UP Store, etc. Multiple members of our team were already Brave users. Brave makes the browser, and we love the fact that they have an independent search engine and index, and a really impressive, easy-to-use AI integration that puts privacy first. It made perfect sense to make it the default browser and search solution for the UP Phone.