I’m looking to get a custom ROM that has good compatibility with my device. Would you recommend /e/? I couldn’t find a tutorial on how to install it with Linux but I don’t think it should be that hard to figure out.
You must log in or # to comment.
/e/ has good but not perfect privacy. It still contains connections to Google and they added a tracking parameter to their update calls.
Their update cycles are very slow. You are usually one to two months behind monthly security updates. Full bulletins are a year behind and Webview is a problem as well. They ignore this point and do not realize, that Insuffizienz security is a privacy risk AS well.
So if you want good privacy with a convenient user experience and without thoughts about security, here you go.
Im using it for a couple of years. I flashed my fairphone 3 by my self back then, before the easy installer. It was the first time i did something “advanced” with a phone, but it worked quite well. After my fairphone 3 died, I bought a Fairphone 4 via murena. So everything was already installed etc In total I am happy with the Os. Their goal, the release of privacy oriented OS for everyone (so f.e. even my parents could use them) is quite of a utopia I suppose. But still, the team and community are doing a good job.
Yeah I already heard about grapheneOS, but its not working well with fairphone right? So murena it is for me :) And I would recommend to people, who are aware of the downsides and are little enthusiastic :)
After my fairphone 3 died, I bought a Fairphone 4 via murena.
wait you didn’t buy a replacement battery? 🤨
It wasnt the battery, sadly. Some Fairphone3 have the issue, that their mainboard(?) is breaking down after a couple of years without any clear reason - and I was the lucky one. Its the only “unreplaceble” part and kind of phone breaker. Sure, you can replace this too, but it would somheow be like buying a new phone. At this point, the fairphone 4 was alreasy released, so I took the upgrade. Fairphone 4 and 5 have now a waranty of 5 instead of 2 years. So at least on this point ill be save for 3 years more :>
Oh ok 👍
/e/os is often behind on Android monthly security patches (sometimes up to a month or more!) and the apps they fork I have heard also often lag behind upstream. It also doesnt do much to deblob the ROM if proprietary binary blobs.
Comparison table of Android ROMs: https://eylenburg.github.io/android_comparison.htm
Came here literally to comment this. Hooooly fuck, I would not trust /e/ as far as I can throw a Fairphone. Good thing they’re compostable, becauze that’s the only up they have on a Graphene flash.
Until I can take a basic actionable step to ensuring my information is safe like LOCKING MY BOOTLOADER… I am good over here.
I’ve used it for almost five years, flashed it myself on my FP3. I disabled microG and I’m very careful & strict about what I install on my phone, also their Advanced Privacy set of tools is pretty good. For my threat model is more than enough and I am very happy overall. Never had any serious issues, or even mildly serious ones tbh, despite people yelling about Android security updates arriving late. There was an outage in their cloud services in October that required a complete revamping of their server infrastructure and that took months but I don’t use their cloud so I wasn’t affected at all.
It’s pretty solid. I use it daily and don’t have any big problems. Install is simple. Just install adb and fastboot from your linux repository. This should cover the most of the installation requirements.
I don’t know if installing from the repositories is such a fantastic idea. I’ve had instances where I’ve almost fucked up a device because I installed the ones from the repositories and they weren’t new enough. I would recommend downloading the ones from Google directly.
Edit: the cli platform-tools
Sounds like either a terrible bug or user error. Which in both cases should be fixed.
Well, when I tried the one directly from the repository, my version of Android would not boot, but then I downloaded the one directly from Google and did the same commands. And it booted. So yeah, either it was a bug or something.
Sounds pretty straight forward. What is compatibility like? Have you tried any banking apps?
I have ING app, it works seamlessly through microG but I don’t need it for basic use of the app. I don’t use my phone to pay for stuff.
Haven’t had any major apps not work on it. Except one banking app for a while in the beginning, but works now
I have no banking apps on that phone, sorry. So I don’t know if they work.
Their easy installer is why many people I know installed it, but it only supports 21 devices and mine wasn’t one of them, so I can’t say much about usability or security. If yours is one of them, there’s also a Linux guide on their website: https://doc.e.foundation/easy-installer
Yeah. I love the idea of the easy installer. Mine isn’t listed either.
I love the idea of the easy installer.
looks at GrapheneOS installer… Literally just 3 buttons on a Website you have to click, all of the steps easily written with clear instructions for Linux as well as windows
looks at /e/ installer
- finds 5 Websites with installers for /e/, all of them apparantly official ones, decided to use https://e.foundation/installer/
- Site dosent let you view this instructions without JavaScript.
- enabled JS
- Cant even use fcking Firefox to view this installer because a fcking pop-up Blocks my sight
- goddamn privacy oriented Android Rom Website recommends using Microsoft edge or Opera (both of which are privacy nightmares, especially opera)
- smashes pillow against the wall
I give up. If you call that bloated peace of dierrhea an „Easy installer”, you could just as well say that gentoo is easier to install than mint.
I know that GrapheneOS is really easy to install. Problem is that I don’t have a Pixel.
My Problem is not that you dont have a Pixel, but that /e/ 's Website is literal dogpoop, and that already tells a lot about their OS. Like, they are in a literal conflict to support other, maybe even more privacy friendly backup for cloud systems because the already have their own
Does your phone support anything else? LOS, Calyx, etc
Does your phone support anything else? LOS, Calyx, etc
Yes only LOS
Thats still better than using /e/. Just download the one without MicroG
What phone do you want to flash on? Is it in this list? https://doc.e.foundation/devices
Doesn’t support Galaxy phones unfortunately.
I think it supports Galaxy S9
I kinda took out my old phone (Sony) and flashed on that… And running parallel while I degoogle myself… Takes some time to change all email registrations from govt. And tax authorities to other external services like docs, banks and stuff…so doing dual phone for a fee weeks and then dropped main phone (fairphone5) to fully shift on e/os phone (sony)… And then will reset the ex-main phone (ff5) when degoogle is complete… I am too busy these days so it’s taking very long. (Also clean up Google inboxes and then back up vs. Backup and then clean up old inboxes is a struggle for me). Once fully complete I will flash ex-mainphone FF5 with e/os as well and switch to it And then use the 2nd phone to shift my partner and kids slowly. And in a year or next upgrades I think I might buy my family older pixel phones and flash e/os on them.
Maybe you should also get a side phone to start the project.
Not bad idea.
Here is a good comparison. As a reminder, there is no privacy without security, so if you live in the US (or anywhere that illegal searches happen regularly), I’d argue a less secure solution is by definition a less private solution.
It’s dangerous to get too obsessed with trying to secure everything against state actor level threats. It’s not that hard to dramatically increase your privacy if you’re currently using a regular android phone. Sure, yes, more security is better, but a single individual’s private information isn’t actually that valuable. It only becomes valuable to exploit people at a massive scale. Even just putting up minor speedbumps to data collection can massively increase your privacy as long as you aren’t being individually targeted, and more people getting into caring about their privacy is a good thing. Any de-googled android rom is already a big step in that direction. Lets not let perfect be the enemy of good.
If OP was trying to secure themselves against interest from conventional state actor like a large intelligence service, I’d say they probably need to throw their phone in a woodchipper and start hitchhiking to the nearest professional spy training program.
More realistic concerns that an ordinary person probably has are casual mass surveillance and local police fuckery. Random AOSP Roms are not sufficient to handle either of those threats.
They’re actually pretty good at protecting you from casual mass surveillance as long as you don’t do anything stupid with them, that was the whole point of my post. It’s just not profitable to spy on you if they have to bother to put any effort into it.
I also think you’re overestimating the capabilities of most local police. When I said state level actors I wasn’t just talking about the NSA. Smaller countries, actual US states, or even some big cities would be included there, but your local small town police department wouldn’t even know where to start. If you plan on personally pissing off any of those bigger police agencies then you should really just be assuming no phone is safe. Otherwise you’re not likely to run into anyone that even knows what de-googled android is, let alone how to get into it.
Our local PD literally have access to stingrays, cellbrite/Pegasus (I don’t actually know which one they pay for) and military weaponry. In the suburbs, they have armored vehicles as well (tanks and APCs, not armored swat trucks).
Obviously it varies by where you live because different departments will have different levels of funding and will ask for different toys from the feds, but you’d be surprised how comically over equipped many PDs are.
Well, it’s certainly true that it varies by where you are, but I’m pretty sure Graphene isn’t going to protect you from an APC any better than /e/OS, and the county sheriff where I live wouldn’t know a stingray from an Xbox, but maybe I just live too far out into the middle of nowhere to be typical.
From the looks of it GrapheneOS still seems like the best choice by far…
Basically, but not everyone has a pixel or can afford to buy a new device.
$150 for a refurb Unlocked Pixel 6 from eBay. That’s both cheaper, more ecologically friendly, and better for your privacy than /e/ can ever hope for.
I recently picked up a pixel 7a on ebay. $200 for like new condition. Probably the current sweet spot for value and remaining years of support.
if you got pixel and don’t like GOS team, Calyx OS is a decent alternative also, you can lock bootloader and get most apps to work with microg
GOS team are some elitist jerks, sure, but what they make works well. And I respect the fuck out of Calyx for being committed to making something like MicroG work.
GOS or Calyx, either is gonna be miles better than /e/. /e/ is running their ‘native IP scrambler’ on a two-year old commit of TOR. Fuck everything about that.
Depends on how far you want to go. From what I’ve been able to tell, they pedel a lot of flashy metrics and still had a bunch of google calls. Some of which you can manually remove, same as LOS. I would avoid buying into their cloud and keeping an eye on things yourself, if you want to install it. I saw them rebrand a bunch of OSS tooling as their own products back then. Don’t know if things changed since then, but I don’t trust the marketing.
A couple of my coworkers use it they are pretty happy with it and it works good from what I’ve heard :)
On the surface. DivestedOS has a whole laundry list of bugs and defects that /e/ hasn’t patched in yeeeeaarrs. Including how many holes their so-called ‘IP scrambler’ actually has.
Your coworkers would be safer with stock. Or Lineage. Or literally anything else.
Personally I hear it had been a mixed bag. Hopefully time has refined this… Old stories about digging up old LOS images, bare minimal patches, and release under e branding with no consideration for security/hardening. Buuut that was info from a grapheneos vs eos forum, or something. Do your research, you know what sub you’re in.
Hard truth: outside of GrapheneOS there is very little security and privacy gains from a custom Android OS over stock.
From best to worst:
Graphene OS
iOS
Stock Android / non rooted custom OS
Branded stock android
Rooted phones of any type
EOL phones
It’s hard to compare the security of systems. Also how is IOS number2!? Theres a lot of research put into finding holes in hardware and software since they are so popular, also they have backdoors for the government baked in along their walled garden.
Speaking about privacy, there are alot of gains from passing from a closed source ROM to a open sourced one. Or even better to an open sourced phone running Linux(yes I know very few can daily drive them).
On security it’s complicated and depends on many factors.
iOS second? What a joke.
Sorry its true. The app sandboxing and private relay alone are better then anything stock or these lower tier custom android os provide.
That seems like an overly black and white position over something that can be either quite valid or entirely nonsense depending on the situation and/or threat model.
Something’s are just more secure and private then others. That’s just a fact. For example, as of now GrapheneOS is the most secure and private consumer mobile OS. There is no gray area.
Now whether your threat model requires it, can be much less black and white.
But users here tend to gamify privacy and think they should get whatever the “best” one is. They tend to do whatever the most upvoted github list tells them to do.
Rarely do I see someone like yourself, who considers threat model.
GrapheneOS wins, but whether iOS is more private than CalyxOS or /e/OS I think is very gray, and depends on the threat model, and on most devices they are going to be a significant improvement in privacy, and often security, over stock Android.
And privacy may not be the only consideration when choosing a device.
Since my threat model includes mainly surveillance capitalism (and no evil maids or targeted attacks) I don’t particularly feel like trusting a big tech that’s running their own targeted advertisement system.
Personally I think if you look at what privacy features CalyxOS actually offers or read reviews from someone like kuketz you realize its pretty lacking in both privacy and security.
What Calyx does offer is a decently degoogled experience for people who don’t have the budget, access, or want for a Pixel with GOS.
I understand your issues with Apple, that’s fair. OTOH I think their offerings, such as private relay, RCS messaging by default, properly implemented sandboxing are objectively better privacy features then what most android operating systems can offer. They also are much more reliable in terms of security updates.
I also have had issues with Calyx using pretty obvious lies to market themselves such as saying the OS can’t be tampered without your knowledge. Not that Apple doesn’t have its fair share of blemishes.
And you think degoogling offers no obvious benefits in terms of privacy?
deleted by creator
Good call deleting that trash comment.
I’m pretty sure you implied that the ranking was based on security and privacy. I don’t see the privacy benefits of using iOS over a custom privacy OS.
Do your research then. I’m not here to hand hold you through this.
Privacyguides.org is a great place to start for beginners.
Their forum is also a much more informed community then what you will find here or god forbid r/privacy
👍
Yeah I would put it #1.
Why?
When a mobile hardware is only from Apple.
I have read this several times, and still have no clue what you’re trying to say.
root allows system-wide adblocking. thus more privacy, not less privacy
Root also adds massive attack surface which easily outweighs those benefits. Not to mention non rooted DNS solutions provide a similar benefit.
Security != Privacy
That’s idiotic. Your data being insecure is inherently not private.
They are two sides of the same coin.
So more security equals more privacy? Is that why iOS is second in your rankings?
Not necessarily, there are tons of things that are very secure but not at all private.
But… having a massive attack surface and known security issues and thinking your data is somehow private because you use a FOSS application is silly.
EDIT to answer your edit: partly. I mean regular timely security updates seems to be a struggle for most of these android OS but also because it provides a bunch of privacy by default options that these other android ROMs don’t such as a private relay, default RCS messaging, and makes them easy for users.
You do have a good point. However, I can’t consider a proprietary operating system like iOS truly private. It may be secure (certainly more so than stock Android and some random custom Android based ones) but if I can’t be sure that my operating system isn’t spying on me, then security alone doesn’t matter much for me tbh. Apple’s operating systems are no exception to this.
So, in a ranking that considers both security AND privacy, iOS being the second one is questionable. However, if the ranking is based solely on security, then I have no issue with it.
Windows is rooted by design, and that’s completely fine by everyone and their dog
Lol nobody is calling windows secure or private. Nobody even mentioned it.
Companies literally pay thousands of dollars a year in hardware and enterprise software to make up for its deficiencies.
very very bad
very very bad
Care to elaborate?
/e/ greatly reduces security vs. AOSP via added attack surface, weakened security model and slow patches.
https://eylenburg.github.io/android_comparison.htm
https://privsec.dev/posts/android/choosing-your-android-based-operating-system/
Damn. That’s such a shame, I was considering the fairphone with /e/ os but it’s looking less and less appealing. I guess flashing it with CalyxOS and removing/replacing microg might be the better option. Either that or bite the bullet and get a pixel n’ flash GrapheneOS to it.
I deeply aplreciate your expansion on the matter :)
GrapheneOS is the best option we have today.
Don’t forget to donate to the project.
Even at the cost of using a Google phone? In any case if I decide to go with it I’ll be sure to donate match the price of whichever pixel I end up with ty :)
