I’m looking to get a custom ROM that has good compatibility with my device. Would you recommend /e/? I couldn’t find a tutorial on how to install it with Linux but I don’t think it should be that hard to figure out.
You must log in or register to comment.
/e/ has good but not perfect privacy. It still contains connections to Google and they added a tracking parameter to their update calls.
Their update cycles are very slow. You are usually one to two months behind monthly security updates. Full bulletins are a year behind and Webview is a problem as well. They ignore this point and do not realize, that Insuffizienz security is a privacy risk AS well.
So if you want good privacy with a convenient user experience and without thoughts about security, here you go.
Im using it for a couple of years. I flashed my fairphone 3 by my self back then, before the easy installer. It was the first time i did something “advanced” with a phone, but it worked quite well. After my fairphone 3 died, I bought a Fairphone 4 via murena. So everything was already installed etc In total I am happy with the Os. Their goal, the release of privacy oriented OS for everyone (so f.e. even my parents could use them) is quite of a utopia I suppose. But still, the team and community are doing a good job.
Yeah I already heard about grapheneOS, but its not working well with fairphone right? So murena it is for me :) And I would recommend to people, who are aware of the downsides and are little enthusiastic :)
After my fairphone 3 died, I bought a Fairphone 4 via murena.
wait you didn’t buy a replacement battery? 🤨
What phone do you want to flash on? Is it in this list? https://doc.e.foundation/devices
Doesn’t support Galaxy phones unfortunately.
I’ve used it for almost five years, flashed it myself on my FP3. I disabled microG and I’m very careful & strict about what I install on my phone, also their Advanced Privacy set of tools is pretty good. For my threat model is more than enough and I am very happy overall. Never had any serious issues, or even mildly serious ones tbh, despite people yelling about Android security updates arriving late. There was an outage in their cloud services in October that required a complete revamping of their server infrastructure and that took months but I don’t use their cloud so I wasn’t affected at all.
Their easy installer is why many people I know installed it, but it only supports 21 devices and mine wasn’t one of them, so I can’t say much about usability or security. If yours is one of them, there’s also a Linux guide on their website: https://doc.e.foundation/easy-installer
Yeah. I love the idea of the easy installer. Mine isn’t listed either.
I love the idea of the easy installer.
looks at GrapheneOS installer… Literally just 3 buttons on a Website you have to click, all of the steps easily written with clear instructions for Linux as well as windows
looks at /e/ installer
- finds 5 Websites with installers for /e/, all of them apparantly official ones, decided to use https://e.foundation/installer/
- Site dosent let you view this instructions without JavaScript.
- enabled JS
- Cant even use fcking Firefox to view this installer because a fcking pop-up Blocks my sight
- goddamn privacy oriented Android Rom Website recommends using Microsoft edge or Opera (both of which are privacy nightmares, especially opera)
- smashes pillow against the wall
I give up. If you call that bloated peace of dierrhea an „Easy installer”, you could just as well say that gentoo is easier to install than mint.
I know that GrapheneOS is really easy to install. Problem is that I don’t have a Pixel.
My Problem is not that you dont have a Pixel, but that /e/ 's Website is literal dogpoop, and that already tells a lot about their OS. Like, they are in a literal conflict to support other, maybe even more privacy friendly backup for cloud systems because the already have their own
Does your phone support anything else? LOS, Calyx, etc
Does your phone support anything else? LOS, Calyx, etc
Yes only LOS
Thats still better than using /e/. Just download the one without MicroG
It’s pretty solid. I use it daily and don’t have any big problems. Install is simple. Just install adb and fastboot from your linux repository. This should cover the most of the installation requirements.
Sounds pretty straight forward. What is compatibility like? Have you tried any banking apps?
I have ING app, it works seamlessly through microG but I don’t need it for basic use of the app. I don’t use my phone to pay for stuff.
Haven’t had any major apps not work on it. Except one banking app for a while in the beginning, but works now
I have no banking apps on that phone, sorry. So I don’t know if they work.
I don’t know if installing from the repositories is such a fantastic idea. I’ve had instances where I’ve almost fucked up a device because I installed the ones from the repositories and they weren’t new enough. I would recommend downloading the ones from Google directly.
Edit: the cli platform-tools
Sounds like either a terrible bug or user error. Which in both cases should be fixed.
Well, when I tried the one directly from the repository, my version of Android would not boot, but then I downloaded the one directly from Google and did the same commands. And it booted. So yeah, either it was a bug or something.
Here is a good comparison. As a reminder, there is no privacy without security, so if you live in the US (or anywhere that illegal searches happen regularly), I’d argue a less secure solution is by definition a less private solution.
It’s dangerous to get too obsessed with trying to secure everything against state actor level threats. It’s not that hard to dramatically increase your privacy if you’re currently using a regular android phone. Sure, yes, more security is better, but a single individual’s private information isn’t actually that valuable. It only becomes valuable to exploit people at a massive scale. Even just putting up minor speedbumps to data collection can massively increase your privacy as long as you aren’t being individually targeted, and more people getting into caring about their privacy is a good thing. Any de-googled android rom is already a big step in that direction. Lets not let perfect be the enemy of good.
If OP was trying to secure themselves against interest from conventional state actor like a large intelligence service, I’d say they probably need to throw their phone in a woodchipper and start hitchhiking to the nearest professional spy training program.
More realistic concerns that an ordinary person probably has are casual mass surveillance and local police fuckery. Random AOSP Roms are not sufficient to handle either of those threats.
They’re actually pretty good at protecting you from casual mass surveillance as long as you don’t do anything stupid with them, that was the whole point of my post. It’s just not profitable to spy on you if they have to bother to put any effort into it.
I also think you’re overestimating the capabilities of most local police. When I said state level actors I wasn’t just talking about the NSA. Smaller countries, actual US states, or even some big cities would be included there, but your local small town police department wouldn’t even know where to start. If you plan on personally pissing off any of those bigger police agencies then you should really just be assuming no phone is safe. Otherwise you’re not likely to run into anyone that even knows what de-googled android is, let alone how to get into it.
Our local PD literally have access to stingrays, cellbrite/Pegasus (I don’t actually know which one they pay for) and military weaponry. In the suburbs, they have armored vehicles as well (tanks and APCs, not armored swat trucks).
Obviously it varies by where you live because different departments will have different levels of funding and will ask for different toys from the feds, but you’d be surprised how comically over equipped many PDs are.
Well, it’s certainly true that it varies by where you are, but I’m pretty sure Graphene isn’t going to protect you from an APC any better than /e/OS, and the county sheriff where I live wouldn’t know a stingray from an Xbox, but maybe I just live too far out into the middle of nowhere to be typical.
From the looks of it GrapheneOS still seems like the best choice by far…
Basically, but not everyone has a pixel or can afford to buy a new device.
I recently picked up a pixel 7a on ebay. $200 for like new condition. Probably the current sweet spot for value and remaining years of support.
if you got pixel and don’t like GOS team, Calyx OS is a decent alternative also, you can lock bootloader and get most apps to work with microg
Depends on how far you want to go. From what I’ve been able to tell, they pedel a lot of flashy metrics and still had a bunch of google calls. Some of which you can manually remove, same as LOS. I would avoid buying into their cloud and keeping an eye on things yourself, if you want to install it. I saw them rebrand a bunch of OSS tooling as their own products back then. Don’t know if things changed since then, but I don’t trust the marketing.
Personally I hear it had been a mixed bag. Hopefully time has refined this… Old stories about digging up old LOS images, bare minimal patches, and release under e branding with no consideration for security/hardening. Buuut that was info from a grapheneos vs eos forum, or something. Do your research, you know what sub you’re in.
A couple of my coworkers use it they are pretty happy with it and it works good from what I’ve heard :)
Hard truth: outside of GrapheneOS there is very little security and privacy gains from a custom Android OS over stock.
From best to worst:
Graphene OS
iOS
Stock Android / non rooted custom OS
Branded stock android
Rooted phones of any type
EOL phones
iOS second? What a joke.
Sorry its true. The app sandboxing and private relay alone are better then anything stock or these lower tier custom android os provide.
deleted by creator
Good call deleting that trash comment.
That seems like an overly black and white position over something that can be either quite valid or entirely nonsense depending on the situation and/or threat model.
Something’s are just more secure and private then others. That’s just a fact. For example, as of now GrapheneOS is the most secure and private consumer mobile OS. There is no gray area.
Now whether your threat model requires it, can be much less black and white.
But users here tend to gamify privacy and think they should get whatever the “best” one is. They tend to do whatever the most upvoted github list tells them to do.
Rarely do I see someone like yourself, who considers threat model.
GrapheneOS wins, but whether iOS is more private than CalyxOS or /e/OS I think is very gray, and depends on the threat model, and on most devices they are going to be a significant improvement in privacy, and often security, over stock Android.
And privacy may not be the only consideration when choosing a device.
Since my threat model includes mainly surveillance capitalism (and no evil maids or targeted attacks) I don’t particularly feel like trusting a big tech that’s running their own targeted advertisement system.
Personally I think if you look at what privacy features CalyxOS actually offers or read reviews from someone like kuketz you realize its pretty lacking in both privacy and security.
What Calyx does offer is a decently degoogled experience for people who don’t have the budget, access, or want for a Pixel with GOS.
I understand your issues with Apple, that’s fair. OTOH I think their offerings, such as private relay, RCS messaging by default, properly implemented sandboxing are objectively better privacy features then what most android operating systems can offer. They also are much more reliable in terms of security updates.
I also have had issues with Calyx using pretty obvious lies to market themselves such as saying the OS can’t be tampered without your knowledge. Not that Apple doesn’t have its fair share of blemishes.
And you think degoogling offers no obvious benefits in terms of privacy?
I’m pretty sure you implied that the ranking was based on security and privacy. I don’t see the privacy benefits of using iOS over a custom privacy OS.
Do your research then. I’m not here to hand hold you through this.
Privacyguides.org is a great place to start for beginners.
Their forum is also a much more informed community then what you will find here or god forbid r/privacy
👍
Yeah I would put it #1.
Why?
When a mobile hardware is only from Apple.
I have read this several times, and still have no clue what you’re trying to say.
root allows system-wide adblocking. thus more privacy, not less privacy
Root also adds massive attack surface which easily outweighs those benefits. Not to mention non rooted DNS solutions provide a similar benefit.
Security != Privacy
That’s idiotic. Your data being insecure is inherently not private.
They are two sides of the same coin.
Windows is rooted by design, and that’s completely fine by everyone and their dog
Lol nobody is calling windows secure or private. Nobody even mentioned it.
Companies literally pay thousands of dollars a year in hardware and enterprise software to make up for its deficiencies.
very very bad
very very bad
Care to elaborate?
/e/ greatly reduces security vs. AOSP via added attack surface, weakened security model and slow patches.
https://eylenburg.github.io/android_comparison.htm
https://privsec.dev/posts/android/choosing-your-android-based-operating-system/
Damn. That’s such a shame, I was considering the fairphone with /e/ os but it’s looking less and less appealing. I guess flashing it with CalyxOS and removing/replacing microg might be the better option. Either that or bite the bullet and get a pixel n’ flash GrapheneOS to it.
I deeply aplreciate your expansion on the matter :)
GrapheneOS is the best option we have today.
Don’t forget to donate to the project.
Even at the cost of using a Google phone? In any case if I decide to go with it I’ll be sure to donate match the price of whichever pixel I end up with ty :)
