this post was submitted on 25 Nov 2024
73 points (98.7% liked)

Open Source

31732 readers
120 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

Hey people! I was wondering if anyone here has heard of/ used Morena's /e/OS and would be willing to share some opinions?

I was looking to get a FairPhone 5 sometime soon anyways and randomly came across the option to get it "without Google"

Which took me a bit off guard because I never really considered that something like that could be an option (without the hassle of rooting a phone and slapping a custom OS on it). So - is it any good? It says that you can still install most regular Android Apps. I don't think I would miss any specific Google features, and getting a fresh start with a phone does sound nice.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -2 points 1 month ago* (last edited 1 month ago) (3 children)

This is just not true for a multitude of reasons.

The obvious being that most other custom ROMs are not actually degoogled (ie proprietary blobs, still communicating with google) and/or they try to do it in ways that provide no privacy benefit such as replacing google with MicroG which has the exact same issues (ie privelged access to your phone).

The majority of these custom ROMs break any semblence of their security model (rooting, not locking the bootloader etc) to bring these privacy measures, which makes them almost moot in and of itself.

Also purely focusing on removing yourself from Google (especially while ignoring all of AOSP, and to an extent Android in general, is Google centric) when there are tons of other large data gatherers (many of them with far less recognizable brands) that your probably ignoring is useless.

[–] [email protected] 4 points 1 month ago (1 children)

not actually degoogled

Aside from vendor firmware, LineageOS is mostly deblobbed by default afaik. The remaining bits that connect to google (by default) like AGPS or captive portal are significantly less information than full google play services.

try to do it in ways that provide no privacy benefit

Replacing google play services with microg might have the same security downsides as regular google play services (privileged access), however, MicroG is open source. It still connects to Google, but sends significantly less data, and you can see exactly what it sends.

Break any semblance of security model

Rooting is one example, but access to it is often left up to the user. Keeping the bootloader unlocked has some major security downsides, but they're entirely for when an attacker has physical access. The privacy downsides of an unlocked bootloader do exist, but they're hard to exploit even with physical access.

ingnoring all of AOSP is Google

Yes, this is something you are forced to ignore with any custom Android ROM. Graphene, Divest, Calyx, etc all suffer from the same issue. Sending data to Google and privacy is not the same as being independant from Google developed software.

purely focussing on Google

On an AOSP or LineageOS based rom without preinstalled bloat, this is almost entirely up to user choice. You can choose to only install FOSS apps without trackers, or use Aurora store and install proprietary apps. You can choose to block network access for apps with trackers, or isolate them to a work profile and kill them in the background. It isn't good to focus only on Google, but it's a good starting point to use a rom without standard google play services.

While I agree that a hardened and privacy focused rom is better for privacy than regular LineageOS, privacy is not black and white. MicroG sending significantly less data is better than full access google play services sending all data. Not sending data is better than MicroG. That doesn't mean every user is able to use an entirely degoogled rom. Each person should decide for themselves what they're okay with and what they absolutely require on their own device. When someone is trying to get some privacy back, MicroG is a great option "in the middle" where as little functionality as possible is lost while sending as little data as possible. Discouraging that someone takes steps to improve their privacy just because it isn't perfect is not good, as that often results in someone not taking any steps towards privacy.

On the compatibility, while MicroG has some issues with specific apps, it does generally work (from what I hear from others). Not having google play services (or MicroG) can work, but it requires missing out on some google services like notifications for proprietary apps. For me personally, that's not a big issue, as I only use FOSS apps.

[–] [email protected] 3 points 4 weeks ago

I think you're confusing privacy and security. Some of us aren't really worried about the NSA hacking our phones. We would just like for it to not constantly be selling out every minute detail of our personal information to a mega-corporation. Sure, you still have to pay attention to what apps you install and all of that, but a de-googled android phone is still a massive upgrade in terms of privacy even if it isn't super secure, as long as you aren't being individually targeted for some reason.

[–] [email protected] 1 points 1 month ago

Greatest case for Graphene. Yes I find the need for a Pixel hilarious but it works soooo