alt Hacker News/e/OS is a complete "deGoogled", mobile ecosystem
Comments
The irony of advertising a privacy-enabled de-googled system, and then telling me that my Firefox browser is not support, and that I should use Edge, Opera or Chrome instead....
Browsing:
https://e.foundation/installer/
Reply:
There's absolutely no reason to use /e/ when GrapheneOS exists.
I'm currently looking for a new Android phone. I don't like the Pixel and deep integration with Google. I looked at the Fairphone with /e/OS and the Pixel with GrapheneOS, but unfortunately there's no certainty that everything will work or where the boundary is between Google Android and "clean" Android. For example, it turned out that Android Auto is essentially Google Auto and I don't what find out what is dependent on Google. I want something that just works. A phone isn't something I want to tinker with like Linux ten years ago. So basically the choice comes down to Samsung and Chinese brands.
Well E/OS is mainly about privacy. And about getting rid of Google. And it works. To me that's more important and it's a better vision.
Honestly, I don't quite understand this.
I get the appeal of degoogling, but this seems to just be replacing that with alternatives run by another commercial company, just one I've never heard of before.
Why does it even need "One account for your privacy" ... "Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem" when it'd be even better to have everything on-device without an account at all.
Even more, Murena seems to be owned by Qwant who seem to be in the business of selling a search engine, and while they currently claim to be all about user privacy, this is basically exactly how Google started nearly 30 years ago.
I wonder if they'd be happy if, for instance, somebody took this system and debundled Murena and switched it to using duckduckgo. Would they embrace that too, or sue them into oblivion?
EDIT: maybe I was too hasty. I've just seen that it's open source and it seems like you can self-host the required cloud parts: https://gitlab.e.foundation/e/infra/ecloud-selfhosting
I have been using e/OS but moved away when an upgrade to the next version required to manually wipe the device. I could cope with the little inconveniences of a degoogled phone, but wiping the device myself following a unclear procedure was too much for me. My phone is not a hacking subject. It's a tool. Still, it worked reasonably well and I would have upgraded and kept using it if the upgrade had been easier.
I worked at Google before, so I trust Google more than these random organizations that claim they are better than Google at handling sensitive info.
PostmarketOS is a complete degoogled mobile ecosystem, actually. How about we commit resources into that?
Got a "Your browser is not supported" error for using Firefox on their website (device compatibility page).
Very poor first impression.
I have both a Jolla C2 phone, and an E/Os device, on a nothing CMS1 phone. Both are great. I like the Jolla Phone for its SailfishOS, which has great UI/Ux. I am less enthusiastic about the hardware. (good enough though) The E/OS really is good, all apps work good, and really much is done for privacy protection. But if the hardware is more performant, and with a few extra features i'd still opt for SailfishOS
I wonder how this compares to GrapheneOS in practice.
>Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem, allowing to store, back up and retrieve your data safely on remote servers.
This sounds like their version is somewhat married to Murena. While probably better than Google, still not independent.
They're also advertising features such as "hiding your IP address [...] when you feel like it" – which sounds a lot like a VPN – without mentioning much about who the traffic is going through or how they might log it.
Not that it matters but I just noticed certain titles on their website can be edited. For example the text "Use our /e/OS Installer" can be modified and I noticed it because I accidentally pasted my clipboard there. I suppose contenteditable should be set to "false".
fuck me i'm doing work even though i should be working right now
Why is this a complete graphical clone of (old version) iOS?
This seems like the worst of both worlds.
How is the experience in practice? What works, what doesn't? Are updates prompt and regular?
> open-source means auditable privacy
This is what that auditing actually reveals:
* /e/OS sends user speech data to OpenAI without consent [1], and thought this was ok until they got caught [2].
* /e/OS massively delays security patches, and calls this a "standard industry practice" [3]. Meanwhile, GrapheneOS' opt-in security preview releases provide early access to security updates prior to official disclosure [4]. Also see [0] (Security update speed) and [7] (WebView being 40 security updates behind).
* microG downloads and executes proprietary Google binaries in a privileged environment [5] [6]. You can obviously not audit these, nor should this count as "degoogled".
* microG still phones home to Google by default (android.clients.google.com for device registration check-in, mtalk.google.com for FCM push, firebaseinstallations.googleapis.com for SIM activations) [7].
[0] has a comparison of popular privacy and security-focused Android-based OS, which paints the whole picture. Privacy-friendly does not necessarily mean secure, but in this case "privacy-friendly" is quite a stretch already.
[0] https://eylenburg.github.io/android_comparison.htm
[1] https://grapheneos.social/@GrapheneOS/114880528716479708
[2] https://community.e.foundation/t/clarification-about-voice-t...
[3] https://community.e.foundation/t/e-os-and-security-updates/7...
[4] https://discuss.grapheneos.org/d/27068-grapheneos-security-p...
[5] https://github.com/microg/GmsCore/blob/e19a9985204ec8329c1d9...
[6] https://github.com/microg/GmsCore/blob/e19a9985204ec8329c1d9...
[7] https://www.kuketz-blog.de/e-datenschutzfreundlich-bedeutet-...
I don't like names that are difficult to google.
But then again, maybe that's the point :)
At the link, I see a lot of text about a company called Murena. Including:
> Operated by Murena, your Murena Workspace account @murena.io is at the > centre of the ecosystem, allowing to store, back up and retrieve your > data safely on remote servers.
That seems to suggest that we would be replacing one large overbearing corporation with a smaller and less-evil overbearing corporation. Is e/OS an open-source facade for Murena?
Nice, but....
> a unique privacy enhanced environment.
... consider proofreading.
The timing of this post right below the Motorola/GrapheneOS partnership is pretty funny.
I've been running /e/OS on a Fairphone for about a year now. The experience is... fine. Not great. App compatibility is the main pain point. Banking apps are hit or miss even with microG. Updates lag behind GrapheneOS significantly.
The Murena cloud stuff is the part that bothers me most. You're trading one cloud dependency for another. At least with GrapheneOS you get a clean slate and can choose your own sync solution (Nextcloud, whatever).
That said, /e/ supports way more devices than GrapheneOS does. For people who can't or won't buy a Pixel (or now Motorola), it's one of the few options. The real question is whether the Motorola partnership changes the calculus. If GrapheneOS gets proper OEM support, the device limitation argument mostly goes away.
Tweaking user-hostile OSes into user-friendly ones is impressive, but not sustainable. Even worse, it slowing us down from leaving Android entirely.
Look at the AdBlocker crackdown of Google Chrome. Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it, because it is impossible to maintain features that complex on a browser that Google spends >$1B/year to develop.
Same story for /e/ and GrapheneOS, the day Google pulls the plug on source code releases, god knows how long they will last. We should focus our efforts on truly open platforms.