Tweaking user-hostile OSes into user-friendly ones is impressive, but not sustainable. Even worse, it slowing us down from leaving Android entirely.
Look at the AdBlocker crackdown of Google Chrome. Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it, because it is impossible to maintain features that complex on a browser that Google spends >$1B/year to develop.
Same story for /e/ and GrapheneOS, the day Google pulls the plug on source code releases, god knows how long they will last. We should focus our efforts on truly open platforms.
>Even worse, it slowing us down from leaving Android entirely.
There are zero OSes that are 1/ open source 2/ appropriate for phones 3/ with good hardware support. There's absolutely nothing. Running Ubuntu Touch isn't a viable option. Neither is postmarket, librem, tizen, they're all terrible. Security wise, for something as critically important in our lives as a smartphone, I am also not trusting any new pet project that won't be stable for 10 years.
Sure, you might be a poweruser that doesn't care about your phone burning its battery in your pocket after 1 hour because you know how to SSH on it from your watch and put it in sleep, but that's not a viable option. Leaving Android is suicide. A large part of its critical underpinnings are already into the kernel anyways, just disabled. (although a distro running binder could be a fun project). APIs are reverse engineerable generally speaking, except for the server part of play services. But then, if your issue is "my bank won't let me access their app without play services attesting me", I have great news, you won't even have an app for it on your new OS anyways, so it will not work by default. There's already not enough people working on GrapheneOS _or_ on mainstream linux OSes, what makes you think the sitation won't be ten times worse for your custom made mobile OS ?
>We should focus our efforts on truly open platforms.
Android is one, and that can never be taken away. Google pulls the plug ? cool, you're stuck on Android 17, which is centuries of work ahead of literally anything else in the open source community. Hell, for all the shit that Google is doing, they're still constrained by having to work with other vendors: the system privileged notification receiver is swappable at build time, the recent app signing/verification system also is, because Samsung wouldn't let them control it all.
> Google pulls the plug ? cool, you're stuck on Android 17
And you're stuck on the current hardware generation. Pretty much the only reason why Android sucks less than other mobile OSes is that hardware vendors have a pressing reason to make it work. The further the Google Android kernel diverges from its last-open version, the harder it will become to backport drivers -- and that's assuming that hardware vendors even bother to comply with the GPL when Google decides not to.
I do agree, mobile OSS OSes are rough. My point is that we should help them instead of helping Google's toxic relationship. It happened with Chrome/Blink, and everyone already forgot that lesson.
About hard-forking Android, no one was brave enough (pun intended) to do that for Chrome, considering the insane complexity and engineering costs (>$1B/y). (Only Apple was able to affort it with Webkit/Safari, but they are in the ad business too.)
I kinda dont see how both of you cant be right. We need a mobile OS that google isnt involved in. Why not use pure open source android to do it. It can only be cheaper than making it from scratch, since it has alot of work already done on it
AOSP has so few of the features a full phone needs today. Google has moved too much of the Phone OS into "Google Play Services". This is already the Extend phase of the classic "embrace, extend, extinguish". Given how the next most popular AOSP implementation, Amazon's Kindle Fire isn't even trying to compete in the phone space and involves an equally large company throwing nearly as much money into an "also ran" alternative to "Google Play Services", it seems easy enough to argue Android may even already be in the extinguish phase.
(ETA: See also Microsoft's many years of trying to build its own "Google Play Services" competitor. Eventually breaking and making use of Amazon's. Then giving up entirely again on a de-Googled alternative to running Android apps.)
There's not actually much in Play Services. The biggest losses are fused location providers and notification services which you would consider core to the OS. Maps are a loss, but these are very clearly Google branded.
Huawei provides HMS for example, a somewhat close feature wise set of APIs for their phones that are still on Android. They can even shim play services API, the same way microg does. If anything, what would be needed would be a common abstraction library with different backends to not depend directly on play services
The reason amazon and Microsoft gave up is because they had no commitment, and that operating these services is just pure loss.
Yes, the default apps in AOSP suck. Making a proper dialer is a two day job, so is a contacts app. Android's core APIs are good enough, and privileged permissions are only privileged by the manufacturer, and its IPC mechanisms are very well documented. Noone does it because it sucks, it's a thankless job and nobody's going to install your dialer. The very fact that each manufacturer has their own custom software is demonstration of how easy it is.
Windows phone died because of its lack of apps. Same thing with several other mobile OS's. Ubuntu has a really great OS and UI, but no apps for just basic things renders it useless to even the most basic of users like myself. I don't have games, no banking apps, a few email and Microsoft apps and yet I still couldn't find a way to make it work.
One of the other technical limitations is network. Ubuntu has yet to solve the VoLTE (Voice over LTE) riddle. This is a major sticking point for US consumers.
Building and maintainance cost are not linear, especially when you inherit legacy code. The AOSP codebase isn't great, is 4x bigger than the Linux Kernel, and full of "Ship now, patch later" mess.
But I agree that it is a significant endeavor. But the OSS community succeeded in similar projects before, and the current state of the Linux desktop makes me hopeful.
> Building and maintainance cost are not linear, especially when you inherit legacy code. The AOSP codebase isn't great, is 4x bigger than the Linux Kernel, and full of "Ship now, patch later" mess.
And yet the GrapheneOS devs seem to be managing just fine.
> But I agree that it is a significant endeavor.
Yes, in fact it is orders of magnitude more significant an endeavor that just building upon and improving the existing AOSP stack.
I still use Konqueror occasionally. It no longer uses KHTML (it uses blink now iirc through Qt webengine (which just got webextension support, someone's working on adding them to falkon so I'm sure Konqueror isn't too far behind)) but it works surprisingly well. It's still a great file manager if any of you remember how good it was
The whole notion of smartphones is designed for intrusive user surveillance, from the regulatory side to the hardware itself to the software designed for it.
We need tablet computers that don't have hostile hardware like cameras and mics and sensor suites that can be remotely controlled, under proprietary firmware, completely out of owner control.
We need radio hardware and software that is entirely under owner control, with protocols and standards based connection controls; the notion that spectrum and cellular make network connectivity magically necessary to put under the draconian gatekeeping and surveillance of cellular carriers is flaming dumpster garbage.
The carriers are a primary threat vector. The hardware is a primary threat vector. The software is a primary threat vector.
There is absolutely no way to fix the current cellular phone security status quo, every single facet is designed to be leaky and allow "good guys" backdoored access "for the right reasons" and so on, whether it's "user experience telemetry" or "we have a warrant".
Running bog standard linux with sensible security defaults and a good softphone over an internet connection would be fine. There's nothing magical about phones or UX or wtfever this month's marketing rationalization is.
Handheld tablet computers with optional hardware, or even modular hardware, are going to be the future. The current paradigm of parasitic cellular carriers, invasive governmental regulatory bodies working on behalf of all sorts of corrupt interests, and complicit hardware manufacturers are 100% all in on milking consumers for every last unearned penny or intercepted PII they can get their grubby hands on.
> you're stuck on Android 17, which is centuries of work ahead of literally anything else in the open source community.
It's far ahead, but at the same time, I think we shouldn't over-emphasise how much. Functionality at the beginning of a project's lifetime is way more important than incremental improvements (or just changes) made later, and thus while much more effort has been invested into Android, new projects primarily need to catch up when it comes to e.g. phone call support and stability, and won't have to redo a lot of the effort of e.g. implementing Material You 3 or whatever.
Which is to say that we're still years out from a viable competitor, but at the same time, there could be one five years from now, which is also not that long.
Material 3 is mostly not part of the AOSP tree (aside from some very, very deep code like shadows) and is just UI libraries. I actually wonder if M3 has View implementations, or if everything has been migrated to Compose.
You're also underestimating the amount of fundamental work that goes in Android. The vast majority is hardware integration. It's not all fancy little bells and whistles. It would have the added benefit of not having to relearn the security mistakes like LIST_ALL_PACKAGES or READ_SMS permissions being open to all, at least.
Fundamentally, not enough. Linux's default security mechanisms are simply too weak for something as potentially hostile as a mobile device. Firejail is a good start, but proper user isolation as Android does is the right solution (each app is a different user, and accessing their data/user data is only done through Providers, or IPC), and anything else is naively trusting and not enough, no matter how many layers of sandboxing and suid-ing you do. Doubly so when all of its apps are written in C++. Can't wait to deal with use-after-free on my mobile device.
In addition, its compatibility with android apps is also chains: why would I bother developing for sailfish (especially since it involves Qt / Qt Creator) when I can just develop an Android app, and say it'll run well enough (unless it needs play integrity, which is the same problem, or somehow falls behind in android/androidx compatibility)
It is _the_ 2FA device. from SMS, to authenticators, to password managers, etc. It also has access to all of your personal information, your pictures, your contacts, your email. It actively receives notifications and messages from the outside world, from potentially any sender. It's connected through WiFi, GPS, 5G, bluetooth, UWB, every possible connection system imaginable. It can listen to your phone calls, read your text messages, interact on your behalf with pretty much everything in your life, and is a single facial recognition away from automating emptying your bank account. Not to mention the fact that mobile software does tend to want to at least survive a little bit when offline, so plenty of data is stored locally.
It's a key to your life. The perfect target for any attacker.
My Linux laptop is my 2FA device (email), it holds my passwords, and personal data like photos, contacts, email. It receives notifications and messages from outside world from potentially any sender. It connects through Wi-Fi, Bluetooth, Ethernet, 5G (built in WWAN). It even has cameras, microphones and I use it for my online banking and shopping. The only reason why smartphones "need" to be ultra secure is because everyone and their mother have one and the truth is most people can hardly tell a difference between their head and their butt.
Because regular users (non-techies) install all kinds of apps on their phones, from all kinds of sources/vendors, but not on their desktop. Most people use only a handful of applications on their desktop (browser, office suite, …) but they have dozens if not hundreds of different apps on their phone.
> Linux's default security mechanisms are simply too weak for something as potentially hostile as a mobile device.
Linux has SELinux as a default option which Android makes good use of, some forks more than others, and setup correctly it is better than user isolation. You could also recreate the protection user isolation provides through policy alone.
This is the sad part. I've resisted that slippery slope as much as possible. In part because of ideological reasons, and in part for usability reasons. I have large hands and poor eyesight - using a phone for non-trivial tasks is tedious. I think the only thing I encounter from time to time that requires a smartphone is paying for parking. Everything else I do from a desktop, or don't do at all (doom-scrolling etc.)
I wish society would resist the smartphonification of everything for no reason. A lot of it is marketing- and surveillance-driven.
> you're stuck on Android 17, which is centuries of work ahead of literally anything else in the open source community
Honestly if this happens, look to China to maintain Android going forward and add new parallel implementations of Android 18+.
Right now almost all of China runs on various forks of AOSP; every phone manufacturer in China has their own AOSP fork (Xiaomi: MIUI/HyperOS, Huawei, HarmonyOS, TCL: TCLUI, etc.). Apps in China are distributed both as .apk files as well as through a bunch of different domestic app stores. They are compatible with all of these Android forks. These apps are also designed to be compatible with Google Android for Chinese folks overseas.
TBH China is much, much closer to "decentralized" development of Android than the Google-centric US ecosystem.
Granted most of those AOSP forks in China also often have spyware of sorts, but at least there are multiple active forks and a healthy app ecosystem working on all the forks.
> Tweaking user-hostile OSes into user-friendly ones is impressive, but not sustainable. Even worse, it slowing us down from leaving Android entirely.
Not sustainable as opposed to what, exactly? Developing and maintaining a completely different mobile operating system? Focusing on truly open platforms sound nice in theory, but completely falls apart the moment you consider what people want to do with their phones compared to the developing resources available.
> Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it
That's just wrong, there are other forks that still support MV2 extensions right now, and at least brave has no plans of shutting down MV2 extensions even after Google removes MV2 from upstream completely. It will certainly add maintance effort on brave's side, but they already patch a million other things that upstream doesn't support.
Brave said they'll try to maintain temporarily limited MV2 support for only 4 specific extensions, but recommend Brave Shields as the go-to adblocker for the future. Google is about to remove most of the MV2 code from the codebase, which will explode the complexity soon.
The word "temporarily" isn't mentioned anywhere on that page, and that's already a very different claim to "Brave is about to shut down MV2". And the MV2 support is not specific to those 4 extensions, the hosting on Brave's servers is (though for other extensions not that much changes with MV3 anyway).
MV2 is behind a flag for now, but it is about to be removed from the Chrome codebase entirely. Which is why Brave recommends using Brave Shields as the long-term solution, which does not depend on it.
> Developing and maintaining a completely different mobile operating system?
The cost of writing code has fallen 100x in the past 3 years, and will likely fall 100x further. So actually, yes, thanks to AI it probably actually is reasonable to launch a fully new stack from scratch.
>The cost of writing code has fallen 100x in the past 3 years
Maybe, but the cost of actually shipping a product has fallen by maybe 10%. I don't see dozens of production ready mainstream OSes and web browsers popping up because LLM can dump tens of lines of code per second.
As a startup founder shipping product, I strongly disagree with that.
Give it 12 months, you will see dozens of from-scratch large scale software projects shipping. New web browsers, new operating systems, new gaming engines, new productivity software, we are at the threshold of having an abundance of software that was previously only available from large corporations.
> Not sustainable as opposed to what, exactly? Developing and maintaining a completely different mobile operating system? Focusing on truly open platforms sound nice in theory, but completely falls apart the moment you consider what people want to do with their phones compared to the developing resources available.
Multiple open source desktop/laptop operating systems are maintained.
I appreciate that there are people out there working on stuff like /e/OS, but the number one question I have when I learn about a mobile OS that isn't iOS or "Googled" Android is: will the banking and payment apps I need to operate in the modern world run on this OS?
A lot of people don't think this way because they haven't had any problems. But then one day it happens to you and you realize, ok, this is the one thing that matters - you're in a cashless store and the only way you can pay for your meal is to use Approved Apple or Approved Google operating systems.
Where I live, the app my electricity utility provides for viewing and paying my account DISABLES ITSELF FOREVER if you so much as enable USB debugging on your phone (even after you've disabled it again).
To their credit Graphene maintains a global database of which of these apps work and don't. They're the only ones I know of so a thousand upvotes to Graphene OS.
But for my banks, the records in that database are grim. They won't run on Graphene, and they don't respond to reports about it.
One of my banks just discontinued its web UI because "people don't use it anymore, they use the app only."
This is how they're going to get us, folks. This is how we're going to lose it all. Writing code alone will not solve this. It will require some kind of collective action to defend our liberties. Some parts of the world are already lost. So this situation will likely come to a jurisdiction near you eventually: to make a transaction you will need permission from Google, Apple, Visa, Mastercard, or it won't happen. Then that four company list will start to shrink.
> the app my electricity utility provides for viewing and paying my account DISABLES ITSELF FOREVER if you so much as enable USB debugging on your phone (even after you've disabled it again).
These are self-inflicted problems by these apps. Nothing to do with the OS. These apps simply don't work. Complain to the companies that push these broken apps to you.
Would you buy a microwave oven that kills itself if you play the wrong kind of music in your kitchen?
The problems may be inflicted by these apps but the reality is that in many cases you're stuck with them. Electric company freezes your account if you enable USB debugging? Well, you can't choose a new electric company. We can complain to these vendors all we want but they just ignore us.
So these problems become problems of the OS, not because the OS has a problem, but because it affects the reality of using the OS.
Is it such a burden to write them a letter stating, "Because you have decided to disable my electronic access, I am notifying you that I withdraw my consent to e-delivery. Please provide me statements and directions to mail you a check for payment." Maybe spend 20-30 min to find the specific laws that give you the right to do that and remind them of their timelines to comply.
Send a letter like that certified. It gets attention, and the time to write and mail a check really isn't, if you batch your bills, more than using an app.
We do have ways to push their inconvenience back on them.
It is great that you have the right in your jurisdiction to do that. Where I am, they just shut off your power if you don't pay.
It's a big and hairy world out there. Having lived on three continents and traveled to some pretty wild places, I always get a kick out of seeing which rights people have and assume that the rest of the world also has.
This a pretty general recipe to make a company care.
A Professional letter letting them know that you know your rights, and that they know your rights (Them getting your letter is your proof of that) is what the beginning of someone losing his bonus for a compliance incident looks like.
Companies don't care about you, or even shareholders, they care about the incentives of leadership.
Not everyone has the time and resources to battle their utilities and bank(s). I know it’s important and sustained effort is necessary even if it’s hard, but we are talking about massive populations here and most people simply can’t or won’t fight that battle on their own. Organizing a large pushback is also a huge effort. And at the end of the day, there is an easy solution for folks: buy a “proper” smart phone that “just works” because it solves the problem now.
We’ve gotten to the point where unfortunately it is a luxury to fight for your privacy and consumer rights.
Well, we gotta choose our battles, right? It's easy to get collective support for visible oppression and fascism. Everyone sees it on the news. It's hard to get support for "lemme use a smartphone that isn't apple or android." the average person doesn't care.
Not saying that we should just give up. But as the above poster said, it's a luxury that takes a lot of time and resources.
Yes that is correct. So what do you suggest people do? What is a realistic way to move the needle? Because I can tell you now that (as I detailed in another comment) asking someone to change their banks, utilities, etc. to accommodate their smartphone choice is not a serious suggestion, nor is asking everyone to wage war with all the services they engage with. They’re simply not going to do it no matter how many passionate speeches or flippant comments you throw out there. They’re going to buy the thing that solves the immediate problem of not having access to critical services in their lives. If their amazing open source phone can’t pay their bills, it’s going in the bin.
To be clear I want the same thing you do. But just going “do it it’s important” is not going to make it happen.
It obviously depends on where you live. In my country you certainly con choose a new electric company. I mention that because we really should use consumer choice to overcome these types of problems where we can. Ie if you can switch to a bank/electricity provider/whatever that has a less terrible app it’s really good to do so.
I agree on principle. I'm not sure if everywhere in the US is like this, but everywhere I've lived in California basically had a monopolistic electric and gas provider.
For things where we do have a choice, yes I agree.
You’re implying we have more choice than we do and asking “the average joe” to change banks to accommodate their smartphone is not a serious suggestion.
My utility company, for instance, literally won’t let you navigate their site with a VPN running. These kinds of practices are commonplace and becoming standard.
I promise your electric company accepts payments outside of an app on your phone. I further promise that other banks are available that don't have terrible apps. These problems are way more surmountable than you're painting them here.
The alternative they accept is traveling down to their office and handing them cash, no joke. Phone app or cash. No website, never has been one. No snail mail because they "modernized" and discontinued it some time ago.
But I'm OK because one of my banking apps has some method of reading my contract number from the disabled electricity company app, and telling me how much I should pay and then it fires off a payment to them. Even though I can no longer use the electricity app directly because I enabled USB debugging once, the banking app is somehow still able to pick up this info from it.
Of course, said banking app refuses to run on Graphene or any of these other Google Play-less OSes, and the bank doesn't respond to inquiries about that issue, multiple people have tried.
The other bank I use does respond, and says they'll never run on "alternative OSes" because "alternative OSes are too insecure." They don't respond to followups.
I'm just saying man. A lot of people think this stuff is trivially solved because there is an option available to them in their home country. You don't know how big and nuts this world of 8 billion people and 200 countries is. This stuff varies beyond imagination, sometimes for the much worse.
> Tweaking user-hostile OSes into user-friendly ones is impressive, but not sustainable. Even worse, it slowing us down from leaving Android entirely.
I would say we need both a sustainable free mobile OS in the long term, and a "less worse Android" today in the meantime.
Initiatives like FairPhone paying someone to upstream device support in the mainline kernel / postmarketOS are interesting for both approaches at the same time (but extra effort would be needed, the FairPhone 5 almost working under postmarketOS [1] is kinda irritating, I hope it reaches full support before Lineage OS stops being updated for this device).
Ignoring hardware support, Linux mobile OSes are quite usable now.
Hardware support is the next step, and only then we can imagine the proprietary apps we are forced to use to work there (though Waydroid provides some answer to this as well).
Another way of helping the cause would be, I suppose, lobbying for laws that forbid the dependency on an stock Google or Apple mobile OS. Or, maybe we can dream a bit, mandatory open source releases for those apps and standard APIs.
* Most of the personnel involved in developing web technologies are engineers, but they also include product managers, sales, marketing, legal, customer support, and other functions.
* Given the complexity of Chrome and web technologies, the engineering teams skew towards higher levels of seniority. Assume that Staff Software Engineer is the most common engineering level represented across the web technologies teams, which is towards the more senior end of Google’s software engineering job ladder.
* The average base salary for Google employees working on web technologies is $240k and the average annual take-home pay is $500k, including salary, bonuses, and stock payments. These estimates are close to the current average base salary and take-home pay for Google Staff Software Engineers listed on industry salary data sites.
* Google has approximately 2000 staff working on web technologies.
Using the above assumptions, the estimated personnel cost for web technologies is 2000 * $596k = $1.2B. Of course there are additional costs associated with these businesses. Based on this sketch, it seems fair to assume that Google spends at least $1-2B annually on Chrome, Chromium, and the evolution of the web platform.
Isn't this downright crazy when you think about it? Seems like we need to start from scratch. Create a minimal bytecode (like webasm or whatever) that writes to a virtual frame-buffer of sorts, and has keyboard/mouse inputs. Then content is distributed as compiled byte-code apps. All the fancy stuff you want in your app has to be provided by the app creator, and not essentially using the browser as a library.
At this point it is very difficult to develop truly open OSs for mobiles because so much of the hardware depends on undocumented binary blobs.
As I see it, the only options is to go for a drastically simpler design of the hardware - which means, we have to tone down our expectations especially when it comes to things like gaming performance, camera performance etc.
Over time even these things can be improved but it is going to take a few years.
In the meantime, I am not sure many people are willing to make those compromises to have a truly open hardware and OS though.
> Even worse, it slowing us down from leaving Android entirely.
I appreciate the vibes where this is coming from, but does it really? I think that assumes that everyone that works on this would work on a true open source OS otherwise, and that if they did, that would result in us breaking free from Android where we otherwise wouldn't. I'm not confident about either of those assumptions.
Meanwhile I'll keep complaining to orgs that don't allow me to work through their website, and tell them that their app won't work on my phone.
There are more OSS devs active on Android ROMs than OSS devs working on independent mobile OSes. We are running out of time, and we are misallocating ressources.
It's like bailing out water from the Titanic. We should prepare the lifeboats instead.
And there are even more devs working on Windows. It's like we're actively drilling a hole into the Titanic.
The thing is that those people aren't "resources" that you can just "reallocate". And even if they were, two extra buckets weren't going to save the Titanic.
(GNU/)Linux on mobile is the true sustanable, independent OS. It relies on the existing, strong Linux development, natively runs existing Linux apps and guarantees you lifetime updates. What else do you need?
According to the website[0] I’d need 20+ hrs idle time, video recording, Bluetooth, and GPS.
I’m being gently snarky, of course, but the goal shouldn’t be an MVP that nerds who are deeply into privacy or FOSS or hate Google can tolerate - it should be something that disinterested normies could seamlessly and happily use.
Well, it idles for about 22 hours, can record videos, does multi-constellation GNSS and both classic and LE Bluetooth.
The way to make disinterested normies able to use it is to have lots of nerds capable of fixing various papercuts themselves switch already and contribute rather than complain.
Thanks for sharing! I hadn't heard of this before. IMO any competition in this space is good competition.
But the reality is that it's not quite that straightforward. Linux desktop is a perfect example of that. We have tons of nerds working on the Linux ecosystem. Many on distros meant to ease transition from Mac/Windows to Linux (like Pop OS).
But if I were to tell my mom to install Pop OS, she would look at me like I'm crazy.
In some ways, Linux has become "cool" — Steam Machine and Steam Deck run Linux, and they're popular. Unfortunately, they're popular within a niche, and even then, they're popular for only a slice of digital life. People don't do work on a Steam Deck and I can't imagine many doing work on a Steam Machine.
Mobile phones are completely different though because most people have one phone. And that phone needs to do everything they need it to do. It needs to run the apps they need. It needs to play the games they want. It needs to integrate into everything. And it also needs to look trendy, because smartphones have become a bit of a status symbol of sorts.
So, while I agree that us nerds must become part of the solution than the problem, it's not enough. We need buy-in from major service providers. We need marketing. That's all stuff that the typical nerd can't/won't do.
> But if I were to tell my mom to install Pop OS, she would look at me like I'm crazy.
What would she say if you asked her to install Windows? It doesn't matter. Normal people should either buy preinstalled or ask technical people for help. Using GNU/Linux desktop is as simple as Windows. It will be the same with phones one day, if we push it.
If I told her to install Windows, she'd at least know what to tell the technician in the event that I'm not around.
If I install Pop OS on her computer she will just tell the technician she has a laptop because she doesn't know the difference. I would hope that the technician does know the difference, and moreover, knows how to use it (which I assume someone calling themselves a technician would know how to troubleshoot basic stuff on a foreign operating system, but I've been wrong on lighter assumptions)
Username checks out (I kid, I'm also a fan of their work).
Also, if you're using PureOS, what's that like? Have they updated to a debian 13 base yet? Pretty much the only thing stopping me from at least trying it out is the super old version of GNOME
I'm considering to switch to your device and start contributing to gnome mobile soon! I'm interested in your experience, what do you like and dislike the most on it?
Everything that works on desktop GNU/Linux should work on the phone, too. I use Pika Backup app.
> communication
AFAIK none of the apps you listed officially support Linux ARM, so you have to go through some configuration unfortunately. I do not use any of them, I use Matrix.
The parent wasn't speaking of a perfectly secure OS but about "preparing the lifeboats". Also, GNU/Linux somehow sufficiently secure on desktop, especially if you rely on the apps from the FLOSS repos.
If you're in Europe, I saw quite a few comments here saying that banks not requiring the duopoly do exist. Otherwise, a dedicated banking phone might be the way.
If mobile Linux runs through the same kind of tortuous adoption and rejection cycle that desktop Linux is still doing, then it's a non starter before it begins.
I've been happily using it on several phones since 2008 (and writing this on one of them right now), only two years shorter than on my desktops/laptops. "Non-starter" is in the eye of the beholder.
Brave said they'll try to maintain limited support for MV2 for only 4 specific extensions, but recommend Brave Shields as the go-to adblocker for the future. Google is about to remove most of the MV2 code from the codebase, which will explode the complexity soon.
Brave has perverse incentives to discontinue it because of their BAT crypto business model that rewards looking at ads.
Unfortunately even the fully open source Firefox isn't immune to the pressure from the advertising industry, with all their Google funding and their purchase of anonym.
I do, but even though they're not in the webpage itself and are as such not affected by the adblocker, brave still has an interest in the advertising industry. Many if not most of their advertising clients would use regular internet ads as well.
I can call Android user hostile. Most Banks and gov apps require play services nowadays, and Google is about to ban app installation outside of their store. Cherry on top, the play store is mostly adware junk. My parents phones are full of adware, bloatware, notification spam, it's almost worse than windows 11.
In your earlier comment you said that deGoogled Android alternatives are what's "slowing us down from leaving Android entirely", but that is not consistent with saying that most banks and government apps require play services.
If these apps cannot run on deGoogled Android, then deGoogled Android cannot be slowing us down from leaving Android because using deGoogled alternatives is as inconvenient for banking and government services as using a non-Android alternative would be.
It's not entirely a contradiction. De-Googled Android alternatives can give a perception of choice and also a perception to Banks that they support "everyone" at the same time. "We have both flavors, Vanilla (iOS) and Chocolate [Android]; you claim to want Chocolate (Android), what more do you want?"
Absolutely the current duopoly market is going to make any third-party alternative harder, but de-Googled Android seems to be a worst case because "Why not just install Google Play Services?" remains too valid a question and has too many confusing answers for both non-technical users and the business people at application providers (banks and whatnot). They will continue to have a hard time trying to figure out why you keep asking for a harder work effort for Chocolate Fudge when they already have Chocolate and why isn't that good enough.
It's easier to fix that confusion by asking for an entirely new brand/flavor, such as Strawberry, than continuing this increasingly hard war between Google's Chocolate and "free" (as in speech, but certainly not free of confusion) Chocolate Fudge.
There are tweaks to enable banking apps on deGoogled Android, but it's an exhausting cat and mouse game. Most of my friends gave up after years of fighting, and now they are back on Google Android because there is no alternative.
so it's the play services. /e/OS has none of these problems except for apps that require original play services. so yeah, those don't work.
interesting tidbit: my bank offers their app from google and from huawei store. it doesn't work on /e/OS however. (but that might also be a /e/OS bug).
this means what we really need is a viable play store alternative. EU regulations could make that happen.
So far its working pretty great. Very happy with GrapheneOS. And currently Android AOSP source code is still regularly released. If that changes it becomes a problem then.
>We should focus our efforts on truly open platforms.
De-Googled Android was/is a truly open platform. Same result. You're pointing out maintenance issues.
How many developers do we have to maintain this or any other platform without pay? That problem applies to a de-Googled fork of Android, or a complete bottom up build of a new platform.
The benefit of using an Android fork is the labor savings on what's already built.
Maintenance is not going away just because we build a new OS.
Why anyone ever gave that browser a second of trust is beyond be. The damn thing was built on hijacking ad revenue into some imaginary IOU crypto thing, and built by a creep.
Basically what you’re implying is that all the people working on Android derivatives like Lineage, Graphene, and /e/ coming together and working instead on a fully open source OS like a Linux mobile distribution would result in better outcomes and actually get us closer to a daily driveable open source environment phone operating system.
That’s analogous to saying that an automotive tuning shop that puts turbochargers and body kits on Toyota Corollas shouldn’t waste their time, and they should instead design and mass produce their own sports car.
The level of effort difference between AOSP derivatives and a fully open source OS is massive.
As I explained elsewhere in this post, I got to this installer page by clicking on "Check device compatibility" on the https://e.foundation/e-os/ page.
So I was actually expecting a device listing page, not a WebUSB program.
That's a bizarre one. 'You need Chrome' is bad enough, which even the bloody NHS are guilty of, but I always assume that's 'just' an assumption that not Chrome means IE or something, and they haven't woken up even to the proliferation of mobile Safari users.
I didn't know it did, the commenter didn't mention it, and Imgur gave me an overloaded error message. (When it doesn't do that, it usually tells me it's not available in my region or that the image has been deleted anyway.)
Anyway, assuming it's for WebUSB flashing, I agree with other commenters it should just explain that's not available and still give the instructions - bonus points for hiding the unusable WebUSB option.
How do they do that? I'm not doubting that, it's an honest question. I understand how this works on Apple phones but I don't understand why an identity or attestation service cannot be replaced by another one by the alternative operating system when the hardware is not controlled by Google. Does Google have keys in tamper-proof chips? How else would those banks determine their apps are on the right phone? Or do those apps use Google authentication directly over the Internet, using hard-coded Google public keys?
Depending on the level of security you ask for Play Integrity, it can be:
* is this device rooted, is it an unsigned build ?
* Device is signed, but is it part of the blessed signing keys ? is play services untampered with ?
* Additional checks over the lifetime of the device.
You could fully trust the results of Play Integrity on device, but you can also send the returned token to your server, and your server then contacts play integrity to validate that token. So unless you know how to spoof those encrypted tokens, you won't go very far.
So basically an alternative OS can offer a service like Play Integrity and the only problem is that those banks hard-code a dependence on Google's Play Integrity and Google has a monopoly for that service?
This is something that could be addressed at least in the EU by mandating banks to allow alternative services or not use this service at all.
Yep. You can even run your own play integrity-like backend.
>This is something that could be addressed at least in the EU by mandating banks to allow alternative services or not use this service at all.
The EU mandates banks to be interoperable, and to guarantee the security of users. You can solve that issue by going through an alternative app that doesn't use play integrity and is PSD2 compliant so other banks let you call their APIs. It usually requires you to be a bank, and as a bank, you're really risk averse. So you use play integrity.
Chrome is just an example. Google stopped pretending Android is a general purpose OS and started cracking down on what is possible without Google’s approval. See developer verification, everything within Google services, etc.
"Tweaking user-hostile OSes into user-friendly ones is impressive, but not sustainable."
Not sure about the first claim but the second is obvious. Yet peculiarly ignored
The OS literally comes from Google. As such, the term "de-Googled" is quite strange. Another recent HN front page item about the other project mentioned recently used the phrase "break free from Google" and currently only runs on Google hardware
AFAICT, the most significant issue with Android is "phoning home". Unwanted data transfer to third party. This is embedded in the OS. Google is the third party. Google operates as if it should be trusted as if it was a first party (why)
IMO, a user-friendly (cf. user-hostile) mobile OS would be one that does not phone home. But at times it seems like these projects are OK with the idea of phoning home to third party, as long as it isn't Google
Users will never have a mobile OS that does everything Android does, with the same polish, that isn't attached to a trillion dollar corporation. That "goal" results in projects where the majority of the Google-sourced code is unchanged instead of user-controlled source code
It isn't _that_ difficult to stop Android, i.e., system, pre-installed and user-installed "apps", from successfully phoning home (cf. trying to phone home) over WiFi. For example, this can be done by changing gateway and DNS settings. If the user installs an app that can forward ports nd use the the built-in VPN support, successfully phoning home over cellular data can be stopped, too
But a corporate-sourced OS like Android can change at any time for any reason. It changes often. Users have no control
I see some HN comments are starting to acknowledge the idea that control can be more important than performance. IMO, it can also be more important than "features"
Only if a user can embrace this idea can he begin to truly "break free" from the trillion dollar surveillance advertising company. Otherwise, sacrificing control for "performance", "features", etc., will always leave the user tethered to the company
With the corportate-sourced OS users have no control over performance, features, etc. anyway. The corporation controls them
Until there is a user-controlled, open source mobile OS like other form factors (HN commenters often claim this is not going to happen for good reasons), then, IMHO, "mobile" sucks
Generally, we all have to use mobile, as least for some purposes, e.g., it's replaced residential landlines, paper maps, and so on. But none of this means it is a good choice for for so-called "general purpose computing". It's not a computer the user can control
> We should focus our efforts on truly open platforms.
But currently AOSP is very much open. That's also what the GrapheneOS devs say and why they want to continue using Android. Until it becomes clear that they will completely stop releasing the source code under a free software license i dont see why one should not use Android.
AOSP dev went private, and Google is slower and slower at releasing the source, now twice a year. Worse, many stock apps like the Dialer and Gallery went closed-source years ago.
But the source isn't the point, it's the governance. Just like Chrome, having the source is not enough to guarantee an open platform. Sure you can disable telemetry flags. But you cannot afford to maintain an important feature Google wants to remove, like MV2.
"Google built Android to be impossible to maintain without them."
Could be a very genuine answer to that question. Do you really need all of Android? What if you can build a very similar thing at a fraction of the size.
Building and maintainance cost are not linear, especially when you inherit legacy code. The AOSP codebase isn't great, is 4x bigger than the Linux Kernel, and full of "Ship now, patch later" mess.
But I agree that it is a significant endeavor. But the OSS community succeeded in similar projects before, and the current state of the Linux desktop makes me hopeful.
Extensions prior to MV3 were notoriously insecure and granted extension developers a very wide attack surface. Assuming that Google only has a sinister reason to switch to a better standard in an ecosystem riddled with ill-intentioned actors is a bit too cynical.
No, it's not. They could easily have solved the problems without introducing changes to cripple ad blockers, but they decided their investors need some more cash. Actions speak.
Google will only ever push major updates that are neutral or beneficial to their ad revenue. I do not believe they killed MV3 due to ad blockers, but it's the type of proposal that can survive at Google.
I think the edge that will actually bring new widely used mobile linux based OS is going to be gaming devices. Steam Deck and many of retrogaming devices are already running Linux. Some devices have option for user to either boot linux or to boot android. They are selling, they have support and some market fit already. One can guess that there will be Steam Deck mini at some point and that could be followed by Steam Phone...
The irony of advertising a privacy-enabled de-googled system, and then telling me that my Firefox browser is not support, and that I should use Edge, Opera or Chrome instead....
This is related to Firefox unwilling to add support for WebUSB because, I suppose, they believe that a browser is not a general purpose application launcher and the scope of what it can do should be limited. As such, it should not be allowed to e.g. control peripherals like the USB devices.
Which is in my opinion a fairly reasonable take.
But given the current situation, I would assume that the companies providing WebUSB tools like installers would also spend a few moments to create e.g. a Python script that would do the same thing but locally. So that anyone unwilling to use WebUSB within their browser can have a vetted and transparent way to get the same thing done.
I am opposed to it for similar reasons as in GP, but it does let you do cool things like installing Android ROMs without touching adb by having a (presumably) WASM-based impl of adb.
And, to counter the arguments that "the site tells you that you need WebUSB support": you get to the https://e.foundation/installer/ when you click "Check device compatibility" on the main page. Personally, I'd expect either a check that works in any browser or a simple compatible device list. Why would I need a special browser just to check if I can use this OS?
main page -> download and try! -> check device compatibility
lands on https://e.foundation/installer/ the chromium-only webusb page. It could be a better page; instead of showing a scary "navigator not suppored" modal demanding you install a particular browser, it could say the automated compatibility tester requires one of these browsers and your phone plugged in with USB, otherwise here's the device finder page
e/OS is not degoogled, only some of the functionality has been rewritten in microG (eg not implementing security checks but instead spoofing them), but still uses Google play sdk and libraries.
Additionally it runs in the privileged mode, so any exploit on that, well, means back luck.
It's the specific functionality needed here that Firefox lacks that makes the /e/ page show the warning, unlike the lineage page that does not have the problem in the first place.
That's great! However, when I see "murena unified account" I feel like one thing is replaced with another. I'd like to be able to synchronize my android-like open os phone with my own cloud. It's really not a rocket science...
Google's hardware is just hardware. It is not locked down like the hardware of many other manufacturers. Moreover, it's the only such hardware which also allows you, the user, to lock it down for your own security. GrapheneOS is not just focused around avoiding Google, it's more accurately focused around security and user choice.
The goal is to give you the option to avoid needing to rely on Google's spying or services while not having to compromise on security.
None of these other solutions regularly get included in Celebrite's documentation as being an explicit benchmark of their software's ability to break into phones. And that's almost certainly due to the fact that unless you leverage hardware security features like what GrapheneOS (and stock Android on a Pixel, and iOS on an iPhone) utilises, you have no chance of going against any actual adversaries.
And I'm not just talking about state actors here, even drive-by opportunistic attacks are likelier on a random other phone running some other Android build.
So yeah, you are running Google hardware, that doesn't make you "googled". It's just a sad reflection on the reality of the hardware landscape. If you want the same security as what GrapheneOS offers, you will currently need to use a Pixel.
I'd be curious to see what comes out of their Motorola partnership though.
Why are we degoogling, for what purpose? I couldn't care less about giving them what likely amounts to ~10€ of margin per year on the hardware sale. What I care about is not giving them data which is worth a lot more than that, and to take back control over my device.
When you go with an alternative you lose superior privacy and security offered by GrapheneOS and you just end up leaking more data back to Google and other ad-tech companies than you would otherwise, negating any benefits several times over.
I think it’s very valid. I want to be hardware-independent, not only OS independent. I need graphene to work on a fairphone, jolla phone or whatever other alternatives there are. E/os can do that (to an extent), Graphene can’t for probably very good reason, but still: It‘s not an alternative then.
I must agree, you are right, GOS is only on Pixel phones.
But we have to keep in mind that /e/ has a lot of problems, the only one solved is sending data to Google. The security aspect of the OS is problematic and some key elements of a privacy seem questioning (AI integration, commercial collaborations, ...).
Uploading speech-to-text to OpenAI? Regular communication with Google? Using Google for assisted GPS? Giving a bunch of Google apps privileged access (if you need them for e.g. Android Auto)?
Well and besides that only shipping ASBs and no other security updates outside major Android releases (and both usually late). Using heavily outdated kernel trees (e.g. FP4 is using a Linux kernel patch level that hasn't been updated since 2020!), outdated vendor firmware blobs, etc.
It might work, but it is not very secure, nor very private.
The OS is working well, but have privacy and security concerns.
Is it better than a stock OS? I don't know, maybe, maybe not, it depends on the stock OS.
Reading the links posted in a sibling thread it only does it if you have text to speech enabled and they use an anonymizing proxy so openai can't associate sessions with any particular user ie it's not perfectly anonymous and private but I don't see how you could have totally anonymous and private until you have a fully offline on-device TTS model, which the fairphone guy said they tried and didn't feel it was up to scratch.
I don't use e/os but it doesnt' seem like a terrible compromise to me personally.
/e/OS is Android, meaning it's still critically dependent on goodwill of Google to continue releasing their work as part of AOSP.
So if you're trying to be a silly purist, then /e/OS doesn't fit either. If you're not, getting a Pixel will significantly enhance your safety since they're better supported for security patches and better designed in hardware when it comes to security.
Could you not do this? There's no need to be hostile to people who purer than you are.
It's fine if you want to make a pragmatic decision to do what works now, but you depend on people who to some degree don't want to compromise. But I always suspect this type of hostility comes from guilt being directed outward; what you actually should want to do instead is support people who are refusing to compromise and building alternatives (even if those alternatives are just ways to get things done without phones.) You will need them one day.
The idea about being dependent on Google to continue to allow you to be hostile to Google on their hardware is intrinsically not sustainable.
You're basically the same as an somebody using whatever the phone company installs mocking somebody who would dare install GrapheneOS, or even an iPhone person ridiculing somebody for using Android at all. What's the use of that?
I think it is legitimate to be a purist about smartphones, but I don't think the GP is. So, let's talk about the non-purist situation: Users like us want to de-google. But we are not willing to make all of the sacrifices that purists do. The question is then, what can we use (and - what projects can we support financially).
Now, we can use GrapheneOS if we have Google Pixel's. But - most people don't have those phones, for any number of reasons. One of them is price, by the way: You can get a decent smartphone for under 100 USD and even a half-decent one for 70 USD. And most people in the world are not in an economic situation where you can tell them "shell out 300 USD and buy a Google Pixel".
Moreover - suggesting we strengthen our ties to Google in order to de-Google is fundamentally problematic. Even if we're not going all the way, we are striving to distance ourselves from them.
So, an imperfect software solution for a wider selection of phones does sound quite useful. Change my mind! :-)
GOS is degoogled in all the ways that I care about - it's about the data they can gather. Among all the smartphone options that I consider usable day to day (leaving only Android and iOS at the moment), GOS is the most private and secure.
The post about Graphene partnering with Motorola is right about this one, currently, (Lenovo bought Motorola from Google in 2014.), so that point will no longer be valid as soon as they ship something.
If you can use GrapheneOS, good for you but what /e/OS offers is:
- Usable Android with your usual Android app (banking, etc)
- No data sent to Google by default
- Easier interface with nearly no bloatware
- Available easily on many smartphones, including older ones
- Extending the life of some smartphones
The price to pay is:
- Some Murena cloud bloatware
- Android security patches are sometimes delayed
- Security is not on par with GrapheneOS
If your main concern is protecting your privacy from Google and extending the life of your smartphone without breaking a sweat, /e/OS is probably the best option.
If your main concern is protecting against state actors attacks or very specific threats, then GrapheneOS might be better.
/e/OS works really great for non-techie users. I’ve done it in my family.
I have phones with both, but I don't necessarily agree that /e/OS is easier. E.g. things like doing or restoring in-app purchases often do not work, even when logging in through microG. Want that nice backup option that Signal is now offering? Well, good luck, you cannot purchase it on /e/OS (at least I couldn't). In general when it comes to compatibility, my experience is that GrapheneOS is better because it can use real Google Play Services, albeit sandboxed. I think you can use the Play Store on /e/OS as well, but it's going to have higher privileges.
They also use Google for assisted GPS when you use it, eSIM provisioning, widevine provisioning. Last time I checked, microG on /e/OS also downloads a Google binary blob for SafetyNet.
Besides analytics, if you install Google Apps (e.g. for Android Auto), many of them get higher privileges on /e/OS.
The price to pay is:
I would also add installing F-Droid apps (if you use App Lounge) through 'CleanAPK', without wanting to reveal why this is necessary or who owns/maintains CleanAPK.
They do quite a lot of fishy stuff. It may be incompetence, but yeah...
If your main concern is protecting against state actors attacks or very specific threats
This always sounds like systems like GrapheneOS are for paranoid people. But this is basically you if you ever go to a demonstration (e.g. in the US) or cross borders of certain countries (e.g. of the US), sadly things like Cellebrite have become very common. Then suddenly layered protection, not running years behind in security patches, a duress pin, or rebooting after not unlocking for a few minutes to get back to BFU aren't so bad. (IANAL, figure out yourself which of these are legal and not destruction of evidence.)
GrapheneOS is just another OS. It's no less usable than /e/ and it is no more difficult to get a phone with it than /e/. You can purchase both preinstalled.
I find it interesting that there are so many comments that are saying "Don't use this one use this one it's better!"
But what I think a lot of people are missing is what you exactly just touched on. We have options! That's a good thing. Yeah, some options are not as good as others if you wanna optimize for X. Then don't use that option! Use the option that works for you.
To me, the fact that alternatives exist on varying spectra of "degoogle-fication" is a win in my book. The fact that we're able to talk about and recommend so many alternatives is a good thing.
I think it's not a bad thing that people make the "Don't use this one use this one it's better!" comment, at least from my perspective. That is one way I end up learning about the options I have!
As someone who switched from FP4 with /e/OS to GrapheneOS - absolutely not true.
My reason for switching was a bug where the phone calls didn't display the caller number. So I switched to GOS in hope it would be better... and it is, but not in all areas. For example their insistence on not supporting MicroG leads to poor UX, because let's face it, you can't trust Google services, even sandboxed, to not syphon tons of data into the cloud. MicroG was easybto use for privacy. They also seem to be very opinionated about (not) using a firewall for privacy, like NetGuard, instead recommending some weird alternatives like DNS firewalls. And don't get me started on their icons - I don't mind ugly-ish icons, but they are taking the ugliness to a whole new level.
GrapheneOS is not a bad OS, but it is very opinionated, and they (heavily) prioritize security over privacy. When I turn FP4 on, I still like it way better than GOS. Still, I like seeing who is calling, so I'm not going back... Ymmv.
I am not a project member so I cannot speak for GrapheneOS, but maybe I can help clear up some misunderstandings.
>insistence on not supporting MicroG leads to poor UX,
The problem they are trying to solve is apps not working without the presence of Google Mobile Services or Google Play. They don't want to compromise by having a component with high privileges integrated in their image that involves security issues like signature spoofing.
MicroG will send less data to Google partly because it is simply an incomplete implementation of the features offered by GMS (sanboxed-google-play appp compatibility is quite a bit higher), partly because the access is more granular or there are choices offered for services like location (GrapheneOS provides non-Google location services and community support on only installing and enabling the parts you need for specific app features to work). UX is not adversely affected, but if you want to use a privileged app bypassing security checks and sending data to Google anyway then you have the freedom to compile microG with it integrated if you would like.
>They also seem to be very opinionated about (not) using a firewall for privacy, like NetGuard, instead recommending some weird alternatives like DNS firewalls
GrapheneOS tries to implement or end encourage sustainable approaches to privacy and security, and this partially means approaches that don't break if the adversary knows what you are doing.
Egress/outbound traffic filtering is fundamentally unworkable. Apps do not have to connect to known privacy a invasive third party domains to violate your privacy or expose your data to extra parties, they can simply send anything they want to their own servers and do anything they like with the data. From my understanding this is why GrapheneOS do not want to encourage the approach of blocking apps from connecting to certain domains/addresses.
Instead they tackle the problem at its source by providing a direct AND indirect network access toggle which cuts off an apps access to the outernet without letting the app know (pretends the network is down). This makes it non trivial for apps to exfiltrate data and as a side effect can provide benefits like data conservation (for capped plans).
>instead recommending some weird alternatives like DNS firewalls.
DNS based solutions are offered (not promoted) if you want more control over your DNS query resolvers or you want to improve your quality of experience by blocking advertisements and malvertising domains.
>they (heavily) prioritize security over privacy.
Can you point out another OS project with real privacy features like a network permission, sensors data access permission, contact access scopes, storage access scopes, per connection MAC randomisation and so on? https://eylenburg.github.io/android_comparison.htm They have even more plans for privacy like location scopes, anti-fingerprinting for Vanadium browser and maybe AnonymisedDNSCrypt/Oblivious DNS and probably more they haven't mentioned. If you suggest some more on their issue tracker they may get back to it when they have the resources.
Even on non-pixel devices, unless you really want to use the /e/ "ecosystem, there are probably better options like LineageOS for microG iodéOS.
(/e/ used to be heavily based on an outdated version of LineageOS for microG. I'm not sure what the current state is after I settled on second-hand pixel with graphene)
iodé is available for my device as well, but it looked fairly similar to /e/OS to me (and the latter has an official partnership with my phone's manufacturer). What makes it a better option - should I switch?
When I looked into it, /e/ constantly used to be many months late with security updates. LineageOS for microg and iodé were much quicker (~ 1 month max which is still not that great).
Hmm, possibly I'm looking in the wrong place, but as far as I can remember, I've been getting new /e/OS versions about every month, and looking at the release notes [1], they usually seem to include the latest "Android security patches", which I assume is what's relevant - unless there's something else that should also be included?
There absolutely is when your concern is not only moving away from Google but also using sustainable hardware like Fairphone, which GrapheneOS doesn't support afaik.
Because upstream LineageOS doesn't support microg out of the box. You can install it but it needs signature spoofing to pass Google's SafetyNet garbage.
Bonus point for some roms that allow you to relock the bootloader after the install (iodéOS, CalyxOS).
I you ever cross a border or attend a demonstration, privacy requires security. Unfortunately, /e/OS (and most hardware) is severely lacking in that department.
As an average user, I don't understand all the ins and outs of an Android system, but I'm very happy to use /e/OS on my Fairphone 4 every day. I don't have a Google account, but I can still use all the apps I need, including French banking apps (CMB, Endenred+).
My only regret is that the simplified installation tool didn't work (my FP4 kept restarting), so I had to install it manually, which makes it inaccessible to users who are even less tech-savvy than me.
Finally, I still think it's an excellent alternative to Android, but we need to go further and allow our smartphones to work with other operating systems, particularly Linux. I am hopeful that one day we will have a Linux OS for our smartphones that performs as well as /e/OS (I have heard about Jolla smartphones and Sailfish OS, but unfortunately I have not tested them).
I'm currently looking for a new Android phone. I don't like the Pixel and deep integration with Google. I looked at the Fairphone with /e/OS and the Pixel with GrapheneOS, but unfortunately there's no certainty that everything will work or where the boundary is between Google Android and "clean" Android. For example, it turned out that Android Auto is essentially Google Auto and I don't what find out what is dependent on Google. I want something that just works. A phone isn't something I want to tinker with like Linux ten years ago. So basically the choice comes down to Samsung and Chinese brands.
I can't check my device compatibility without Chrome or edge. Is there a reason I can't just see a list of compatible devices to confirm (as I suspect) that it won't work on my phone?
MicroG does an excellent job at reimplementating most of Google's proprietary APIs on the client side.
I don't know how feasible this is, but it would be cool if there were open-source drop-in replacements for Google's server-sided APIs that app developers could use to replace Google's services with alternate servers running open source software.
I went *browserless on my device and it has solved my screen compulsion issues with very little downside. It has been the most effective step I've ever taken. I realized I really love msg'ing friends, having access to maps and navigation, banking, just a handful of apps (no google apps), and that all along it was the browser.
*ios doesnt let you delete Safari so I set a 10 minute timer on it, and i dont have any adblock or content filtering enabled, so it's essentially only good for brief checks (auto-shop phone number, quick news check, etc.) but is useless for anything beyond that.
I have been thinking the exact same thing! That while I "need" a smartphone for secure communications, banking and nav while traveling, it's Instagram and compulsive news/reddit consumption that keeps me instinctively checking my phone. I think I need to do the same thing on gOS.
Yes! Also shopping is an insidious thing. Now it's no longer a shopping tool. For me a common flow would be like, 1) think about some thing 2) instantly I'm scroll shopping somewhere 3) remember I'm too frugal to buy things 4) 10 minutes lost to the void. It's been really nice for me to break that particular cycle.
Tell me how you can set up an Android device and install apps that require Google Play services (like all the most popular and important apps) and not have Google syphone all your contacts details. I mean everything: name, date of birth, addresses, emails, websites, relationships,etc.
Answer: you cannot.
Any time you log into a Google account just to use the Play Store, Android will instantly starts syncing all your contacts and you can't prevent that. You can't even toggle airplane mode as a network connection is required to login. And you cannot configure Android not to sync all contacts data with new Google accounts by default.
I bet Google has syphoned the details of every single person on Earth (without their consent) and I have to trust them not to use that?
That is all nice and well, but Google is primarily an advertisement business. A huge corporation that gained enormous power that operates only to satisfy its own self interest. So that gives us non-Googlers more to think about than just that consideration to take into account.
It is an entirely realistic scenario which afaik data backs up that most people don't change their default privacy related settings which Google profits from, but in case of actually setting their provided privacy settings ON, they do work.
What do you mean by "better [...] at handling sensitive info"? As in, they are more technically competent, or they will treat your data more ethically?
I don't think these projects claim they've got better infrastructure for handling private data, just that they won't sell it to advertisers. I trust Google are experts at handling my data, I just don't want them to.
I have both a Jolla C2 phone, and an E/Os device, on a nothing CMS1 phone. Both are great. I like the Jolla Phone for its SailfishOS, which has great UI/Ux. I am less enthusiastic about the hardware. (good enough though) The E/OS really is good, all apps work good, and really much is done for privacy protection. But if the hardware is more performant, and with a few extra features i'd still opt for SailfishOS
My phone (Teracube) is running /e/OS now for 2 years. Nearly everything works out of the box (bank apps, e-identity apps etc ..). The only issue I have is that the app I use to take contactless payment on the phone via NFC does not work (while it works using Android).
So we replace an OS owned by a search engine (Google) with an OS owned by a search engine (Murena)? You're going to need to give me more details than that before I consider switching.
I'm an /e/OS user with a Murena account and I had never even heard of Murena being "a search engine". After searching (on DDG), I see that they in June 2025 they launched a collaboration with the Qwant search engine to launch a Murena-branded version: https://murena.com/discover-murena-find-your-new-privacy-fir...
That does not make it "an OS owned by a search engine".
Looks cool, but burns a bit of credibility by ripping off Apple's icon designs.
There has to be some fresh-out-of-college graphic designer in Berlin ready to make their name by designing a custom icon library for a project like this, ask around.
* /e/OS sends user speech data to OpenAI without consent [1], and thought this was ok until they got caught [2].
* /e/OS massively delays security patches, and calls this a "standard industry practice" [3]. Meanwhile, GrapheneOS' opt-in security preview releases provide early access to security updates prior to official disclosure [4]. Also see [0] (Security update speed) and [7] (WebView being 40 security updates behind).
* microG downloads and executes proprietary Google binaries in a privileged environment [5] [6]. You can obviously not audit these, nor should this count as "degoogled".
* microG still phones home to Google by default (android.clients.google.com for device registration check-in, mtalk.google.com for FCM push, firebaseinstallations.googleapis.com for SIM activations) [7].
[0] has a comparison of popular privacy and security-focused Android-based OS, which paints the whole picture. Privacy-friendly does not necessarily mean secure, but in this case "privacy-friendly" is quite a stretch already.
Your speech data assertion looks to be inaccurate, the user does have to opt in. Nor does the response sound like a mea culpa. I wouldn't use it, but seems reasonable for people who might want to.
Why rip off Apple design so much here (see homescreen image). Seems like a lot of unnecessary effort. Plus it’s not done well enough so instead of looking like itself, it looks like a bad ripoff.
I wonder how this compares to GrapheneOS in practice.
>Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem, allowing to store, back up and retrieve your data safely on remote servers.
This sounds like their version is somewhat married to Murena. While probably better than Google, still not independent.
They're also advertising features such as "hiding your IP address [...] when you feel like it" – which sounds a lot like a VPN – without mentioning much about who the traffic is going through or how they might log it.
> I wonder how this compares to GrapheneOS in practice.
https://eylenburg.github.io/android_comparison.htm is a fairly complete comparison. One of GrapheneOS' biggest features is that they sandbox Google services (if you choose to install them), whereas e/OS gives them privileged access by default (via microG). Calling it a "degoogled" OS while microG uses Google's proprietary blobs is... a choice.
I'm on /e/OS and don't use Murena Workspace (which I think is just a Nextcloud instance that they host). For the past couple of years in which I've used it, I have felt zero pressure to use Murena Workspace. Though I imagine it might be neat if you host your own Nextcloud instance, which might be nicely integrated too.
(That said, yes, I don't quite trust their VPN or app store, since it's unclear who's running it - in the latter's case, I imagine that's also a legal matter.)
I have been using e/OS but moved away when an upgrade to the next version required to manually wipe the device. I could cope with the little inconveniences of a degoogled phone, but wiping the device myself following a unclear procedure was too much for me. My phone is not a hacking subject. It's a tool. Still, it worked reasonably well and I would have upgraded and kept using it if the upgrade had been easier.
I am on e/OS since 2021 with a FP3 and, for what is worth, I never had to reinstall, wipe or anything. My phone just had it's 5th birthday and it has been a single continuous set of updates.
I know the versions differ by model, so perhaps your model was not as well supported.
It was the gigaset gs190. I've used it quite some time with e/os, but one day the automatic updates stopped working and I discovered this reinstallation requirement.
I get the appeal of degoogling, but this seems to just be replacing that with alternatives run by another commercial company, just one I've never heard of before.
Why does it even need "One account for your privacy" ... "Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem" when it'd be even better to have everything on-device without an account at all.
Even more, Murena seems to be owned by Qwant who seem to be in the business of selling a search engine, and while they currently claim to be all about user privacy, this is basically exactly how Google started nearly 30 years ago.
I wonder if they'd be happy if, for instance, somebody took this system and debundled Murena and switched it to using duckduckgo. Would they embrace that too, or sue them into oblivion?
I think I was wrong. Googling suggest that Qwant is owned by Octave Klaba, the founder and majority owner of OVH. Murena seems to be owned by Gaël Duval.
It's just from their website a lot of mentions of Murena seemed to say powered by Qwant, or similar, and so it looked like they were closely linked.
If you block Google, as much of it as possible anyway, on your firewall, does the device work/install? I tried /e/ and Lineage about a year ago, but neither of them worked when Google was blocked completely. The only one that made no requests to Google was Graphene.
For how polished the launcher looks, it's a bit jarring to install /e/ and realize that under the hood, all the apps are just running a very stock Material theme. I'm not shaming the developers; developing a custom theme is no doubt an involved task that they don't have the resources for.
Overall, everything works pretty well for me (user for multiple years), except all apps which are too bound too Google Play Services as microG is not stubbing/implementing all APIs.
So all apps with premium subscription you can only handle through in-app purchase, usually won't work.
I've heard that some banking apps are not working correctly either as not "secured" enough device, in my personal experience, they all worked, it's really a case-by-case logics here.
For the upgrade, OTA upgrade around every month, and it has always worked smoothly
Not that it matters but I just noticed certain titles on their website can be edited. For example the text "Use our /e/OS Installer" can be modified and I noticed it because I accidentally pasted my clipboard there. I suppose contenteditable should be set to "false".
fuck me i'm doing work even though i should be working right now
Read this. They still collect much of the same data Google does. Why should I trust them over Google? And even if they might be morally better, it's basically impossible for them to have better security than Google.
If I were to want a Google-free phone, I'd want it to be everyone-free. Not replacing Google with some French corporation (even if it's non-profit).
At the link, I see a lot of text about a company called Murena. Including:
> Operated by Murena, your Murena Workspace account @murena.io is at the
> centre of the ecosystem, allowing to store, back up and retrieve your
> data safely on remote servers.
That seems to suggest that we would be replacing one large overbearing corporation with a smaller and less-evil overbearing corporation. Is e/OS an open-source facade for Murena?
LMAO-class first impressions: builds entire UI into a carbon-copy of iOS
Like, I thought I was looking at an older version of iOS with those screenshots. It took a few of the screenshot flips to realize that things were subtly off and not-iOS.
I mean, okay: use what works. But it’s amusing nonetheless.
I wanted to add a perspective from actual daily use, because a lot of this thread sounds theoretical.
I’ve been using a Murena/Fairphone running /e/OS as my primary phone for a while now, and honestly the experience has been much smoother than I expected. My banking apps work, GPS/navigation works reliably, messaging and everyday apps behave normally — I’m not constantly fighting the device or giving things up. After the initial setup, it just feels like a normal smartphone, except noticeably quieter in terms of tracking and background noise.
What surprised me most is that this isn’t a “privacy experiment” anymore. It’s a usable, stable daily driver. I still get the convenience people worry about losing, but with far fewer ties to Google services by default.
I think a lot of people hesitate because they assume moving away from stock Android means breaking essential apps or living with constant friction. That hasn’t been my experience at all. If you’re curious but unsure, it’s genuinely worth trying — the barrier is much lower than it used to be, and you might find you don’t miss as much as you expect.
I can vouch for your experience as mine has been the same, also on a Fairphone on which I installed /e/OS. I could have literally written the same comment myself — em-dash usage included!
it was supposed to be a temporary name, that i believe was intentionally chosen to be bad to make it easier to replace later. they were under pressure because the original name eelo had a trademark issue.
when they eventually found a new name "murena" it appears they then decided to use it as a brand for the phones that they themselves sell instead, keeping /e/OS as the name for the operating system
My account has more comments than that and I share OC's opinion and experience. I've been daily driving /e/ since its FP3 era and lately the experience has been really well polished. Even things that had been "tricky" in the past, like Android auto integration, now work seamlessly.
It didn't come installed and the FP3 isn't sold anymore so you'll have to install it. It was dead easy though, not anywhere near the complexity of installing Lineage back in the days (though that's gotten easier too).
/e/ on FP3 has been my daily driver for 1.5 years and my daughters run it on their FP4s with no problems at all.
My banking app doesn't even work on the last 3 android phones I tried because it wants a very up-to-date OS which basically means non-Pixel phones more than 2 years old need not apply.
I had this problem and it turned out to be an upstream issue with MicroG which was eventually patched. If you have an error message you can search for existing issues on /e/OS' gitlab/forum.
Revolut stopped working for me for a while with the error that the bootloader wasn't recognised and rooted phones aren't supported. After about a month an OS update solved it.
As long as banking works with web browsers, I think the future looks good for this usage, but I could de-bank my phone and still have plenty of useful things to do with it.
the problem in my case is that the authentication for the banks website requires an app, and that app doesn't work. i am locked out of online banking for that bank because of it. (they also have a windows app that i could not yet get to work on linux/wine)
Find a new bank. Mine has another problem, so behind they don't support mfa beyond a symantec program I've not heard of before. I don't use it, but can't use my yubikeys either.
Tbh I am using /e/OS as my daily driver and I fully agree, it just works.
Bonus points for the Nextcloud integration which I can tie to my self-hosted Nextcloud instance.
I do not understand all the negativity, I think it is a solid alternative in the ecosystem, and choice is a good thing.
Happy owner of an /e/OS phone for the past 3 years here. I'm going to replace it for a Fairphone in the near future because I broke the camera on mine, and I'll take the /e/OS version without question.
It's pretty strange that the only subject you seem to have expertise in is e/os. Over a year and that's the only thing you've felt comfortable in discussing?
and so what? should I ask for permission to discuss something? it's crazy how omniscient people are aggressive on the internet. Is that your normal behaviour IRL??
Good stuff! This feels very human. How do you feel about Murena? I feel like like they're very much a "Next Gen" privacy tech company. I've also heard they're crowd-funding!?
I think this is behavior that should be encouraged online. Staying quiet and letting the experts talk to increase the signal to noise ratio is a GOOD thing. OP has hands on experience with something that is at least for now quite niche.
I used to only really speak about node.js topics because that was what I had real fighting experience with, at a scale beyond what most webdevs had ever seen. Those were also my most upvoted posts by far.
I get what you are saying, and if that's what the OP was doing I'd somewhat agree with you.
However, if you haven't already, I'd encourage you to read over their past comments. They all read almost identical to the start of this thread. Before this post they had something like 3 other comments on HN and they were all about how great /e/OS is. All of them have a blurb about the privacy focus of /e/OS. They all read like copy from marketing.
That is bizarre commenting behavior for a niche OS. And these weren't comments about using /e/OS, but rather comments speaking positively about using it.
Your posts on node.js, I assume, weren't all "Node.js is the greatest programming environment I've ever used. It's so smooth and fast." Instead, I'd wager your highly upvoted comments contained useful information about using node.js.
I'd also say, that there are people that work for various software tech companies who post here. The best comments I see almost always start with "Full disclosure, I work for X". Those are far better received.
You're assuming a lot: That it is astroturf, then that the account must be directed by eOS itself and not some enthusiastic user or third party. Or to be really conspiratorial, an adversary who makes obviously astroturf positive comments in order to sow doubt about the project.
The timing of this post right below the Motorola/GrapheneOS partnership is pretty funny.
I've been running /e/OS on a Fairphone for about a year now. The experience is... fine. Not great. App compatibility is the main pain point. Banking apps are hit or miss even with microG. Updates lag behind GrapheneOS significantly.
The Murena cloud stuff is the part that bothers me most. You're trading one cloud dependency for another. At least with GrapheneOS you get a clean slate and can choose your own sync solution (Nextcloud, whatever).
That said, /e/ supports way more devices than GrapheneOS does. For people who can't or won't buy a Pixel (or now Motorola), it's one of the few options. The real question is whether the Motorola partnership changes the calculus. If GrapheneOS gets proper OEM support, the device limitation argument mostly goes away.
Look at the AdBlocker crackdown of Google Chrome. Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it, because it is impossible to maintain features that complex on a browser that Google spends >$1B/year to develop.
Same story for /e/ and GrapheneOS, the day Google pulls the plug on source code releases, god knows how long they will last. We should focus our efforts on truly open platforms.
reply