submitted 20 hours ago* (last edited 18 hours ago) by FG_3479@lemmy.world to c/opensource@lemmy.ml

41 comments fedilink hide all child comments

/e/OS is not fully degoogled, as DNS connectivity checks, hardware attestation provisioning, and eSIM activation all go through Google.

It is often many weeks or months behind on security updates, especially in the WebView, which makes it easy to exploit.

It doesn't support bootloader locking on many devices, and if you lock the bootloader on a phone that does support it, it could brick if /e/OS is on an older security patch than the stock ROM was.

It doesn't use a lot of the hardening in GrapheneOS such as hardened_malloc which prevents memory corruption exploits, even if the hardware supports it.

And finally, /e/OS's text-to-speech sends what you say to OpenAI, despite local options being available.

If you want a properly secure Android phone, the best option is GrapheneOS, however it only supports Pixel phones and future Motarola phones due to its high security requirements.

If you can't get a Pixel then iOS in lockdown mode is the next best option, however if you can't replace your phone, LineageOS is much worse than Graphene although it is still much better than /e/.

you are viewing a single comment's thread
view the rest of the comments

[-] ExLisper@lemmy.curiana.net 2 points 9 hours ago

I think you replied to the wrong comment but you said the right thing :)