28
/e/OS is not a secure OS (lemmy.world)
submitted 18 hours ago* (last edited 17 hours ago) by FG_3479@lemmy.world to c/opensource@lemmy.ml
38 comments fedilink hide all child comments

/e/OS is not fully degoogled, as DNS connectivity checks, hardware attestation provisioning, and eSIM activation all go through Google.

It is often many weeks or months behind on security updates, especially in the WebView, which makes it easy to exploit.

It doesn't support bootloader locking on many devices, and if you lock the bootloader on a phone that does support it, it could brick if /e/OS is on an older security patch than the stock ROM was.

It doesn't use a lot of the hardening in GrapheneOS such as hardened_malloc which prevents memory corruption exploits, even if the hardware supports it.

And finally, /e/OS's text-to-speech sends what you say to OpenAI, despite local options being available.

If you want a properly secure Android phone, the best option is GrapheneOS, however it only supports Pixel phones and future Motarola phones due to its high security requirements.

If you can't get a Pixel then iOS in lockdown mode is the next best option, however if you can't replace your phone, LineageOS is much worse than Graphene although it is still much better than /e/.

all 39 comments
sorted by: hot top controversial new old
[-] ArmadilloLoose6699@feddit.uk 19 points 10 hours ago* (last edited 9 hours ago)

As someone who bought a Murena FairPhone 5 with /e/OS preinstalled because I had the option to pay a reasonable price for a decent phone that isn't Google branded, and have been enjoying the experience with it for a while now, I don't think I'm going to fall for that very obvious rage bait that's been copy-pasted from an aggressive forum post.

I'll give GrapheneOS my attention when it works on more than one phone. I hear Motorola is building a second phone for it to be compatible with.

[-] justme@lemmy.dbzer0.com 2 points 7 hours ago

I'm using a stick FP 4 and am really happy about it, I just try to lock down the android bloat from time to time. My wife has a murena Teracube. After changing the launcher, she is really happy with the software, but the hardware is hot garbage, so she plans to get a new one soon.

Our idea was the FP4, because I have good experiences with it, you still get spare parts and it's comparable cheap.

Do you know whether there was anywhere a bit jump in performance from FP4 to 5?

[-] mesamunefire@piefed.social 1 points 6 hours ago

I had a terracube. It litterally broke apart in my hands. The glue for the screen stopped working. And i tried to get it repaired only to be told they didnt support the first phone anymore. After less than two years.

I now have a fairphone 4. Much better device!

[-] RmDebArc_5@feddit.org 15 points 10 hours ago* (last edited 6 hours ago)

/e/OS is not fully degoogled, as DNS connectivity checks, hardware attestation provisioning, and eSIM activation all go through Google.

They are working on some of this, at least eSIM activation. Also do you have a source for DNS connectivity checks? AFAIK they have used their own for a while

It is often many weeks or months behind on security updates, especially in the WebView, which makes it easy to exploit.

This is a serious problem, however their update speed is comparable to a lot of default ROMs

It doesn't support bootloader locking on many devices, and if you lock the bootloader on a phone that does support it, it could brick if /e/OS is on an older security patch than the stock ROM was

/e/os supports boot loader relocking on most official devices, however the community builds don't support it. The bricking part has nothing to do with /e/os, it's a hardware security feature of some devices. This would happen with any ROM including the official one

And finally, /e/OS's text-to-speech sends what you say to OpenAI, despite local options being available.

I assume you mean speech-to-text? Anyway the feature is opt in and they have since updated it to include a prompt to inform you about what it will do. Their reasoning for a cloud option was that local options either are bad or have too high ressource usage (important as /e/os supports a lot of underpowered devices). Overall a stupid move, but they adjusted the feature to let users make an informed choice

If you can't get a Pixel then iOS in lockdown mode is the next best option, however if you can't replace your phone, LineageOS is much worse than Graphene although it is still much better than /e/.

Lineageos might have quicker updates, though it is even more connected to google, except for not including microg. However a lot of people will need google play services so they will have to install it anyway

[-] GarbadgeGoober@feddit.org 26 points 12 hours ago

Sorry but this sounds again like the typical e/Os bashing from GrapheneOS users.

Those two system are not the same. One is focused on security and the other on privacy.

Yes I know about the issues of e/OS, but it is still better than using Google or Apple.

For me personally I moved cause I don't want to support american companies. So Graphene was no option, as I would need to give google some money or buy one 2nd hand. But Pixels are still quite expensive compared with others.

Why do you always need to attack other systems, they can coexist. We should be happy people have more options to break free from Big Tech companies.

[-] Neptr@lemmy.blahaj.zone 1 points 12 hours ago

There is no privacy without security. Android is one of the most widely exploited OSes and every month a dozen or more critical severity vulnerabilities are patched. Being 1-2 months behind on security patches is inexcusable for a privacy project.

[-] ExLisper@lemmy.curiana.net 9 points 11 hours ago

Are those vulnerabilities ever exploited? The stats I'm seeing say that 30% of users run outdated Android version. Most attacks are malware apps installed from Play Store and mobile phishing sites. Yes, you have 0-click vulnerabilities but is anyone really setting up spoofed BT devices in public places? I think the risk of getting your phone taken over this way is extremely low, specially if you're doing basic things like disabling BT when not in use. Tracking on the other hand is extremely common. Most non-open source apps will connect to multiple analytics and tracking APIs. I care more about controlling those connections than about theoretical attack using some 0-day exploit. GrapheneOS doesn't have good tools to monitor and block trackers. /e/ and iode do.

[-] machiavellian@lemmy.ml 1 points 8 hours ago

So you're excusing lazy patching with improbability? Personally, I wouldn't bet my privacy and security on a criminal's lack of motivation.

It's like eating candy from a bowl in which 5 are poisoned and 5000 are harmless. It's improbable for you to pick a poisoned candy but because the consequences of choosing wrong are so perilous, I wouldn't choose at all or choose a bowl with less poisoned candy.

GrapheneOS doesn't have good tools to monitor and block trackers.

Yes it does. Rethink has (in addition to other awesome features) a local DNS blocklist option which you can configure to automatically block almost all telemetry apps send.

[-] ExLisper@lemmy.curiana.net 3 points 8 hours ago

So you’re excusing lazy patching with improbability?

Of course I am. I'm not paranoid. You always prioritize the risks. Looks like you're worried about highly motivated hackers targeting you specifically. That's ok, you're probably basing this on some sensible risk assessment and you concluded that you're a potential target for state level actors or criminals. Maybe you're a political activist or just very rich. I'm neither so I'm not really worried about someone targeting me specifically. I'm worried about malware (I don't install apps from random sources) and phishing (I don't click on random links). If you're worried about extremely unlikely attacks you're either wasting time or treating this as a hobby.

DNS blocklist option which you can configure to automatically block almost all telemetry apps send.

DNS blocklists are not enough. iode and /e/ offer more fine grained control and monitoring. You can permit some connections temporarily or permanently for specific apps only. Not to mention other features GraphenOS is missing like pattern unlock, backups or navigation shortcuts. Sacrificing all this just to be protected from very unlikely attacks is simply not worth it.

[-] machiavellian@lemmy.ml 1 points 7 hours ago* (last edited 6 hours ago)

Looks like you're worried about highly motivated hackers targeting you specifically.

Not really, no.

Not patching security vulnerabilities leaves you open to not just targeted attacks but also wide spread attacks, which also use the same exploits that nation states use. Just look at the recent Coruna debacle.

Let me bring another analogy. You live in a town where theft and burglary is rampant. You have a lock on your front door but the lock is based on a legacy design which is not hard to pick. Sure, no one has broken into your home yet but if you keep using an antiquated lock, it's a matter of when not if. And it's not like only rich and important people's houses are broken into. Everybody who's vulnerable can and eventually will get attacked. If I had to choose between risking burglary and paying a little extra for a better lock, I'd choose the latter.

Maybe you're a political activist or just very rich.

I don't have to be a political activist to take measures to protect myself online nor rich to afford a used Pixel.

Sacrificing all this just to be protected from very unlikely attacks is simply not worth it.

To each their own, I guess.

You can permit some connections temporarily or permanently for specific apps only.

So you mean like OpenSnitch? If so, Rethink also has that.

EDIT: grammar

[-] ExLisper@lemmy.curiana.net 1 points 6 hours ago

Even coruna was specifically targeting crypto wallets. Some articles say it was a 'broad scale' attack but I can't find any info about how it was distributed. Anyway, if you're using crypto wallets you have to be more careful. Traditional banking is protected by TFA and very often additionally insured. Again, risk assessment.

Oh, and I tried Rethink but it works as a VPN so you can't use other VPN apps with it. The app iode has can be used with any other VPN.

[-] GarbadgeGoober@feddit.org 2 points 9 hours ago* (last edited 9 hours ago)

I think you might not understand the meanings of privacy and security.

These are two different things, you can have privacy without security and the other way around. Having both is the best case.

As @ExLisper@lemmy.curiana.net said, some people care more about all those app trackers rather than have a full secure phone.

If there would be the one solution 100% privacy and security and available for most phones I would instantly use it. But it is not available yet.

If you are happy with Graphene OS good for you, but keep in mind it might not be what everyone is looking for.

[-] ExLisper@lemmy.curiana.net 2 points 8 hours ago

I think you replied to the wrong comment but you said the right thing :)

[-] GarbadgeGoober@feddit.org 0 points 7 hours ago

To me it shows me that I replied to the right comment. I just tagged you, as I agreed with what you said in your comment below.

[-] ExLisper@lemmy.curiana.net 1 points 6 hours ago

Ok, I guess no one tagged me before. TIL.

[-] EarlOfSam@quokk.au 1 points 6 hours ago

Ah, but have you tried IodeOS?

[-] Undertaker@feddit.org 12 points 13 hours ago

OpenAI feature is called Murena Voice to Text, so users don't know, it's OpenAI. They use tracking ids in their own update process. They ignore critique.

Graphene is currently only available for Google devices and therefore no alternative.

Lineage contains connections to Google as well.

Recommending iOS is ridicolous.

[-] aproposnix@scribe.disroot.org 2 points 10 hours ago

I just use whisper+ with heliboard. Works perfectly for me. https://f-droid.org/packages/org.woheller69.whisperplus

[-] RmDebArc_5@feddit.org 2 points 10 hours ago

Murenas statement on the ids used for OTA updates:

For context, and I agree that this feature can be perceived with mixed feelings, especially because it was stupidly called „licence ID“ at the beginning of its implementation, we added it because we suffered from not having good statistics on /e/OS usage.

Of course we are not interested in tracking users at all, but we do want to know how many devices are running this or that build of /e/OS. This is very useful for making some decisions about device support and setting priorities for future development.

Just running statistics on OTA server request logs along with the device model didn’t give good results.

Now, and this is still part of our internal discussions, if we are able to find a way to get good quality stats without this OTA anon-unique identifier, we will consider it.

However, we sincerely believe that this anonID probably has no impact on user privacy (tracking IPs or device fingerprints would probably be much worse).

You can reset the id via ADB:

adb shell settings put secure ota_anon_hash <new value>

[-] ExLisper@lemmy.curiana.net 4 points 10 hours ago

Good thing no one forces you to use it.

[-] Lemmchen@feddit.org 13 points 14 hours ago

To me /e/OS (is it called slashyslash OS or e-OS?) has always been just a worse LineageOS.

[-] sonalder@lemmy.ml 2 points 10 hours ago

I tend to agree but it still remove more google blobs from its codebase.

[-] vikingtons@lemmy.world 19 points 18 hours ago

what has prompted this, I wonder.

[-] a_fancy_kiwi@lemmy.world 19 points 17 hours ago* (last edited 17 hours ago)

Is it already time for the lead GrapheneOS developer’s annual crash out? Where do the years go?

[-] vikingtons@lemmy.world 28 points 17 hours ago

the fun thing is like, I use grapheneOS on a pixel 10 pro, though I find it kind of difficult to fess up to given the cringeworthy escapades of the graphene community.

who pissed in their cereal? does the mere presence of other ROM projects attack their identity in some way? have they claimed to be more secure than GOS and others?

[-] Cris_Citrus@piefed.zip 2 points 16 hours ago

If I'm not mistaken that guy completely left the project like a while back now. Hasnt been involved in any way for a hot minute

[-] exu@feditown.com 6 points 13 hours ago

AFAIK he's just stepped down from being lead dev and still works on the projects. Doesn't really feel different though because he's still the only name I'd recognise online.

[-] Teknikal@anarchist.nexus 8 points 16 hours ago

That may be true but it is still my best option if Google plays idiot like they seem to be planning. My current phone supports e/OS for the record and that's the only reason I've paid it attention.

[-] mesamunefire@piefed.social 3 points 16 hours ago

Ive always thought having options was a good thing.

[-] Undertaker@feddit.org 1 points 13 hours ago

OpenAI feature is called Murena Voice to Text, so users don't know, it's OpenAI. They use tracking ids in their own update process. They ignore critique.

Graphene is currently only available for Google devices and therefore no alternative.

Lineage contains connections to Google as well.

Recommending iOS is ridicolous.

[-] aproposnix@scribe.disroot.org 2 points 9 hours ago

You can use Whisper+ with heliboard if you want offline voice to text.

https://f-droid.org/packages/org.woheller69.whisperplus

[-] mathemachristian@lemmy.ml -3 points 11 hours ago

I hate /e/OS for sucking the air out of the room and leaving divestOS stranded. Fuck you /e/OS.

[-] user28282912@piefed.social -5 points 16 hours ago

Smart phones are a bad idea. A simple, dumb phone to make calls, texts and occasionally tether your laptop, vehicle tablet to for data access are all you really need. Even the dumb phone should have physical switches for the radios and a battery that can be removed without any tools.

this post was submitted on 10 Mar 2026
28 points (67.5% liked)

Open Source

45254 readers
609 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 6 years ago
MODERATORS
Cloak@lemmy.ml
kevincox@lemmy.ml
CrypticCoffee@lemmy.ml
Lettuceeatlettuce@lemmy.ml