A well-recognized German security expert - Mike Kuketz - today published a quick opinion about /e/ on his blog. To summarize his critical opinion he puts forward 2 arguments that should not be new to us:
Android Nougat devices that do not receive official Updates anymore (he is explaining that 53 out of the 92 supported devices are based on Nougat). He said: “I do not believe that e.foundation is backporting the security updates for Android Nougat - this in fact reduces the selection of (usable) devices to 39.” Seems he is wrong on this point. Could be worth clarifying this issue with him.
And after all, that could be an issue - in my opinion - that should be communicated better on e.foundations’s website.
Please find here his conclusions translated into English and further below a link to the entire blog article (in German):
"Conclusion: /e/ wants to be the all-round carefree solution for Android users who like to simply work without Google - which is absolutely understandable. Whether this can succeed, however, is questionable. Even an evaluation based on paper does not really allow a recommendation for /e/. Android Nougat (7.x) does not receive security updates anymore, so it is more than questionable to offer or advertise /e/ support for these devices. But also the unknown origin for apps (cleanapk.org) leaves a queasy feeling. Are they unmodified apps or who is behind this offer? And also the mistakes in “de-googling” Android and LineageOS don’t exactly make me jump for joy.
Tip: Technically experienced users should rather install a LineageOS or implement the article series “Take back control” That is perhaps more complex, but you learn a lot and get more control over the system and its data."
(translation is based on a DeepL translation with some personal refinements)
Absolutely agreed, the only thing that I find more important than getting rid of Google is be left out without security updates. It’s funny because this is the exact reason why I switched from LineageOS to /e/ in the first place, I had a device that was suddenly left unsupported and was forced to either go back to the stock ROM or buy a new device. When I started searching for alternatives I liked the way /e/ was doing it.
I hope this situation improves, I’m glad there are many supported devices but not at the cost of security vulnerabilities. I’d rather have fewer devices well supported, even if that means dropping a lot suddenly like it happened to me… but prioritizing this from now on.
That article is right. Android Nougat (7.x) does not receive security updates anymore, so it is more than questionable to offer or advertise /e/ support for these devices. Right now the project has phones in the “supported” section, which are actually not secure due to missing security updates.
I agree with you, let’s wait more time and we’ll see how /e/ will grow.
I think that this is a young project that need support in many ways: feedbacks, money, and trust;
and we must not forget that it is actually fighting against a mega giant that is google, which is also the richest IT company on the planet, and above all it is also fighting against the mental laziness of people who, consciously or unconsciously, give up their privacy to have services that are induced to think that are necessary for their existence.
Now, the author of the IT-security blog is writing in English on Mastodon - apparently to find out if /e/ is currently backporting security updates to Nougat. @GaelDuval, I think it could be useful if someone from the side of e.foundation is answering.
For me the question is very important because I will not accept any software we do not know who created it. Frankly speaking it is a question whether I will stop using /e/ and return to stock ROM or not.
What info Goog** sucks up we know but from software with unknown origin the danger could be much greater.
Just a little hint for those not speaking german: The “expert” is giving comments about /e/ by viewing documents. He is mentionining that he had no time to test /e/ in real life. This should be considered as well.