Hi all,
I’m beginning to take my online privacy more seriously, and considering getting a new phone to that end. I am torn between 3 options, and don’t know which to go with.
Murena phone
Graphene OS
Regular Android but don’t install any facebook apps and disable all Google apps (undeletable, which I hate) and use apps like protonmail and signal.
I need some help figuring out what is the best option for me.
In terms of what I want, primarily privacy - I don’t want Google, Facebook/Whatsapp, My IP provider, etc. etc. collecting data or metadata about me and my device use. I also want the same level of device security that I get using my Samsung android device with antivirus, VPN etc.
I’m really not knowledgeable on all this, so need help.
I have seen people on Reddit say that Murena isn’t as secure as standard Android or GrapheneOs.
Some interesting stuff in that article and the rest of that site, but some of it (especially - but not exclusively - the GrapheneOS v CalyxOS page) reads like marketing material for GrapheneOs
I don’t have one After some time using /e/OS, I am now using LineageOS for microG, which does everything I want from a phone, and provides the right balance (for me) between privacy and usability.
I read the pages from the linked site from curiosity, and my comment was just based on my reading of them, which gave me the impression that the articles were very “pro” GrapheneOS, and slightly “anti” /e/OS. That might just be me being cynical though
Option 3 would be the worst of your three proposals. There are all kinds of background connections to Google servers going on, even if you have Google apps disabled. I lived with such a setup for several years, and I know from observing tracker-blocking in the Blokada or TrackerControl apps, or from my home network Pi-hole activity, that disabling GApps is not enough to prevent Android from trying to get back to its master.
Isn’t the same thing. Murena is a phone and Graphene an OS and this OS is just compatible with Pixel phones. You can disable Google apps on “regular Android” but you have always Google services.
So to me, you need to think if you want an ultra secure OS ?
If yes, choose GrapheneOS but you need to buy a Google Phone.
If you don’t want to buy a Pixel, find a phone compatilble with an OS like /e/OS, CalyxOS, DivestOS, Ubuntu Touch or other OS and the most recent one compatible with all these OS is the Fairphone 4 (ethic phone by the way).
You are the developer of divestos and you come to the /e/os forum to talk bad about them. I suggest you to stop your wickedness.
You are free to praise your OS, but please don’t attack the others. That doesnt make you greater.
My link provides factual information on many projects, not just /e/OS. I am not here to single them out.
You can see this if you actually read the page.
You’ll get good privacy with GrapheneOS but as soon as you install Google Play Services, even in a work-profile, your phone is compromised. And that’s what GrapheneOS recommends doing over using Microg.
@Dave1
In one corner we have GrapheneOS that doesn’t phone home to Google out of the box.
In the other corner we have /e/OS which immediately phones home to Google out of the box.
Meanwhile completely overlooking the fact that every single app that interacts with microG does so using the full proprietary Google Play Services library and that /e/OS even defaults microG SafetyNet on which downloads and executes even more proprietary code from Google.
Source: GmsCore/microg.xml · main · e / os / android_prebuilts_prebuiltapks_lfs · GitLab
But GrapheneOS is obviously the devil because it has completely optional Play Services support…
/e/ is the best compromise and the only really usable solution for everyday use with some compromise like being forced by work to use Microsoft office apps.
Also / e/ os is really great because it has a simple working automatic cloud sync for notes, contacts; calendar and some other things like pictures.
The other great feature is that the advanced privacy blocks tracker per apps, which means you will limit (not stop completely) the information sent by apps you really cannot avoid to use.
The best solution would be to use /e/ os by only going through websites in a web browser instead using commercial apps but it is sometimes difficult.
One of my bank do not request the use of an app to access online account but my second bank is forcing me to use an app only for logging on a PC accessing the bank website … /e/ os allows me to access my bank detail without giving meaningful information to google (device registration without a google acocunt is not really valuable, google can identify your phone ot some extent but you won’t send a lot of information and not formatted like the standard mass of android phone so it is less valuable to them and they maybe don’t bother to process them because of the small amount of /e/ users)
The third great feature is the app store called app lounge which is very good and keepsimproving. You have access to everything; even open source apps from fdroid are available in the same catalogue. Each app has a privacy rating which is clever and surprinsingly good enough even if it is based on two simple checks. The only limit would be apps that includes in-app payement through google play store libray. Though it has never happend to me to be blocked by that, most useful public apps wih payment will allow you to pay with another way that is not dependent on google. You can also log in with a google account temporarily, micro-g is offering this possibility though its best to try alternatives to this.
/e/os contacting Google was debunked over a year ago, you can read about that research here:
I’ve always pushed back against people calling the GrapheneOS community toxic, but jumping in other peoples forums only to trash them and say debunked lies about them is making that harder to do in the future.
@Dave1
/e/OS provably does connect to Google services via microG, that needs no “debunking” nor is it a lie.
It literally says so in the user interface: “Google device registration” & “Google Cloud Messaging” & “Google SafetyNet: enabled / official server”
Secondly, I have no connection to the GrapheneOS community, I have my own OS for nine years now.
You’re just still spreading more FUD while ignoring the facts.
The bundled WebView and Browser in /e/OS hasn’t been updated since December of 2022 and has 96 known security issues.
You can see the update history of many projects detailed on my page here: https://divestos.org/misc/ch-dates.txt