My /e/ exit interview

@anon88181694 your Divestos project gives you lots of merit, it’s great, you have that patchlevel in order where you can control it - but CVE counts drive you mad to the point you can’t put it aside.

The context of @hkmike is rather no matter how well patched his /e/devices would be, he had difficulties running mandatory software in Hong Kong for their Covid schemes and school program. That’s a different problem not addressable by patching to latest levels and the issue is of general concern to all users as in software that is needed to participate (banking/public-admin).

@tcecyk
I’m less concerned with their/your/anyone else’s reasons to use or not use any particular OS or software.

I just want users to be informed of the (security) issues that they’re likely unaware of.

(Seriously please don’t take my posts here as shilling my project, my offering is genuinely unsuitable for many here (no gapps/no microg/no drm/etc.). My only goal is truly to push forward security of the community.)

I appreciate that you keep us informed. I also know and have noticed that not all like that. But as the saying goes “Don’t shoot the messenger”…

Also as a sidenote, bromite just released update 108.0.5359.75 via their f-droid repo, possibly bit earlier at github.

@huuhaa
Despite their update today they’re still missing today’s security fix: 106.0.5249.163 is missing the recent zero-day fix · Discussion #2421 · bromite/bromite · GitHub

Why don’t you postulate here, it will be a real chance to have you in the /e/ team

https://doc.e.foundation/jobs.html

We’re aware of this. The issue with the the WebView is due to the fact that we had some dev team reorg, and that there is someone else in charge of the Browser build, and it takes some time.
It will be fixed in the coming weeks though.

Same for PDFviewer, it will be updated soon and we’re improving our processes to avoid being trapped in such situations again in the future.

That’s the reason why we need to grow the team, and for this we need more financial support too.

Last but not least @anon88181694 this forum is NOT a place to advertise DivestOS or other projects. This is an /e/OS-related forum, thanks.

Security risks are a dime a dozen. Especially with stock Android. The security risks are by a multiple lower with /e/OS, regardless of the /e/OS version.

Numerous custom ROMs that you provide are an increased security risk. For example, the Google Pixel 3, 3a, 3 XL, 3a XL, 4, 4 XL devices supported by you have not been functional for months, although these devices have received updates every month for months.

Similarly, many other devices from your repertoire are untested, where means that you do not own the devices and leave the sole testing to your community. Nevertheless, they are also updated every month - including their serious bugs.

@SkewedZeppelin, please first sweep in front of your own door before you constantly decry /e/OS here.

The security risks are by a multiple lower with /e/OS, regardless of the /e/OS version.

Citation needed, because what I show above directly proves otherwise.

wp53382791060×755 31.1 KB

Then what’s the alternative for making a range of degoogled devices accessible for the average user who might not have the expertise to flash their device themselves?

If you don’t mind me asking what projects do you maintain?

Another critical question here is, are you more afraid of individual hacker attacks or of gogol asserting world domination?

I myself can live with some security tradeoffs in turn of making a widely accessible gogol alternative

OP here. I love all the discussion that is happening in this thread. It helps a dabbler like me learn more about these issues.

I thought you all might be interested with the solutions I’m working on to make my family’s phones as /e/ as possible without /e/, so to speak.

Initial setup with a new phone: avoid installing as much as possible. change privacy settings, following most of the suggeations here: The New Oil
Lawnchair to remove non-removable access to google assistant and search on home screen.
Shelter. Do not allow apps outside shelter to communicate with apps inside shelter, and vice versa. Proton VPN secure core blocking malware, tracking, and ads running in two instances - once in the main phone and one in shelter. Google Play only signed into in shelter, using aurora outside of shelter. Apps that have a connection with google, or one or two trackers, all under Shelter. Android Auto, google Assistant, Calendar, Chrome, Files by google, Gmail, and Google all disabled. And a few more settings to try to keep clipboard, suggested next word, saved passwords etc private.

This is all taking multiple hours to investigate each app individually and carefully set up on three phones. It’s also tough to not make stupid mistakes that allow snooping because I missed something or signed in when I shouldn’t have. I’ve had to factory reset and start over once.

Anyway, not perfect (obviously), but I feel a little better about my personal threat model, considering that I (unfortunately) need to stay within the google ecosystem.

@anon88181694
@tcecyk
@ntp
@huuhaa
@Nicolas_Sas
@GaelDuval
@anon29344687
@lEOS
@Macrophag

Hello,

I may be wrong but I think that even under shleter, apps with tracker still tracks you in your work profile.
Shelter is usefull against apps like whatsapp which collect contacts info but not against trackers.
You’d better use Advanced Privacy/Tracker Control/DDG app tracking protection and so on.

Hi @hkmike do you log in to a Google A/C at first start wizard?

@Nicolas_Sas The idea is to hopefully limit all tracking to only the work profile in Shelter. There are some apps that are specifically granted permission by default to access personal data from the work file and vice versa! I denied them that permission. I doubt that it works completely, but turning off most of the water faucets should cause the house to flood much more slowly, as it were.

I had to choose between Tracker Control and a VPN that blocks trackers. I chose the latter.

@aibd No. And it seems to have worked. Shelter apps know about the google Play store, but apps in the main profile do not, and the main profile claims that there is no account associated with the device.

I am hoping that each device is functionally two completely separate devices. At least access is limited as much as possible.

I installed Hong Kong’s Stay Home Safe app, and verified that it could at least open (before deleting it again). Since not being able to do that was what sparked my exodus from /e/ in the first place. So, best case, my settings are providing the level of convenience required to live and function in Hong Kong. Worst case, I could factory reset a phone and put whatever apps they wanted me to on it.

This seems to be working.

My son’s phone is the most unsecure of the three, mostly because of lots of games. He’s good with just about anything fun, with a couple exceptions that he had to have. Since the phone will last three more years of security updates, I wanted him to understand the reasons behind the app choices I made, so he can make informed choices when he’s the one making the decisions on what apps to use. Here’s the documentation of the rules (and exceptions) I held myself to to keep tracking to a minimum, enjoy:

Trackers
Apps with many trackers, or that have the “run at startup” or “modify or delete the contents of your shared storage” permission, must not be installed at all.
Exception #1 Whatsapp (under Shelter)

Apps with any “ad” trackers, such as Google AdMob, Unity3D Ads, or Facebook Ads, must not be installed at all.
Exception #1 Google Play Store (not signed in under main account. Only signed in under Shelter)

Apps with any trackers must be installed under Shelter, and frozen when not in use.
Exception #1 μ?acra is a “good” tracker used by Newpipe.
Exception #2 Proton VPN (and Among Us) seem to use 2?Sentry.
Exception #3 Android apps Calculator, Messages, Phone, and Photos all use Google Firebase Analytics.

Apps that try to connect to Google Play must be installed under Shelter and frozen when not in use, including apps that require Billing service permission.

List of trackers used by apps under Shelter on Nokia XR20-DS:
Google Analytics (used by Whatsapp, Roblox)
Google Crashlytics (eClass)
Google Firebase Analytics (Google Play Store, eClass, Minecraft, Roblox)
Google Play Install Referrer (Minecraft, Roblox)
AppsFlyer (Minecraft, Roblox)
Braze - formerly called Appboy (Minecraft)
Microsoft Visual Studio (Pathos) note: blocked from within app.

Apps under Shelter by number of trackers:
Minecraft (4)
Roblox (4)
eClass Student (2)
Google Play Store (2)
WhatsApp (1)
Pathos (1 - blocked)

This sounds quite reasonable
Does it mean that on main phone part is working F-droid on stock rom and only Shelter has Google store?

Almost right. Main phone part is working on Aurora Store on stock rom (mostly. There’s a smattering of F-droid, one apkpure, and a couple direct downloaded from the official website for the app) and only Shelter has Google store

Interesting solution for dividing the phone. I’ve never wanted to share it like that I think that I was scared to use Google in Shelter when at the same time I had F-droid on the same phone