Request for comment: highly secure /e/ profile

There is good possibilities to come from this idea, but I’d keep it simple. Say 3 or 4 profiles.

  1. bare bones and add what you want.
  2. privacy from corporate / private surveillance (google facebook tracking etc)
  3. more serious anonymity with Tor.

There are plenty of people globally who really don’t have a clue as to the workings of data surveillance. So if you offer them a preset package they’ll likely install it and feel pretty good.

For the really serious security needs there is Copperhead OS. No need to go there.

I think /e/ should stay focused on privacy from data surveillance designed to make us the product rather than offering protection so someone can become the next Edward Snowden. Though…both areas do overlap in some respects.

5 Likes

I agree. Like @hellaconfused says: “There are plenty of people globally who really don’t have a clue as to the workings of data surveillance”; maybe, up to three profiles.

I would like for:

  1. “Normal” profile
  • Browser: Mozilla Firefox
  1. “James Bond” profile
  • Browser: TOR
1 Like

I think privacy and security are very importend.So I like a “James Bond” setting ,I don’t want my data on the street.

I agree that’s not a good idea.

/e/ has to stay a very simple operating system for mum and grand-pa.
Follow another way will just make /e/ one more OS for geeks.

Don’t forget, /e/ is starting and current users are not end users.

In my mind, a power user has already another choice (LineageOS, Copperhead OS, …) for its very specific needs (Firewall and so on), and still he could find his favorite apps in /e/ apps store or any third party store anyhow.


# Manifesto

On my opinion if we want /e/ to spread, it’s now and we have to focus on :

  • one version (simplicity)
  • smart and easy interface (Bliss launcher)
  • core stability (apps will rely on)
  • to remove any request to GAFAMs

nothing more.


# /e/ Out of box

Some users won’t connect to Internet, that’s why we need a set of preinstalled applications, those which works at least offline:

  • Dialer, SMS, Gallery, Contacts, Agenda / Tasks, Clock, Music, File browser, Recorder, …

But for connected apps, none of them should be installed by default :

  • Weather, Maps, Internet Browser, Mail, and so on

# Installation process

While setup process, we could provide a guideline for each online ‘basic’ need :

  • Mail : K-9, Protonmail, …, nothing/i’ll see later
  • Browser : Firefox, Chromium, …, nothing/i’ll see later
  • Maps : Sygic, Magic Earth, OpenStreetmap, …, nothing/i’ll see later
6 Likes

/e/'s purpose isn’t to let expert have privacy but bring privacy to all people. A complete functionnal phone with a lot of free and open-source applications pre-installed is better. It’s easy to delete useless application, but more difficult to find or discover new one, especially when you know nothing about open-source and privacy.

I think that doing an “expert mode”, a “normal mode” and a “noob mode” is actually a defeat. Everyone should have the “expert/James Bond” mode, and /e/ has to make that mode easy to understand and use for everyone. Of course, a “Privacy Level” section should be added in the settings, in order to let people with less concern about privacy automaticaly activate the SIM card for exemple. But it’s a bad idea to make different pre-installed settings. All pre installed settings should be strict for privacy, with a question mark next to each settings in order to inform people of the purpose of that setting, and let them learn more about it. You can’t just say : “Okey, you know nothing so take the normal mode, don’t touch the settings and stay idiot using a phone with settings you don’t understand”. Human doesn’t like what he doesn’t understand anyway.

So, first of all, a detailed and cleared explanation of why privacy is important is needed in order to move forward and make people want to use /e/. For instance, how google and others track you in your web browser, how they track you in your phone (with unique identifiers, etc), what big company know about you, how many trackers can be hidden in an application, what your ISP can see, etc. Like all demoniac political movement, the secret is to scare people.

Then, the “James Bond” mode should include an ad/tracker blocker (like blokada) AND the ability to configure a VPN. For now, you can’t use a VPN and an ad/tracker blocker at the same time (without rooting your device or using a big raspberry pi ad-blocker or VPN router), so you have to choose between trackers or ISP breach.

That version should also come with :

  • Signal,
  • OsmAnd (normally, no trackers with the premium version available freely here),
  • NewPipe,
  • an RSS agregator (mainly because the NewPipe’s feed doesn’t work so in order to know if a video is out, an RSS app is needed. And people will probably be happy to learn that they can easily be informed of the latest article about they favorite topics),
  • Tor Browser (with a big explanation of how it works, why the pages are ugly and not functionnal with strict setting etc),
  • Mozilla,
  • ProtonMail (even if they don’t have a ProtonMail account, they will know that it’s easy to create one and replace Gmail),
  • K-9,
  • VLC,
  • Yalp Store (in addition to the /e/ store, because if people aren’t able to download their bank apps (wich isn’t open-source) or something else easily, they won’t use /e/),
  • Scrambled Exif.

Like I said, having a lot of preinstalled apps isn’t a problem because it can easily be deleted. So let people have all the keys of their private lives. That’s what shoud /e/ do.

6 Likes

"Don’t forget** , /e/ is starting and current users are not end users .

In my mind, a power user has already another choice (LineageOS, Copperhead OS, …) for its very specific needs (Firewall and so on), and still he could find his favorite apps in /e/ apps store or any third party store anyhow."

Relax :wink: We will add user profiles exactly for this purpose. The “entry level” will offer the same set of apps we have now. But advanced users will benefit from extra choices.

Maybe we could have 3 levels:

  • default (like now)
  • secure profile with specific set of apps and settings for increase security/privacy
  • virgin profile: as few default apps as possible
11 Likes

Understood, i just meant, i’m scared that our developping forces are dissolved on “profiles stability” instead of “core stability”. Apps developpers need strong foundations :relaxed:

To start, if we get a “virgin profile” image, then that’s a excellent basis and coming profiles will be much more reliable :slight_smile:

Also, why not to offer (instead of profiles) “packages groups” on /e/ app store.
On setup process, you will choose your package group (nothing, basics, child, gamer, developper, privacy paranoiac, …) :thinking: :sunglasses:

2 Likes

TBH, I like the idea of picking my own apps upon startup (after creating an /e/ profile) so that way it’s all ready to go. I know the app repository will allow me to locate more apps but it’s good to at least set defaults (e-mail, browser, dialer, messaging, etc).

1 Like

Another default browser, something like Firefox Klar or IceCat mobile. When it really has to be webkit, another search engine: SearX calls Google when you tap on “Images”.
But I agree with the people who want to focus on an easy to use phone “for mom and dad”.
We’ll play ‘double o seven’ by ourselves :sunglasses:

1 Like

+1 for remaining mum & dad focused. If we get the ability to remove system apps then we of the technical persuasion are able to customise to meet our own James Bond requirements.

1 Like

Having seen that this thread is perhaps one of the logest on the forum, this is obviously a subject that everyone wants to have his say about :wink: So not to be left out, I’ll add my 2 cents worth. While I can understand that most of the early users of /e/ here were attracted to it by @GaelDuval ‘s excellent presentation of the intentions of a de-googled OS, as I was, we should admit as others have pointed out that we are all aware of the problems created by a quasi-monopolistic control of net-users’ data and this is why we came here. However, I think that for a large part of the population the awareness of the risks concerning unauthorised or even illegal use of their data has only recently started as a result of political events that we all know and particularly here in Europe the feeling that we as citizens should be able to resist this and in some way help to “break the data slavery” mentioned on the e.foundation site is slowly beginning to spread to a wider public. As one of the baby-boomer generation I can see amongst my friends and acquaintances - for the most part retired or near retirement - a certain uneasiness, if not anxiety, that the new technologies they have only in later life started to use could be a danger not just for themselves but for their children and coming generations. So they are quite open to the idea of having more control over who knows what about them and feel less constrained by the fact that everyone else uses smartphones made by Apple, Samsung or whoever. If retired, they are also free of any work or employer’s obligation to use only certain systems or apps. Having given my partner a mobile that I recently installed /e/ on it has been interesting for me to see how she, a hesitant user of new technologies, adjusts to using the phone. For the moment, apart from the phone and sms app, the only other apps she uses are Telegram for messaging and calls, the Gallery app for photos she takes or receives and occasional use of the Browser. Having used previously a basic smartphone with the now defunct Firefox OS, she has had little difficulty in mastering the current interface of /e/ and when the new repository of apps becomes available, I doubt that she will download anything more than a few practical tools for travel information, yellow pages, connecting to doctors or health centre services, possibly a banking app, but not much more. That’s why I agree with @Superman that “current users are not end users” because the complication of choosing whether to install a more high-security profile or even using pre-installed apps like a Tor browser would probably make a “mum or grandpa” user more anxious and reluctant to try something they know little or nothing about. While I wouldn’t say it’s exactly a case of being unable to teach an old dog new tricks, as the saying goes, I do think “old dogs” need more time and simpler steps to acquire the “new tricks” of mastering their data usage. But the idea of using an /e/ equipped phone certainly makes them feel more reassured and perhaps even proud of the fact they’re doing their little bit to halt the spread of the GAFA tentacles. Have a high-security profile choice if you want or even a “bare-bones” core system for those who want to configure their own layer of apps, but by all means keep the present lay-out as screen-loads of apps or menu lists to install as long as your arm will never have wide-spread appeal, especially among the users I have evoked.

1 Like

@Grendel I agree on the fact that “Mum and Dad and Grandpa and Grandma” need to have an easy OS, and be able to use it. According to my understanding of your post, you think that an easy OS is a minimal one, with basic functions and applications on it.

I disagree because I don’t see why those people coudn’t have unknown pre-installed applications with some explanations about it. They would learn that to replace youtube (if they used it of course) there is NewPipe already installed ; to send SMS securely there is Signal already installed ; etc. If /e/ doesn’t put everything in the hands of beginners, they will never or too late discover those apps because they will never spend hours on the internet searching new ways to prevent data leaking like expert users would do (in my case anyway :yum:).

Furthermore, I don’t see why an ads/trackers blocker couldn’t be by default for all users for instance. That would delete all ads without user action, wich would be nice for beginners.

As I said above, a detail explanation of every settings and apps is needed in order to inform beginners and spread the speech of the protection of private life. Videos would be perfect because it’s much more intuitive and pleasant to see. Really, let’s not underestimate beginners by keeping them uncultivated about privacy and new apps.

People that really really know nothing about technologie won’t install /e/ by themselves and somebody will guide them anyway. Only those concerned about their privacy will, and those people want to learn as much as they can about privacy protection so I really think all I said before would be better.

(I respond to you but I could have respond to other posts :slightly_smiling_face:)
Open mind, just explain me why I’m wrong if I am :wink:

3 Likes

I agree on this above. I also would like to have the add blocker. I have it on my rooted /e/ phone. I replaced the /etc/hosts file with a file extracted from pi-hole, with over 100K lines in it. The add-blocker works with VPN enabled.

Hi @Anonyme in reply to your suggestion that /e/ should “put everything in the hands of beginners” I just took the position of older people who are the social group I most commonly meet and who I help when I can. They are open to the idea of using a system like /e/ as I said, but if you bombard them with too much information concerning surveillance and data gathering on the net and the plethora of tools/apps needed to counter it, they are often tempted to say it’s too much for them to take in and sometimes just shrug their shoulders and say it’s the drawback of progress and then leave it for others to sort out.

I agree that putting Signal in as a default app is a good idea as it’s easy to use and if their friends install it, so much the better - as my children and various friends have done when I explain it’s better than WhatsApp. Pre-configuring a safe browser to avoid trackers is also a good idea so long as the user has little more to do. An ad-blocker I also agree with, but it has to work with just a simple message to ask the user if he/she wants it or not. There are already more than twenty icons on the default screen of /e/ so I would be careful of putting many more, unless the user has a specific need. Youtube is a case in point. A message in the repository to advise replacing it with NewPipe would be sufficient in my opinion. You can’t expect ordinary users to be frequently seeking advice from those who know more as it may become burdensome and put people off. That is my experience when helping others at least.

3 Likes

@Grendel Hmm yes, so let’s split the difference/coupons la poire en deux :

After reflexion, two modes would be nice : a Normal mode and a Simplify mode (but absolutly not an Expert mode).
Actually I’m afraid that with an expert/normal/basic mode, “normal” people will choose normal mode because they think (wrongly) they aren’t good enough to choose the expert mode and I’m afraid they would miss some things, some alternative apps and so miss some privacy protections. Like I said, I want /e/ to “force” people discover new horizons, new apps, new knowledges.

With a Normal and Simplify modes only, expert and normal people would choose the Normal modes, with strict settings, some informations about settings and a lot of apps pre-installed (easily removeable of course), and the people with real difficulties with technology would choose the Simplify mode, with basics apps not to afraid them and no complicated explanations.

In conclusion, the James Bond mode should be the Normal mode in order not to let experts have a mode with all tools for themselves, but rather bring normal people at the upper level, without loosing “older people” with the Simplify mode :slight_smile:

I hope I made myself clear :yum:

2 Likes

Yes gr8 idea!!! :laughing: I love this!
It is so good to automatically show the most private alternative!!

@GaelDuval Like many who have repliedi don’t see the real benefit of having “expert” mode - is it because some potential partners, eg handset vendors, have said they think it’s needed?

Yes, Signal. For sure.
Also, definitely need an explination of why privacy is so important!!

What adblocker are you using?

It’s not an add-blocker. I use the hosts file: https://en.wikipedia.org/wiki/Hosts_(file) to provide add-services the wrong IP number. So i have converted the gravety list from pi-hole https://pi-hole.net/ . Here are a couple of lines from the hosts file:

#gravity list pihole to hosts
0.0.0.0 1493361689.rsc.cdn77.org
0.0.0.0 30-day-change.com
0.0.0.0 2468.go2cloud.org
0.0.0.0 adservice.google.nl
0.0.0.0 analytics.ff.avast.com
0.0.0.0 adsmws.cloudapp.net
0.0.0.0 androidads23.adcolony.com
0.0.0.0 analytics.publitas.com

The hosts file is queried first before any other DNS service, that’s why it also works with VPN enabled.
Any add-sevice will get the wrong IP address (0.0.0.0)(if exists the hosts file of course) and does not display. Only “issue” is you need root access to replace the hosts file.