Why I stop recommending /e && why you might wanna know

You are correct. It seem it is disabled by default.
However I do also agree that it would be much better by the Murena team to communicate new features or upcoming features much CLEARER.
Also I think it MurenaMDM should be not included in community builds and the mdm prebuild apk should not be included by default-its an easy remove of entry in the the common.mk file:

@Manoj: please consider this

Also it would be good if the prebuilt apks would have at least a brief description to inform what package it is and to generally this will build more trust in the whole ecossystem

the presence of the (or any) mdm app itself is fine, though murena should make that repo public instead of prebuilt only - the issue is its setting as device-admin when the user didn’t explicitly ask for it - I guess a build error on S7 devices. I do think there is no enrollment yet to an org.

I’d either wait until a system image is shipped that removes device-admin, a mdm package version that has android:testOnly added so the user can disable it - or downgrade or use anything else.

As for missing explanations - the official one (if you’re enrolled to an org the org can wipe - that is what noone will like, but I think even when assigned, without enrollment - no enactment). The /e/ mdm package itself is headwind mdm derived (had a hunch, but really it’s the only foss android mdm around).

I partially agree and would add security to the list, but my impression is that the idea is to first get into public funding, similar to other public code initiatives such as Zendis in Germany and similar efforts by the French Government. The remaining issues could then be solved with the additional resources, including support.

A 70% finished product that proves that the idea is viable would be enough for that route.

As for hardware, they could probably work with Fairphone to ship pre-flashed versions of their current generation devices.

MDM is a standalone apk which is not enabled by default on /e/OS. It does not work unless users register to its services which is not possible at present. Have asked the developers to remove it from builds if possible unless it is functional.

Update: There was an indication from the team that the MDM app would be removed from the next build which would be v3.1 . Will follow up with the team on this.

What version e/os was that delivered with?

Mine is OFF too, maybe it’s only for special groups to make it friendly? Either way I am not using a stock ROM phone because of it… I will stick with eOS

A worrying development which might make me leave. The EU seem to have some pretty nasty things in the pipeline and this could be a facilitator.

Instead of pulling statements out of thin air:

Some have the understanding of how deep in the system MDM sits and operates!

And a very simple point to understand and just one of many features from Headwinds web site :
“The mobile agent is started remotely and automatically starts the support session without any user interaction from the device side.”

Murena has quietly included such a powerful app not just in a test build, but in the STABLE OTA updated versions!

So for now, the Galaxy S7 users received OTA updates, had no way of knowing what they’re getting and have major issues no average user can easily deal with.

Murena made such a decision and I reached mine, whether I recommend average users to go and buy/use phones with /e as their daily drivers.
People trusted me and my recommendations, but the way the Murena MDM came down the STABLE BRANCH, made me loose my trust in /e being a good recommendation.

You’re not the only one that doubts Murena: Have a look at

> this tweet

from today.

Since last autumn I’m very unhappy about the way Murena is going…

Guys, this is nothing new and the relationship between Gaël/Murena and Graphene is difficult.
I do also agree that Murena needs to work on its communcation and a lot of more topics, but such personal attacks like from the Graphene Team is totally unacceptable. It might be a more secure AOSP system, even one of the most secure ones BUT building a ROM from their sources is a nightmare. The impression is that they are doing everything to prevent others to build custom ROMs with the sources and this is not in line with the idea of open source.
I know what I’m taking about since Nullvalue did a GSI and I tried to help him a bit. Honestly he did the work and I supported him as much as I could.

https://xdaforums.com/t/gsi-android15-grapheneos-unofficial-prototype.4723181/

So please calm down everyone and lets better talk together reasonable how we can improve AOSP based ROMs to be an alternative to the current monopoles

mdm is dual-use technology - but ignoring the S7 fumble - the apk sitting there is akin to having microg included but deactivated. Can’t hurt you. I welcome sending mom a qrcode to set things up, great.

that would be awesome!

So, this is just my opinion: Graphene and /e/ are for almost two different use cases.

Graphene is for “Supermax privacy” - a Graphene phone, out of the box, doesn’t support most of the Google Play APIs, in any form at all, and I don’t believe it’s possible to add them. The device can run a handful of included apps, there’s no bundled app installation service, and…that’s about it. There really isn’t a much more secure way to run a phone, but it’s also extremely limited.

The stock ROMs, as we know, are filled with all the Google-y spyware that phones everything home to the mothership, even if you didn’t ask. There’s no simpler way to run an Android phone, and any app one would ever want to run, with no hiccups, but it costs pretty much anything that vaguely resembles privacy.

/e/OS is a middle ground between these extremes. /e/OS avoids the worst elements of the stock Google data exfiltration, while also providing much more mainstream functionality for those that want to run 90% of Android apps. If keeping in touch with contacts via Whatsapp is important (and in some parts of the world, Whatsapp is more prevalent than regular phone service), /e/ will do it; I don’t believe Graphene will.

So, personally, I don’t see the Graphene statements as meaningful, because they’re two different use cases. Graphene does probably win on raw control and security, but I would assume that most of the /e/ crowd would give up some limited amount of security in exchange for the greatly enhanced functionality. Shifting the goalposts slightly, Graphene can throw stones about /e/Cloud if they want, be it the outage or the fact that the self-hosted iteration is several Nextcloud versions out of date, but Graphene doesn’t offer the option at all, in any capacity, even for those who want it.

So, both projects have their niche, they have their adherents, and they have their areas of compromise (yes, the complete lack of a self-hosted cloud backup option is a compromise). If Graphene wants to sling mud In the Twitterverse (X/BlueSky/Threads, collectively), that’s unfortunately what the Twitterverse has become, so the fact that such an exchange took place (without citations, might I add), is unfortunately par for the course, as far as I’m concerned.

From what I can tell, it seems that Gael understands that there is room in this world for both projects and their respective philosophies, while Graphene seems much more…principled.

I’m not looking to formally convince anyone of which option is best for their particular use case, but I would submit for consideration that a Twitter feud may not be the best example of evidence to support either side.

Hello!
I’m just a normal user, with no technical or programming knowledge.
I don’t know who’s right. Probably not entirely on either side.
I don’t like any form of violence and I think that arguments on both sides can degenerate into aggression and online bullying.
I’m not writing this message to defend the use of one ROM over the other. I agree that both will have different target groups.
I’ve been using /e/os for almost 5 years. Is it perfect? Certainly not. Sometimes there are errors that annoy users, others that take a long time to correct.
But all in all, I, as a non-techy user, can only feel very grateful that these roms exist. In my case, e/os/.
I think that users like me, even with some information and concerns about privacy and data mining, will have to trust someone at some point. I don’t know in a year or two, but for now I’ve decided to trust Murena.
Thank you DevTeam and @Manoj for maintaining this OS and this community.

So it was worth noticing and asking for a deletion… Anyway, I believe we just need to calm down and look objectively at this case. What we just want right now is having this app deactivated or removed as it doesn’t fit an average user and is definitly not privacy friendly as currently implemented.

Everybody (and even more corporations) can make a communication mistake. Since october, murena team has been under pressure for resolving the outage, answering and treating hundreds of complaints and avoiding the loss of too much money. It’s normal if they acted weirdly or if they didn’t answer some of these tickets.

I just hope the team will lend an ear and disable this app in regular builds. A clearer announcement for the introduction of such functionnalities is, of course, welcomed in the future.

That comment is simply shocking. The claims it makes are not cited so I tend to call bullshit, but if any of it is true, that’s some highly unprofessional conduct on both sides.

In any case I am willing to give up something for the sake of compatibility. There’s always trade-offs. You’re never going to get perfection. You just have to use what fits your needs closest and live with a few warts if necessary. For me the compatibility of /e/os is an important aspect. Also the services they provide with the Murena workspace are a big feature for me.

That said, bad conduct on the part of the people who run the project and poor development decisions are not things I would take lightly.

Why is the source code of this MDM app not available in the gitlab? I don’t have a problem with a new feature coming to /e/OS, I have a problem with a closed-source app being installed without my consent. @Manoj

If this is true, how is it possible that Murena MDM uses 3% / 7% battery on my community-hawao / on my official-GS290? And on community-hawao also 342 KB mobile data and wifi ?

I don’t think murena decided by its own will to activate this app in our phone. As said on the business section of murena’s website and by manoj in several posts, this feature isn’t ready yet : it’s still experimental.
From my point of view, mdm app was added in anticipation of a further deployment, but just started to bug. It was supposed to remain inactive but something went wrong. In my case, the mdm is shown as enabled. In others’ cases, the device is shown as belonging to an organization without mdm being shown as activated and some or just can’t activate parental control.
That’s a good thing this happened. Otherwise, we wouldn’t have known this was implemented, and except a post of @LucasS in an update feedback, no one would have noticed the feature and its noxious potential…

However, there’s something wrong with this app source code being closed and the lack of announcement on murena’s side. I’d really like to have official and clear news coming from them.

Hi everybody,

I read the e-mails about that post I received lately and some other posts about mdm features.
It seems there is a bug with some samsung devices (at least S7) but on my S10e, I don’t think there is any bug since I can see the app and disable/enable it.
I can control it

Screenshot_20250418-234742_Paramètres1080×2280 86.1 KB

Screenshot_20250418-234823_Suggestions de paramètres1080×2280 64.4 KB

Screenshot_20250419-000448_Paramètres1080×2280 91.2 KB

So here I don’t see the problem about privacy since MDM is not enabled and that this feature is B2B oriented. It’s not for B2C.
And we can understand that to expand/grow, Murena targets B2B. It’s just normal for a company. And that can help to have a company like Murena to have a longer life.

So on my side, even if I agree it would be nice to have communication/explanation about what is the idea behind this feature, I won’t stop to recommend /e/ knowing the app is not enable by default and in addition, I can control it.

The questions I would have are :

• Why while it is disabled, the app have not null storage
• Why it send 7 Ko over wifi (but 7 Ko is quite small)

But that’s all
For parental control, can you configure it as soon as you are setting the phone from scratch? If not, why it would be an issue when we talk about MDM?