/e/ is easily, EASILY the worst name for a product I have ever seen. I don't know how to pronounce it, I can't Google it, I can't make a guess what it's domain might be. Just awful in every possible way.
If Google would not ignore special characters, it would be the easiest to find... ie: search for "/e/" ... also, alphabet is easy to find because they give themselves priority [0]....
I think I read somehwere that they chose this name as their "beta" version since it's not easily googleable. As soon as they gain more traction, they will rebrand.
> Eelo was subsequently renamed to /e/ in July 2018 due to a conflict with the "eelloo" trademark, which was owned by human resources company Meurs HRM B.V.
in the AMA he gives notice of things to come regarding the name. Like - the operating system keeping /e/ intermittingly, but choosing an overall easier to communicate project name.
Speaking as someone who has been writing Android banking software for eight-odd years, requiring SafetyNet attestation is a crock of user-hostile shit so long as the same institution allows random desktop Web browsers access to the same APIs. I have a feeling it was invented for anti-cheat in games but it became a line-item in every security director's checklist because Google offers it.
Works with "BOI Mobile", the Bank of Ireland mobile app, which I downloaded from the Aurora store. I get a notification on starting the app indicating that the phone is "rooted" (it isn't) but I'm not prevented from using the app.
I don't use any banking apps, sorry. AFAIK /e/ supports signature spoofing/pretending to have normal Google Play Services available, so some stuff might work.
I'm considering switching from Android to iOS because I don't want to throw away my phone once my 2-4 years of security updates are over.
How do firmware updates factor into your thinking around Android and security? Is there a way off of the "buy a new phone if you want firmware updates" treadmill?
(I don't expect you to have a solution, but I'm curious to hear how you're thinking about this problem.)
I have a de-googled old e-os phone as my daily driver. Very nice choice. My hope is that my next one will be a full linux phone like librem 5 ir pinephone. I'm just waiting for it to get more mature. If I had a bit more money, I'd buy one now just to support the cause.
This is great news. People & small companies are entering a market focused on privacy. Graphene OS is also a great project, I hope more people will follow.
"If you want something with hardened security, use Graphene, if you want something that help you keep your data safe from Google, use /e/. It depends on your needs."
GrapheneOS is already de-Googled, so, it's the better option?
is it de-googled? there is nothing about it in the features list, and the FAQ mentions the option of switching between using gooogle and graphene servers for things like the connectivity check, suggesting that people want to keep using google in order to "blend in".
it is neither clear that these switches cover ALL ways that android has to send data to google, nor that there is any desire to remove all of them.
the old FAQ apparently had this text (found that in a forum discussion):
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
that text has been replaced with:
You can change the connectivity check URLs via the Settings Network & internet Advanced Internet connectivity check setting. At the moment, it can be toggled between the GrapheneOS server and the standard Google servers used by billions of other Android devices. This can be used to blend in with other Android devices, both with and without Play services. Changing this to the Standard (Google) mode will use the same URLs used by AOSP and the stock OS along with the vast majority of other devices
Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google)
Graphene still allows those connections
Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
this suggests that while graphene developers do consider concerns about sending data to google, their goals are orthogonal to those of /e/OS, as Duval claims.
while grapheneOS goals look laudable, i'd like to get a better understanding on how blending in and leaking my contacts to google helps me protect my privacy.
