Hacker News new | ask | show | jobs
by smeggysmeg 39 days ago
I moved to a Fairphone 6 with /e/OS a few weeks ago. I can do everything I need to, everything I want to, and with more control over my digital footprint and what data is being collected about me. I've completely moved off Google services.

The OS experience is pretty impressive for not being made by an evil megacorp. The hardware is fairly midrange, but midrange today is last year's top end, and unless you're some expert photographer or needing phone VR or whatever, it's a great, normal smartphone experience.

I'm donating to the open source devs who make my apps, and they respond when I ask for useful features instead of always enshittifying it. For the corpo apps, it pulls from Google Play.
1 comments
han1 38 days ago
/e/ OS lied about the security and how "degoogled" the phone really is because it sends data to Google for MicroG
link
smeggysmeg 38 days ago
Only to the extent you use Micro-G, and Micro-G mitigates a large portion of the Google data harvesting. The built in App Lounge does not require a Google login to pull downloads from the Play Store, so it's possible to remain entirely anonymous to Google.
link
microtonal 37 days ago
It's not, it starts sending all kinds of information to Google from the very first time you unlock the phone: https://www.kuketz-blog.de/e-datenschutzfreundlich-bedeutet-...

They also run proprietary Google blobs in a privileged process to pass basic Play Integrity and give certain Google apps higher privileges than the normal Android sandbox.

Aside from Google, Fairphone 6 (both the stock OS and /e/OS) ship with proprietary, Chinese TCL blobs for image processing (most likely also privileged).

Besides that, /e/OS often uses way outdated Linux kernel versions and firmware bundles with many known CVEs and old major Android versions, having many unfixed vulnerabilities that are not marked high/critical (ASBs only give you high/critical fixes).

Fairphone does not have a secure enclave, only TrustZone. So, secrets can be extracted using frequently-found side-channel accounts. The lack of a secure enclave + the many available CVEs, it will probably fail within seconds when using data extraction tools like Cellebrite, even when the phone is locked. So better not bring your phone to demonstrations or border crossings.

But hey, it doesn't matter, because Murena's CEO says security hardening is only for spies and pedophiles.

(Friends don't recommend friends Fairphone or /e/OS.)

link