/e/OS is a complete, fully “deGoogled” mobile ecosystem
https://e.foundation/e-os/Look at the AdBlocker crackdown of Google Chrome. Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it, because it is impossible to maintain features that complex on a browser that Google spends >$1B/year to develop.
Same story for /e/ and GrapheneOS, the day Google pulls the plug on source code releases, god knows how long they will last. We should focus our efforts on truly open platforms.
There are zero OSes that are 1/ open source 2/ appropriate for phones 3/ with good hardware support. There's absolutely nothing. Running Ubuntu Touch isn't a viable option. Neither is postmarket, librem, tizen, they're all terrible. Security wise, for something as critically important in our lives as a smartphone, I am also not trusting any new pet project that won't be stable for 10 years.
Sure, you might be a poweruser that doesn't care about your phone burning its battery in your pocket after 1 hour because you know how to SSH on it from your watch and put it in sleep, but that's not a viable option. Leaving Android is suicide. A large part of its critical underpinnings are already into the kernel anyways, just disabled. (although a distro running binder could be a fun project). APIs are reverse engineerable generally speaking, except for the server part of play services. But then, if your issue is "my bank won't let me access their app without play services attesting me", I have great news, you won't even have an app for it on your new OS anyways, so it will not work by default. There's already not enough people working on GrapheneOS _or_ on mainstream linux OSes, what makes you think the sitation won't be ten times worse for your custom made mobile OS ?
>We should focus our efforts on truly open platforms.
Android is one, and that can never be taken away. Google pulls the plug ? cool, you're stuck on Android 17, which is centuries of work ahead of literally anything else in the open source community. Hell, for all the shit that Google is doing, they're still constrained by having to work with other vendors: the system privileged notification receiver is swappable at build time, the recent app signing/verification system also is, because Samsung wouldn't let them control it all.
About hard-forking Android, no one was brave enough (pun intended) to do that for Chrome, considering the insane complexity and engineering costs (>$1B/y). (Only Apple was able to affort it with Webkit/Safari, but they are in the ad business too.)
We need tablet computers that don't have hostile hardware like cameras and mics and sensor suites that can be remotely controlled, under proprietary firmware, completely out of owner control.
We need radio hardware and software that is entirely under owner control, with protocols and standards based connection controls; the notion that spectrum and cellular make network connectivity magically necessary to put under the draconian gatekeeping and surveillance of cellular carriers is flaming dumpster garbage.
The carriers are a primary threat vector. The hardware is a primary threat vector. The software is a primary threat vector.
There is absolutely no way to fix the current cellular phone security status quo, every single facet is designed to be leaky and allow "good guys" backdoored access "for the right reasons" and so on, whether it's "user experience telemetry" or "we have a warrant".
Running bog standard linux with sensible security defaults and a good softphone over an internet connection would be fine. There's nothing magical about phones or UX or wtfever this month's marketing rationalization is.
Handheld tablet computers with optional hardware, or even modular hardware, are going to be the future. The current paradigm of parasitic cellular carriers, invasive governmental regulatory bodies working on behalf of all sorts of corrupt interests, and complicit hardware manufacturers are 100% all in on milking consumers for every last unearned penny or intercepted PII they can get their grubby hands on.
Sailfish?
It's far ahead, but at the same time, I think we shouldn't over-emphasise how much. Functionality at the beginning of a project's lifetime is way more important than incremental improvements (or just changes) made later, and thus while much more effort has been invested into Android, new projects primarily need to catch up when it comes to e.g. phone call support and stability, and won't have to redo a lot of the effort of e.g. implementing Material You 3 or whatever.
Which is to say that we're still years out from a viable competitor, but at the same time, there could be one five years from now, which is also not that long.
This is the sad part. I've resisted that slippery slope as much as possible. In part because of ideological reasons, and in part for usability reasons. I have large hands and poor eyesight - using a phone for non-trivial tasks is tedious. I think the only thing I encounter from time to time that requires a smartphone is paying for parking. Everything else I do from a desktop, or don't do at all (doom-scrolling etc.)
I wish society would resist the smartphonification of everything for no reason. A lot of it is marketing- and surveillance-driven.
Not sustainable as opposed to what, exactly? Developing and maintaining a completely different mobile operating system? Focusing on truly open platforms sound nice in theory, but completely falls apart the moment you consider what people want to do with their phones compared to the developing resources available.
> Every single chrome-fork has shut down MV2 extensions, even Brave is about to do it
That's just wrong, there are other forks that still support MV2 extensions right now, and at least brave has no plans of shutting down MV2 extensions even after Google removes MV2 from upstream completely. It will certainly add maintance effort on brave's side, but they already patch a million other things that upstream doesn't support.
Brave said they'll try to maintain temporarily limited MV2 support for only 4 specific extensions, but recommend Brave Shields as the go-to adblocker for the future. Google is about to remove most of the MV2 code from the codebase, which will explode the complexity soon.
The cost of writing code has fallen 100x in the past 3 years, and will likely fall 100x further. So actually, yes, thanks to AI it probably actually is reasonable to launch a fully new stack from scratch.
Multiple open source desktop/laptop operating systems are maintained.
A lot of people don't think this way because they haven't had any problems. But then one day it happens to you and you realize, ok, this is the one thing that matters - you're in a cashless store and the only way you can pay for your meal is to use Approved Apple or Approved Google operating systems.
Where I live, the app my electricity utility provides for viewing and paying my account DISABLES ITSELF FOREVER if you so much as enable USB debugging on your phone (even after you've disabled it again).
To their credit Graphene maintains a global database of which of these apps work and don't. They're the only ones I know of so a thousand upvotes to Graphene OS.
But for my banks, the records in that database are grim. They won't run on Graphene, and they don't respond to reports about it.
One of my banks just discontinued its web UI because "people don't use it anymore, they use the app only."
This is how they're going to get us, folks. This is how we're going to lose it all. Writing code alone will not solve this. It will require some kind of collective action to defend our liberties. Some parts of the world are already lost. So this situation will likely come to a jurisdiction near you eventually: to make a transaction you will need permission from Google, Apple, Visa, Mastercard, or it won't happen. Then that four company list will start to shrink.
These are self-inflicted problems by these apps. Nothing to do with the OS. These apps simply don't work. Complain to the companies that push these broken apps to you.
Would you buy a microwave oven that kills itself if you play the wrong kind of music in your kitchen?
I would say we need both a sustainable free mobile OS in the long term, and a "less worse Android" today in the meantime.
Initiatives like FairPhone paying someone to upstream device support in the mainline kernel / postmarketOS are interesting for both approaches at the same time (but extra effort would be needed, the FairPhone 5 almost working under postmarketOS [1] is kinda irritating, I hope it reaches full support before Lineage OS stops being updated for this device).
Ignoring hardware support, Linux mobile OSes are quite usable now.
Hardware support is the next step, and only then we can imagine the proprietary apps we are forced to use to work there (though Waydroid provides some answer to this as well).
Another way of helping the cause would be, I suppose, lobbying for laws that forbid the dependency on an stock Google or Apple mobile OS. Or, maybe we can dream a bit, mandatory open source releases for those apps and standard APIs.
[1] https://wiki.postmarketos.org/wiki/Fairphone_5_(fairphone-fp...
Let's see...
https://www.techpolicy.press/the-true-cost-of-browser-innova...
* Most of the personnel involved in developing web technologies are engineers, but they also include product managers, sales, marketing, legal, customer support, and other functions.
* Given the complexity of Chrome and web technologies, the engineering teams skew towards higher levels of seniority. Assume that Staff Software Engineer is the most common engineering level represented across the web technologies teams, which is towards the more senior end of Google’s software engineering job ladder.
* The average base salary for Google employees working on web technologies is $240k and the average annual take-home pay is $500k, including salary, bonuses, and stock payments. These estimates are close to the current average base salary and take-home pay for Google Staff Software Engineers listed on industry salary data sites.
* Google has approximately 2000 staff working on web technologies.
Using the above assumptions, the estimated personnel cost for web technologies is 2000 * $596k = $1.2B. Of course there are additional costs associated with these businesses. Based on this sketch, it seems fair to assume that Google spends at least $1-2B annually on Chrome, Chromium, and the evolution of the web platform.
I appreciate the vibes where this is coming from, but does it really? I think that assumes that everyone that works on this would work on a true open source OS otherwise, and that if they did, that would result in us breaking free from Android where we otherwise wouldn't. I'm not confident about either of those assumptions.
Meanwhile I'll keep complaining to orgs that don't allow me to work through their website, and tell them that their app won't work on my phone.
It's like bailing out water from the Titanic. We should prepare the lifeboats instead.
The thing is that those people aren't "resources" that you can just "reallocate". And even if they were, two extra buckets weren't going to save the Titanic.
Sent from my Librem 5.
I’m being gently snarky, of course, but the goal shouldn’t be an MVP that nerds who are deeply into privacy or FOSS or hate Google can tolerate - it should be something that disinterested normies could seamlessly and happily use.
Username checks out (I kid, I'm also a fan of their work).
Also, if you're using PureOS, what's that like? Have they updated to a debian 13 base yet? Pretty much the only thing stopping me from at least trying it out is the super old version of GNOME
Increasingly thinking of relegating my iPhone to 2FA and maybe banking only.
Source?
Unfortunately even the fully open source Firefox isn't immune to the pressure from the advertising industry, with all their Google funding and their purchase of anonym.
To what?
8 of the 10 top smartphone manufacturers are Chinese, there's no going back from that.
De-Googled Android was/is a truly open platform. Same result. You're pointing out maintenance issues.
How many developers do we have to maintain this or any other platform without pay? That problem applies to a de-Googled fork of Android, or a complete bottom up build of a new platform.
The benefit of using an Android fork is the labor savings on what's already built.
Maintenance is not going away just because we build a new OS.
Why anyone ever gave that browser a second of trust is beyond be. The damn thing was built on hijacking ad revenue into some imaginary IOU crypto thing, and built by a creep.
Basically what you’re implying is that all the people working on Android derivatives like Lineage, Graphene, and /e/ coming together and working instead on a fully open source OS like a Linux mobile distribution would result in better outcomes and actually get us closer to a daily driveable open source environment phone operating system.
That’s analogous to saying that an automotive tuning shop that puts turbochargers and body kits on Toyota Corollas shouldn’t waste their time, and they should instead design and mass produce their own sports car.
The level of effort difference between AOSP derivatives and a fully open source OS is massive.
https://e.foundation/installer/
I get a pop-up telling me that my browser is not compatible, and I should use Edge, Opera or Chrome. See [1]
But on mobile, my bank and my government force me to use the Android/iOS duopoly.
>it is impossible to maintain features that complex on a browser
While Chromium is complex, it is modularized which does make it possible for teams to maintain features.
But currently AOSP is very much open. That's also what the GrapheneOS devs say and why they want to continue using Android. Until it becomes clear that they will completely stop releasing the source code under a free software license i dont see why one should not use Android.
But the source isn't the point, it's the governance. Just like Chrome, having the source is not enough to guarantee an open platform. Sure you can disable telemetry flags. But you cannot afford to maintain an important feature Google wants to remove, like MV2.
https://arstechnica.com/gadgets/2025/03/google-makes-android... https://www.androidauthority.com/android-16-qpr1-source-code...
Do you have details of specific realistic attacks that were possible under MV2 and now impossible under MV3?
Browsing:
https://e.foundation/installer/
Reply:
But we have to keep in mind that /e/ has a lot of problems, the only one solved is sending data to Google. The security aspect of the OS is problematic and some key elements of a privacy seem questioning (AI integration, commercial collaborations, ...).
Fix: IA => AI typo and various English errors.
My only regret is that the simplified installation tool didn't work (my FP4 kept restarting), so I had to install it manually, which makes it inaccessible to users who are even less tech-savvy than me.
Finally, I still think it's an excellent alternative to Android, but we need to go further and allow our smartphones to work with other operating systems, particularly Linux. I am hopeful that one day we will have a Linux OS for our smartphones that performs as well as /e/OS (I have heard about Jolla smartphones and Sailfish OS, but unfortunately I have not tested them).
Answer: you cannot.
Any time you log into a Google account just to use the Play Store, Android will instantly starts syncing all your contacts and you can't prevent that. You can't even toggle airplane mode as a network connection is required to login. And you cannot configure Android not to sync all contacts data with new Google accounts by default.
I bet Google has syphoned the details of every single person on Earth (without their consent) and I have to trust them not to use that?
F** em
Very poor first impression.
There has to be some fresh-out-of-college graphic designer in Berlin ready to make their name by designing a custom icon library for a project like this, ask around.
This is what that auditing actually reveals:
* /e/OS sends user speech data to OpenAI without consent [1], and thought this was ok until they got caught [2].
* /e/OS massively delays security patches, and calls this a "standard industry practice" [3]. Meanwhile, GrapheneOS' opt-in security preview releases provide early access to security updates prior to official disclosure [4]. Also see [0] (Security update speed) and [7] (WebView being 40 security updates behind).
* microG downloads and executes proprietary Google binaries in a privileged environment [5] [6]. You can obviously not audit these, nor should this count as "degoogled".
* microG still phones home to Google by default (android.clients.google.com for device registration check-in, mtalk.google.com for FCM push, firebaseinstallations.googleapis.com for SIM activations) [7].
[0] has a comparison of popular privacy and security-focused Android-based OS, which paints the whole picture. Privacy-friendly does not necessarily mean secure, but in this case "privacy-friendly" is quite a stretch already.
[0] https://eylenburg.github.io/android_comparison.htm
[1] https://grapheneos.social/@GrapheneOS/114880528716479708
[2] https://community.e.foundation/t/clarification-about-voice-t...
[3] https://community.e.foundation/t/e-os-and-security-updates/7...
[4] https://discuss.grapheneos.org/d/27068-grapheneos-security-p...
[5] https://github.com/microg/GmsCore/blob/e19a9985204ec8329c1d9...
[6] https://github.com/microg/GmsCore/blob/e19a9985204ec8329c1d9...
[7] https://www.kuketz-blog.de/e-datenschutzfreundlich-bedeutet-...
https://gitlab.e.foundation/e/os/GmsCore/-/blob/a9e102567518...
>Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem, allowing to store, back up and retrieve your data safely on remote servers.
This sounds like their version is somewhat married to Murena. While probably better than Google, still not independent.
They're also advertising features such as "hiding your IP address [...] when you feel like it" – which sounds a lot like a VPN – without mentioning much about who the traffic is going through or how they might log it.
I get the appeal of degoogling, but this seems to just be replacing that with alternatives run by another commercial company, just one I've never heard of before.
Why does it even need "One account for your privacy" ... "Operated by Murena, your Murena Workspace account @murena.io is at the centre of the ecosystem" when it'd be even better to have everything on-device without an account at all.
Even more, Murena seems to be owned by Qwant who seem to be in the business of selling a search engine, and while they currently claim to be all about user privacy, this is basically exactly how Google started nearly 30 years ago.
I wonder if they'd be happy if, for instance, somebody took this system and debundled Murena and switched it to using duckduckgo. Would they embrace that too, or sue them into oblivion?
EDIT: maybe I was too hasty. I've just seen that it's open source and it seems like you can self-host the required cloud parts: https://gitlab.e.foundation/e/infra/ecloud-selfhosting
This seems like the worst of both worlds.
But then again, maybe that's the point :)
fuck me i'm doing work even though i should be working right now
> Operated by Murena, your Murena Workspace account @murena.io is at the > centre of the ecosystem, allowing to store, back up and retrieve your > data safely on remote servers.
That seems to suggest that we would be replacing one large overbearing corporation with a smaller and less-evil overbearing corporation. Is e/OS an open-source facade for Murena?
> a unique privacy enhanced environment.
... consider proofreading.
I’ve been using a Murena/Fairphone running /e/OS as my primary phone for a while now, and honestly the experience has been much smoother than I expected. My banking apps work, GPS/navigation works reliably, messaging and everyday apps behave normally — I’m not constantly fighting the device or giving things up. After the initial setup, it just feels like a normal smartphone, except noticeably quieter in terms of tracking and background noise.
What surprised me most is that this isn’t a “privacy experiment” anymore. It’s a usable, stable daily driver. I still get the convenience people worry about losing, but with far fewer ties to Google services by default.
I think a lot of people hesitate because they assume moving away from stock Android means breaking essential apps or living with constant friction. That hasn’t been my experience at all. If you’re curious but unsure, it’s genuinely worth trying — the barrier is much lower than it used to be, and you might find you don’t miss as much as you expect.
I've been running /e/OS on a Fairphone for about a year now. The experience is... fine. Not great. App compatibility is the main pain point. Banking apps are hit or miss even with microG. Updates lag behind GrapheneOS significantly.
The Murena cloud stuff is the part that bothers me most. You're trading one cloud dependency for another. At least with GrapheneOS you get a clean slate and can choose your own sync solution (Nextcloud, whatever).
That said, /e/ supports way more devices than GrapheneOS does. For people who can't or won't buy a Pixel (or now Motorola), it's one of the few options. The real question is whether the Motorola partnership changes the calculus. If GrapheneOS gets proper OEM support, the device limitation argument mostly goes away.