/e/ is easily, EASILY the worst name for a product I have ever seen. I don't know how to pronounce it, I can't Google it, I can't make a guess what it's domain might be. Just awful in every possible way.
If Google would not ignore special characters, it would be the easiest to find... ie: search for "/e/" ... also, alphabet is easy to find because they give themselves priority [0]....
I think I read somehwere that they chose this name as their "beta" version since it's not easily googleable. As soon as they gain more traction, they will rebrand.
in the AMA he gives notice of things to come regarding the name. Like - the operating system keeping /e/ intermittingly, but choosing an overall easier to communicate project name.
I'm considering switching from Android to iOS because I don't want to throw away my phone once my 2-4 years of security updates are over.
How do firmware updates factor into your thinking around Android and security? Is there a way off of the "buy a new phone if you want firmware updates" treadmill?
(I don't expect you to have a solution, but I'm curious to hear how you're thinking about this problem.)
I have a de-googled old e-os phone as my daily driver. Very nice choice. My hope is that my next one will be a full linux phone like librem 5 ir pinephone. I'm just waiting for it to get more mature. If I had a bit more money, I'd buy one now just to support the cause.
This is great news. People & small companies are entering a market focused on privacy. Graphene OS is also a great project, I hope more people will follow.
"If you want something with hardened security, use Graphene, if you want something that help you keep your data safe from Google, use /e/. It depends on your needs."
GrapheneOS is already de-Googled, so, it's the better option?
is it de-googled? there is nothing about it in the features list, and the FAQ mentions the option of switching between using gooogle and graphene servers for things like the connectivity check, suggesting that people want to keep using google in order to "blend in".
it is neither clear that these switches cover ALL ways that android has to send data to google, nor that there is any desire to remove all of them.
the old FAQ apparently had this text (found that in a forum discussion):
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
that text has been replaced with:
You can change the connectivity check URLs via the Settings Network & internet Advanced Internet connectivity check setting. At the moment, it can be toggled between the GrapheneOS server and the standard Google servers used by billions of other Android devices. This can be used to blend in with other Android devices, both with and without Play services. Changing this to the Standard (Google) mode will use the same URLs used by AOSP and the stock OS along with the vast majority of other devices
Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google)
Graphene still allows those connections
Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
this suggests that while graphene developers do consider concerns about sending data to google, their goals are orthogonal to those of /e/OS, as Duval claims.
[+] [-] mdoms|5 years ago|reply
[+] [-] raverbashing|5 years ago|reply
[+] [-] Black101|5 years ago|reply
0. https://i.imgur.com/iuxMVBj.png
[+] [-] burundi_coffee|5 years ago|reply
[+] [-] flas9sd|5 years ago|reply
[+] [-] karmakaze|5 years ago|reply
[+] [-] ForHackernews|5 years ago|reply
I'd love to see it succeed as a user-friendly, FLOSS alternative to the Google/Apple duopoloy.
They're developing in the open, too: https://gitlab.e.foundation/e
[+] [-] wuschel|5 years ago|reply
[+] [-] richardfey|5 years ago|reply
I also tried VanadiumOS but it wasn't for me
[+] [-] flas9sd|5 years ago|reply
[+] [-] jhardy54|5 years ago|reply
How do firmware updates factor into your thinking around Android and security? Is there a way off of the "buy a new phone if you want firmware updates" treadmill?
(I don't expect you to have a solution, but I'm curious to hear how you're thinking about this problem.)
See-also: https://ollieparanoid.github.io/post/security-warning/
---
Example: https://blog.exodusintel.com/2017/07/26/broadpwn/
If your phone is new, you'll get firmware updates to resolve this. If your phone is old, you need to buy a new phone or live with a vulnerable device.
[+] [-] em-bee|5 years ago|reply
https://news.ycombinator.com/item?id=26593274
[+] [-] marcodiego|5 years ago|reply
[+] [-] craftoman|5 years ago|reply
[+] [-] throwaway0x1|5 years ago|reply
"If you want something with hardened security, use Graphene, if you want something that help you keep your data safe from Google, use /e/. It depends on your needs."
GrapheneOS is already de-Googled, so, it's the better option?
[+] [-] em-bee|5 years ago|reply
it is neither clear that these switches cover ALL ways that android has to send data to google, nor that there is any desire to remove all of them.
the old FAQ apparently had this text (found that in a forum discussion):
GrapheneOS leaves these set to the standard four URLs to blend into the crowd of billions of other Android devices with and without Google Mobile Services performing the same empty GET requests. For privacy reasons, it isn't desirable to stand out from the crowd and changing these URLs or even disabling the feature will likely reduce your privacy by giving your device a more unique fingerprint. GrapheneOS aims to appear like any other common mobile device on the network.
that text has been replaced with:
You can change the connectivity check URLs via the Settings Network & internet Advanced Internet connectivity check setting. At the moment, it can be toggled between the GrapheneOS server and the standard Google servers used by billions of other Android devices. This can be used to blend in with other Android devices, both with and without Play services. Changing this to the Standard (Google) mode will use the same URLs used by AOSP and the stock OS along with the vast majority of other devices
there is more here: https://forum.xda-developers.com/t/general-about-grapheneos....
a forum member claims that:
Connections of android location services to get GPS constellations were shown before to send sim card imsi and connected cellular tower id to provider (qualcom/google)
Graphene still allows those connections
Android services make other weird connections. Example: AOSP dialler app is querying phone numbers against online database leaking all contacts to google. How was this taken care of in graphene? Are all AOSP services/apps security-verified to not leak any data?
this suggests that while graphene developers do consider concerns about sending data to google, their goals are orthogonal to those of /e/OS, as Duval claims.