Murena’s Pixel Tablet is helping to wean me off Google
- Thread starter JournalBot
- Start date
There are some serious concerns that have been raised about the security of /e/OS by the developers of GrapheneOS.
For example, that they're late with security updates and, when they do release them, report a current Android patch level even if they've have only patched AOSP, not the closed-source components that are required to be patched to be allowed to display that patch level.
I'm not in a position to judge whether or not GrapheneOS' claims are true or not, and perhaps some of them only apply to the Fairphone's build of the OS, but they've been very specific and /e/OS' responses have been short on information and heavy on rhetoric.
For example, that they're late with security updates and, when they do release them, report a current Android patch level even if they've have only patched AOSP, not the closed-source components that are required to be patched to be allowed to display that patch level.
I'm not in a position to judge whether or not GrapheneOS' claims are true or not, and perhaps some of them only apply to the Fairphone's build of the OS, but they've been very specific and /e/OS' responses have been short on information and heavy on rhetoric.
Upvote
95
(101
/
-6)
Giving up gmail and agenda is not very hard but probably still too difficult for a tech journalist. Start using an imap client, move services one by one with a good password manager, keep the gmail imap account for a while and then let it go silent. Bam no google.
Upvote
-3
(11
/
-14)
I'm super tied into Google for both personal stuff and work.
But this seems interesting as a family tablet to watch stuff and play some games. Don't need any of the productivity and communication stuff on there.
But this seems interesting as a family tablet to watch stuff and play some games. Don't need any of the productivity and communication stuff on there.
Upvote
2
(2
/
0)
In addition to the security concerns I mentioned above, the Murena cloud services had an outage last year that resulted in months of downtime for some services/users:
https://community.e.foundation/t/update-on-murena-io-service-outage/61781
The timeline reads like Leafycaust (for those who were around back then). Everyone's data will be restored Monday, Tuesday at the latest.
https://community.e.foundation/t/update-on-murena-io-service-outage/61781
The timeline reads like Leafycaust (for those who were around back then). Everyone's data will be restored Monday, Tuesday at the latest.
Upvote
31
(33
/
-2)
I love the work done for more privacy focused forks and not relying on Google services, but I'm honestly starting to feel more like just giving up smartphones and going back to more basic feature phones. It might just be me being spoiled by having a pocket supercomputer that can do basically anything, but I feel like there's starting to become some kind of transcendental shift about phones since they're on you 24/7. Something like this is great for tablets though since most people don't carry them around everywhere and use them moment to moment.
Upvote
8
(8
/
0)
/e/OS was a decent option on my old Moto X4, and I’m glad to see it’s still under active development. I preferred Lineage OS overall, however, due in part to wanting the Play Store proper so I could install my purchased software (some tools, mostly games), and IIRC /e/ didn’t provide an easy way to get the Play Store and Google Play Services going.
Now that I have a Pixel 6a, I find that I like GrapheneOS’s approach better; it’s possible to set up the Play Services and Play Store post-install, and as unprivileged apps to boot, reducing battery consumption and the amount of data they can hoover up.
(It’s probably fair to note that I switched to an iPhone after my Moto X4, and only then did I try installing third-party OSes to it. And I have never used my Pixel 6a as a daily driver. So I can’t speak to how well either OS would meet my needs if I had to seriously rely on them.)
Still, having an alternative Android-based OS sold preinstalled on a device, even one with /e/OS’s issues, is a welcome idea, one that I hope grows in popularity as more people become disillusioned with Google’s offerings and antics.
Now that I have a Pixel 6a, I find that I like GrapheneOS’s approach better; it’s possible to set up the Play Services and Play Store post-install, and as unprivileged apps to boot, reducing battery consumption and the amount of data they can hoover up.
(It’s probably fair to note that I switched to an iPhone after my Moto X4, and only then did I try installing third-party OSes to it. And I have never used my Pixel 6a as a daily driver. So I can’t speak to how well either OS would meet my needs if I had to seriously rely on them.)
Still, having an alternative Android-based OS sold preinstalled on a device, even one with /e/OS’s issues, is a welcome idea, one that I hope grows in popularity as more people become disillusioned with Google’s offerings and antics.
Upvote
19
(19
/
0)
Upvote
48
(48
/
0)
fellow human
Ars Praefectus
They track you, spy on you, collect and buy data about you in order to sell your attention to third parties so they can manipulate you. Generally the manipulation is in service of selling you stuff but those ads and links can contain anything.
Personally I will not willingly feed that process and, on the contrary, actively take steps including spending money to avoid it.
Upvote
55
(57
/
-2)
Can it run Android Thunderbird and Firefox? Tbird should be able to use gmail through IMAP (which is how I do email with them on my desktop and laptop). If not Firefox, how about the DDG browser (which is my default on a Pixel phone and seldom gets blocked for some reason)?
Upvote
14
(14
/
0)
There is a Murena branded fair phone for sale in the US running e/OS: https://murena.com/america/shop/smartphones/brand-new/murena-fairphone-4/
Upvote
12
(15
/
-3)
Indeed.
I'm a Linux user with an iPhone. Perhaps an odd combination at first glance but everyone that uses Linux does so for their own reasons. While I find the libre aspects enticing, the real reason I use Linux is for privacy, which aligns well with the iPhone. I could probably use GrapheneOS but the limited hardware selections don't appeal to me as much as the iPhone and I don't care for Android if I'm honest despite some really cool features in GrapheneOS.
I'm comfortable with the arrangement I have with Apple. I give them (sometimes a lot of) money and in exchange they give me a product without trying to further monetize me (beyond perhaps trying to sell me more hardware).
On topic: The last remaining Google serivice I use is hosted Gmail which I could and should migrate away from. I just need to find the right service I want to attach my domain to.
Upvote
0
(15
/
-15)
I really don't understand the added cost and security risks of purchasing a 3rd party modded device. They could have out anything on it and you'd have no way of knowing. With Pixel devices, it takes about 10 minutes to install GrapheneOS and you can even do it with another Android device.
Upvote
12
(15
/
-3)
I would imagine it can given that K9 Mail was acquired by the Mozilla Foundation and rebranded as Thunderbird for Android. It is odd they would ship the tablet with K9 Mail given that it is not long for this world as Thunderbird is now the active development of it.
Upvote
10
(10
/
0)
Neither Apple nor Google are worthy of trust. They're both gigantic faceless corporations and they would sell your mother if it would give their share prices a bump.
Upvote
16
(29
/
-13)
To a certain degree I agree with you, but Apple has at least tried to monetize privacy and my relationship with them is a direct transactional one, which I'm comfortable with.
Upvote
20
(27
/
-7)
XSportSeeker
Ars Scholae Palatinae
I have a semi-related experience here that I'll share just so people don't get caught up in this whole thing having to spend extra money with no recourse by the end of it.
Getting off Google is part of a 10+ year plan to get away from Big Tech entirely, this year I reserved to get off Microsoft, but due to a mishap that happened to me I decided to accelerate on getting off Google.
Basically, a major glitch/screw up that was partially my own fault and partially that of Samsung batch of apps almost made me lose several accounts and stuff from my own smartphone. It got locked for 24hrs, then apps that were stored in a secure folder wouldn't work anymore, and by the end of it despite recovering most of the phone's functionalities, I was still having major issues with several of the most important stuff (banking, government apps, etc).
So, given the already crap situation, I just decided to make the full jump and root my smartphone, install LineageOS instead. It was either a full restore and start from scratch with Samsung OS once again, or that.
And so I did. Nerve wrecking experience tbh, had a few glitches. Little did I know how much banking apps and government apps, exactly the stuff that was glitching out, were dependent on Google proprietary locks and crap.
I'm not sure how things are in the US, this is exclusively to my own experience which is in Brazil, just to be clear.
This has nothing to do with LineageOS itself. I really like the whole thing, and I'd love to stay on pure LineageOS relying on apps only from stores like F-droid, which I'm already plenty used to. Like I said before hand, this is a 10+ year journey which included shifting to FOSS apps and software overtime.
Ok, so, this became a huge issue. Banking and government apps are not only very important to keep around, they have become increasingly without plan B or alternatives. Not only that, since it's rare for people to root phones in my country, there is no community, shared experience, or knowledge base to go for. You talk to people at the bank, at government agencies, anywhere else - they simply have no idea of anything I'm talking about. Rooting phone, installing another OS, Lineage OS, Play Integrity API issues, SecurityNet problems, Samsung's Knox Secure Folder corrupting apps.... all this stuff, you just can't find anyone to get help or discuss strategies. I had to do a bunch of online research. I ended up resetting the whole thing and installing LineageOS with Micro G to try to make things work, and some of the apps got a few functions back, but in the end, most of it just does not work with rooted phones.
So, what you have is banks and government agencies using Google proprietary security stuff to guarantee things like device integrity, safety, a supposed stated of "purity" or whatever you wanna call it, for the most sensitive stuff to run, at all. And there are no alternatives outside Google or Apple. It's worse than just not having the apps themselves because if I could still access stuff via web, that'd be fine by me. But banks and government apps use their own custom made ToTP or 2FA stuff that are entirely reliant on the apps to work. Sh*tty practice if you ask me, letting everything be reliant on apps with proprietary crap in the mix.
This translates to the apps not running if your phone is rooted, if it doesn't run several layers of Google proprietary stuff.
Anyways, just to share the experience. Unfortunately I'll have to either get a new phone or try to reverse the root which I don't even know if it's possible at all. And the way things are, I'm not sure if I'll ever get rid of Android.... a pure Linux phone seems to be still far away and even if it happens, with stuff like that I doubt I'll be able to ever use it as a main device.
Getting off Google is part of a 10+ year plan to get away from Big Tech entirely, this year I reserved to get off Microsoft, but due to a mishap that happened to me I decided to accelerate on getting off Google.
Basically, a major glitch/screw up that was partially my own fault and partially that of Samsung batch of apps almost made me lose several accounts and stuff from my own smartphone. It got locked for 24hrs, then apps that were stored in a secure folder wouldn't work anymore, and by the end of it despite recovering most of the phone's functionalities, I was still having major issues with several of the most important stuff (banking, government apps, etc).
So, given the already crap situation, I just decided to make the full jump and root my smartphone, install LineageOS instead. It was either a full restore and start from scratch with Samsung OS once again, or that.
And so I did. Nerve wrecking experience tbh, had a few glitches. Little did I know how much banking apps and government apps, exactly the stuff that was glitching out, were dependent on Google proprietary locks and crap.
I'm not sure how things are in the US, this is exclusively to my own experience which is in Brazil, just to be clear.
This has nothing to do with LineageOS itself. I really like the whole thing, and I'd love to stay on pure LineageOS relying on apps only from stores like F-droid, which I'm already plenty used to. Like I said before hand, this is a 10+ year journey which included shifting to FOSS apps and software overtime.
Ok, so, this became a huge issue. Banking and government apps are not only very important to keep around, they have become increasingly without plan B or alternatives. Not only that, since it's rare for people to root phones in my country, there is no community, shared experience, or knowledge base to go for. You talk to people at the bank, at government agencies, anywhere else - they simply have no idea of anything I'm talking about. Rooting phone, installing another OS, Lineage OS, Play Integrity API issues, SecurityNet problems, Samsung's Knox Secure Folder corrupting apps.... all this stuff, you just can't find anyone to get help or discuss strategies. I had to do a bunch of online research. I ended up resetting the whole thing and installing LineageOS with Micro G to try to make things work, and some of the apps got a few functions back, but in the end, most of it just does not work with rooted phones.
So, what you have is banks and government agencies using Google proprietary security stuff to guarantee things like device integrity, safety, a supposed stated of "purity" or whatever you wanna call it, for the most sensitive stuff to run, at all. And there are no alternatives outside Google or Apple. It's worse than just not having the apps themselves because if I could still access stuff via web, that'd be fine by me. But banks and government apps use their own custom made ToTP or 2FA stuff that are entirely reliant on the apps to work. Sh*tty practice if you ask me, letting everything be reliant on apps with proprietary crap in the mix.
This translates to the apps not running if your phone is rooted, if it doesn't run several layers of Google proprietary stuff.
Anyways, just to share the experience. Unfortunately I'll have to either get a new phone or try to reverse the root which I don't even know if it's possible at all. And the way things are, I'm not sure if I'll ever get rid of Android.... a pure Linux phone seems to be still far away and even if it happens, with stuff like that I doubt I'll be able to ever use it as a main device.
Upvote
37
(38
/
-1)
I am a happy eOS user for private and work phones since 2021(?).
However I do not use banking or government ID apps, which some report to be difficult. I use web and separate token instead.
About K9: It had/have problems with OAuth: Dev has moved to Thunderbird (Mobile?), which works and is available in AppLounge.
A neat side effect of killing (in the OS) or blocking (per application) tracking is ~3 weeks battery time with moderate use.
Oh, and I use FF here, and it syncs etc with my desktop machines.
However I do not use banking or government ID apps, which some report to be difficult. I use web and separate token instead.
About K9: It had/have problems with OAuth: Dev has moved to Thunderbird (Mobile?), which works and is available in AppLounge.
A neat side effect of killing (in the OS) or blocking (per application) tracking is ~3 weeks battery time with moderate use.
Oh, and I use FF here, and it syncs etc with my desktop machines.
Upvote
5
(5
/
0)
Short answer: No. It's more prudent to get a separate phone for work (or ask the company to buy you one) instead of trying to circumvent policies which /e/OS cannot normally pass. Some states have laws requiring employers to reimburse you if you need to use personal devices for work.
Longer answer for curiosity:
It is technically possible, but can only be done via leaked keys with questionable legality and thus unlikely to be incorporated by /e/OS officially. Google has rolled out hardware-based attestation where each device has a non-extractable key which can sign a message that attests that the device is locked and running a certain firmware version.
As usual with Android OEM security, a large amount of keys have been leaked enabling this attestation to be spoofed. Google has been revoking the leaked keys yet new ones keep appearing in the wild. The experience is even worse if you have a cheap Android phone with one of the revoked keys - Imagine suddenly being unable to log in to your banking app because your otherwise-normal phone no longer passes an "integrity check" through no fault of your own. The keyword is "keybox" if you want to dig deeper into this disaster.
In any case, I strongly advise that you not do this to access corporate resources - Standing up against big tech and maximizing digital privacy is one thing, but it's another matter when it has to do with your livelihood. Pick your battles.
Upvote
18
(18
/
0)
We all had to stop reading when you said this because it's apparent that you must be a Google shill. Everyone understands how much google search has continued to worsen each year and I'm not even talking about the AI overviews.
Last edited:
Upvote
32
(34
/
-2)
I do not know about all MS products, but Teams is fine. (I think I had to un-block one tracker). Generally things are OK, but some applications may stop when on an non-Google OS. Your employer may as well, but then they should provice computing devices for you.
Upvote
1
(1
/
0)
For those piqued by this, Proton has drop-in replacements for a lot of Google stuff. It's not as uber-featured and there are some rough edges, but I switched a few years ago and, aside from docs/spreadsheets (they don't have spreadsheets and the documents are very barebones), I've largely found it to be a decent experience. They've got E2E-encrypted storage (i.e. Drive) so could could sub in Libre/Plain-ol'-offline-MS Office and sync with Proton Drive.
Upvote
16
(16
/
0)
For those sort of things, I'd recommend keeping an old phone around in a drawer. Only get it out to use whatever app you need, then turn it off and replace it in the drawer. Treat it like those physical tokens banks used to give out. Also makes it less likely it'll be stolen when you're out and about.
Slightly less convenient, but it means you can use whatever you want for the 99% of time you aren't running banking apps. Although I agree that the creeping Play Integrity stuff is troublesome - eg I can't sign up for a popular taxi app used in a nearby city because that fails the checks. So may depend on your situation as to whether this is workable.
Upvote
10
(10
/
0)
I'm going to note that Magic Earth uses OpenStreetMap (OSM) like just about every other non-Google map service.
To everyone reading this comment, I would recommend adding points of interest you care about to OpenStreetMap. I would specifically focus on your local neighborhood and any small businesses that you go to. If you care about public transit, do that after you add any points of interest you care about -- public transit in OpenStreetMap is not for the faint of heart.
As far as Street View goes, other OSM based apps can include data from Mapillary (Meta), KartaView (Grab), or Panoramax (OSS). OSMAnd has a Mapillary layer, for example.
As with OSM, all of those depend upon volunteer contributors; if you want imagery in an area, capture and upload it!
If you do decide to edit OSM, I would recommend starting with desktop editors (iD and JOSM; iD is web based and the "default", JOSM is more advanced but requires a download) -- the desktop editors will make it easier to add a skeleton of data around you (buildings, roads, etc.), and then mobile apps (like StreetComplete) can help you fill in data as you walk around.
Upvote
16
(16
/
0)
I can confirm /e/ can run Firefox, unsure of Thunderbird tho.
Upvote
2
(2
/
0)
/e/ can run most apps I tried including bank apps but you need to check for a device with safetynet/play integrity support, it is listed on their website.
I went with murena fairphone 4 which supports both out of the box.
I try to go the f-droid route first for apps but all extra apps tested work well using aurora store or app lounge.
Hopefully, it will stay that way without having to play cat and mouse with google or be exposed to unforeseen security issues.
Regarding security, I have somewhat followed the grapheneOS tense debate - for me graphene OS is pixel only and not really degoogled from what I undersood so no go - but I am all for applying some « gentle » pressure on /e/ regarding security as it can easily be a blind spot for users and someone has to apply pressure.
From what I have seen they make monthly system updates which seems better than most android vendors especially for older phones but might still be too slow to be well protected.
I went with murena fairphone 4 which supports both out of the box.
I try to go the f-droid route first for apps but all extra apps tested work well using aurora store or app lounge.
Hopefully, it will stay that way without having to play cat and mouse with google or be exposed to unforeseen security issues.
Regarding security, I have somewhat followed the grapheneOS tense debate - for me graphene OS is pixel only and not really degoogled from what I undersood so no go - but I am all for applying some « gentle » pressure on /e/ regarding security as it can easily be a blind spot for users and someone has to apply pressure.
From what I have seen they make monthly system updates which seems better than most android vendors especially for older phones but might still be too slow to be well protected.
Upvote
2
(5
/
-3)
Upvote
1
(1
/
0)
I would always install a firewall or network logger, or use hardware firewalls and monitor the device's connections, before deciding whether something is privacy focused or not.
For example, GrapheneOS makes 1 connection when idle for a few days - an update check. What is your device doing with your data when "nothing" is happening?
For example, GrapheneOS makes 1 connection when idle for a few days - an update check. What is your device doing with your data when "nothing" is happening?
Upvote
5
(5
/
0)
To be fair, anytime any company finds "serious concerns" with their chief competitor's product, I wait for independent corroboration before I believe them.
Upvote
9
(10
/
-1)
Technically that may be true, but the behaviour of GrapheneOS people on Mastodon with their taste for online drama and unsubstanciated self-congratulations like a certain US president ("GrapheneOS Camera is far better than any of the portable open source camera alternatives and even most proprietary camera apps including paid apps") prevent to take their claim seriously.
Also there's a good overview here : https://lwn.net/SubscriberLink/1030004/898017c7953c0946/
Upvote
-1
(3
/
-4)
Just popping in to plug GrapheneOS - a security-centric, de-googled AOSP fork. I’ve been running it on my Pixel 8 Pro for nearly 2 years without any problems. I run the root ‘Owner’ user completely clean (only apps istalled apart from the Gaphene modified version of Chrome called ‘Vanadium’ are signal and my VPN both installed from directly downloaded APKs), then run a secondary user with Graphene’s version of the Play Store installed for times I actually need to use Play store apps. I’m yet to try to install anything that didn’t work with Graphene’s user-land versions of the Play store and Play services - there probably are things that need the kernel integration that comes with the default Play installs but not that have had need for.
I recently had a phone screen break (stupid cat) and had to use a unmodified P8P for a few weeks, and man did going back to the full Google experience remind me why I swapped in the first place.
Updates and so forth are what you’d expect for a security minded OS, flashing the phone works seamlessly, at least for me.
Upvote
8
(8
/
0)
The responses from /e/OS to GrapheneOS' claims have been hyperbolic and personal.
If anything, I distrust both if we're going to judge based on their principals' behavior. They seem like real pieces of work on both sides.
Well, some of their claims require digging and some don't. The late updates for /e/OS are there for everyone to see. They're running two full major Android versions behind on this tablet.
GrapheneOS suggests that privacy requires security, not just a divestment from Google, and I certainly agree with that. Theoretical privacy is no good with known unpatched vulnerabilities.
Upvote
10
(11
/
-1)