I’m currently using GrapheneOS and I quite like it, but I would like to switch to something else. Will I lose much privacy if I switch to e/OS? Can I lock bootloader after flashing it like on GrapheneOS? I’m using Pixel 7 btw
Were you using the Google espionage services on GOS? If so, you’d likely gain a little privacy because of µG.
Some devices can lock the bootloader but that’s not a generally supported feature on /e/OS.
Ah yes, gaining privacy by running microG as root which already has Google code in it instead of running GSF in a sandbox as user.
- µG is not running as root
- It does not “already have google code in it”. That’s an optional, tightly scoped feature with one specific blob that is required to implement the SafetyNet feature in any implementation
- I see no reason why you couldn’t run µG inside a sandbox too; the differentiating factor for security is the sandbox, not the GMS implementation. Also has nothing to do with privacy as, contrary to the original GMS, µG doesn’t spy on you to begin with.
Prize for being overly dramatic!
Seems like the exactly appropriate amount of drama to me!
Then you don’t grasp the difference in how the sandboxed play services are implemented in Graphene vs when they’re running with privileged access normally.
But if you’d like to elaborate on what your concern is with regular user level apps, that basically get zero OS information, and lots of blank/null information back, Id love to hear it.
It’s still a Google espionage service, even if we’re putting a pretty effective blindfold on it.
If someone wiretaps my landline, but I’ve set it up so they never hear anything (as simple as not using the landline), it’s still a spying device, it’s just been made ineffective.
Ok, but that’s not really the same as we’re still using the services, and they’re not getting what they want, which is the whole point. You could just not install the play services, but then you lose a ton, vs you getting what you want, and them not, that’s a win. In fact, it’s almost better than a win because it’s one sided.
Not sure if you can relock the bootloader
Their site doesn’t include that info
https://doc.e.foundation/devices/panther
/e/ is a “degoogled” experience, but as noted on their site and by others here:
Google Services are replaced by microG and alternative services (see below for more details)
For a regular uninformed user like myself (I just use the stock ROM on my phone because I am stuck with it) I read that as:
We made this experience as frictionless as possible at at a cost.
The friction here would be banking and/or tap-to-pay apps that I think cause some issues for some people (please correct me if I am wrong).
So, you would lose something that is offered by GrapheneOS and gain a different interface and access to apps that have a hard requirement for GSF.
Not much
I recommend sticking to GOS. If you’d like to use something else, I’d recommend DivestOS. CalyxOS, LineageOS, /e/OS and iodéOS are all significant downgrades in usability, privacy and security and therefore not worth using on a Pixel.
Can you speak to how those are significant downgrades?
it depends.
you’ll definitely be loosing security, which can turn into loosing privacy if you get affected by malware.
you’ll also be loosing privacy if installing proprietary apps, since GrapheneOS has features like storage scopes and a better permission system that help minimizing privacy issues.
I think that locking your bootloader in a Pixel is possible regardless of the ROM you install.
Anyway, I think that there’s no real benefit of installing any other custom ROM in a Pixel other than GrapheneOS. You’ll be just loosing out in security and potentially privacy for no real reason.
You won’t lose anything. Both options are 100% private. However, it’s worth noting that Graphene is generally considered to be more secure.
What? Please stop spreading misinformation.
/e/ includes microG per default and thus calls google servers. /e/ includes unique identifyer per update call tracking its users. Graphene uses several proxy servers to hide user information, /e/ does not in similar way. And so on…
☝️ this is correct. GSF calls home and /e/ is a different beast. The founder of Murena and /e/ is on Fedi so you could drop him a message on Mastodon and see how he answers.
According to the information provided on the DivestOS website (source: https://divestos.org/pages/faq), microG only contacts Google servers if specific options are enabled. This means that certain features or functionalities may require communication with Google servers, but it is not a continuous or automatic process.
As for /e/, it does not include unique identifiers per update call. However, it does collect your IP address when you initiate an update.
Additionally, when using the network location provider feature, your approximate location may be shared with Mozilla. However, you have the option to easily disable this feature if you prefer not to share your location.
It’s important to note that /e/ foundation is a non-profit organization and does not engage in any advertising business. They have no company to sell any data to.
It literally makes less than zero sense to go from Graphene to e, Graphene is the most hardened privacy tweaked OS available, e would be a huge step backwards on many fronts, what’s your reason for wanting to switch? No, you can’t lock your bootloader with e, verified boot won’t be there, you’ll lose the hardened kernel , the improved sandboxing, the memory protection. It’s a fail from every angle.