💬 Discussion | custom android ROM by /e/ foundation #864
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#864
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This would potentially go into https://www.privacytools.io/operating-systems/#mobile_os subsection (top2:LineageOS & top2:UbuntuTouch plus WM:Replicant & WM:OmniROM & Related:microG), once /e/ is more-well-vetted.
Primary goal is "mobile OS and web-services, in the public interest" but the details are still being fleshed out, from what I can tell. Kickstarter funded the initial effort.
There might be roughly ~1k beta testers who are kicking the tires of /e/ software, which is to say <1% of the ~1M people running LineageOS custom ROMs, which in turn is around 1% of all android-based handsets in the wild. This puts /e/ on about the same level of userbase as Puri.sm and the Librem5, which ought to ship later in 2019.
Earlier discussion == https://github.com/privacytoolsIO/privacytools.io/issues/832#issuecomment-482917122
Supported devices list: https://gitlab.e.foundation/e/wiki/en/wikis/devices-list#devices-list-and-install
I don't see any reason why anyone should use this.
It's based on old LineageOS (15.x) and include Google.
If you need Google beside LineageOS you can flash GAPPS, or use the LineageOS fork which use up2date LineageOS: https://lineage.microg.org/
Curious communication with Gaël Duval, showing his "high" level in the field of information security:
https://www.indidea.org/gael/blog/leaving-apple-google-eelo-odyssey-part2-web-services/#comment-41711
( https://web.archive.org/web/20190420160351/https://www.indidea.org/gael/blog/leaving-apple-google-eelo-odyssey-part2-web-services )
Yes, back in 2017 Duval was convinced by the Telegram marketing claims that signalapp was backdoor'd by the NSA :-) Or something. But since then signalapp was installed by default alongside Telegram, so apparently he no longer believes that. (The recent push to potentially swap out signalapp for qkSMS or SilenceIM-fka-Signalapp-of-2015-fork is related to plausibly-valid concerns about phone nums rather than to NSA-related theories.)
Duval is not an infosec wizard, clearly; he is an organizational-type person. Whether the /e/ organization is better than https://lineage.microg.org/ or not, for the average enduser, depends on that enduser's skill-level and tech-savviness, methinks. All the bugs pointed out by @infosec-handbook folks are mostly correct, and Duval's response -- https://www.indidea.org/gael/blog/leaving-apple-google-how-is-e-actually-google-free/ -- boils down to "thank you for reporting these bugs although we are still in beta we plan to fix the privacy-related ROM issues and most of the online-services-issues prior to v1.0" basically. Duval explicitly said that issues like use-of-googlefonts-on-the-helpsite would not be prioritized at present, as such things are associated with the ROM and the online-services-offerings but not actually core to the project. The relationship with MagicEarth and the as-yet-unclear business model were mostly skipped over, I note.
My understanding is that this is partially incorrect... the word "old" being the key issue... from looking at the devicelist posted upthread and comparing that to the one at https://download.lineage.microg.org/ it looks like they are supporting the same base android-version, but the supported version varies depending on the target-device. So for bullhead aka Nexus5X the /e/ ROM is Oreo android8 Lineage15, but for jalebi aka YuniqueYU the /e/ ROM is Nougat android7 Lineage14, and the same with the microG.org unofficial forks (which mirror upstream LineageOS).
My understanding is that this is correct-but-not-intentional, they are including microG but they are specifically intending to elide google search engine, "all" google apps (not counting AOSP codebase in that obviously), working towards minimizing data sent to google-servers, and providing out of the box replacement-services for gmail/gdrive/gcal/etc. As shown at the infosec-handbook link, they have a ways to go yet with v0.5 of the /e/ ROMs, but as they get closer to v1.0 it will be interesting to see if they make progress on the promises about ungoolification, or backslide on them. As of Dec'18 the expected release of v1.0 is sometime in 2019, https://www.indidea.org/gael/blog/leaving-apple-and-google-a-message-to-e-users-and-supporters/
@beerisgood the point of the /e/ thing is to put together a nice package of apps that are aimed at everyday endusers, rather than people who are able to RTFM at https://lineage.microg.org/ and follow the XDA forums and whatnot. It's like the difference between LinuxMint/Ubuntu and Debian/Trisquel, they are similar cores but aimed at different userbase aka different type of enduser. The main things that are supposed to be added beyond the stuff which it ships with at present, is the /e/ appstore that is presumably either a frontend to fdroid or a frontend to yalp -- I've no idea which and am just speculating -- plus also the ability to self-host the various eDrive/eWebmail/etc services-stuff. Whether this potential is realized or squandered, I make no predictions ;-)
@five-c-d so /e/ doesn't have any advantages against LineageOS which comes by default without any Google, but users can flash GAPPS if needed
I think most endusers of LineageOS do flash gApps because operating without playStore and without the required-by-playStore-gmail-credential (which unlocks various google-provided stuff) is actually quite difficult. You can install signalapp in websocket-fallback-mode. You can install protonmail, I believe, and notifications still work there as well. You can install OsmAnd and most fdroid stuff. You can use cryptomator for your cloud-uploads and nextcloud-or-somesuch for your shared-calendar
But no, I don't think it is EASY to get a working and straightforward-to-utilize handset that provides what everyday endusers want. You are correct it is possible to accomplish, but I think the /e/ people are aiming at making it simple to accomplish, which is a different goal. With a different kind of enduser in mind: normal folks, rather than highly-privacy-oriented wizardry-level tech-savvy folks.
Whether this is really what /e/ project will look like when it hits v1.0 or not, remains to be seen. And whether privacyToolsIO ought to list /e/ or not when it is stable (either as WorthMentioning or as top3 at some point) also remains to be seen. Right now the listing just says "LineageOS" in the top3 and microg as worthMentioning, with a disclaimer that "installing gApps can be a bad idea" but nothing more. I think that is sub-optimal, but I dunno whether /e/ fills the gap or is just a distracting wrong turn. Time will tell
Thanks @five-c-d for opening up /e/ for a discussion here.
As a member of the /e/ support team let me share my comments on some of the points raised here
Our target audience more than the technical experts are the average users who would want a phone that is safe to use and does not leak his / her information. We are still in the process of optimizing the ROM and have a long way to go.
One thing this rom provides that Lineageos w microg does not is that is continues to support phones that Lineage drops support for . I just switched from Lineage with microg because support for my phone (h850) was dropped months ago.
Here's some feedback.
They used puppets to argue against wikipedia deletion, and Manoj got called out for Conflict of Interest rules violation.
https://en.wikipedia.org/wiki/Wikipedia:Articles_for_deletion//e/_mobile_operating_system
https://en.wikipedia.org/wiki/User:Indidea
https://en.wikipedia.org/wiki/User_talk:Mnair69#June_2019
The /e/ store site and its connection with /e/ foundation are shady.
https://info.cleanapk.org/
https://infosec-handbook.eu/blog/e-foundation-second-look/
https://community.e.foundation/t/where-do-apps-come-from/5287
https://community.e.foundation/t/applications-in-e-app-store/2059
https://gitlab.e.foundation/e/wiki/en/wikis/FAQ#where-do-the-apps-in-e-installer-application-come-from
While they say your data is stored encrypted on the servers, it's not similar to how providers like posteo do it. The response to one request was essentially, "you can use PGP." A request for encrypted storage of all user data is still open as an "improvement."
https://gitlab.e.foundation/e/apps/Mail/issues/31
https://gitlab.e.foundation/e/apps/Mail/issues/32
They delete accounts and dozens of posts from their forum with little regard for collateral damage. At least one user noticed and complained, without being deleted.
In my experience they do not warn, discuss or explain before doing it. (Note: Not affiliated with https://web.archive.org/web/20190827124727/https://ewwlo.xyz/ , but generally agree with their criticisms.)
https://community.e.foundation/t/how-much-of-the-e-rom-is-degoogled-webview-a-gps-dns-captive-portal/5268/10
Re: https://github.com/tycrek/degoogle/issues/55 and Wikipedia
Adding links documenting "Indidea" aka "Caliwing" confirmed sock puppet abuse and blocks at Wikipedia:
https://en.wikipedia.org/wiki/Wikipedia:Sockpuppet_investigations/Indidea/Archive
https://en.wikipedia.org/wiki/Special:Contributions/Indidea
https://en.wikipedia.org/wiki/Special:Contributions/Caliwing
@ithink314 What's the usefulness of this "links drop" ? Are you expecting people to just look at the list of the links and think "oh, the guy actually looked at it seriously, there must be something wrong with /e/".
Just one example : https://community.e.foundation/t/where-do-apps-come-from/5287
This is mostly about : where do the apps come from - which is definitely a legitimate question - and at the end of the thread, one guy from /e/ post a link to the page where they answer this question. There may be something to say about it, but just posting a link without any comment isn't helping anyone, at best.
The deletion of posts and accounts is surely a shame though, not sure if they intentionally did this.
@lebauce , The links support the statement(s) just before them. I expect people to read the statement(s), then follow links for more info' (i.e. proof) if interested.
You're right about links having problems - A few of the links are now broken, because Eelo foundation re-organized their gitlab. They also deleted the issue with Gael's answer saying use PGP for email encrypted storage (or I couldn't find it again).
I think it is interesting to see the history - how the e-apps store story changes with time, and how Gael or Manoj responded to questions, feedback or criticism. In that link it took a month to get a weak, non-answer to the question. Here is another, later, interesting discussion with more Gael posts:
https://community.e.foundation/t/long-term-plan-for-e-official-app-store/8979
Gael says, "Some users have reported that they are using Aurora, which is doing a kind of proxy between the user and the play store. However, we won’t recommend this and will never integrate it into /e/ because it’s infriging the play store terms of services."
"For this, we have to use indirect mechanisms, that don’t infrige the play store TOS, and therefore, we are using a service that is not officially part of the /e/ project,"
Does anyone really believe this "not officially part of the project" story?? Does anyone believe you can "DeGoogle" a phone OS, then install popular apps like Facebook or Twitter, from a "third party" app store, and avoid tracking? That's what Eelo is selling, and it's a lie.
They intentionally did this, and in my case they did it without warning. Gael wrote, "Their excess and their systematically negative attitude lead us to ban them permanentely from our groups after several warnings." He refers to Telegram there, but it also happened in their forum. I won't link his post, but you can easily find it here:
https://duckduckgo.com/?q=%222020+and+the+minority+spreading+hate+and+fake+news+-+Ga%C3%ABl%22&ia=web
He should apologize for abusing Wikipedia, and using sock and meat puppet accounts. Instead, he blames others for trying to make Eelo look bad, and doing the same thing he did, "hidden behind their computer screen and their pseudonyms."
Wow!!! So much hate and venom in one post ithink314 / Yae4 ! And you wonder why you were banned from /e/ sites!!! Actually Gaël raises a valid point - why do you hide behind profiles names like ithink314 / Yae4 and so on ..What ever we do we do it in our own name and also attach a nice mug shot of our face. Do the same unless you like to hide in shadows and throw stones. You see the problem with profile names is you can create new one but you cannot change your writing style!
While on the point of wikipedia abuse how about mentioning about your recent attempt to get Gaël's profile deleted..How in spite of Admin warnings you votes three times to delete the article !!!
Accept the fact that what Gaël has achieved in the first 30 years of his life is something most of us will never achieve in their entire life time especially if you waste your time in abusing him or his team.
We won't be adding this at this time.
From what I can tell it's a fork of LineageOS, with a bunch of applications from F-Droid that have been forked. The ROM looks to be monetizing by pushing an ecosystem of services to users.
We don't believe users should centralize on a single platform's services without considering their needs and/or competing services.
We're not adding every ROM, (just take a look at all the flavors on XDA-Developers), regardless of whether source code is available.
/e/ makes privacy possible for "normal" people that will never use lineageos , it should obviously deserve to be mentionned