A question as old as time, I know.
I’m getting away from Google and I’ve done the easy stuff: CoMaps, Proton mail (I know, not the best move), aveslibre, etc. I currently don’t have the time (or the knowledge base) to learn how to self host, but hopefully that will replace Drive and such in the future.
But I digress. I’m looking at a new OS for my phone. I’m currently in a contract with a phone that is incompatible with alternative OSs. Graphene needs a Pixel. Used, they’re $150-400. /e/OS will run on a Motorola or whatever and those are like $80.
There’s also the option of going full Fairphone with /e/os and I like that idea in the future.
The internet people tell me that Graphene is the best due to ease of installation, privacy, and security.
I don’t need a lot of security. I just want Google to stop suckling all that sweet, sweet data from my teat.
What are your thoughts?
Being open source is not the only benefit of MicroG. It massages some (many) of the queries, removing as many bits of identifying information as possible. It lets you replace Google Location services with BeaconDB. And some other stuff.
These are all privacy wins. Practical ways to maintain as much of the functionality as possible, as much of the convenience, while minimizing the amount of information that is sent to Google (among others).
They come with a compromise in security. So this comes down to threat modeling. To use the naming from privacyguides.org, is your model includes “surveillance capitalism” but not “targeted attacks” then MicroG might even be better.
e/OS, while far from perfect, also adds a feature that blocks requests from tracking services using a blocklist. You can get that in 50 other ways, but this one does not drain my battery at 3x the speed, so I like it.
I do not claim that /e/OS is “better” than GrapheneOS, just that other ROMs can be a very good choice, depending of the user.
There is a reason why GrapheneOS is the golden standard, and if I were a journalist or activist in many parts of the world I would definitely stick to that and only that.
But that is why threat modeling exists. My threat model allows me a little more latitude, so I am not restricted to buying Pixels in an era when Google seems to be slowly undermining GrapheneOS, and I can choose a different manufacturer with better ethics. Among other things.
Of course, no question that with threat modeling you can arrive at /e/OS being an acceptable choice. However threat modeling is difficult and the devil is in the details, which is why I’m responding (mostly for the benefit of other readers of this thread) to provide the GrapheneOS side of things and avoid the impression that /e/OS offers unique or generally superior features in the areas we are discussing.
Here is GrapheneOS’s network location implementation details. https://grapheneos.org/features#network-location