Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ADDITION] /e/OS (Complete) #256

Open
4 of 6 tasks
luxunwansui opened this issue Jul 3, 2024 · 6 comments
Open
4 of 6 tasks

[ADDITION] /e/OS (Complete) #256

luxunwansui opened this issue Jul 3, 2024 · 6 comments
Assignees

Comments

@luxunwansui
Copy link

Category

Operating Systems

Listing Name

/e/OS

Listing URL

https://e.foundation/get-started/

Listing Icon

https://e.foundation/wp-content/uploads/2022/11/e-logo-noir-01.png

Listing Description

/e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy. /e/OS has received academic recognition from researchers at the University of Edinburgh and Trinity College of Dublin.

GitHub repository

https://gitlab.e.foundation/e

ToS;DR ID

No response

Is Open Source?

  • Yes, it's open source

Security Audited?

  • Yes, it's been security audited

Accepts Anon Payment?

  • Yes, accept anonymous payment

Justification and Further Info

Ive tested it on my Android device and it performed as well as other privacy-oriented OSs. Pushing OTA updates are monthly.

YAML Content for Addition

- name: /e/OS
  url: https://e.foundation/get-started/
  icon: https://e.foundation/wp-content/uploads/2022/11/e-logo-noir-01.png
  description: >-
    /e/OS is an open-source mobile operating system paired with carefully
    selected applications. They form a privacy-enabled internal system for your
    smartphone. And it’s not just claims: open-source means auditable privacy.
    /e/OS has received academic recognition from researchers at the University
    of Edinburgh and Trinity College of Dublin.
  github: https://gitlab.e.foundation/e
  subreddit: eeol
  openSource: true
  acceptsCrypto: true

This ticket was submitted via awesome-privacy.xyz/submit

Final Checklist

  • I confirm that I've read and followed the Contributing Guide
  • I agree to follow the Code of Conduct
  • I have clearly declared any affiliation I may have with this service
@liss-bot
Copy link
Collaborator

liss-bot commented Jul 3, 2024

If you're enjoying Awesome-Privacy, consider dropping us a ⭐

🤖 I'm a bot, and this message was automated

@ltguillaume
Copy link
Contributor

ltguillaume commented Jul 3, 2024

This description is some first class marketing bullshit imho.

And it’s not just claims: open-source means auditable privacy.

If no one does the auditing, it's an empty claim.

They form a privacy-enabled internal system for your smartphone.

"privacy-enabled"? "internal system"? Those are some made up terms for ya. Pure marketing, no substance.

/e/OS has received academic recognition from researchers at the University of Edinburgh and Trinity College of Dublin.

Logical fallacy. https://en.wikipedia.org/wiki/Argument_from_authority

/e/OS is nothing more than a regularly outdated LineageOS, a Nextcloud server and some (rebranded and, again, regularly outdated) apps. I mention outdated twice, since because of this you're running software - for months at a time - with known 0-days that have already been fixed for others. See for instance https://divestos.eeyo.re/misc/ch-dates.txt

@luxunwansui
Copy link
Author

Im so sorry for my copied description.

I found a paper linked to the website of this program,heres it : https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pdf
It compared /e/OS and LineageOS at table one.About auditing I have no answer yet now.

There is a simple detail : I found "- /e/OS 123.0.6312.122, downstream Cromite https://gitlab.e.foundation/e/os/browser/-/commits/master" appears on the given link https://divestos.eeyo.re/misc/ch-dates.txt , thus I also suggest considering adding iodéOS to our list : "- iodéOS tracks LineageOS/master https://gitlab.com/iode/os/public/manifests/android/-/blob/v4-staging/snippets/lineage.xml"

@ltguillaume
Copy link
Contributor

ltguillaume commented Jul 3, 2024

While it might be possible that /e/OS has applied some patches to minimize communication with Google servers compared to LineageOS, the only difference with between them in that paper is that the researchers just installed the Google ecosystem (opengapps) on top of LineageOS, which isn't the default. No wonder LineageOS sends data to Google in that case.

What can be found in that text file is that the /e/OS browser (indeed a rebranded Cromite) is updated very irregularly, often with gaps of multiple months. I would recommend using Cromite instead. However, this does not update the WebView renderer, often used inside other apps, so you'll still be vulnerable (assuming they use the Cromite WebView: it'll be less outdated, but also less privacy-friendly, if they just use LineageOS's own WebView and indeed provide monthly OTA updates).

I have no info about iodéOS.

@luxunwansui
Copy link
Author

luxunwansui commented Jul 3, 2024

Thanks again for your patient review.

I cant resolve those essential privacy problem youve mentioned,but there are features about /e/OS I can see:
https://doc.e.foundation/what-s-e They offer a more delightful User interface,some advanced privacy features without root.
https://e.foundation/ecloud/ And a set of fully deGoogled online ecosystem called Murena cloud,supporting self-hosting and its original servers hosted in Europe with GDPR complied.

About iodéOS , see https://iode.tech/iodeos-en/ and I think it also belongs to the family of Lineage (Just in the meaning of privacy focusing). They also offer pre-installed fairphone in their shop.

That my simple suggestion above,if these cant help construct our project and Ill close this issue.

@ltguillaume
Copy link
Contributor

Well, the problems I mentioned are security problems, not privacy problems, but yeah, apart from that there's a lot to say for /e/OS's approach of providing people with a more complete alternative to the Google ecosystem.

Disclaimer: these are just my 2 cents, I'm not in the position to officially review anything here 🙂

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants