/e/OS is not fully degoogled, as DNS connectivity checks, hardware attestation provisioning, and eSIM activation all go through Google.
It is often many weeks or months behind on security updates, especially in the WebView, which makes it easy to exploit.
It doesn’t support bootloader locking on many devices, and if you lock the bootloader on a phone that does support it, it could brick if /e/OS is on an older security patch than the stock ROM was.
It doesn’t use a lot of the hardening in GrapheneOS such as hardened_malloc which prevents memory corruption exploits, even if the hardware supports it.
And finally, /e/OS’s text-to-speech sends what you say to OpenAI, despite local options being available.
If you want a properly secure Android phone, the best option is GrapheneOS, however it only supports Pixel phones and future Motarola phones due to its high security requirements.
If you can’t get a Pixel then iOS in lockdown mode is the next best option, however if you can’t replace your phone, LineageOS is much worse than Graphene although it is still much better than /e/.
This is honeslty a shameful post. A personal rant with just a nasty agenda
People or projects attacking other privacy focused projects working on good faith intent to help us escape the duopoly are just sad. If a project doesn’t fit your personal needs, so be it, move on
As a whole we need as many of these projects to succeed & elevate as possible. Shooting at others because you got your feelings hurt elsewhere is childish and self-defeating for all. Last thing we need is creating a monopoly of privacy focused options
Security is very important.
Sure is. And if you ain’t surfing nasty sites, loading ‘free’ VPN spyware, crap AI dung & scammy apps it’s all good
Android OS is a very secure OS. Google recently moved their older devices to quarterly updates versus monthly. Are we now saying those older pixels (still in support life) are insecure because they could go 3 months w/o an update? In itself that move is telling & obliterates the marketing scare tactics used by some & some projects. It’s sad really.
Common sense and good online habits will take you further than all else
The reason I wrote my post is because there are better alternatives, like Graphene if you have a Pixel and can accept sandboxed Play services, or LineageOS which is less secure but works on many more phones and supports MicroG.
/e/ is very insecure compared to those, and it is likely easy for someone who has bought a used Cellebrite to get into it and make your lockscreen useless.