Mastodawn

/e/OS is a complete, fully “deGoogled”, mobile ecosystem

https://e.foundation/e-os/

Would you use it? My best guess is that most people will use it if /e/OS provides some sort of jailed/isolated compatibility to run banking apps which typically don't work without google play service.

/e/OS - e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data

ECOSYSTEMKEY FEATURESGET /E/OSNEED HELP /e/OS is a complete, fully “deGoogled”, mobile ecosystem /e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy. /e/OS has received academic recognition from researchers at…

@nixCraft few more second and grapheneOS enters the chat

@nixCraft I mean, you can get bank apps to work one way or another generally speaking. Alright, sometimes that requires rooting. (Well, I believe we should have root access to our own devices anyway!)

The biggest issue is /e/OS still does a lot in binary blobs that people don't have such direct access to.

As a *nix-oriented account, perhaps you should take more of a look at LineageOS (which most of these things are based on at least in part anyway!)

And for de-googling, LineageOS doesn't come with Google services, so you just install MicroG instead if you don't want Google services. Or don't even install that if you don't actually need it. (Some apps expect Google services and it can fool them, but not all do. Especially anything from places like F-Droid...)

@nixCraft Really the benefit of /e/OS is mostly just that it's a little less complicated to get started on and etc. If I was recommending to someone who had absolutely no familiar with flashing hardware and etc, I might suggest it maybe. It's a little simpler for someone who doesn't know what they're doing. That's pretty much all it truly has going for it and I guess really it's main point anyway.

Daemon Byte Mar 2

@nazokiyoubinbou @nixCraft It also comes preinstalled on a number of phones so makes it extremely easy for the average user.

Daemon Byte Mar 2

@nazokiyoubinbou @nixCraft I don't use the nfc myself. I just like to know it works as a backup if I forget my wallet. But banking I do in app because my banks are all app first these days. Even if just as a 2fa

@nixCraft I'm using it, without virtual card service (I didn't had any before). What's your phone OS ?

Ray McCarthy Mar 2

@nixCraft
Does Revolut App or Irish An Post Banking (no website alternative) work on any de-Googled Android?

IMO if there is a banking licence you should be able to do everything on a Website / Browser without a special plugin.

PayPal and my Credit Card work without an app.

Apptization of Internet based services with removal or no Browser version is abusive. Should be illegal.

@raymaccarthy @nixCraft revolut works on @GrapheneOS, afaik it's some workaround made by the GOS team

Daemon Byte Mar 2

@raymaccarthy @nixCraft I can say all the German banks seem to work just fine. Most won't let you pay via nfc without google though. Paypal is the only one I have found to let me do that. The rest depend on google wallet. There is a good compatibility list for /e/

https://community.e.foundation/t/list-banking-apps-on-e-os/33091

[LIST] Banking Apps on /e/OS

This is an editable list of banking apps that work on /e/OS. Please enter details only after you have tested all features of the application. If some functionality is not working mention that in the comments. Looking for contactless payment? See this article. TLDR: Curve app for customers, Zettle app for merchants. Country Bank App Name Status Comment WorldWide Revolut Revolut Works only with pre-installed /e/OS and locked bootloader Confirmed working on Murena Fairphone 6 with prein...

/e/OS community

Ray McCarthy Mar 2

@daemon_byte @nixCraft
I'd never use my phone to make local physical payments, or online payments. I only want to manage the account. Hence I'd prefer to use a real web page.

I pay online by IBAN, Paypal or Card details.

🐈‍⬛David Sommerseth Mar 2

@daemon_byte @raymaccarthy @nixCraft I've tested out Curve Pay with NFC. That worked fine. I'm just hesitant to trust fully them (I'm a bit paranoid on such type of apps), and it requires a subscription and ID check to get all the goodies.

Ray McCarthy Mar 2

@dazo @daemon_byte @nixCraft
I won't put any 2FA, important app or payment on a phone that leaves the house, ever.
What if it's lost or stolen?

The important phone with 2FA, special apps etc never leaves the house.

Daemon Byte Mar 2

@raymaccarthy @dazo @nixCraft not a choice. All the credit cards / banks want to use the app to check website logins or credit card transactions

🐈‍⬛David Sommerseth Mar 2

@raymaccarthy @daemon_byte @nixCraft

I use Aegis, which encrypts the database and requires an unlock passphrase (or biometric auth, but something tells me you don't use that). Same with Bitwarden or Proton Pass. As well as several other apps.

Seedvault + Synching (over a VPN to my server) ensures everything is backed up. I'm just waiting for Murena to release the MDM feature, so I can remote wipe the device.

Plus enabling the "Find my Device" feature where you send a unique SMS code to your phone and it will reply with the GPS coordinates. This will also enable location/GPS if turned off. (This feature is disabled by default).

/e/OS is also fully encrypted, so if it gets turned off, your data has some protection there too.

But all of this doesn't matter much. It all depend on each of our own threat models. How far do we go to protect ourselves in regards to the threats we want protect us against, and how that intersect with the phone being convenient to use for every day life. There exists no "one size fits all" here.

Daemon Byte Mar 2

@dazo @raymaccarthy @nixCraft for my regular 2fa? I use proton authenticator for 2fa and bitwarden for passwords. I can't bring myself to put my 2fa in the same app as the passwords. I did use keepass xc but I figured there was actually a higher risk of me messing the sync up and killing all my 2fa :) I do have the find my device setup but I haven't setup seed vault yet.

🐈‍⬛David Sommerseth Mar 2

@daemon_byte @raymaccarthy @nixCraft I have Aegis do an automatic encrypted backup to a directory Syncthing takes care of. But I don't want 2FA and passwords in the same app as well, that feels a bit "too many eggs in a basket".

Seedvault is pretty easy to setup. But you need to write down and store the recovery passphrases. You just pick a directory where the backup should be stored. And Syncthing keeps track of that directory as well

Daemon Byte Mar 2

@dazo @raymaccarthy @nixCraft I was already setting up the backup. I didn't realise it was built in already. You're using syncthing fork?

Ray McCarthy Mar 2

@daemon_byte @dazo @nixCraft

So my 2nd "outdoor" phone is totally disposable. The only personal stuff are phone numbers of people I might ring from it.
It has a copy of a music collection and some useful standalone apps and a few copies of ebooks. No Kindle / Kobo /Google book account. No spotify or whatever.

Ray McCarthy Mar 2

@dazo @daemon_byte @nixCraft
"Find My Device" is a security / privacy risk and may not work depending how the phone was lost / stolen.
The 2FA and various important apps are tied to the SIM/Phone number. If you are on Contract or number is registered then then the phone operator can be conned into issuing a SIM or Transfer (O2 frequently has done this). If the non-contract phone is lost then the number is lost too and you are locked out of 2FA and apps. You then have to create new Amazon, Bank.

Daemon Byte Mar 2

@raymaccarthy @dazo @nixCraft firstly, the find my phone on /e/ is not a privacy risk. You text a given code to your phone and it texts back a GPS. Simple and private as long as nobody knows my code. And the 2fa is not linked to my number. I can, and have, swapped sims and it works fine

Ray McCarthy Mar 2

@daemon_byte @dazo @nixCraft
The services I'm using link to a number, not an app!

🐈‍⬛David Sommerseth Mar 2

@raymaccarthy @daemon_byte

You seem to try to achieve "absolute security". That is a utopia.

It is needed to have a security approach which is aligned with a threat model adopted for your situation. Otherwise, the most likely outcome is that you can't be online at all (in the fear that your devices or online accounts/accesses might be compromised) or that you can only be at a single location where you can keep an eye on all the devices you have at all times - and that they need to be stored in a high security safe with top notch alarms to detect physical breaches.

Both of these approaches also has flaws.

Such strict regimes is not something most users ever need to consider, just based to the statistical risks that it would be required. You would need to be a very high profile VIP person to have such needs.

And such a strict regime can become so tiresome that you lower the guard to quickly, compromising the security regime a lot, when you need a quick solution in a stressful moment. This is how strict regimes ends up counterproductive.

A carefully considered threat model focusing on more realistic threat vectors you might end up in, and have carefully considered countermeasures against these vectors, with clear areas what kind of acceptable compromises may be fine, will result in a security regime which is possible to follow in real life.

Ray McCarthy Mar 2

@dazo @daemon_byte @nixCraft
A backup without a SIM with the original number is useless!

In fact I've no important stuff on the phone that's not a copy of PC stuff. No backup needed. The only important thing is the actual phone number!

All the 2FA is by SMS. Yes, there are ways that's insecure. Helped by it being an unregistered phone/ no contract!

Daemon Byte Mar 2

@dazo @raymaccarthy @nixCraft on /e/? I tried curve but it didn't work for me. Oh well I cancelled my curve account now anyway. They've gone seriously down hill as they desperately tried to stop losing money

🐈‍⬛David Sommerseth Mar 2

@daemon_byte @raymaccarthy @nixCraft yeah, worked reasonably well I'd have to say. On /e/OS on a FP4. But it's a while now (5-6 months, probably) since I cancelled my free account. It could have changed since.

But it actually saved me in a shop during travelling abroad. For some reason neither my Visa nor MasterCard was approved in the shop. Paying via Curve worked, charging the same credit card account which failed in the shop.

The spending limits are fairly low on the free account, though. That's were you need a paid subscription to actually make it more useful.

harald_dunkel Mar 2

@nixCraft i use /e/OS on a Fairphone
Banking Apps work fine

Bedenkenträger Mar 2

@harald_dunkel @nixCraft +1

Chris1776 Mar 2

@nixCraft Just use a crappy burner phone for the banking apps.

Mungo Schlomo Park Mar 2

@nixCraft I’ve been on /e/OS for about two years now. It’s nice. The update mechanism is good, and integrated Seedvault works OK.
There’s fewer customisations than in lineageOS/cyanogenmod. But I’m OK with that now.

@nixCraft doesn't graphene allow running isolated google play services already?

@nixCraft It's actually not deGoogled, it gives privileged access to Google libraries and connects to Google servers by default as part of microG setup.

@BucciaBuccia @nixCraft
can you elaborate?
Any source that explains what you say in more detail?

@nixCraft heise.de just had articles about that topic. Banking and NFC seems to work mostly out of the box

mistersmee Mar 2

@nixCraft I'm eagerly awaiting the Moto GrapheneOS to come out. That'd be my option, cause GrapheneOS is more secure than eOS and LineageOS, and basically solves the issue of banking apps.

@nixCraft I use it and no issues with banking apps

vksxypants Mar 2

@nixCraft I have the Fairphone 6 with /e/OS on it. All of my UK banking apps work, except for one - Chase UK. My workaround was to close my Chase UK bank account.

Funnily enough, before getting the FP6, I had been running /e/OS on my now-ancient Samsung Galaxy S7. On this 10 year old phone, the Chase UK app worked fine. I have no idea why it stopped working when I switched to the FP6.

CriticalBackend Mar 2

@nixCraft I've been using /e/os for a few months now, its so far a solid choice. I chose it over lineage as its officially supported on fairphone. I'd say give it a go if you don't horribly mismanage your backup (like me). The default app installer isn't the best though, I'd recommend switching it out for aurora.

Asterisk 🇨🇦Mar 2

@nixCraft Not a fan of the knockoff iOS look or the lack of verified boot support.

@nixCraft I run LineageOS for microG that is also completely degoogled. And I just don't install banking apps on the phone, I don't like having them there.

Andreas Albrecht Mar 2

@nixCraft Read #kuketzblog on /e/OS.
I have doubts. I wouldn't want it.

You don't always need Play services to run banking apps. The ones I tried work well w/ GrapheneOS.

If an app doesn't run on GrapheneOS w/ Play services installed, IMO it's just poorly programmed, and you shouldn't use it.

Some implementations of the German ePA e.g. don't work.

Daemon Byte Mar 2

@nixCraft would I? I have been for a month now and I was pleasantly surprised how few apps had a problem with the lack of google. All my banking apps worked fine. Ironically it was apps like scooter rental and food delivery that didn't work. I suspect because they took shortcuts in their apps and locked themselves to google

@nixCraft I thought about it, but chose Lineage OS instead for practical reasons (my son had to help me and he thought the documentation easer to understand than that of /e/OS).
But Lineage requires you to sideload upgrades again and that bothers me because I did not remember how to do that. Don't know if it's the same with /e/OS. I just want to sideload once and then update and upgrade on the phone itself.

@nixCraft I'm using Graphene on my Pixel 9a, but unfortunately my credit union app doesn't work there.. Not sure if it would work on /e/OS or Lineage tho

🏳️‍⚧️ Chloé: IA Vegan Mar 2

@nixCraft
I currently have a Pixel 4a with /e/ loaded on it.

innocentzero Mar 2

@nixCraft is it fully open sourced though?

Valériane Mar 2

@nixCraft
Je viens d'en acheter un. Mon appli bancaire restera sur mon ordinateur.

Valériane Mar 2

@nixCraft
Ben non, grâce à la liste fournie plus haut, je sais que l'appli de ma banque fonctionne.

@nixCraft IMHO it won't happen on it's own - all those "banking apps" (and other "security") stuff has to be forced to be inter-operable and not dependent on google walled garden…

🐈‍⬛David Sommerseth Mar 2

@nixCraft I've used it for some years. MicroG does a decent job to fill the gaps mostly needed. All apps I use, including 5-6 different bank and financal apps work. I have heard that some banks in Romania is more challenging, though. And one of the Norwegian apps kicks you out regularly after they've released an updated app (re-login works, though, so I find it more nonsense than anything else)

/e/ is installable on lots of phones as well; maybe you have an old phone to test it out on?

@nixCraft I am using /e/OS for a while now and there is no app inclund banking that does not work. No google account! It works.

The heavy lifting is done by microG. Afaik it emulates the play store functionalities.

Maquis196 Mar 3

I way prefer Graphene personally, but I get that only works on so many phones.

Yaël Moussouni Mar 3

@nixCraft I've been using e/OS/ with microG on a Fairphone 3 for quite some times now! At the beginning, I had some issues with banking apps that are now solved after a few updates (I haven't tested contactless payments however).

🚲 Arno roule 🚶‍♂️🐧♻️

@nixCraft
Have it on Fairphone 4 for 2 years, and I'm completely happy with it!

dariomehr Mar 5

@nixCraft I use /e/os from Murena Os in a Fairphone.
My bank/gov apps work fine.