Hi everyone,
Currently looking at either a Pixel 8 or a S23 as a replacement for my Zenfone 8 that is slowly becoming a hindrence due to (primarily) the battery. I would replace it, but as it costs a lot to do that here and I have needs for a non-compromised water protection DIY feels like a dangerous option.
So S23 vs Pixel 8, what would you guys recommend assuming I can get either for the same price?
I like the S23 hardware a bit better on paper, but as Pixel phones generally are very flashable my anti-Google sentiments might (ironically) push me there.
I would get a fairphone 5 for the hot-swappable battery etc if they weren’t so expensive for what you get, and as Im buying second hand reuse is better for the environment anyways.
You mean pixels, not the fairphone?
Yes, pixels are Google phones and use Google apps and services.
iPhones are Apple phones and use Apple apps and services
But both of these companies by default send a lot of your user data to various third parties.
That is the reason I want a privacy focused phone, to avoid being tethered to a particular environment(you can use alternate OSs by unlocking the bootloader following the steps fairphone provides on their website) and permissions you aren’t allowed to customize and are designed to send data to third parties by default.
Murena is based on e/os, which is open-source, it doesn’t send user data out by default, they replaced Google apps with open source apps, trackers are removed by default, you can restrict tracking on any apps you choose to have that do track you, Google servers don’t check for connectivity, no Play store, location services by Mozilla,
this is the summary from the e/os site today:
https://doc.e.foundation/what-s-e#degoogling--ungoogling-in-eos
And this 2020 paper goes into a little more detail with the services that it blocks, although as you can see from the first link, they’ve obviously added more features that protect user privacy:
https://e.foundation/wp-content/uploads/2020/09/e-state-of-degooglisation.pdf
They replace Google services and apps with open source and privacy focused services and apps.
While privacy is important to me, the sustainability and general fairness of how fairphone treats their workers and customers and where they get their materials from are at least as important to me.
with fairphone, as far as anyone can tell, they don’t source their materials from slave labor, they pay a fair wage, the materials are as sustainable and recyclable as possible, and I can customize my OS and how it operates.
Pixels are Google Phones will full support for a custom OS like GrapheneOS.
Buy the phone, unlock it, flash a real OS onto it.
I think you didnt get that a phone can have a different OS?
You can unlock pixels easily. GrapheneOS extends those permissions, FairphoneOS CANT. Because otherwise they would lose their google certified OS status.
https://discuss.grapheneos.org/d/10712-what-are-stoppers-of-grapheneos-becoming-a-google-certified-os
I hope I explained enough how AOSP sends a tom of data. Please prove that they actually replaced all those things like GrapheneOS did.
The Google Apps on AOSP are open source. What did they do with the preinstalled Chromium for example?
What is that supposed to mean? Either they change the code or they still rely on Google Services. If they selfhost all those things I mentioned then yeah valid.
This doesnt work. Tracking is included in the APK files when building the App with Android studio. You have to decompile the app and remove it, then sign with your own key. You will need to do this on every update, as updates only work if the signing key is the same.
If you mean they use some kind of firewall this may be true. But most tracking goes to central servers (for reliability, these servers distribute the data) which may not be possible to block to keep functionality.
GrapheneOS has a network toggle and reduces the amount of data apps can collect (sensor permission, storage scopes, contact scopes,…), I suppose this is the best you can do.
This will make the OS unusable for many people. Banking, insurance, state stuff all rely on Goofle. Their store, their service framework, their device verification.
Not having any playstore is bad. If they advise to use AuroraStore be aware that it is a legacy app and the “access all files” toggle is not needed. Also you should only use the session installer method.
This is nice, it uses UnifiedNLP and I already contributed a lot using TowerCollector, please do too.
The problem is just that unifiedNLP doesnt exist as a regular user app anymore.
You would need a minimal OS app that redirects location calls by apps to UnifiedNLP, unifiedNLP checks it and redirects it.
Currently it is embedded in microG only (the standalone unifiedNLP has no updates since years), which is an unsandboxed blob of Google Play services, ripped out various components, probably not up to date, with broken features and entirely relying on fake values to get the Play checks right
MicroG is insecure as fuck. I think they cant work with GrapheneOS’ses google play service “run as user app and still work” compatibility layer because they spoof values and more.
UnifiedNLP needs to become a standalone, modern android app again, running as a user app and getting the permission to serve location data by the OS.
GrapheneOS’ A-GPS works fine luckily, but GPS may just vanish if the russians decide to bomb our sattelites. Having NLP (Network location provider) is essential and also saves battery.
I think microG still sends unnecessary data to Google when just using UnifiedNLP but no source on that.
I like Mapbox and this is only in microG. Simply microG does not work reliably and should not be used until it is modernized and compatible with gmscompat from GrapheneOS.
They also use Quad9 by default when setting a custom DNS.
Default apps:
F-Droid: I hope they use F-Droid basic but I dont think so. The old app is outdated, uses outdated libraries to support old phones, is insecure and only allows automatic updates through the “fdroid privileged extension” which gives it unnecessarily escalated privileges. Modern Android supports automatic updates without any of that.Seems they have their own store, no idea about thatThey replaced most of the Google server stuff, sounds okay. No info about device attestation and DRM leasing which means you will not be able to use Netflix etc, but this is fine for many privacy conscious people.
So in the end after arguing with GrapheneOS people too, the problem is:
GrapheneOS focuses on simplicity, keeping everything as close to “how it is meant to be” as possible, embracing and patching what android can already do, like more permission toggles or running the Play crap without being able to read your IMEI.
If you buy a new device, just dont buy a phone with that OS, I am sorry.
If Murena would support all the security features of GrapheneOS, or simply take their free code, make it less secure to run on that hardware and add their nice UI stuff on top, it would be acceptable.
But buying a new phone that uses some random chinese OEM model and bundles in a random mix of LineageOS, unmaintained apps and insecure “privacy optimized” play services, just no.
That took hell of a time to write, I hope you appreciate it.
Btw you find every source on github.com/grapheneos
Btw we are mixing up Fairphone and murena all the time.
Fairphone has a different OS. This is murena with their /e/ stuff, which is less fair, more “LineageOS privacy optimized”.
Fairphone runs a Google certified OS, which means they cannot harden it, have to preinstall Google apps and cannot add permission toggles for example.
https://discuss.grapheneos.org/d/10712-what-are-stoppers-of-grapheneos-becoming-a-google-certified-os
I did read your entire article, but all of your arguments against murena make are based on theoretical consequences of your worst assumptions rather than the information available.
Fair phone isn’t using some Chinese model and lineage OES or any legacy Play store.
There aren’t many reported issues with banking apps and there is a whole community page about compatibility with banking app specifically for e/os.
I can find plenty of forum users complaining about not being able to use Android banking, insurance or transportation apps, actually had 2 pretty critical issues with my Google services for about 8 months and another for about a year and a half that have never been addressed and the less critical issue was randomly resolved after 8 months or so, so the possibility that an app might not work perfectly on murena isn’t a convincing reason to stay away from an OS that doesn’t have those problems so far, or to stay in OS that I know has issues.
I’m not sure why removing the Play store makes you think the OS is unusable when there are hundreds of thousands of people using these phones without the Play store.
I included the part about changing the OS for a couple reasons 1) because you seem so singularly focused on graphene OS, it seems that you didn’t know you could switch OSs. And 2) they officially instruct their customers how to unlock the bootloader on their phone, which is another sign of transparency and responsibility.
It also makes it easier for me to try out graphene or some other OS if murena doesn’t turn out to be what I was looking for.
You seem similarly focused on chromium, which, is that something other than a browser? Because you don’t have to use that browser if you don’t want to.
Plus, The guy who writes graphene kind of seems like a dick?
https://www.youtube.com/watch?v=4To-F6W1NT0&t=821
Graphene must be a very secure project, because many people have suggested it, but there are a lot of problems with according to its users, it’s not some kind of perfect OS, you can just customize it well and it is more privacy focused than stock Android, which is what I like about murena.
Plus, I can put my money where my mouth is and support sustainability, respect for consumers and corporate responsibility, and try something new.
Trying something new doesn’t really worry me too much, and all of those hurdles you theorized could happen on a new OS, I have personally experienced in spades in Android phones (stock OS),. Which one would imagine would be the most compatible version of an OS.
Right now, murena and fairphone make more sense to me than keeping a limited Google phone I have been unimpressed with and switching to grapheneOS, written by someone who publicly speaks so recklessly and rudely so often without the proof that his OS is more secure or robust than murena.
Since you keep mentioning the banking apps that app incompatibility, I looked up “banking app not working murena” and “banking app not working graphene”, nothing pops up for murena except a list of explicitly working banking apps and one customer asking if banking apps work and another customer responding “Yeah they work, Here’s a list of the ones that definitely work.”
Perhaps because graphene has more users, but there are dozens of search results for banking app compatibility issues with graphene OS.
I’m not worried about that myself, but is that why you’re so worried about banking apps not working on fairphone? Because they don’t work with graphene?
I appreciate different perspectives, but you seem singularly focused on pushing one project that just doesn’t seem like a good fit for the social responsibility and ethical privacy-based software that I’m interested in regarding fairphone, that so far there doesn’t seem to be any issues with. I’m also confident that I can overcome any compatibility issues that do arise, as they have on every phone I have ever owned and every OS I have bought or flashed myself.
Your arguments are a little tree-focused, while the mobile landscape and what goes into creating and implementing the little omnipresent devices is a vast forest.