>/e/ Foundation is Offering Renowned Smartphones But Without Proper Android and Google Experience On Them
That seems like a really unfair thing to say. What is "improper" about it? The fact that Google Play Services or FCM is used for notifications for example is not an issue with the android platform, but a case of Google being power-hungry.
The linked website is an infamous low-quality content farm designed to draw readers into clicking on affiliate links. Its authors are low-paid content writers who just need to quickly produce a few more-or-less grammatically coherent and SEO-heavy paragraphs, even if the claims within are weird or baffling, and one shouldn’t put too much stock in anything said there.
The final line of the article is pretty dismissive of the whole project:
> While the /e/ Foundation does have an ambitious goal of protecting people's privacy, we live in an age where nothing is really private, so a phone that caters to those concerned about their privacy makes very little sense.
Yeah, I found that comment to be unhelpful. But there are hard questions here, and merely dropping Google components doesn't really provide satisfying answers.
A "phone" needs to facilitate communicating with others. A "smart phone" should run apps many of which do at least some communication with various web services. If the whole system around your phone isn't trying to preserve your privacy, can your phone's OS really protect it? If you lock down stuff to the point where you are confident you're not leaking a trail of potentially identifying info, how useful is the phone?
That line also stuck out to me and seems a bit short sited.
The claim that we live in a world with no privacy could also lead to the conclusion that the supply of privacy could potentially be far below the demand, and thus be a prime market to tap.
Google still decides how Android is developed. Also you will never be able to run mainline Linux kernel on those devices due to the proprietary drivers. If you really want to escape from Google and own your phone, consider GNU/Linux phones instead.
Sure they do. I used to develop web sites for flip phones.
or sensors
Well, isn't that the point of a flip phone these days? That you don't want to be constantly sensed, tracked, and tabulated? Sounds like a feature, not a bug.
Also, they don't have kill switches
There's no better kill switch than the ability to pop out the battery.
My point is that you can't verify it, because you don't control manufacturing. Just like you can't verify that the server is running the open source code.
Maybe I can't verify those things, but a lot of people can and if anyone finds anything suspicious, they will make a lot of noise and everyone will know. This is how community verification works. It adds additional verification procedure, thus making everything in general more secure.
If you really need to be sure, you can also hire a professional and they will verify that for you, too. Try to do that with iPhone software and hardware.
I m not willing to spend time to search for a source but I remember reading that some newly produced flip phones have appropriately modified versions of play services.
"flip phones" probably isn't the right word here. The form factor is irrelevant. What matters is that it's a dumb phone. Even if it does have play services installed, the impact is minimal because it can never phone home to google, assuming you don't connect to the internet (it's a dumb phone, why would you?).
While this is certainly a welcome option, third party app stores like F-Droid work just fine. The main repository contains only free software compiled by the F-Droid team, but other user-addable repositories can contain anything.
Additionally it is already possible to download APKs as they are hosted on Google Play from sites like apkmirror.com and you can even install the Play Store if you have microG and are so inclined.
We also need an alternative to Google Push notifications.
I think it would be cool to implement a similar system on top of the Web Push API. This overs e2e encrypted push with existing clients. We would just need to define the Java client API.
I've seen it but it seems to be mostly idle. And they are defining a new server-to-server API instead of using Web Push which seems like unnecessary duplicated work and requires new server-side client libraries and server implementations. Furthermore they don't support e2e encryption yet.
No. Web Push Notifications are basically a protocol. They define three main things 1. A JavaScript API for retrieving a notification endpoint and configuration 2. A JavaScript API for receiving notifications 3. An HTTP API for sending notifications.
Notably absent is a method for connecting that HTTP API to the JavaScript receiver. This is independent of the Web Push protocol and how it is implemented will affect the performance. For example Chrome on Android will use Google's regular push infrastructure (or at least a wrapper around it) and will have the same performance. You could implement this part via polling but the performance will be terrible.
So to make a replacement for Google's push system on Android you would need to rewrite 1 and 2 (possibly just translating the JavaScript browser API to Java) and you would need a push server implementation as well as a client to run on the phone. This client is where you take care. But as long as you run one client per device it should perform similarly to Google's solution. The main problem would be if every app ran their own client, but that isn't what is expected. The phone should provide the push server information to the app (which hands it over to the server) so that all apps on the device use the same server.
Sure, you are still implementing a lot, but the thing is that websites and services already have ways to store these push endpoints in the DB as well as encrypting the messages and sending them. It would be a lot less work to get them to do a little client-side work so that they app uses the same codepath as their webapp than making changes to their whole stack to support a new protocol.
Could you cite that, please? Signal provides both a Google Play install and an APK directly downloadable from its website. And of course loads of apps are on both Google Play and F-Droid. So, I’m assuming that Google’s policies forbid providing directly download of APKs that are inextricably based on Google Play Services, but it would be nice to see the actual text.
Mostly from personal experience, also saw a few similar cases on Reddit. The banned app had a link to the app's website which, in turn, had a link to xda forum where the very same apk was hosted. Here is the rule quoted in the suspension email:
"Apps or third party code (e.g., SDKs) that download executable code, such as dex files or native code, from a source other than Google Play."
If someone thinks it's an overreach, read about cases when apps were banned due to a link to another Google Play app from the same developer [1]
Yes, so this is apparently banning linking to third-party sources of executable code from within apps, not simply making an APK available from multiple sources.
Signal’s APK is hard to find because the developers really don’t want people using it. They believe that it is best for security if all users get the app from the same place with automatic signed updates, i.e. the Google Play Store. The direct-download APK is only grudgingly provided because they know that some signal users are using Android versions without the Play Store.
Couldn't find on their site anything about the root account. Do they give you full access to your device or it's just the same as a regular phone sans the google apps?
The market for these must be incredibility niche. The average Joe would probably just switch to an iPhone if they want to de-google, and those who don't can probably find step-by-step instructions on how to install LineageOS without Google Services. I understand these are made for people for don't have a solid understanding of technology, but in the long run, running Android without GMS would probably require just as much troubleshooting as flashing a custom ROM.
Also, looking at the /e/ Foundation, I see that they provide a custom ROM, and I don't understand why anyone would use /e/ vs. LineageOS for microG. It appears the only thing added by forking Lineage was to preload apps, all of which are already available on F-droid.
When I saw the title, I had hoped a phone manufacturer had created a Google-free device, one that could be sold directly, without relying on a refurbished supply of three-year-old Samsung phones. The phone being sold doesn't have anything that could already be achieved via a combination of a used s9 + lineageOS.
neat! I tried a nice android phone last year and it was such a shit experience that I returned it within 24h. This was 100% because google.
Also, this can go suck it with his ' a phone that caters to those concerned about their privacy makes very little sense.' bs. That is exactly the shit attitude take lets these cunts win.
Worth reminding everyone that PinePhone and Librem 5 both exist: phones that run bonafide, open source and open development model, honest to god Linux. No Google funny business. They're immature but they're getting there, and their releases don't involve doing surgery to take lots of stuff out. It is the only sustainable model for free software on mobile.
This sound like a worthy project even though it likes extremely hard to maintain.
I am curious how the Android underneath is upgraded and how often it happens
In the above case it's actually a move away from security. In order to support MicroG, their OS needs to be patched to allow signature spoofing which can be used to install malicious applications that look like legitimate ones. LineageOS, which is what efoundation forked has opposed this: https://old.reddit.com/r/LineageOS/comments/8p4169/what_is_l...
I don't disagree with those points. My point was even raising awareness that one can get a "de-Googled" Android phone (even if that phone supports and encourages things like microG) will raise awareness about de-Googled phones and why that's a good thing. Once awake, aware, and informed they might decide they don't care, use microG, or decide that going all the way and going with Graphene is the right move.
Yes, the joke was that even though there are store alternatives, one of the most/first common things will be installing the play store as in...what happens in the Chinese phone ecosystem.
I guess most people here aren't aware that google-free android phones are already a common thing.
Reminds me of a situation where I had to do tech support for a pal who had bought a Chinese phone (later learned it was a Xiaomi device). Turns out for some reason the Chinese model didn't have Google play store pre-installed since it is useless in their home market. However to get around this restriction, you had to locate one of the system apps, then search for a specific app inside it that would then install the Google play store.
Also, unrelated but obligatory. Huawei after the Trump ban now offers a de-googled smartphone experience.
Most apps downloaded from Aurora Store will not work on Google-free Android versions, because mainstream apps on the Google Play Store tend to require Google Play Services for even basic functionality.
I recently de-Googled both my phone and my wife's. Although we try to use FOSS apps as much as possible, there's still a handful of apps we've downloaded via Aurora, all have worked fine. Obviously YMMV but I don't think "most apps won't work" is true.
That seems like a really unfair thing to say. What is "improper" about it? The fact that Google Play Services or FCM is used for notifications for example is not an issue with the android platform, but a case of Google being power-hungry.