| ▲ | ramon156 3 hours ago |
| Does anyone have a good grasp of the differences between GOS and /e/OS? I'm buying a Fairphone soon and was wondering what both are like |
|
| ▲ | palata 2 hours ago | parent | next [-] |
| I have been using /e/OS for 5 years, and also GOS. My take is: - If your phone is supported by GOS, you should go for GOS. - If your phone is not supported by GOS, you should look carefully and compare between /e/OS and Stock Android. I had a Fairphone 3, and after 5 years, /e/OS was outdated by 4 years w.r.t. the manufacturer updates. In other words, Stock Android coming from Fairphone was more secure than /e/OS on that Fairphone. In my experience, /e/OS has a tendency to claim that they support everything, but they just can't, there is too much. And then they complain when GrapheneOS criticises the fact that some /e/OS users believe their phone is well supported but actually isn't. And GrapheneOS is not wrong: I realised I was in that case after 4 years with /e/OS. |
|
| ▲ | onli 3 hours ago | parent | prev | next [-] |
| GrapheneOS claims to be a lot more secure, having additional hardening. See https://eylenburg.github.io/android_comparison.htm - keep in mind that it is not an independent comparison, the Graphene guys directly feed what this table is supposed to say in the issue tracker, https://github.com/eylenburg/eylenburg.github.io/issues/. But it gives a good representation of the state of the ROMs according to Graphene. In regular use, main difference will be that /e/OS comes with access to the alternative cloud service that project provides. It uses the default FOSS solution microG for google api compatibility, unlike GrapheneOS with their sandbox approach. /e/OS sets on AppLounge to install and upgrade both play store or F-Droid apps. Graphene has a small curated app repo instead. I'd never use GrapheneOS since I don't trust the project. /e/OS is also not my favorite since it feels like it is developing slowly, having had issues with outdated software versions - though it does work well in practice. Have a look at iode for an alternative. |
| |
| ▲ | gf000 2 hours ago | parent | next [-] | | > GrapheneOS claims to be a lot more secure That's not just a claim, this is an objective fact. GrapheneOS has a excellent track record when it comes to security, they have made several patches that got upstreamed to Android, etc. | |
| ▲ | palata 2 hours ago | parent | prev [-] | | > I'd never use GrapheneOS since I don't trust the project Fair enough, you choose what you trust. But personally, I have never seen a technical claim from GrapheneOS that was wrong or misleading. But I have seen many claims from /e/OS that were technically wrong or misleading. So I trust GrapheneOS more. Then there is the drama, and all sides annoy me when they behave like this. But I have seen drama coming from all sides. | | |
| ▲ | onli 2 hours ago | parent [-] | | I have never seen drama from /e/ or any other project GrapheneOS attacks, like Calyx. Please link me to it - I asked this several times, people never can follow up. So far? | | |
| ▲ | palata an hour ago | parent [-] | | > Please link me to it - I asked this several times, people never can follow up. So far? Sorry, I won't spend 30 minutes digging to find that :-). I follow /e/OS, GrapheneOS and (followed) Calyx. I have seen messages from all of those either on forums, Mastodon, etc. Also, whenever GrapheneOS makes a technical point (which is often a blunt "GrapheneOS is superior because [...] does it wrong"), many users of those projects answer aggressively (and of course many GrapheneOS participate as well). And on top of that, a lot of messages criticising some GOS people or the entire project and calling them "toxic" whenever GrapheneOS is mentioned. I have no skin in this game, so it doesn't touch me. But I could understand that the GOS people feel "harassed" by this. If everywhere I went people said "have you seen this guy? I hear he's toxic", I would consider it harassment, I think? | | |
| ▲ | onli an hour ago | parent [-] | | Sorry, but then I take this as the usual - GOS is attacking other projects, that I can easily see in all their socials, and the other projects have done nothing wrong. GOS always claims that the other projects attack them since years, and never shows any proof. And indeed, I still never have seen any attack against GOS. Seems like this won't change today. You or other readers can check https://github.com/mozilla/ichnaea/issues/2065 for a public display on how GOS attacks work when they are mixed into technical debates, how they destroy any chance of cooperation. | | |
| ▲ | palata 40 minutes ago | parent [-] | | > Sorry, but then I take this as the usual Sure, you're free to do what you want. Just sharing my opinion given that I follow those projects from the outside. > You or other readers can check I guess what I am trying to say is that it takes multiple sides to argue. For what it's worth, your link shows the founder of /e/OS engaging there. I have seen both technically wrong and misleading claims from the founder of /e/OS on Mastodon, then GrapheneOS explaining why they thought it was wrong on their forum, and then the founder of /e/OS calling them toxic and complaining about those attacks. And then /e/OS users would join the party and start attacking GrapheneOS, fully trusting those claims from the /e/OS founder. I can't really say that he didn't have any responsibility in the drama under those conditions... Again, GrapheneOS tend to be blunt, but it doesn't make it technically wrong. And when the message is "it is unacceptable to us in terms of security", then it will be blunt anyway. I realised after years of using a phone I bought to Murena that my system (that they installed and sold to me) was entirely breaking the AOSP security model: it was signed with the Google testing keys and the bootloader was unlocked (and just couldn't be relocked, and anyway it wouldn't matter because of those keys that are not meant for production). In other words, I bought a product to Murena that was unacceptable to me in terms of security, but genuinely thought it was better than Stock Android because of Murena / /e/OS marketing. I genuinely feel either they tricked me, or they didn't know it themselves. I have personally seen multiple /e/OS phones in a state where they were objectively less secure than Stock Android. I get that they don't like it when GrapheneOS says it, but that is not wrong. |
|
|
|
|
|
|
| ▲ | 3 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | SockThief 3 hours ago | parent | prev | next [-] |
| Consider this (by Graphene OS):
https://discuss.grapheneos.org/d/24134-devices-lacking-stand... /e/OS community talking about it:
https://community.e.foundation/t/article-from-grapheneos-abo... And then maybe this:
https://eylenburg.github.io/android_comparison.htm Hope that helps. |
| |
| ▲ | realusername 2 hours ago | parent [-] | | I like GrapheneOS but they fail to understand in this post that the #1 security concern an android user face is the lack of privacy. Sure they have hardened everything but realistically, that's not the main threat for your average user. Their top contribution to android is the sandboxed Google Play, by far. | | |
| ▲ | palata 2 hours ago | parent | next [-] | | I think it's more of a marketing claim from less secure systems that "privacy is not security, and GrapheneOS focuses on security while we focus on privacy". GrapheneOS does care about both, quite obviously. And GrapheneOS tends to say that if your security is bad, then it is affecting your privacy too. Whereas others say "sure, we break the Android security model by unlocking the bootloader and signing our system with the Google test keys, but your apps will contact Google through microG instead of the Play Services, so it's more private". Which is worth what it is worth... | |
| ▲ | gf000 2 hours ago | parent | prev [-] | | privacy != security. And sandboxed Google Play services serve both goals -- it runs the service as a regular android service, not an exceptional one that has a bunch of extra permissions. So you can allow/restrict it as you seem fit, while not "getting behind" on features/apps that mandate it. | | |
| ▲ | realusername 2 hours ago | parent [-] | | I disagree, privacy is an essential part of security, if there's no privacy, then there's no security. That's also why I don't keep anything important on my phone as I don't trust what's going on there despite having all the secure features that you would want. | | |
| ▲ | scheeseman486 2 hours ago | parent [-] | | Other way around, actually. It's possible to make concessions to privacy, like providing crash reports, or running applications in sandboxes which limits what they can harvest, while keeping the platform secure. Any privacy you have on a system is reliant on no one tampering with that system and on software behaving itself. Without security, you can't trust the system to implement any privacy. | | |
| ▲ | realusername 2 hours ago | parent [-] | | I also disagree with that, I trust my Linux distribution to behave well much more than I trust any Android platform and it doesn't even have much app sandboxing at all. You can't fix a lack of trust like you have in Android with technical solutions. The flaw in Android is fundamentally a social problem. | | |
| ▲ | scheeseman486 2 hours ago | parent [-] | | That reads more as sports team flag wavey thoughts and feelings trust than anything actually backed by objective data. | | |
| ▲ | realusername 2 hours ago | parent [-] | | That's the difference between trusted computing (Linux distribution) and untrusted computing (Android). If you want something backed by objective data, my phone has an advertising ID built in the OS and my laptop doesn't. My phone had 100s of privacy scandals and my laptop doesn't have one. I do applaud GrapheneOS don't get me wrong but I have a feeling that they are fighting a losing battle. |
|
|
|
|
|
|
|
|
| ▲ | noirscape 2 hours ago | parent | prev | next [-] |
| GOS creates a complete bunker of a phone that can provide defense against pretty much all but the most dedicated state level actors. If you're worried that someone would steal your phone specifically to target you, Graphene will protect against that. Securitywise it's hard to argue against them, although GOS tends to sacrifice usability in favor of security, which leads to odd decisions. Their device depreciation timeline is also pretty aggressive and really just matches that of the Pixel. (You're also buying the Google phone... to not want Google in your life; this bizarre paradox will always be strange). It's not exactly a recommendation for long-term support. Worth noting however is that usage of GOS is also seen as a signal in and of itself for the authorities that you may have something unsavory to hide, so using it stands out in that regard; some law enforcement officers (I think it was in Spain?) have said that the OS is popular with organized crime. GOS obviously denies the connection and they're probably honest in that the OS isn't deliberately designed for criminals, but it's worth noting at the very least. (Basically GOS is the paradox where someone trying their hardest to be anonymous ends up standing out way too much from the crowd and drawing attention to themselves.) /e/OS (and similar "non-LineageOS" ROMs really) instead focus more on de-Googling. They're still generally security focused, but the priority is less "someone's after you" and more "corporate surveillance is kinda scary innit". The aim is less to avoid someone actively trying to drain your phone of data and more to prevent your phone from passively sending everything it can possibly find to the Big G's ad machine (as well as whatever other trackers get snuck into apps.) Because of this, they usually have better depreciation timelines and support a lot more devices compared to GOS who only support the Pixel line (which is an increasingly awful set of phones truth be told); their scope is much smaller. Finally, it's worth noting that the GOS community is absurdly toxic to anyone doing anything privacy-related that isn't under the banner of GOS. It's extremely maximalist, tends to get very upset at other projects whenever they get attention (see sibling reply to this, where they pretty much melted down because an outlet dared to recommend a Fair phone+/e/OS) and the projects official channels have generally encouraged this sort of behavior. It doesn't really damage the software itself, but it's worth considering. |
| |
| ▲ | palata 2 hours ago | parent [-] | | I have been a user of /e/OS for 5 years, and also of GOS and would like to share my opinion on this: > it's worth noting that the GOS community is absurdly toxic to anyone doing anything privacy-related that isn't under the banner of GOS What I have seen (and I am not involved in any of those projects) is that GOS does care a lot about security, has a higher quality in that regard than anything else, and tends to be blunt about "inferior" projects communicating about security. Not that they couldn't improve their communication style, but usually when they call out technical limitations of other projects (e.g. /e/OS), they are right. And I mean the technical arguments. Then I have seen a bunch of drama, but to be fair I have seen those other communities show toxic behaviour towards GOS just as much as the opposite. It feels like it is GOS vs "the others", because the others don't criticise each other, and GOS bluntly criticises when they see claims they find are wrong (I have seen claims by /e/OS going from misleading to downright wrong). On my particular phone, after 5 years with /e/OS, the Fairphone updates were outdated by 4 years. In terms of security I would have been better with the Stock Android. It depends on the phone of course, because /e/OS tends to claim that they support everything and they just can't. Even on a phone that /e/OS supports well, GrapheneOS is superior, period. But I agree, I could do without all the drama. I guess my point is that it goes both ways. | | |
| ▲ | lejalv 2 hours ago | parent [-] | | /e/OS/ was bad with updates for a long time (I had to switch 2022). IodéOS is very good at it, in my experience (I have used all three) | | |
| ▲ | palata 2 hours ago | parent [-] | | > /e/OS/ was bad with updates for a long time (I had to switch 2022). In my case, it was a few months ago, so end of 2025. I think it's just that they can't possibly support thousands of Android devices. I just don't like that they are not being very clear about it. You would think that buying a phone through Murena would guarantee some kind of support, but it actually doesn't. |
|
|
|
|
| ▲ | lawn 3 hours ago | parent | prev [-] |
| Read this: https://eylenburg.github.io/android_comparison.htm In short, GrapheneOS is vastly superior. |
