this post was submitted on 25 Feb 2026

64 points (97.1% liked)

Privacy

47307 readers

607 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

Graphene vs /e/ os (lemmy.world)

submitted 3 weeks ago by MostRegularPeople@lemmy.world to c/privacy@lemmy.ml

83 comments fedilink hide all child comments

A question as old as time, I know.

I'm getting away from Google and I've done the easy stuff: CoMaps, Proton mail (I know, not the best move), aveslibre, etc. I currently don't have the time (or the knowledge base) to learn how to self host, but hopefully that will replace Drive and such in the future.

But I digress. I'm looking at a new OS for my phone. I'm currently in a contract with a phone that is incompatible with alternative OSs. Graphene needs a Pixel. Used, they're $150-400. /e/OS will run on a Motorola or whatever and those are like $80.

There's also the option of going full Fairphone with /e/os and I like that idea in the future.

The internet people tell me that Graphene is the best due to ease of installation, privacy, and security.

I don't need a lot of security. I just want Google to stop suckling all that sweet, sweet data from my teat.

What are your thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] MostRegularPeople@lemmy.world 18 points 3 weeks ago (1 children)

Thank you for detailing in one paragraph what I was unable to understand after reading articles about it all last evening.

[–] skarn@discuss.tchncs.de 15 points 3 weeks ago* (last edited 3 weeks ago) (4 children)

It is also largely questionable.

/e/OS has MicroG, and that runs as a system service. You can disable most of it, and if you're not using any App that needs Google services, I doubt it really does much.

It is possible to use Graphene without using any Google at all. However... Doing so will break almost every app out there. Anything that needs push notifications, AndroidAuto, a thousands more things. So you end up using Graphene with Sandboxed Google services.

And we get into the debate. Is it better to take the official Google Play Services, which we all consider malicious, and run it in a sandbox, or take an open source private, and trusted implementation (MicroG) and run it as a system service?

It is at the very least largely debatable.

[–] ScoffingLizard@lemmy.dbzer0.com 5 points 3 weeks ago

You can delete MicroG with Android Debloater. You will not be able to do most transactions afterwards.

[–] eleitl@lemmy.zip 5 points 3 weeks ago (2 children)

It is best to run GOS or Lineage OS completely Google-free.

[–] skarn@discuss.tchncs.de 6 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

It is best from many points of view but, as far as I understand, this community is about providing knowledge and tools, and leaving it up to the individual users to asses their threat modeling and determine the extent of the acceptable compromise?

Edit: in every use of connected technologies there are privacy trade-offs, and privacy may not be the only concern on a user's plate.

The Fairphone mentioned in the opening has the more ethical production and spare parts support, that can be a concern for many users. Ultimately it's for them to decide. Maybe we bore them and they just get a third hand iPhone, which is still largely a privacy improvement over stock Android.

[–] eleitl@lemmy.zip 3 points 3 weeks ago (1 children)

"Best" only in the context of this thread.

[–] skarn@discuss.tchncs.de 4 points 3 weeks ago

If it's only about degoogling, they can very well use /e/OS and remove the network permission from microG. Yes, it's possible.

[–] voxel@feddit.uk 2 points 1 week ago (1 children)

LineageOS is not "Google-free". The OS still connects to various Google services by default, even without Google Play Services installed.

https://lineageos.org/ https://www.kuketz-blog.de/lineageos-weder-sicher-noch-datenschutzfreundlich-custom-roms-teil4/

[–] eleitl@lemmy.zip 0 points 1 week ago (1 children)

Obviously Graphene OS is the current gold standard for privacy, but you can run a Lineage OS device without Google Play Services, with only free/libre software installation sources, and without the telemetry for those users who can't or won't use current GOS. This is obviously a considerable improvement over a Chinese or other commercial manufacturer.

But, yes, if you can run GOS rather than LOS, you should.

[–] voxel@feddit.uk 1 points 1 week ago (1 children)

This pretty much not adressing what I said at all. I use LineageOS myself and it's miles better than the Stock Operating Systems of most if not all devices they support. But we shouldn't mislead people, LineageOS is not fully "degoogled" and uses some Google services, even without the Google Play Services installed.

[–] eleitl@lemmy.zip 1 points 1 week ago (1 children)

You're engaging in a strawman. Privacy is not a boolean choice, there are degrees. Making a few connections to some Google servers is not the same as having stock Android.

[–] voxel@feddit.uk 1 points 1 week ago

You seem to be unable to understand simple English, so I'll end the conversation here.

[–] willington@lemmy.dbzer0.com 4 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Thanks for explaining all that.

I don't like being fed conclusions even if in the end I will agree with those conclusions. I need to know all the relevant thinking for the topics with elevated importance to me.

Maybe I can afford a mental shortcut on a topic of little consecuence, or if I have an overwhelmingly good personal relationship and have outsourced 60% of important thinking to this hugely trustworthy person (then I will be in deep shit should something happen to my relationship with that person, not good).

I won't say I do all my own thinking for myself, but I try. So thank you again for explaining.

[–] skarn@discuss.tchncs.de 2 points 2 weeks ago

Thank you for reading that, and for supporting the idea that these topics are worth discussing about, and different people can reach different conclusions.

Also notice a couple more useful posts in the responses to my post, courtesy of a users who decided to verbally disagree instead of just downvoting.

[–] skyline2@lemmy.dbzer0.com 4 points 3 weeks ago (1 children)

From the official GrapheneOS response to exactly this same debate, it seems that the issue is MicroG's reliance on having signature spoofing enabled. Which is a security hole that can be exploited by anyone, not just MicroG, as it allows anything to masquerade as Google Play Services to an app that wants to use it.

https://discuss.grapheneos.org/d/4290-sandboxed-microg/11

Yes, Google Play Services is closed source and contains functionality that would be considered "spying on the user", and "malicious". But that is the same for any closed source app; you can't prove it isn't trying to spy on you or compromise your device. What you can do is rely on the App sandboxing and fine grained permissions control that GrapheneOS allows to disable such functionality if it exists.

Of course, if even having a closed source app on your device is too much, then honestly you wouldn't even be using MicroG as you wouldn't want any apps using Google's proprietary libraries for accessing Firebase or other proprietary services anyways...

So, GrapheneOS offers the most sane approach in my opinion, without opening any security holes. By default the entire OS (not talking about pixel firmware blobs, just the os and kernel drivers) are open source and you can use only open source Apps via Fdroid, Accrescent, direct with Obtainium, etc. But for the average user enabling sandboxed Google play and managing its permissions is the best compromise between security and privacy.

[–] skarn@discuss.tchncs.de 2 points 2 weeks ago (1 children)

Being open source is not the only benefit of MicroG. It massages some (many) of the queries, removing as many bits of identifying information as possible. It lets you replace Google Location services with BeaconDB. And some other stuff.

These are all privacy wins. Practical ways to maintain as much of the functionality as possible, as much of the convenience, while minimizing the amount of information that is sent to Google (among others).

They come with a compromise in security. So this comes down to threat modeling. To use the naming from privacyguides.org, is your model includes "surveillance capitalism" but not "targeted attacks" then MicroG might even be better.

e/OS, while far from perfect, also adds a feature that blocks requests from tracking services using a blocklist. You can get that in 50 other ways, but this one does not drain my battery at 3x the speed, so I like it.

I do not claim that /e/OS is "better" than GrapheneOS, just that other ROMs can be a very good choice, depending of the user.

There is a reason why GrapheneOS is the golden standard, and if I were a journalist or activist in many parts of the world I would definitely stick to that and only that.

But that is why threat modeling exists. My threat model allows me a little more latitude, so I am not restricted to buying Pixels in an era when Google seems to be slowly undermining GrapheneOS, and I can choose a different manufacturer with better ethics. Among other things.

[–] skyline2@lemmy.dbzer0.com 1 points 2 weeks ago (1 children)

Of course, no question that with threat modeling you can arrive at /e/OS being an acceptable choice. However threat modeling is difficult and the devil is in the details, which is why I'm responding (mostly for the benefit of other readers of this thread) to provide the GrapheneOS side of things and avoid the impression that /e/OS offers unique or generally superior features in the areas we are discussing.

Here is GrapheneOS's network location implementation details. https://grapheneos.org/features#network-location

[–] skarn@discuss.tchncs.de 1 points 2 weeks ago

First a technical thing which is not obvious to me.

I understand that the general, non-proprietary Android system service would uses a privacy preserving service like BeaconDB. From what I understand, Google offers an alternative, proprietary, location API in its Play Services. Is that one also prevented from giving your location to Google of you're using Sandboxed Google Play?

It's an honest question. I assumed that the provider option I had in MicroG was exactly for that purpose, but I could be wrong.

Next, a small rant.

Bloody hell, I really do appreciate your politeness, but how is it that every damn article about privacy starts with threat modeling, but every discussion about privacy ends with "yeah but if your threat model does not require QubesOS you're doing it wrong"?

(I use Arch BTW)