Daily driving /e/OS on CMF Nothing 1 for months now https://murena.com/shop/smartphones/brand-new/murena-cmf-phone-1/ with 0 tinkering, just bought it and didn’t stop since day 1.

Check my post history for more details (as I discussed a bit more about it just days ago) but basically if deGoogling is important to you (which I imagine since you are posting on the privacy community) then yes, it’s definitely the most pragmatic compromise if you genuinely need Android based apps.

Labor in a country with good unions?

Depends what you are looking for.

If you need a specific Android app that does not work on Waydroid, sure, go for GrapheneOS (or another deGoogled AOSP solution) but if you do no need that (and don’t mind carrying a rather larger phone with limited battery) then PmOS on PP is very interesting to explore.

Interesting times, pardon the pun.

Right, I was starting to think “Oh yeah and maybe I could fzf history…” then wait, I already do that reverse-i-search then edit. If I use that often enough, alias in ~/.bashrc or even function to make it composable.

IMHO it goes deeper than getting your biometrics, namely do you trust your government? If you do not … then finding “tricks”, technical or legal, will not help in the long run. You need a new government either by changing the one you have or if in feasible becoming citizen of one you do trust.

So… yes necessary “evil” but I’d argue the question is rather how to held the government holding your data accountable, not how to find ways not to have your government hold data. Your government having your data is precisely what let you legally exist and it’s hard to imagine, but maybe it’s just my own shortcomings, being able to exist in a legal system without identifying you as an individual. Note though that this is NOT the same as surveillance.

been running linux and bsd for 15 years, and now I’ve realized that my phone and the services I use have been a blind spot.

Exactly! Few months ago a friend was home and I was proudly showcasing my HomeAssistant on RPi, all ZigBee, no non-standards IoT, no vendor lock-in, SteamDeck to play on Linux, streaming videos with VLC on my video projector via miniDLNA, etc. He was impressed… then asked “Right, and what’s your phone?” to which I, quite ashamed, had to confess I was relying on an iPhone. It was secure, no Android, etc. On that day I thought “Ok… ok I got PinePhones, I got other gadgets but somehow this specific part of my digital life is wrong!” and thought I should try, even if it wouldn’t work, something else. I also wanted, due to geopolitics (sadly), a non American solution so checked https://volla.online/ which looked wonderful but too expensive for a test. Noticed Murena, French based, refurbished or even new phones but much lower price but still paying for service and I hope for /e/OS maintenance and voila, found a compromise that works for me for now!

S,T,U are build versions, where S and T are official and U is community. You can see a discussion on https://community.e.foundation/t/difference-between-e-os-builds/60585/7

It’s not about privacy per se but Tridactyl “A Vim-like interface for Firefox, inspired by Vimperator/Pentadactyl.” because, like Userscripts - Tampermonkey, you can basically redesign any website.

A basic privacy oriented solution I made was using autocmd https://tridactyl.xyz/build/static/docs/modules/_src_excmds_.html#autocmd to redirect YouTube content to my local https://github.com/user234683/youtube-local and that works even with embeds.

Ooh damn I didn’t know about that, nice. I see JShelter is NLNet funded, makes perfect sense.

Thanks for sharing, trying!

Wow! Brilliant! Unfortunately my local library is not in their catalogue. They do have a public catalog and even a way to get online books, also with search capabilities, so hopefully they can find a way to integrate. I submitted their data to the extension maintainers.

Please don’t hesitate to ask questions as they come. I’m not /e/OS expert but this was the last piece in my transition from proprietary tech and walled gardens, so I admit very glad I tried and happy with the result!

PS: maybe /eOS work with a phone you or a friend has, see https://doc.e.foundation/devices

As others suggested the backend is probably already installed on most computers but not setup, namely :

• ssh to manage passworldless across multiple computers (you need that for data to be safe)
• scp/rsync/rdiff-backup to actually copy the data thanks to ssh keys

One could imagine a dedicated user per machine that is for read-only of data (maybe after some encryption, limited to very specific directoriess) and another for storing only of data (with no access except to write on disk and with a maximum quota).

What this highlight though is that the centralized managed cloud model is challenging to replicate as purely p2p at home, namely backing up your phone to your desktop might be find but the other way around, probably not. Maybe even more challenging, what do you actually backup? I would argue your home directory but… clearly not your e.g. Steam games (humongous) or other backups or video files downloaded from the Web. So… probably a select set of directories in home then, but which ones? ~/Documents only? This specific part implies some decision from the end user.

Anyway I believe all the tools are there, but I think what most people lack is to view the result and for that maybe some equivalent of https://gitlab.com/ikus-soft/rdiffweb/ which shows when was the last backup done, how big it was, etc basically some form of visual to feel safe.

Finally to skip the CLI key management part the closest I know, for end users, is KDE Connect https://kdeconnect.kde.org/ which I discovered after building my own https://git.benetou.fr/utopiah/offline-octopus kind of equivalent, namely a way to use devices on LAN. Backup is not a default feature though but could be.

Ah, glad you asked because this is precisely what I highlighted to a friend yesterday : it works, even that!

I make online purchases, like train tickets here in Belgium on the go, with the phone, via the website of SNCB (the national railroad) or any most other commercial website basically. So yes at least some banking apps do work, as I can’t obviously confirm for ALL of them.

In practice you get App Lounge in anonymous mode, letting you download and install apps from the (proxied AFAICT) Play Store. So you do not need to login to any store yet can install apps beyond solely F-Droid. That being said the vast majority of Apps I use come from F-Droid or directly install the .apk via adb.

why not bc then?

better than bc ?

multiple Android versions outdated.

What’s the pragmatic consequence of that? Are the security risk actually that great because Android architecture isn’t that secure or rather isn’t there a smaller and smaller amount of hard to execute exploit anyway that yes being up to date is always more secure yet only marginally so?

I’m asking because I worry that always playing faster catch up with Google leave them in charge.

Bought /e/OS running CMF https://murena.com/shop/smartphones/brand-new/murena-cmf-phone-1/ few months ago, no frill, no tinkering, just works. Daily driver since I received it.

I do have more… specific phones, e.g. PinePhone and PinePhone Pro, but I never managed to use they as daily drivers.

That said, I’m only sharing this because it is “good enough” for me but you probably have different concerns than me. I’m not a political dissident, not a journalist, not a security researcher, just a random dude living in Western Europe.

I tend to find that identifying precisely what your threat model is facilitate pinpointing pragmatic options.

Ah! Isn’t it wonderful when we discuss to learn rather than be right? :D

44 %

Very interesting, thanks for sharing. That number is of course way too high. I won’t point fingers but… OK I will, I would argue, naively, that a lot of that frustration comes from corporate exploitation. I bet a lot of that comes from maintainer who noticed big number of downloads on CDN but no PR because somehow a paid for tool (so not blaming just BigTech here) relies on their work… and they don’t see a cent for it.

I doubt most people who have a quirky side project, say something about how to use Lego controllers for their model train on the weekends with kids, really mind. Sure they’d love to see a bit of money from it but whatever.

Anyway I’ll dig into that report a bit more, thanks for sharing!

FWIW I’m donating every month to CodeMirror author, donates to Vim, etc. I’m not saying they are wrong, nor right, solely that implying (but maybe I misunderstood the comment) that somehow open-source and getting paid are antagonist is IMHO damaging to FLOSS broadly.