Murena and Android Patches: /e/OS Faces Scrutiny Over Security Lag and Corporate Ties
General Android security patches are a massive concern. Multiple accounts pointed out /e/OS lags significantly behind AOSP's security updates, marking it a major weakness.
The debate pits hardened security against absolute privacy. Some users demand GrapheneOS-level hardening, while others argue any OS supporting Fairphone hardware—like /e/OS or LineageOS—is an acceptable anti-duopoly stance. Conflict erupts over GrapheneOS's critiques, seen by some as necessary truth-telling and by others as smear tactics.
The raw take suggests /e/OS is caught between conflicting mandates. Concerns range from mandatory Google dependencies (FG_3479 citing DNS checks) to the core issue of slow patching (Neptr scoring it as inexcusable). The community is dividing between prioritizing maximal de-Googling and accepting a known, proprietary path forward.
Key Points
/e/OS is significantly behind on critical Android Security Bulletins.
Outlier user 'SatyrSack' detailed that the Fairphone 6 uses outdated components, confirming /e/OS is months behind required patches.
The necessity of remaining connected to Google services for basic functions.
FG_3479 argued /e/OS remains vulnerable because core functions like DNS checks and eSIM activation still rely on Google services.
Tracking risks outweigh theoretical zero-day exploits.
ExLisper asserted that monitoring analytics/telemetry is a greater, more immediate threat than undiscovered exploits, citing better control in iode.
The reliability of the 'best' non-Google option is questioned.
Anaeijon suggested /e/OS is functionally equivalent to LineageOS with MicroG preinstalled, favoring the established L/M/F-Droid route.
The project's internal processes might retain invasive tracking.
The 'Undertaker' warned that the Murena feature is proprietary and noted that the project itself uses tracking IDs during its update process.
Source Discussions (3)
This report was synthesized from the following Lemmy discussions, ranked by community score.