Every now and then I go down the rabbit hole of Internet privacy. I comb through Prism Break looking for safer alternatives to software that I use. I watch videos by Rob Braxman and The Linux Experiment (skip to 11:30 in that video). Then I come up for air and get some perspective. I'm not concerned that anyone is tracking me personally; I just don't want to participate in the surveillance oligarchy any more than I have to, and it's fun in a geeky way to try to subvert that system when I can.
In early 2019 I got fed up with Apple and switched to doing all my computer work on Ubuntu Linux. It's not for everyone, but it suits me well, and I got to thinking about whether I could do the same with my smartphone. When I found out about the PinePhone, I snapped one up: an entirely open-source phone that can also operate as a desktop computer for just $200? Yes, please! And I had a great time trying out different varieties of Linux on it before settling on Mobian ... and then using it as a glorified media player. It's frankly not good for much else in my daily life because it's so underpowered, and the mobile software isn't quite where it needs to be yet. But it plays audio just great, and if I need to download more podcasts to listen to, I can turn on the wi-fi or pop in a SIM card and download more directly to the device.
While I was waiting for the PinePhone to arrive from Hong Kong, I found out about the e Foundation and their fork of Android, called /e/OS, that runs on dozens of smartphone models. It doesn't (yet) run on the poor underpowered PinePhone, but there's a similar product called Teracube 2e that you can buy with /e/OS already installed. Unfortunately, the reviews for the Teracube are in agreement that, while its 4-year warranty is a nice idea, no one will want to still be using it in four years, because it is already obsolete!
So after sitting with my options for a while, I decided to buy a Pixel 4a, since Jessie was happy with hers, and install /e/OS on it. It arrived on Friday evening, and by noon Saturday I had it brainwashed (deprogrammed?) and freed of Google's influence. The instructions are very detailed but not difficult to follow. I quickly confirmed that, unlike the PinePhone, the Pixel with /e/OS would work just fine as a "daily driver," even though it's currently only able to run the dev release (not beta or stable).
Now, I just want to clarify, /e/OS is is still Android. It really wants to spy on you. If you give in to its persistent offers to leave apps and sites running in the background and tell them your location and let them give you push notifications and log into everything with your Google account, you will not have much more privacy with /e/OS than you would with Android. The difference is, with /e/OS you have the option to say no! Without further ado, here are my findings:
Stuff that just works
- /e/OS is built on Android's open-source foundation, so setting up the Pixel in /e/OS felt just like setting up a new Android 11 smartphone. The main difference was that I wasn't offered the option of importing all my data from my old phone, which led to a lot more manual setup.
- Instead of logging into the phone with a Gmail account, you log in with a free e.email account, which gets you access to ecloud.global, which is a branded Nextcloud. This one login automatically configures the suite of Mail, Contacts, Calendar, Tasks, Files, Notes, and Photos apps that come with the phone. Of course, if you weren't using the ecloud account before, you won't have any data there, but at least you don't have to configure the apps individually.
- Other account logins are managed centrally in the device settings, a neat trick I haven't seen in older versions of Android. This means that if you do log into your Gmail account with an app (as I wound up doing - see below), any other Google apps should automatically recognize that they are logged in. (I found this was the case for Photos, but not for Gmail.) Same goes for Facebook/Messenger, etc. And if you decide you want to log out of accounts you're not using, you can just go down the list and log out of them in bulk, rather than having to log out of each app individually.
- The Apps store superficially works just like Play Store to let you easily install and update apps. Most of the apps I use are available, and installing them was easy. More on that below.
- If you download a Google app from the Apps store, it communicates with a VPN-type service called microG instead of with Google directly. This means you can get the data you need from Maps, Docs, etc. without sending Google other data they don't need.
- The Contacts app works just like Google Contacts, but because it uses different storage, you have to export your Google Contacts to a .vcf file (which can be done in a browser) and import them in the app. This takes all of about 30 seconds.
- The Music app is much better than the YT Music app that Android forced upon us last year. Good riddance to that.
Stuff that takes getting used to
- The "launcher," that is, the app that you get when you press the Home button and that lets you open other apps, is normally customized for Android by each phone manufacturer and so is not available in /e/OS. Instead there's an open-source launcher called Bliss that's designed to feel like iOS. It's OK. I'm not dissatisfied enough to install a different launcher.
- The first few times I tried to access files I'd put in my Nextcloud storage, I couldn't find them, and that turned out to be because the Files app presents the cloud filesystem as the phone's local filesystem! The Documents folder in the Files app is the ecloud Documents folder, and they synchronize over wi-fi. If you log into Google, your Drive also appears in the filesystem as it would in Android.
- The Message app does not appear to support Google's souped-up text message protocol, let alone Apple's, so it's just plain old SMS/MMS, which means you can't tell when your correspondent is typing or when they've read your messages. I may wind up using Signal instead.
- Android's built-in two-factor authentication is not available in /e/OS, so if you want to log into a Google account that has that feature enabled, it will try to contact your old phone. If you don't have access to your old phone, you'll need to fall back on other methods like SMS or email.
- The Apps store reportedly has about 80% of the apps available in the Play Store, plus the contents of F-Droid. Unfortunately it doesn't allow you to sort search results by popularity, which means that an unsigned F-Droid release may appear above the signed official release, or that 30 variations of a Burmese app that differ only by color scheme may appear above an English language app with millions of users. This should be a simple fix, and I expect it will be fixed soon. The best thing about the Apps store is that in addition to user ratings, it shows a privacy rating based on automated testing. I was surprised by some apps' very high privacy ratings (including some Google apps, since the versions in the store only communicate with microG and not with third parties) and other apps' very low ones.
- I didn't find any way to export my Google Tasks, so I had to manually enter them into the Tasks app. The Tasks app is pretty nice, but it doesn't integrate with the Calendar app as well as Google Tasks integrate with Google Calendar, and in any case I have to keep using Google Calendar for work, so I won't be using the Calendar app.
Apps that I had to replace
- The keyboard that comes with /e/OS is undoubtedly more private than Gboard, but it's also much less useful. It has no emojis, no ability to type in other languages, and no voice-to-text. There are a lot of third-party keyboards available, but most of them have terrible privacy ratings! I wound up just installing Gboard.
- Similarly, the Maps app that comes with /e/OS is just awful. Everything about it is wrong. It fails at doing what it claims to do. I gave up and installed Google Maps, because I need a navigator I can trust.
- The Camera app that comes with the OS doesn't begin to support all the features of the Pixel's excellent cameras. I mostly just take snapshots, so I don't much care, but Jessie wouldn't rest until I installed a better camera app.
Apps that I will run in a browser instead
- The Outlook app has a terrible privacy rating. Just terrible. One of my clients uses Office365, but I can just use it in a browser, so there's no need to install Outlook.
- Similarly, YouTube runs fine in a browser. I don't need the extra features that are in the app.
- In theory, the built-in Calendar app should synchronize with connected Google accounts, but in practice that hasn't worked for me -- maybe because I'm running the dev version of the OS. The Google Calendar app is not available in the Apps store. Thankfully it works OK in a browser in desktop mode, because all my coworkers use Google Calendars!
- The Target app is not available for /e/OS, but I can access the same info in a browser or use a physical card in stores. Same with the YNAB and Freshbooks accounting apps, and the apps for our doctors and insurance.
- The CVS Pharmacy app is available, but its privacy rating is so terrible I will use it in a browser instead! Same with CARFAX Car Care, Panera Bread, and SleepIQ.
Google apps I will continue using
- The Gmail app (via microG) has an excellent privacy rating. I would prefer to use my Gmail (which I use for work) over IMAP, but unfortunately the built-in Mail app does not support Oauth2 authentication, and neither does K-9 Mail, so I was unable to use them with my Gmail accounts.
- Similarly, Drive, Docs, and Sheets have good privacy ratings when used with microG, and I need them for work.
- As mentioned above, I'm using Google Maps and Gboard.
Apps I will just have to do without
- The uHoo app for our home air quality monitor has no browser equivalent and is not available for /e/OS. Same with SoilWeb and Sun Surveyor, which I use for my permaculture work, and WorshipWeb for my UUA work. I may just hold onto my Android phone so that I can use apps like this on the occasions when I need to.
- Amwell: Doctor Visits 24/7 is the telehealth app that our insurance uses. Its privacy rating is 0/10. Again, I may just hold onto the Android phone and only use it for things like this.
- Our local taxi company uses the zTrip app, but it doesn't work most of the time anyway and is not available for /e/OS, so if I need a taxi I will just call them.
Weird stuff I noticed
- Along with the generic apps ("Browser" 🤔) that came with the OS, there's one branded one: Google Fi. Now, the Pixel is one of the phone models that works with Fi, so I guess it makes logistical sense to include the app with the OS image for the Pixel rather than put it in the Apps store where people with incompatible phones might download it. But philosophically, why would you go to the trouble of installing an OS designed to bypass Google and then send all of your data through Google's servers? And because it's bundled with the OS, it can't be uninstalled by those of us who don't want it! Weird.
In case you're wondering what carrier I'm using now, it's Tello. The only downside to their service is that they have a huge dead spot over western Nebraska, so when we go there I'll get another SIM or use Jessie's phone!
All in all, I'm happy with my new phone and new OS, and I expect it will get better when there's a stable release for my phone! Or even a beta.