{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreien3z3u7jew32jmw4vxyvjfxbim2sook4cbjezclgxoi3hnwvkece",
    "uri": "at://did:plc:q2k4ilmlzzrnoog5dccpqwor/app.bsky.feed.post/3mgosbzld5bm2"
  },
  "path": "/post/44269357",
  "publishedAt": "2026-03-10T00:17:33.000Z",
  "site": "https://lemmy.ml",
  "tags": [
    "Open Source",
    "FG_3479",
    "opensource",
    "17 comments"
  ],
  "textContent": "submitted by FG_3479 to opensource\n30 points | 17 comments\n\n/e/OS is not fully degoogled, as DNS connectivity checks, hardware attestation provisioning, and eSIM activation all go through Google.\n\nIt is often many weeks or months behind on security updates, especially in the WebView, which makes it easy to exploit.\n\nIt doesn’t support bootloader locking on many devices, and if you lock the bootloader on a phone that does support it, it could brick if /e/OS is on an older security patch than the stock ROM was.\n\nIt doesn’t use a lot of the hardening in GrapheneOS such as hardened_malloc which prevents memory corruption exploits, even if the hardware supports it.\n\nAnd finally, /e/OS’s text-to-speech sends what you say to OpenAI, despite local options being available.\n\nIf you want a properly secure Android phone, the best option is GrapheneOS, however it only supports Pixel phones and future Motarola phones due to its high security requirements.\n\nIf you can’t get a Pixel then iOS in lockdown mode is the next best option, however if you can’t replace your phone, LineageOS is much worse than Graphene although it is still much better than /e/.",
  "title": "/e/OS is not a secure OS"
}