A look at /e/OS on tablet hardware

/e⁠/⁠OS is a privacy-centric, open-source mobile operating system that has primarily been targeted at mobile phones, with only a few community supported images available for tablet devices. In December, Murena—a company that sells devices with /⁠e⁠/⁠OS preinstalled—announced that /⁠e⁠/⁠OS now officially supports tablets as well, starting with the Pixel tablet. The user experience is close enough to mainstream alternatives to make it attractive, but there are some under-the-hood problems that may give users pause.

/⁠e⁠/⁠OS is a "deGoogled" fork of LineageOS and continues to pull patches from Android Open Source Project as well. It was originally "Eelo", inspired by moray eels, but it was renamed due to a conflict with a company called eelloo. It is produced by the e Foundation, a non-profit organization in the public interest under French law. The foundation was registered by Mandrake Linux founder Gaël Duval in 2018. Mandrake Linux later became Mandriva Linux due to trademark issues, suggesting that Duval might want to pick future names more carefully. Murena is a privately held "sister company" that has run crowdfunding campaigns to put /⁠e⁠/⁠OS devices into the market. It helps to fund the e Foundation, which also receives donations from individuals and other organizations.

The most recent release is version 2.8, a minor security and bug-fix release, announced on February 27. It is based on LineageOS 21, which is based on Android 14. It incorporates updates from LineageOS up to January 29 and the Android security patches available as of January 2025. The project seems to put out its minor updates on a monthly cadence, and is about a month behind on integrating security updates from Android. The most recent major LineageOS release is 22 from December 2024, based on Android 15. This means that /⁠e⁠/⁠OS lags behind its upstreams by a fair amount for security updates, and won't be the best choice for users who want to get the newest Android features quickly.

/⁠e⁠/⁠OS also includes the microG project, which is an open-source implementation of proprietary Android apps and libraries. It replaces Google Play Services, and users do not need to authenticate with Google or even have a Google account.

Getting /⁠e⁠/⁠OS

Murena sent me a loaner Pixel tablet with /⁠e⁠/⁠OS for testing. Buying a device with /e/OS preinstalled is the easiest way to get started, but it is also possible to install it on a tablet one already owns. The project offers a graphical installer that works from Linux, macOS, and Windows. That project is in the process of being deprecated in favor of the web installer, which requires a Chromium-based browser with WebUSB support (it recommends Chrome, Edge, or Opera) to perform the installation.

The devices page has a searchable list of phones, tablets, and other hardware that have /⁠e⁠/⁠OS support. The page explains that there are three types of builds: official, community, and unofficial, but those names are a bit confusing. The documentation explains that official images are what one would expect: fully tested builds that are created on /e/OS build infrastructure and signed with /e/OS official keys. The community builds are also built and signed by /e/OS, and they are tested, but may be released even if they have critical bugs. The unofficial builds may be built on /e/OS infrastructure or by users, and they are not signed by /e/OS. The maintainer of the build may not even own the device that the build targets. The foundation does not provide over-the-air (OTA) update support for unofficial builds.

The graphical install method only supports 21 devices, currently. The FAQ describes how to get a list of devices that the installer will work with. If the target device isn't one of the lucky 21, all is not lost. There is also a command-line installer that supports more than 200 devices, although only a handful of the devices have "official" support.

Using /⁠e⁠/⁠OS

At first glance, /⁠e⁠/⁠OS looks (at least to my eyes) more like iOS than Android. The icons for its default apps bear a strong resemblance to those on iOS, and the default home screen layout is iOS-ish as well. But, aside from a bit of a paint job, the user experience is much more like Android—if one got rid of all the Google apps and services, that is. It only provides a handful of default apps for basic activities such as browsing the web, email, task management, calendaring, and contact management. These, optionally, can integrate with Murena Workspace, which is a replacement for Google Workspace based on Nextcloud and ONLYOFFICE. A Workspace account is free and includes 1GB of storage, though paid accounts with more storage are available. It is, at least in theory, possible to self-host the services offered by Murena. There is somewhat dated documentation for doing this on their GitLab instance.

Murena's services have had some growing pains due to an increasing number of active users in the past few years. The service suffered an outage in October that affected its storage, email, calendaring, its app store service, and OTA updates. Services were not fully restored until early March.

The stock mail app (just called "Mail") is forked from K-9 Mail. If a user is signed into a Murena account, the mail client is automatically configured with the right settings for Murena mail—but it can also be set up for third-party servers with support for IMAP or POP3. Since K-9 development will be coming to a close now that Thunderbird for Android has been released, one might wonder what the future holds for the /⁠e⁠/⁠OS mail client. There is a development branch that seems to be transitioning to Thunderbird for a future release.

Cromite is the default browser. It is a Chromium-based browser that limits or disables tracking features. Cromite is forked from Bromite, which was a browser for Android which seems to have stopped or stalled development, with the last release published in December 2022. Cromite seems usable enough, but I wound up installing Firefox after a few days of tinkering with it—not because using Cromite was a bad experience, but because I prefer Firefox and wanted to ensure that third-party apps ran properly on /⁠e⁠/⁠OS. So far, I haven't encountered any problems or noticed any difference from running Firefox on a stock Android device.

It is refreshing to have a device that is almost a clean slate, rather than being stuffed with unnecessary default apps and vendorware. My Motorola phone, for example, included more than 20 Google apps and a handful of Motorola's apps as well, most of which I have never needed or wanted to use. Leaving aside any considerations about whether these apps invade my privacy, they also take up precious space on a device with limited storage.

This leaves users more room to install whatever apps they see fit, using the App Lounge. It offers three sources of apps, Google's Play Store catalog, the F-Droid repositories of open-source Android apps, and a set of progressive web apps (PWAs) which are apps delivered as an installable web application rather than native Android apps. (See this article for a history of PWAs, and findPWA for a directory of popular PWAs.) The App Lounge is an open-source app, available under the GPLv3, and its source is available on the e Foundation's GitLab instance. The Lounge allows installing apps from Google's Play Store catalog with, or without, signing in.

Applications from F-Droid and PWAs are pulled from the CleanAPK repository rather than directly sourced from F-Droid or the provider of the PWA. CleanAPK mirrors applications and analyzes them with Exodus privacy software. The Exodus report is available via the App Lounge, which provides a detailed report on the permissions an app uses, as well as any trackers found in the app. For example, the report for Firefox finds three trackers and 32 permissions. The privacy report is a nice feature, but there are concerns about the use of CleanAPK, including the possibility that using it as an intermediary might allow spoofed apps to be installed on user devices. An analysis by "nervuri" last updated in March 2023 pointed out that the App Lounge does not verify that links to PWAs are correct. "CleanAPK can easily change any of these links and serve spoofed PWAs."

A number of the concerns raised by the analysis have since been addressed. However, in March 2022 Duval wrote that use of CleanAPK would be "totally abandoned this year". To date, it is still in use.

Aside from security concerns, I found the App Lounge to be slow and a bit buggy. It takes a few seconds to refresh and redraw all of the icons for the apps in its catalog. When searching for an application, it would often simply redo the last search rather than delivering results for a new search term. That is, if I searched for "Firefox" in the app and then performed a new search for "Netflix", it would deliver the same search for Firefox. Some work is needed to make this a better experience. It also could use some better curation; the Lounge's front page pulls categories like "top grossing apps" directly from Google's Play Store, instead of recommending apps that would be more suitable for users concerned with privacy or apps that are free software.

Stock Android devices have swipe or gesture typing: instead of having to tap each letter individually, the user can input text by running their finger over the word's letters on the virtual keyboard and get the right word. Usually, anyway. Sometimes the results are comically bad and one has to type the word out letter-by-letter. But, as a general rule, swipe typing is much faster and much less annoying. The /⁠e⁠/⁠OS virtual keyboard, unfortunately, does not have this feature. After using swipe typing for years, going back to bashing keys one at a time on a virtual keyboard is a regression in usability. Of course, there are options: users can install third-party keyboards, but the options are non-free and not privacy-friendly.

Gripes aside, I did find /⁠e⁠/⁠OS to be a usable Android alternative. The apps I use on other Android devices have worked just fine on /⁠e⁠/⁠OS, and it's good to have a device that doesn't require a sign-in or relationship with Google or Apple.

The hardware

The Murena tablet is a stock Google Pixel device with /⁠e⁠/⁠OS loaded in place of Android. In fact, the device really wants the user to know that it has been deGoogled. At each startup, it displays console text output in one corner of the screen to warn that it is booting into a different operating system. There is no way to get rid of that alert according to my contact at Murena.

The screen is a 10.95-inch display with 2560x1600 resolution (276 pixels per inch). It is crisp and clear, and the size works well for reading emails in Thunderbird, watching videos, reading ebooks, and other tasks. It works less well for doing those things while holding the tablet with just one hand, though. A tablet the size of the much-loved, but discontinued, Nexus 7 tablet would be even better. The Pixel has 8GB RAM and 128GB storage. (There is a 256GB storage model as well.) The Pixel has a decent feel to it—it's not heavy, but it has enough heft that it doesn't feel like a low-end toy.

Around the house, I mostly use a tablet for web browsing, skimming email lists, and reading ebooks. If I want to watch a movie or TV show, I have a perfectly decent television for that. But, if I'm traveling, then a tablet is my primary entertainment center. The Pixel, with /e/OS, is a pretty good device for that use case.

The music app with /e/OS is plain but usable, and it supports a decent range of formats such as MP3, AAC, and FLAC. It is not tied to any music service, so users have to bring their own music collection—which suits me fine. I loaded some of my music collection onto the tablet to road test the default music app and evaluate the speakers using a variety of music formats and genres. While I'm not an audiophile, I've sampled speakers on a wide variety of laptops and tablets over the past few decades and have suffered my share of tinny, subpar speakers. The Pixel's speakers, happily, are not in that category. They sound good and loud at about 70% volume, with respectable midrange and bass. Obviously, I'd use headphones instead of the speakers while on a plane or other public transport. The bad news here is that, like many devices today, the Pixel doesn't sport a headphone jack. Users have the options of connecting headphones via Bluetooth or buying a USB-C adapter for wired headphones.

/⁠e⁠/⁠OS, as one might expect, is not quite as polished a user experience as Android or iOS/iPadOS—but it's a good enough user experience that I wouldn't mind using it long-term. However, the speed of security updates and development in general gives me pause.

Maintaining a mobile operating system, several applications, and services is a big task. It seems that Murena and the e Foundation are a bit understaffed to support such an ecosystem. That is a bit of a chicken-and-egg problem, though. There is a need to attract more users, customers, and contributors to meet the challenge of becoming a fully sustainable ecosystem. But until /⁠e⁠/⁠OS is clearly a sustainable ecosystem, it's difficult to give a strong recommendation to jump in. Ultimately, I do hope for /⁠e⁠/⁠OS to succeed because we need privacy-conscious alternatives for mobile devices.