Portal 2 is THE highest rated game on Steam.
Doom or Tetris were probably the most influential ones?
Portal 2 is THE highest rated game on Steam.
Doom or Tetris were probably the most influential ones?
Personal experience - I used some late version of Plasma 5.2x on desktop and now Plasma 6.x of course (always Wayland, generally always the latest stable version available), and Gnome (always Wayland, always the latest stable version) on my work notebook. I’ve never experienced any “serious” bug on Gnome, but I have experienced multiple on Plasma over that time period. I think the most “serious” bug I’ve had on Gnome was that the cursor was flipped upside down for a while until they fixed that (some time ago). While the most serious bug in KDE were multiple crashes in plasmashell since Plasma 6.x. (Meaning all your open apps got closed, I’d say that’s pretty serious for a bug). Another smaller bug, very recently, was that virtual desktops in KDE Plasma were named wrong and when I renamed them they didn’t get saved so it reverts to the wrong names (e.g. “Desktop 1”, “Desktop 3”, “Desktop 4”, “Desktop 4”). But it seems they fixed that with the latest update as well.
Which is also why I’d like to keep it that way, Gnome for work and KDE where it’s not super important if plasmashell crashes or does some weird thing every once in a while. I think KDE is more prone to bugs because it’s simply more complex than Gnome. Gnome is quite minimalistic and doesn’t offer lots of features, KDE is a powerhouse desktop with literally tons of features, dwarfing probably every other desktop environment, at least in the available options for which a GUI exists to set them. Also, Gnome doesn’t support many advanced features like HDR (yet), while Plasma does. So the complexity in having all that stuff means Plasma must be more prone to bugs.
So I view KDE Plasma as “slightly more buggy” than Gnome, still. Especially for dot-zero releases. But the KDE devs are also improving it all the time, so it might become more stable soon. But still, for personal use, KDE Plasma is “stable enough” despite those mentioned bugs, some of which were also fixed in the meantime. For example I didn’t have any more plasmashell crashes since they said that they fixed those causes. Which is why I’m using KDE Plasma 6.x for my personal machines. I like it more than Gnome, but when I want “100%” reliability for a DE, I’m still using Gnome. The main thing I dislike about Gnome isn’t actually its UI or design philosophy or even the limited GUI-based options it offers, but rather its philosophy regarding standards or compliance or making interoperability easier. The Gnome devs often do their own thing and don’t play that nice with others.
Using it since many years on many Pixels and loving it.
Main pros: zero bloat, efficient, highly secure and highly private (about as private and secure as it can get on any smartphone), and it’s an Android without any of Android’s typical weaknesses (privacy issues, bloat, etc.). You get to utilize the advantages of Google (its security) and completely avoid the disadvantages (its many privacy issues). You get to use all the advantages of an Android mobile OS while completely avoiding all of its disadvantages. It’s like getting your cake and eating it too. You’re much better off in terms of security and privacy than almost(?) all other smartphone users. According to leaked documents, Cellebrite for example can’t crack GrapheneOS on Pixels at all. They can crack almost any other smartphone if they have physical access to it. Most smartphones are really easy for them to crack. iPhones may pose some trouble depending on model/OS. And Graphene on Pixel is the literal brick wall. And even on top of that it has tons of great security features, like auto-reboot after X hours of inactivity, charge-only-mode for USB-C when locked, distress/duress PIN entry to immediately wipe the phone, many things like that. On the privacy side it’s looking great as well: Some folks have analyzed Graphene’s network traffic and there’s zero privacy issues from the OS or its built-in apps. And the few connections it does make (for updates and so on) are all documented and work exactly like they documented them, and they only transmit the exact least amount of necessary data without anything beyond that (guess what - that’s super rare). And on top of that there’s even more great privacy features, some of which are invisible but well thought-out, for example any SUPL request goes through a Graphene proxy server first (configurable) which strips all personally-identifiable data from the request and then redirects it to your provider’s SUPL server (which is most likely Google’s SUPL server in the end). I’m seriously impressed by the quality of the GrapheneOS project. Maybe you don’t realize how good and rare such things are nowadays. Also the documentation is very good and actually answers most of your questions and doesn’t contain any marketing blurb. The social media feeds and forums are a great source of info as well. On top of all that it’s even easy to install GrapheneOS.
Main cons: it’s only available on Google Pixel phones, so if you truly despise Google and don’t want to buy or use anything from them, it’s not the right device/OS for you (or maybe buy it used?). However, the reason GrapheneOS is on Pixel is purely a technical one: Pixels do offer very high hardware based security already (probably the most, although iPhones have good hardware-based security as well. As is known, Apple tends to be produce good quality hardware, not quite so good software) as well as a very high degree of “platform neutrality”, i.e. it’s supported by Google to flash a different OS on it or use more advanced tools like adb without any sort of tinkering or unnecessary danger involved. Also you don’t have to register to unlock your phone or anything, you only need to be online once to enable the OEM unlocking feature (I think this is because Google needs your IMEI to check whether the phone is carrier-locked (cannot ever be OEM unlocked) or can be unlocked, and they will immediately receive some device data including the IMEI as soon as you go online with the preinstalled Android OS once [of course they will receive some more device data than just the IMEI]), so it’s best to not insert your SIM yet (and not do anything with the preinstalled OS) before you’ve installed GrapheneOS on your new Pixel. Do the OEM unlocking step on WiFi only, best on a public WiFi so Google has much less of a chance to identify you based on your IP or related data. Then install Graphene, then insert your SIM and start using your new phone. Other cons exist but they’re rare or pretty much irrelevant in daily use. If you have to hear them, read an older post by me about some potential downsides: https://discuss.tchncs.de/post/19867254/12069767
It depends. It’s viable if you just need a phone with several open source applications (non-Android) and are fine with that. But if you need Android app compatibility it’s probably going to be harder or more inconvenient to do, though I haven’t checked the status in recent time. And then there’s this evil thing called Google Play Integrity (essentially DRM restricting which apps can run on which OS) which is a problem even for non-proprietary Androids, so you probably won’t have any chance if you’re dependent on such an app (thankfully it’s rare but as we all know stupid ideas tend to become annoyingly popular).
Main problem, as usual, is that Android and iOS have become such big and popular “platforms” for mobile apps that establishing a “third” platform for app developers is basically impossible (also remember what happened to Windows Phone OS, they were late to the market and failed spectacularly to catch up. Of course in this case it’s open source so it can grow regardless of user numbers, but still, it’s hard to catch up when lots of great Android apps were already developed specifically for Android). So you can only hope that Android app compatibility grows mature enough to be close to 100% compatible, so that you can also run almost all Android apps on your mainline Linux mobile OS. Then you’re not “limited” anymore. (At least if you consider it “limited” when you can’t run Android apps. Which most probably consider to be “limited”).
So I think it’s less about the hardware and OS/UI (I think they work fine these days) and more about the available apps.
[My main daily driver phone is a GrapheneOS (Android) and I have a Pinephone with Linux for playing around in WiFi at home only]
Use Matrix or any good messenger like Signal or Threema for daily communication with friends.
If you want to see a good table of messenger recommendations, see https://www.messenger-matrix.de/messenger-matrix-en.html
E-Mail is not a suitable replacement because it lacks end-to-end encryption (unless you and your friends use PGP or S/MIME for that but since that’s rare and slightly too complicated for the common user to use, I’ll just assume that you don’t). While mails are usually encrypted during transport, they lie in plain text format at their destination servers. Depending on which e-mail host you or your friends use, that means the whole content of your e-mail might be scanned and analyzed automatically. Especially if you or your friends use privacy-disrespecting mail hosts like any big commercial one or Gmail or Outlook or what have you. Then your communication via unencrypted mail to or from that person isn’t private.
Just FYI I installed the apk from the github repo (not the google play version) via Obtainium a few days ago and it tried to make a connection to 2 cloudflare IPs during setup of my account. Without prior consent or any mention. So just be aware that there is still some form of telemetry or unwanted connections happening, even though they removed the telemetry flowing to Mozilla’s own telemetry endpoint. K-9 had zero of this, it just spoke with your mail servers and that was it. So be careful and block outgoing app connections by default. I did not analyze the data being sent, just that there were those 2 unwanted connectiins happening.
Don’t use Onedrive, Dropbox or Google Drive (all privacy nightmares). Instead:
Furthermore, accessing Onedrive from Linux might be painfully inconvenient because there’s no official proprietary client for it by MS. There are 3rd party clients but I’m not sure how good they are, also MS could at any point change their API or even block unofficial clients, rendering your unofficial client useless at least for a time period.
It’s not the game everyone hoped to be but it’s very good when including the expansion Phantom Liberty. You should give that one a try. It’s probably the best expansion CDPR has made so far, or at least on par with W3 Blood & Wine (I’m still not sure, but I have to give credit for their huge effort with Phantom Liberty). It (alongside the 2.x patches) was CDPRs genuine effort to save the game and their reputation, and I think they succeeded. The base game without the expansion can get very boring in the second half of the game which is why I consider PL to be mandatory. A good time to start Phantom Liberty is just before going to Embers to meet Hanako. If you haven’t played it for a long time, you should play it again with PL, it’s really well made.
I’ll do a (simplified) Windows analogy, if you’re already familiar with Windows.
Microsoft Windows is closed-source/proprietary, which means only Microsoft has the source code for it, and only Microsoft is legally allowed to create or distribute copies of Windows. “Windows 11” for example is a “distribution” of Windows containing the “Windows NT kernel” (core of the OS) alongside other important software to make the OS usable, like a boot loader, service layer, graphical interface, desktop environment, and lots of included “system” applications like a file explorer, a web browser, apps to adjust settings, apps to display menus and task bars, and so on.
“Linux” by itself is just the kernel, the core of the OS. Which is by itself not a “usable” operating system yet, just like holding a CPU in your hand doesn’t allow you to use it yet. More components are needed for that. Since Linux is open source and under a permissive license, anyone (even you) can go ahead and create an operating system made with the Linux kernel. If you do that, this is called a distribution or “distro” of Linux. Since there’s not just one company allowed to do that, many distributions exist. They all made their own operating system on top of the Linux kernel. Even though hundreds of distros exist, only a handful of them are actually popular, stable, secure and recommended for general use. They all use similar, but sometimes different software to include in the distribution. Like the Linux kernel, most of that software is open source so it can also be modified or extended.
Since “Linux distribution” is rather long to write, people often just write “Linux” but mean the whole distribution, not just the kernel. These are just common inaccuracies in communication, but what the person meant should be obvious from the context.
Common and recommendable Linux distributions (= full, usable operating systems) include: Linux Mint, Ubuntu, Fedora, OpenSuSE, Arch, Debian. These are full operating systems and they all include the Linux kernel at their core. Of course, the similarities go further than that. Most distros are similar enough that if you’ve learned one, you can also use any other with little additional things to learn. However, some distros are deliberately a bit more different or tailored to more specific users or use-cases, for example Arch targets more experienced Linux users because it’s a very minimalistic distro, it expects the user to know which packages he wants to install. It pre-installs almost nothing. You can think of this like “Windows Server Core” where it just boots into a minimalistic terminal by default, no usable GUI yet, but you can of course install the desktop environment and everything if you need it and make a full-featured desktop out of it. The distro just doesn’t want to preinstall anything which you later might not like, which is why it gives you the choice, but that makes it a minimalistic distro and it’s harder for beginners to use that way. Other distros like Mint are much more similar to the client editions of MS Windows in that they preinstall everything the user needs for a desktop OS and more, so that the user can boot into and use the desktop as quickly and easily as possible. And then there are even more special-purpose distributions like Kali Linux which includes things like penetration testing tools (i.e. “hacker tools”), which makes it a distribution for IT security people, so they can boot into it and have access to most needed tools right away without installing much else (also good on a bootable USB stick). But usually, in general threads like this one, people don’t talk about specific-use distros, but about generalist distros which you can install and use as a regular desktop OS.
Desktop environments also exist on Windows but there’s basically only one, made by Microsoft. In the Linux world there are several to choose from. The most common ones are: KDE Plasma, Gnome, Cinnamon, XFCE. These desktop environments contain window managers or compositors, task bars or panels, menus, various tools like file managers, process viewers and text editors, and various background programs. This is all needed for the user to have what is commonly known as “a desktop environment”, because if you didn’t have one, you’d be basically staring at a screen containing at most a cursor and a wallpaper, with no way for you to interact with anything. Of course, these can look and feel different from each other (just like Windows looks and feels different than MacOS), and they have different features and strengths and weaknesses, but their goal is always the same. And as usual in the open source world, there’s not just one project but multiple, and out of those multiple a couple are popular, viable and stable enough so that they are usually included in most Linux distributions. Which is why most distros also give the user the choice to have a specific variant of the distribution with a specific desktop preinstalled. For example, Ubuntu also has Kubuntu (= Ubuntu with preinstalled KDE Plasma) or Xubuntu (= Ubuntu with preinstalled XFCE). These can have various names but in the end it’s just the base distribution (“Ubuntu”) with a different preinstalled “face” so to say (and you can change those faces or desktops from within the same distro, of course). Most other things are exactly the same between those distribution variants.
As a new user, you don’t need to learn about everything. Just pick an easy to use generalist desktop distro like Linux Mint and use the default desktop environment or variant which they provide or recommend by default. You can start experimenting with more choices later on if you want, but you also don’t need to. If you have something you’re comfortable using, then you can just stick with that.
Experience with relatives who had no prior experience with Windows or Linux: installing Linux for them was great, painless and also facilitates troubleshooting for me. No problems here. Mostly using Linux Mint for those purposes, it’s a great distro for non-techy people.
Experience with relatives with prior Windows experience (but no Linux experience): a mixed bag. Some use Linux happily now (thankfully), some returned to Windows because they couldn’t change their habits or have weird specific incompatibility issues with niche hardware which they also don’t want to solve in a different way. I’ve kind of stopped giving support to those, since I don’t want to give Windows support in my free time. I sometimes have to do it work-related, that’s more than enough Windows contact for me. I also refuse to give buying advice on any products by Microsoft, Apple, Meta, Amazon or Google, with only very few exceptions (e.g. Pixel phones, because they’re very secure and with GrapheneOS installed they’re the best general mobile phone option). It’s a bit of an ethical dilemma because I’d like to help the people but also don’t want to directly or indirectly support those companies. I always offer them help if they use Linux or the things I recommend.
Winter is on its way out due to climate change. In around the year 2100, it’s estimated that there will only be 3 seasons left, no winter. And summer will be much longer and much hotter. So the 3 seasons will be spring, then a 2-season long summer basically, then fall. That’s it.
But you can already see the disappearance of winter today because there’s much less snow and it’s much warmer than like 30 years ago. (Speaking for Germany)
Dumb user friendly (having no particular background): yes
Dumb user friendly (having Windows background): no
Windows knowledge makes learning other OS harder because Windows is the weirdest OS out there.
Windows will continue to get more and more user-hostile as time goes on, and they want everyone to have a subscription to Microsoft’s cloud services, so they can be in total control of what they deliver to the user and how the user is using their services/apps, and they also will be able to increase pricing regularly of course once the users are dependent enough (“got all my work-related data there, can’t just leave”).
The next big step that will follow after the whole M365 and Azure will be that businesses can only deploy their Windows clients by using MS Intune, which means MS will deploy your organization’s Windows clients, not your organization. So they’re always shifting more and more control away from you and into MS’ hands. Privacy is always an obvious issue, at the very least since Nadella is CEO, but unfortunately the privacy-conscious people have kind of lost that war, because the common user (private AND business sector) doesn’t care at all, so we will have to wait and see how those things will turn out in the future, they will start caring once they are being billed more due to their openly known behavior (driving, health, eating/drinking, psychology, …) or once they are being legally threatened more (e.g. your vehicle automatically reports by itself when you’ve driven too fast, or some AI has concluded based on your gathered data that you’re likely to cause some kind of problem), or once they are rejected at or before job interviews because of leaked health data or just some (maybe wrong) AI-created prognosis of your health. So I think there will be a point when the common user will start caring, we just haven’t reached that point yet because while current data collection and profile building is problematic because it’s the stepping stone to more dystopian follow-ups, it alone is still too abstract of an issue for most people to care about it. Media is also partly to blame here when they do reviews or news about new devices and then just go like “great camera and display, MUST BUY” and never mention the absurd amount of telemetry data the device sends home. MS is also partnering with Palantir and OpenAI which will probably give them even more opportunities to automatically surveil every single one of their business and private sector users. I think M365 also already gives good analytics tools to business owners to monitor what their employees are doing, how much time they spend in each application, how “efficient” they are, things like that. Plus they have this whole person and object recognition stuff going on using “smart” cameras and some Azure service which analyzes the video material constantly. Where the employees (mostly workers in that case) are constantly surveilled and if anything abnormal happens then an automatic alert is sent, and things like that. Probably a lot of businesses will love that, and no one cares enough about the common worker’s rights. It can be sold as a security plus so it will be sold. So I think MS is heavily going into the direction of employee surveillance, since they are well-integrated into the business world anyway (especially small and medium businesses) and with Windows in particular I think they will move everything sloooowly into the cloud, maybe in 10-15 years you won’t have a “personal” computer anymore, you’re using Microsoft’s hardware and software directly from Microsoft’s servers and they will gain full, unlimited, 100% surveillance and control of every little detail you’re doing on your computer, because once you hand away that control, they can do literally anything behind your back and also never tell you about it. Most of the surveillance stuff going on all the time already is heavily shrouded in secrecy and as long as that’s the case there will be no justice system in the world being able to save you from it, because they’d first need concrete evidence. Guess why the western law enforcement and secret services hunted Snowden and Assange so heavily? Because they shone some light into what is otherwise a massive, constant cover-up that is also probably highly illegal in most countries. So it needs to be kept a secret. So the MS (and Apple, …) route stands for total dependence and total loss of control. They just have to move slowly enough for the common user not to notice. Boil the frog slowly. Make sure businesses can adapt. Make sure commercial software vendors can adapt. Then slowly direct the train into cloud-only territory where MS rules over and can log everything you do on the computer.
Linux, on the other hand, stands for independence. It means you can pick and choose what components you want, run them whereever and however you want, build your own cloud, and so on. You can build your own distro or find one that fits your use case the most. You’re in a lot of control as the user or administrator and this will not change considering the nature of open source / free software. If the project turns to sh!t, you’re not forced to stick with it. You can fork it, develop an alternative. Or wait until someone else does. Or just write a patch that fixes the problematic behavior. This alone makes open source / free software inherently better than closed source where the users have no control over the project and always have to either use it as it is or stop using it altogether. There’s no middle ground, no fixes possible, no alternatives that can be made from the same code base because the code base is the developer’s secret. Also, open source software can be audited at will all the time. That alone makes it much more trustworthy. On the basis of trustworthiness and security alone, you should only use open source software. Linux on its own is “just” the kernel but it’s a very good kernel powering a ton of highly diverse array of systems out there, from embedded to supercomputer. I think the Linux kernel can’t be beaten and will become (or is already) the objective best operating system kernel there is out there. Now, as a desktop user, you don’t care that much about the kernel you just expect it to work in the background, and it does. What you care more is UI/UX, consistency and application/game compatibility. We can say the Linux desktop ecosystem is still lacking in that regard, always behind super polished and user-friendly coherent UIs coming from especially Apple in that regard (maybe also a little bit by Microsoft but coherent and beautiful UIs aren’t Microsoft’s strong point either, I think that crown goes to Apple). That said, Apple is very much alike Microsoft in that they have a fully locked-down ecosystem, so it’s similar to MS, maybe slightly less bad smelling still but it will probably also go in the same direction as MS does, just more slowly and with details being different. Apple’s products also appeal to a different kind of audience and businesses than MS’ products do. Apple is kind of smart in their marketing and general behavior that they always manage to kind of fly under the radar and dodge most of the shitstorms. Like they also violate the privacy of their users, but they do it slightly less than MS or Google do, so they’re less of a target and they even use that to claim they’re the privacy guys (in comparison), but they also aren’t. You still shouldn’t use Apple products/services. “Less bad than utterly terrible” doesn’t equal “good”. There’s a lot of room between that. Still, back to Linux. It’s also obviously a matter of quality code/projects and resources. Big projects like the Linux kernel itself or the major desktop environments or super important components like systemd or Mesa are well funded, have quality developers behind them and produce high quality output. Then you also have a lot of applications and components where just single community developers, not well funded at all, are hacking away in their free time, often delivering something usable but maybe less polished or less userfriendly or less good looking or maybe slightly more annoying to use but overall usable. Those applications/projects could use some help. Especially if they matter a lot on the desktop because there’s little to no alternative available. On the server side, Linux is well established, software for that scenario is plentiful and powerful. Compared to the desktop, it’s no wonder why it’s successful on servers. Yes, having corporations fund developers and in turn open source projects is important and the more that do it, the more successful those projects become. It’s no wonder that gaming for example took off so hugely after Valve poured resources and developers into every component related to it. Without that big push, it would have happened very slowly, if at all. So even the biggest corpo haters have to acknowledge that in capitalism, things can move very fast if enough money is being thrown at the problem, and very slowly if it isn’t. But the great thing about the Linux ecosystem is that almost everything is open source, so when you fund open source projects, you accelerate their growth and quality but these projects still can’t screw you over as a user, because once they do that, they can be forked and fixed. Proprietary closed-source software can always screw over the user, no one can prevent that, and it also has a tendency to do just that. In the open source software world, there are very few black sheep with anti-user features, invasive telemetry, things like that. In the corporate software world, it’s often the other way around.
So by using Linux and (mostly) open source products, you as the user/admin remain in control, and it’s rare that you get screwed over. If you use proprietary software from big tech (doesn’t even matter which country) you lose control over your computing, it’s highly likely that you get screwed over in various ways (with much more to come in the future) and you’re also trusting those companies by running their software and they’re not even showing the world what they put in their software.
code: camel or snake, depending on language
files/dirs: snake + kebab + dot mixture (trying to avoid caps and special chars here)
“We”, no. “Too many”, yes. In general, hard dependencies on proprietary software or services are often overlooked or ignored as potential future problems. Recent examples of this are Microsoft and VMware. Once the vendor changes things so that you don’t like anymore, or drives up prices like crazy, you’ll quickly realize that you have a problem you can’t solve other than switching, which you might not even be prepared to do short-term.
The Windows world now experiences this because Microsoft is no longer interested in maintaining a somewhat quality operating system, they are mostly interested in milking their user base for data, and don’t hesitate to annoy or even disrupt their user base’s workflows in a try to achieve that goal.
Many Windows users are currently looking at Linux because of this, but the more your whole workflow is based on dependencies to proprietary Windows-only software, the harder your time to switch will be. If you still use Windows today, you should at least start using more open source or cross platform software, which also will work on Linux, because you are on a sinking ship and there will probably be a time when you can’t take MS’ BS anymore and want to switch. Make it easier for you in the future by regarding Linux compatibility in the hard- and software you use today.
I hope that our courts in western democracies are strong enough to stop these developments, but I fear they ara not. Once this kind of stuff is being attributed to (even completely unproven) “higher security” or “national security”, and once secret services run the software and identification routines, it will land in the same extra-legal space as internet mass surveillance already lives in: “No no, we’re not doing that. Okay, you got us, we’re doing it, but only in limited scope. Okay, you got us, we’re doing it on everyone, but it’s important for national security and we can’t disclose anything else”. And that’s usually when nothing can be done anymore about this, and laws and ethics will be outmaneuvered.
Long-time GrapheneOS user here.
Can’t say anything about Motorola gestures.
Banking apps MIGHT not all work on GrapheneOS, if unsure check first, or ask on the GrapheneOS forum. I forgot the reasons but it’s probably something stupid like the banking app blocking any non-“Google-sanctioned” Android versions via the Play Integrity DRM kind of feature. It sucks, especially because GraphneOS is way more secure and private than any commercial Android, but what can you do, bad decisions are being done all the time.
GrapheneOS is my recommendation, it’s easy to install and can be used by tech-illiterate people as well because almost none of its security and privacy enhancing features require any special configuration work from the user or require advanced knowledge, it all happens mostly in the background with good default settings. Even for tech-savvy people this has the advantage of not requiring any tinkering or maintenance work, it feels like using any proprietary Android, just hardened and much more privacy-friendly.
You should still maybe be aware of these potential minor issues:
Some apps might refuse to work on any “unsanctioned” Android version via the Play Integrity thing, but so far this seems to be very rare (thankfully). If you find any, make sure to tell the developers that they should stop doing that.
Some apps might simply require Google Play services to be installed. On GrapheneOS, you can install them via the “Apps” app, and they will be slightly less terrible than they are on any other Android because they won’t run with full system rights, but instead they’ll be sandboxed and can be completely shut down by using the standard permissions system, which the user is blocked from doing on proprietary Android systems. But then again, if you must use them, then of course they’re going to require Network permission and they’ll use that to phone home to Google, as they always do on standard Androids as well. So it’s not recommended to install any proprietary apps from Google on top of GrapheneOS. Even though on Graphene, the amount of things an app is allowed to do is more limited compared to the huge amount of data an app can read and phone home on a propreitary Android system.
Some apps include certain widgets like Google maps which, again, require the respective app or Play services app to be installed as well. Depending on how these apps are written, they might simply fail completely when this dependency is not there. But so far, I’ve had luck, and some apps I’ve used which integrate a Google maps widget still worked without it. So it depends on the app and the quality of its developers.
When not having the Google play services installed (default), you won’t have access to Google’s push notification system in the cloud. Some apps, even some privacy-respecting apps like Signal, rely on that. Signal will work without, but then it uses a power-inefficient alternative based on websockets instead, which means Signal without Google play services drains your battery faster than it would otherwise. There are ways around this by using the Molly fork of Signal (Signal is open source and there is at least this one fork often being used as well) with the open source app “ntfy” and an either self-hosted or a privacy-respecting ntfy server instance somewhere to go along with it, which will then act as your own push notification server in the cloud. So you don’t need to contact Google’s stuff for that, and less connections overall to Google equals more privacy overall.
If you do decide to install the Google play services app on Graphene, make sure to allow it to run in the background. But, again, it’s not recommended to use any proprietary Google apps/services.
Once you have Graphene installed, be sure to use its integrated browser called Vanadium (a hardened Chromium fork) to download and install an “app store” of your choice. When I first started out, I installed the F-Droid apk first, then from within it Aurora as a Play Store client. Giving me access to a lot of open source and Play Store apps, respectively. F-Droid unfortunately has some potential disadvantages, which is why I recommend using Obtainium instead of the F-Droid client (you’ll still access the F-Droid repository sometimes because some APKs of open source apps are only hosted there, but at least you’ll avoid potential issues with the F-Droid frontend application then). Using Obtainium instead of F-Droid will be slightly more work at the beginning when compiling your needed open soruce applications, but afterwards it’s just as easy.
Make sure to configure a privacy-friendly and ad/tracker-blocking DNS server, as well as something like RethinkDNS or NetGuard Pro to control which apps are allowed to contact which hosts/IPs. Otherwise, while Graphene itself won’t violate your privacy, many apps will still do that (especially proprietary apps often contain several trackers).
If you need tutorial videos on how to install or initially configure Graphene, or Obtainium, watch the youtube channel “Side of Burritos”, excellent content.
If any of that sounds scary, it shouldn’t be. Most of these issues are really minor and it’s unlikely that you’ll be too negatively impacted by any of it, so give Graphene a try without Google services. There are great open source apps out there for all sorts of functionality. Just felt I should mention any potentially small pitfalls.
Other Android variants or ROMs are inferior to GrapheneOS in terms of security and privacy, unfortunately, so it’s best to buy a cheap Pixel (8th generation recommended due to strong hardware-based security) and install Graphene on it. Otherwise you’ll miss out on Graphene’s very strong security and privacy features. There are some other privacy and security oriented Android variants like Calyx or /e/OS or things like that, or even LineageOS, but they all, again, don’t reach up to Graphene’s level of security and privacy.
HTH
Gnome on my work notebook, KDE Plasma on my own machines.
I like KDE Plasma better overall but Gnome was a little bit more stable for me so far. I don’t mind UI differences that much, I’m not very much reliant on the GUI and can deal with pretty much any UI paradigm.