zlacker

[return to "Librem 5: First Impressions"]
1. user_7+X7[view] [source] 2022-03-22 00:09:34
>>jstanl+(OP)
It's an interesting article (and thanks to the author for putting it out) but I wonder what their end goal is. Is it to have a 100% secure/private phone? I'm not sure if that's possible with the proprietary firmware (though the hardware kill switches are certainly a good idea). Most importantly, the questionable usability means that either the Librem team needs to work much more, or... this becomes a "smarter" alternative to a dumb brick without giving data to Big Tech. (Ignoring the fact that a sim card automatically makes you lose privacy to the government/telecos).

When comparing against something like a Pixel running GrapheneOS, it's honestly a bit more puzzling to me. Granted, I'm definitely not the audience for this, but with G_OS you can do most things that a regular phone can do, without taking several minutes to install Firefox.

As much as I love privacy (going as far as having a semi-random username), this phone is a bit puzzling. I hope someone can throw more light on this.

◧◩
2. blihp+ka[view] [source] 2022-03-22 00:31:47
>>user_7+X7
The general idea behind any 'pure' Linux phone is to have a device that you can trust at least as much as a desktop running Linux. Security is definitely a key aspect for many. But it's also the flexibility of not being locked in to anything on the software side. Ideally, it also extends the useful life of the device as when vulnerabilities and bugs are found, they can be fixed rather than junking the device for lack of updates. It's still pretty early days re: 'full' Linux on mobile and so it doesn't look like much yet... it takes time. Desktop Linux didn't look like much in 1994 either.

I'm not familiar with GrapheneOS but I assume it follows the usual model when repurposing Android devices of taking various closed source blobs (i.e. drivers etc) and rebuilding the open source bits around them? If so, this approach usually locks you into a Linux kernel version to remain compatible with the blobs which limits you on kernel features and fixes as well as who knows what exposure the blobs have to offer, which also will likely never get updates.

◧◩◪
3. kaba0+2Z[view] [source] 2022-03-22 10:57:52
>>blihp+ka
Linux desktops are not secure in any meaning of the word. Running everything as the same user is a catastrophe, see the recent “package-manager wiping out $HOME issue”. This should simply not happen in the 21st century, and we really should not make ourselves believe that we are safe just because desktop linux is seldom targeted and that the community is giving and well-intentioned for the most part. It is no longer a small village where everyone knows everyone and we could leave the doors open.
◧◩◪◨
4. belorn+fe1[view] [source] 2022-03-22 13:10:51
>>kaba0+2Z
Every modern proprietary operative systems and mobile operative systems is designed to generate revenue for the developer when it is running on the users own hardware. Advertisement, selling personal information, tracking for marketing and r&d purposes, locking down for product positioning and upgrade/upsale paths, and occasionally discreet access for three letter agencies in order to keep politicians at bay. Linux desktops are not designed for that purpose.

Security can be many things for different people. Preventing criminals from abusing vulnerabilities in software is one kind of security. Preventing companies from black/grey hack patterns is an other. Making people feel less icky from ubiquitous tracking is one. Stopping advertisements from wasting peoples time and preventing planned e-waste is additional ones.

Maybe we need to invent a new word for security. Something about making people feel safe and preventing actions that would harm them.

[go to top]