This is sad. I’m clinging to my GrapheneOS Pixel 7 until it completely breaks. By then I hope there will be decent Linux phone options or I might not get another phone at all.
Google can go fuck itself. The state stock phone from most major manufacturers come in with all that increasingly intrusive spyware that you can’t uninstall or turn off should be illegal.
The government represents private interests so I think the legality is exactly where it’s intended, another fuck you to the consumer so congressional stock portfolios go up.
If you’re on Graphene for security, Linux mobile will be the last thing you want as the security of those devices is akin to carrying around a bootloader unlocked android with no app sandboxing. You’d be better off buying a fair phone and using iodé until they can’t develop any further.
As someone who only uses fedora on all my PCs and iodé on my phone, I’m not sure why you think I’d say this just to stir up drama. I’ve done the research into what would be available on mobile relative to my current threat model and found its not ready, and will most likely not be ready for a long time unless were somehow blessed with another Steam deck like moment for phones.
Also, can we stop the stupid spongebob chicken mocking text? It makes your response seem a lot more negative than it needed to be.
It depends on what your requirements are. Is physical security important, or is preventing data collection more important? Not all security is the same.
The day my Pixel 9 Pro XL came to my door, I unlocked the bootloader and rooted it. Yet, somehow, all of my banking apps (Venmo, Fidelity NB, a national bank, and a local CU) still manage to work just fine.
I never implied it was, however if someone is using graphene as a way to achieve mobile security, it can generally be assumed they want said security if they switch to a different OS. Iodé and CalyxOS both support more than just pixels, and don’t do data collection, nor do they sacrifice physical security. Mobile Linux on the other hand, has very little physical security, and very poor application sandboxing compared to the aforementioned android forks. It wouldn’t make sense from a security perspective to skip over android forks directly to {postmarketos, Ubuntu touch, armbian/mobian, manjaro mobile…} unless your goal is to use a Linux phone without caring about physical security and app sandboxing (which would not make sense if you are using Graphene, and don’t want to change your threat model too much while not supporting Google.)
That’s fair. Hopefully in time mobile Linux will be comperable. I’d prefer it over Android if all else were equal. Maybe as Google keeps fucking around with users people will want to get as far away from them as possible and mobile Linux will really get going.
I agree with you, in fact the only reason I know about the security differences is because I wanted to jump ship when they started down this closing AOSP path. I found that at the current moment the security model won’t work for me, and that I’d also have to buy a new phone just to get support. I really want to try out plasma mobile though, it looks nice.
Yeah, Plasma mobile looks like where we should be right now, but yeah, sadly too many tradeoffs to actually have users. I’m still hopeful that some day we’ll get the Linux mobile we all want. Maybe when some Android devs retire and want a hobby…
Everyone does run proprietary hardware with its own hardware vulnerabilities that could very easily be exploited and escalated without proper security. Unlocked bootloader leaves you open to very easy physical attacks. Phones batter is low and you need to charge it in a public space? You better hope no one had modified the charger with something like an RPI to silently exploit your phone. Crossing a border into a country and they suspect you’re some sort of threat? There goes all your personal information directly to their government. Not running software that updates the hardware’s proprietary software drivers? One text message and you’ve got a rootkit.
You are more than welcome to run less secure and/or insecure software. No one is telling you you can’t. If someone is on GrapheneOS however, they’re probably not using it to be on a less secure os. Most people don’t want a less secure os. I’m glad you currently have the option to do what you want, but this response to someone using a secure OS about how to stay secure didn’t really need an “um ackshually” about people who don’t want a secure os.
need to charge it in a public space? You better hope no one had modified the charger with something like an RPI to silently exploit your phone
Any secure Android device should be starting each USB session in device mode, set to charge only. It is usually not possible to change this mode without unlocking the screen. I don’t know what this has to do with sandboxing or unlocked bootloaders.
Crossing a border into a country and they suspect you’re some sort of threat?
How does this attack work? Are you saying they’d replace the operating system by using the unlocked bootloader? There are plenty of ways to prevent this with full disk encryption. Of course you need to check for modifications when you get it back, but that’s true even if you have a locked bootloader, because of hardware modifications and leaked keys.
Not running software that updates the hardware’s proprietary software drivers? One text message and you’ve got a rootkit.
In any of the open source Android distros, like LineageOS or GrapheneOS, those updates come as part of the operating system. The updater is open source, and doesn’t care whether your bootloader is locked. I assume a Linux Mobile system would be closer to Debian’s Apt system, which is also an open source updater than can install proprietary drivers, and also doesn’t care if your bootloader is locked.
didn’t really need an “um ackshually” about people who don’t want a secure os
This is sad. I’m clinging to my GrapheneOS Pixel 7 until it completely breaks. By then I hope there will be decent Linux phone options or I might not get another phone at all.
Google can go fuck itself. The state stock phone from most major manufacturers come in with all that increasingly intrusive spyware that you can’t uninstall or turn off should be illegal.
The government represents private interests so I think the legality is exactly where it’s intended, another fuck you to the consumer so congressional stock portfolios go up.
I wish mobile Linux was in a better state too, this sucks.
If you’re on Graphene for security, Linux mobile will be the last thing you want as the security of those devices is akin to carrying around a bootloader unlocked android with no app sandboxing. You’d be better off buying a fair phone and using iodé until they can’t develop any further.
That’s dangerously close to something Microsoft would say, like
“LiNuX is tHe LaSt ThInG you WaNt FoR sEcUrItY”
But I’ll give you the benefit of the doubt and hope you just meant that Linux mobile isn’t ready for use as a daily driver yet.
(sent from iodé)
As someone who only uses fedora on all my PCs and iodé on my phone, I’m not sure why you think I’d say this just to stir up drama. I’ve done the research into what would be available on mobile relative to my current threat model and found its not ready, and will most likely not be ready for a long time unless were somehow blessed with another Steam deck like moment for phones.
Also, can we stop the stupid spongebob chicken mocking text? It makes your response seem a lot more negative than it needed to be.
It depends on what your requirements are. Is physical security important, or is preventing data collection more important? Not all security is the same.
I require my banking app to work.
you can use the bank website
How will that work exactly? Do you carry your TANs or secure token around all the time?
no different than your banking app. most websites have a remember me option
Skill issue?
The day my Pixel 9 Pro XL came to my door, I unlocked the bootloader and rooted it. Yet, somehow, all of my banking apps (Venmo, Fidelity NB, a national bank, and a local CU) still manage to work just fine.
I never implied it was, however if someone is using graphene as a way to achieve mobile security, it can generally be assumed they want said security if they switch to a different OS. Iodé and CalyxOS both support more than just pixels, and don’t do data collection, nor do they sacrifice physical security. Mobile Linux on the other hand, has very little physical security, and very poor application sandboxing compared to the aforementioned android forks. It wouldn’t make sense from a security perspective to skip over android forks directly to {postmarketos, Ubuntu touch, armbian/mobian, manjaro mobile…} unless your goal is to use a Linux phone without caring about physical security and app sandboxing (which would not make sense if you are using Graphene, and don’t want to change your threat model too much while not supporting Google.)
That’s fair. Hopefully in time mobile Linux will be comperable. I’d prefer it over Android if all else were equal. Maybe as Google keeps fucking around with users people will want to get as far away from them as possible and mobile Linux will really get going.
I agree with you, in fact the only reason I know about the security differences is because I wanted to jump ship when they started down this closing AOSP path. I found that at the current moment the security model won’t work for me, and that I’d also have to buy a new phone just to get support. I really want to try out plasma mobile though, it looks nice.
Yeah, Plasma mobile looks like where we should be right now, but yeah, sadly too many tradeoffs to actually have users. I’m still hopeful that some day we’ll get the Linux mobile we all want. Maybe when some Android devs retire and want a hobby…
Not everyone runs dangerous proprietary apps that need sandboxing. Does my offline puzzle game need sandboxing? Firefox has its own sandbox built in.
Some people consider unlocked bootloaders a feature.
Everyone does run proprietary hardware with its own hardware vulnerabilities that could very easily be exploited and escalated without proper security. Unlocked bootloader leaves you open to very easy physical attacks. Phones batter is low and you need to charge it in a public space? You better hope no one had modified the charger with something like an RPI to silently exploit your phone. Crossing a border into a country and they suspect you’re some sort of threat? There goes all your personal information directly to their government. Not running software that updates the hardware’s proprietary software drivers? One text message and you’ve got a rootkit.
You are more than welcome to run less secure and/or insecure software. No one is telling you you can’t. If someone is on GrapheneOS however, they’re probably not using it to be on a less secure os. Most people don’t want a less secure os. I’m glad you currently have the option to do what you want, but this response to someone using a secure OS about how to stay secure didn’t really need an “um ackshually” about people who don’t want a secure os.
Any secure Android device should be starting each USB session in device mode, set to charge only. It is usually not possible to change this mode without unlocking the screen. I don’t know what this has to do with sandboxing or unlocked bootloaders.
How does this attack work? Are you saying they’d replace the operating system by using the unlocked bootloader? There are plenty of ways to prevent this with full disk encryption. Of course you need to check for modifications when you get it back, but that’s true even if you have a locked bootloader, because of hardware modifications and leaked keys.
In any of the open source Android distros, like LineageOS or GrapheneOS, those updates come as part of the operating system. The updater is open source, and doesn’t care whether your bootloader is locked. I assume a Linux Mobile system would be closer to Debian’s Apt system, which is also an open source updater than can install proprietary drivers, and also doesn’t care if your bootloader is locked.
This is pointlessly condescending.
What prevents you from sandboxing in linux? Ever heard of cgroups?
I can’t imagine someone who wants to use their phone wants to spend that time using it setting up sandboxing by hand.
There are a few for sure, but the point was the technology is there, it’s “just” a matter of implementing it.