Comment by alwayslikethis
1 year ago
As much as I like the concept, I'm not sure Linux phone is a good idea. Desktop Linux is not particularly prone to spyware scanning the filesystem and uploading it mainly because they mainly use free software from package repositories that are vetted by maintainers. If Linux phones are used like Android or iOS phones are used today (downloading random binaries, often to interact with real world things you can't opt out of, with distribution controlled by a corporation not too worried about your privacy), it would be a privacy nightmare.
In my mind part of the "Linux Phone" package is moving primarily to a package repo software distribution solution. You can slap an App Store-esque frontend on it, but the software you're installing is (by default) from a curated list of supported open source packages, not random binaries from untrustworthy parties. Of course, this mentality is losing support even on desktop Linux with the move to Snaps/Flatpacks/AppImages/etc, which is a real shame.
The gnu/linux userspace has absolutely no security whatsoever. It’s a real shame how trivial it is to have even an npm install potentially do literally anything.
Android has an actual, sane, rethought security model that has a good track record in protecting millions of non-tech-savvy people.
To be clear, this security model is bolted on top of the kernel and uses SELinux under the hood. It's not some magic thing, it can certainly be replicated and even improved.
Android has a security model that protects the OS from applications and applications from users. A sane security model would put the user in control.
1 reply →
If you run your npm install in a properly set up container (and at some point in the future, Flatpak will set this up for you), it isn't going to do much. Yes, I'm well aware that containers should still be tought of as "not a real security boundary" given the amount of remaining attack surface, but even then the Android approach is not very different.
Well... yeah, don't do that. I mean this seriously, not facetiously; when I say I want a Linux phone what I mean is I want a phone that runs Debian or whatever (on bare metal, with good quality of experience, and with a mainline kernel) and where I install software out of the official repos using apt (or whatever).
(Also plenty of people on desktop Linux do `curl | sh`, and some of us are getting most of our Android apps out of F-Droid; I'm not sure the distinction runs quite the way you're suggesting.)
You can have a pinephone, and it will work fine for like 2 hours, warming like hell, and having you wait for minutes for an app to open. That’s where the linux userspace is. Maybe we should take a look at android and simply re-use the multi-million dollars spent on actually making a working mobile OS?
While my experience with PinePhone has been significantly better (sounds like you may have had a faulty unit), we have working close-to-mainline ports for a few Qualcomm-powered phones (e.g., Xiaomi Poco F1, OnePlus 6(t), Google Pixel 3a, ...) in OSes like postmarketOS or Mobian. Turns out these work a lot better - having phones build with components for phones makes a significant difference.
1 reply →
I don't understand what any of your comment has to do with this thread, which is about security models and application sources.
That said,
> You can have a pinephone, and it will work fine for like 2 hours, warming like hell, and having you wait for minutes for an app to open. That’s where the linux userspace is.
No, that's where the pinephone hardware is. I mean, also it sounds like maybe you have a defective unit because mine doesn't do what you're describing, but this is like judging Android by the cheapest phone I can buy, which is also agonizingly slow. If you don't use a device built out of really old+cheap parts, ex. postmarketos is perfectly fine.
2 replies →