I don't think a mega corp having full access to my phone while me not having that is very "secure". Sure it's pretty ok against third parties but in my threat model Google and Apple are also adversaries. Microsoft too by the way.
In my model my Linux pc is a lot more secure as there's no adversary having direct access and more control than me.
By this definition no operating system Google releases will be secure to you. I think it would be a more productive discussion if you could argue about security ignoring that you have to trust the person who wrote your operating system or designed your cpu.
That's not the relevant part. The relevant part is, if you find it's doing something you don't want it to be doing, can you read and modify the code that does that?
Yes, if someone sets a passcode and then forgets it, they will be locked out forever and lose all of their files. There is no way to prove physical ownership of the device, pretty mich the passcode proves who the owner is.
Security seems like a solved problem on desktop already? Secure Boot + LUKS + SELinux gives anyone a pretty airtight userspace.
Microsoft/Apple have similarly secure set ups for their operating systems. Bitlocker by default (although there is a convenient backdoor for high-paying customers to protect against data loss and for law enforcement forensics) and Apple's Secure Enclave (only broken into by a certain five countries intelligence agencies and for older versions streaming pirates) should protect the average user pretty well.
Is there anything special about Android phones (especially budget ones) that makes them more secure? That's not what I've seen.
As the other comment mentioned, is that Android is way ahead on app sandboxing and not doing things like exposing sudo to apps. Yes, apps can literally ask for your user's password using a fake dialog and then elevate to root and then do whatever. Even without root programs can spy on you by recording your screen, and mic. Programs can cryptolock your files or steal them (browser login information is a juicy target to steal). Android shuts down all of these kinds of malware by design. Apps can't escalate to root. Apps can't read or write to all of your files. Apps can't steal files from other apps. Apps have to ask for permission to record users. Apps can't see you have a root terminal up and start typing commands into it. Also in regards to writing APIs that are permissions Android makes it easy.
There isn't that much demand for that on Linux because the apps aren't adversarial. If you install Facebook on your phone, you want it locked in a jail where it can't suck up everything on your device and send it to Meta. If you install the Signal desktop app on Linux, it's open source and doesn't do that. And to the extent that you use the likes of Facebook it's the web version.
Meanwhile per-app isolation is a pain. You download a picture in a browser, crop it in a photo editor and attach it to an email. All three apps need access to the same picture. Your backup app needs access to everything. Your password manager is filling in fields in other apps.
You do want to be able to isolate something questionable, but the usual way to do this for sophisticated users is virtual machines or containers. Maybe that could use a coat of paint to make it easier for unsophisticated users to use it, but maybe unsophisticated users should just stick to the system package manager anyway.
I don't think a mega corp having full access to my phone while me not having that is very "secure". Sure it's pretty ok against third parties but in my threat model Google and Apple are also adversaries. Microsoft too by the way.
In my model my Linux pc is a lot more secure as there's no adversary having direct access and more control than me.
Privacy != Security
We shouldn't be happy with the state of security on Linux, while simultaneously enjoying its privacy benefits.
For me privacy = security.
If a company has access to my data without my -completely voluntary- consent, that's a security breach.
1 reply →
By this definition no operating system Google releases will be secure to you. I think it would be a more productive discussion if you could argue about security ignoring that you have to trust the person who wrote your operating system or designed your cpu.
The point of open source is I don't have to trust the person who wrote it
6 replies →
<https://knowyourmeme.com/memes/whoosh-you-missed-the-joke>
Do you personally go through every line of source code for your Linux distribution?
That's not the relevant part. The relevant part is, if you find it's doing something you don't want it to be doing, can you read and modify the code that does that?
1 reply →
No but many people do. Try getting something by Linus and his kernel team lol. Good luck!
3 replies →
Do you do that for Android?
So secure it locks the owners out.
Yes, if someone sets a passcode and then forgets it, they will be locked out forever and lose all of their files. There is no way to prove physical ownership of the device, pretty mich the passcode proves who the owner is.
If I forget my LUKS passphrase no power on heaven or earth can recover my data
St. Gabriel, sitting on his cloud, looking at his Nvidia GPU supercomputer (also a cloud) fabbed by God, could totally bruteforce your LUKS key.
1 reply →
That's sort of the point of LUKS, and it's self-inflicted and your own choice because you didn't back up the key.
Security seems like a solved problem on desktop already? Secure Boot + LUKS + SELinux gives anyone a pretty airtight userspace.
Microsoft/Apple have similarly secure set ups for their operating systems. Bitlocker by default (although there is a convenient backdoor for high-paying customers to protect against data loss and for law enforcement forensics) and Apple's Secure Enclave (only broken into by a certain five countries intelligence agencies and for older versions streaming pirates) should protect the average user pretty well.
Is there anything special about Android phones (especially budget ones) that makes them more secure? That's not what I've seen.
As the other comment mentioned, is that Android is way ahead on app sandboxing and not doing things like exposing sudo to apps. Yes, apps can literally ask for your user's password using a fake dialog and then elevate to root and then do whatever. Even without root programs can spy on you by recording your screen, and mic. Programs can cryptolock your files or steal them (browser login information is a juicy target to steal). Android shuts down all of these kinds of malware by design. Apps can't escalate to root. Apps can't read or write to all of your files. Apps can't steal files from other apps. Apps have to ask for permission to record users. Apps can't see you have a root terminal up and start typing commands into it. Also in regards to writing APIs that are permissions Android makes it easy.
Per app isolation vs single user account.
There isn't that much demand for that on Linux because the apps aren't adversarial. If you install Facebook on your phone, you want it locked in a jail where it can't suck up everything on your device and send it to Meta. If you install the Signal desktop app on Linux, it's open source and doesn't do that. And to the extent that you use the likes of Facebook it's the web version.
Meanwhile per-app isolation is a pain. You download a picture in a browser, crop it in a photo editor and attach it to an email. All three apps need access to the same picture. Your backup app needs access to everything. Your password manager is filling in fields in other apps.
You do want to be able to isolate something questionable, but the usual way to do this for sophisticated users is virtual machines or containers. Maybe that could use a coat of paint to make it easier for unsophisticated users to use it, but maybe unsophisticated users should just stick to the system package manager anyway.
2 replies →