← Back to context

Comment by fsflover

7 hours ago

You missed that I do not recommend Librem 5 to "almost everyone". We are not on a normies forum but on HN.

Also, I do not recommend Librem 5, when somebody asks for a secure device. I mention it, when somebody asks about alternatives to the duopoly, a possibility to have a full, general-purpose computer in a pocket allowing you to tinker with it, or wants to run GNU/Linux baremetal. Such people aren't the audience of GrapheneOS anyway.

And I'm not against GrapheneOS. I never said it was less secure than Librem 5 for typical tasks. I only say, that if you want to have a third option, you can have it today. There will be compromises, which can be dealt with by technical users.

2 comments

fsflover

Reply
kuhsaft  7 hours ago

> We are not on a normies forum but on HN.

Being on HN does not mean that you are familiar with the intricacies of hardware and low-level software.

> I only say, that if you want to have a third option, you can have it today. There will be compromises, which can be dealt with by technical users.

I think it’s irresponsible to promote it as an alternative device without noting that it’s less secure and full of footguns. Also, disingenuous to promote it as FOSS when it only fits that definition under FSF technicalities. And lastly, to promote it as more open than phones with AOSP distros that utilize the same set of proprietary hardware, just with different communication mechanisms/boundaries.

  • fsflover  5 hours ago

    This is not a forum with legal advises. I inform people about an option, which they asked for. GNU/Linux phones have a similar security approach to GNU/Linux on desktop. People explicitly seeking GNU/Linux should know this. They can also ask or search the Internet.

    > I think it’s irresponsible to promote it as an alternative device without noting that it’s less secure and full of footguns

    I disagree with you here. Informing about options is better than not informing. "Less secure" depends on a threat model. GNU/Linux on desktop is working well enough for millions of people. So it is a viable security approach for many. Saying that your threat model is the only one that should exist and be promoted is crazy.

    > only fits that definition under FSF technicalities

    This is one of the strictest definitions there is. By which definition does GrapheneOS run FLOSS?

    > same set of proprietary hardware, just with different communication mechanisms/boundaries

    More choice is always good, isn't it? If it is not for you, you are free to use and promote the duopoly. (Yes, I consider AOSP obeying Google's development strategy long term. It will not end well. See: this topic.)