• comfy
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    2 years ago

    Who are you hiding from? “Increasing privacy” means nothing without context.

    My adversaries (well, when I’m not at a protest) are not likely to be tracking my phones location, and my phone is set up that no app or website can, so to me personally it’s a large sacrifice for no benefit.

    But for someone else, it could be good advice!

    • Marius@mastodonapp.uk
      link
      fedilink
      arrow-up
      3
      arrow-down
      1
      ·
      2 years ago

      @comfy @thursday_j Indeed you need context, but let’s limit the concept of “full privacy and security” to things that are in your control. E.g you might control the physical safety of your device but you can’t control how many man-in-the-middle are between your phone and the rest of the internet. As a regular technology user my threat actors are big-tech and establishments.

      • comfy
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        2 years ago

        It sounds like you’re suggesting Linux phones are more private and secure than GrapheneOS. Given their current state and limitations, it is extremely unlikely that any of them are more secure than GrapheneOS against a typical hacker or malicious app.

        with the downside that is limited to one single phone brand

        In terms of security, this is also a benefit. It means they aren’t trying to aim at fifty different targets which may behave different or even unexpectedly. The software developers have far far far more confidence that their security features will work on your device if they test it on theirs.

        Again, there is no such thing as “full privacy and security”. It is unpragmatic idealism. Not only does it misinterpret privacy and security as concepts, it is an unconstructive attitude for creating an effective security model, and just encourages burnout for no benefit. We don’t limit “full”. There is no full. There is no perfect answer. It’s an undefined and unachievable idea.

        “[Someone made] a laptop, encased in foam in a full Faraday cage, wrapped by alternating metal foils, and finally covered by a 1” layer of reinforced concrete."

        "It had been billed as the most secure computer ever. Right until two research papers had come out that showed it was possible to decipher processing by the amount of power being consumed and by pulling the slight RF signal being carried by the ground line. "

        Now, I’m not saying you can’t effectively secure your device adequately against big-tech and corporate capitalism. I say you can! It’s achievable. But it’s unconstructive to hold the illusion that there is some absolute “full privacy” against them.

        • Marius@mastodonapp.uk
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          2 years ago

          @comfy in terms of software linux phones still have a long way to catch android. Even when taking the desktop flavors, against windows, linux is still not a match. Thanks for sharing that article. Is good to know exactly which are the areas where linux must improve.

          • Marius@mastodonapp.uk
            link
            fedilink
            arrow-up
            4
            ·
            edit-2
            2 years ago

            @comfy The hardware approach has already surpassed most of androids due to their open firmware nature. In my scenario, let’s say I’m going to a protest and enforce my human rights upon the establishment. I turn off cellular, WiFi, Bluetooth, BLE, NFC, UWB and just use my phone as a pocket computer to take video footage. Later I read a security article that the cellular modem in my phone is able to transmit data outside phone’s operating system.

            • Marius@mastodonapp.uk
              link
              fedilink
              arrow-up
              2
              ·
              edit-2
              2 years ago

              @comfy Same like Intel ME is able to take full ownership of your computer without your approval or awareness. This can only happen due to the closed source firmware these devices are using. If I could electrically kill these components, or the possibility of having them removed, I would consider myself fully protected. Again, this approach might not be good for everyone. Maybe “full” is not the correct wording. I guess “ideal security and privacy” is what I was looking for. You are right here.

          • comfy
            link
            fedilink
            arrow-up
            1
            ·
            2 years ago

            No problem :)

            Linux is obviously the choice for my desktop, especially since I’m not defending against organized crime or a government, but like you said it’s important to understand its strengths and weaknesses.

      • Marius@mastodonapp.uk
        link
        fedilink
        arrow-up
        2
        arrow-down
        1
        ·
        2 years ago

        @comfy @thursday_j GrapheneOS is the best flavour of Android that you can get with the downside that is limited to one single phone brand. But Android itself is far from being perfect. That’s when Linux phones step in. Currently they are just in development stage and not really intended as daily drivers. But that changes with adoption.