poVoq
5
edit-2
6M

Well, this does raise some valid points and the communities around these phone OS could probably do a bit more to not raise wrong expectations. There is a lot of people who apparently think these PhoneOS are somehow magically more secure, but that is at best just a result of being so obscure that no one has bothered looking for exploits ;)

The problem however that I have is that such articles indirectly promote the idea (as found in the Android / iOS ecosystems) that you can establish a “zero trust” zone on your operating system (via a sandbox etc.) and then put up an app-store with free 3rd party access.

This kind of security model was the big idea in the early 2000 when Android was first developed, and Ubuntu Touch for example also tries to emulate it. But I think by 2020 it is safe to say that it has utterly failed and can only be kept somewhat working with massive security teams and constant updates.

I think the only reason these companies stick with it, is that the resulting app-stores are massively profitable, despite being quite obvious malware distribution channels on an equally massive scale.

The alternative model, one that I call “chain of trust”, is what can be found on Fdroid or most Linux distributions. There is no default way for 3rd parties to get direct access to the repository/system and (unless the user specifically uses something like ppa, AUR, appimage, snap, flatpack) all software is first tested and compiled by several people unrelated to the original developers.

While far from perfect, this is the much more resource efficient and flexible security model, that solves a social problem (malware) with a social response, instead of following the fallacy of trying to find a technical solution.

Already saw this shitty text on Lemmy.

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word “Linux” in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

  • 0 users online
  • 34 users / day
  • 51 users / week
  • 127 users / month
  • 417 users / 6 months
  • 3554 subscribers
  • 1062 Posts
  • 2974 Comments
  • Modlog