[astazangasta]

These are all valid problems but don't seem to me to preclude the original underlying premise - open source seems a necessary, if not sufficient condition. While OS might not solve all of our current issues, it seems to me that there cannot be any solution that depends on opaque software delivered by suspect entities with known surveillance agendas.

[ajdhsjakafjt]

The software is shipped by those who create the phone itself. If you don't trust anybody, you can't get a piece of silicon to connect to mobile networks and draw a website on a screen. Any open source hardware eventually depends on the promise that the thing does what it promises.

The commercial world has these trust issues as well as the open source world. Maybe the underlying issue is: how can we test devices and software that is incredibly complex?

[beagle3]

We can’t test it properly after it is done. And unless we can peek and change (which is what open source provides) we can’t ever.

I think the only dependable way forward is by separating the RF/modem parts from the rest, through a standard (e.g. WiFi or Bluetooth) protocol.

I already assume anything I do on my phone is compromised. And I would assume the same about my laptop, if I connectsd it to an untrusted hardwares and unfirewalled networks. With the laptop, I have an option; with the phone, I don’t.

I would gladly move to a dumb phone (for POTS) and an LTE access point, and a smart open source phone that uses it for connectivity, if such a thing were remotely practical. I already carry two phones for security and compartmentalizations.