[123919239]

Is there any document where they describe how their focus on security shapes pureOS? I'm seeing stuff like bundling some add-ons for the browser, and kernel patches.

In my mind, securing users in 2018 means to have a decent password manager with an up-to-date browser, make sure that apps are sandboxed and prohibit the browser from accessing all my user's files. Do they tackle this?

[nonbel]

Edit: Sorry, I realized you were only asking about the OS after making this post. Feel free to ignore.

I think it looks like an interesting project and will buy one. I especially like the hardware kill switches.

>Here are some benefits and key differentiators of the Librem 5, the world’s first ever IP-native mobile handset and the only user-respecting mobile phone product offering on the market:

- Privacy protection by default, instead your profile and data being products sold to the highest bidder.

- Does not use Android or iOS. The Librem 5 comes with the mobile version of our FSF-endorsed operating system PureOS by default, and is expected to be able to run most GNU+Linux distributions.

- CPU separate from baseband, isolating the blackbox that the modem may represent and allowing us to seek hardware certification of the main board by the Free Software Foundation.

- Hardware Kill Switches for camera, microphone, WiFi/Bluetooth, and baseband.

- End-to-end encrypted decentralized communications via Matrix over the Internet.

-We also intend the Librem 5 to integrate with the Librem Key security token in the future.

Also see here: https://forums.puri.sm/t/librem-5-final-decision-about-kill-...

[ajdhsjakafjt]

No worries, it's part of the whole story. I don't particularly see the point of kill switches when you trust the software.

I acknowledge the efforts in hardware integration they do. I'd love to see the Linux desktop being upgraded to Android's standards.

[azdle]

> I don't particularly see the point of kill switches when you trust the software.

In my view it's two things: 1. It's defense in depth. No one person will ever be able to review every single line of code running their device, but anyone can crack open the case (and/or check the open schematics) and verify that flicking the switch kills the microphone. And 2. The baseband still has proprietary code running it that you can't verify so the only reasonable thing you can do to it is power it down.

[TACIXAT]

I'm excited for kill switches, mostly the baseband one. Cell providers sell real time location data. I will be happy knowing that my phone is doing no communication when I want it to.

[dcbadacd]

I don't see any MAC mentioned, that's a bit sad.