[captainchris]

Besides being open source and not connected to big tech, and besides being designed/built with privacy in mind, what fundamental security advantages does a project like Pine offer over aapl/goog's efforts, from a hardware/software design perspective? Apologies for the simplistic inquiry.

The reason for asking is that goog/aapl have had generations of highly paid talent trudging through a security nightmare and are presumably generations ahead of what is even feasible for non-big tech interests.

[megous]

It allows easilly booting from external media, without involving any existing changeable SW on the phone.

Without HW mods, there's nothing some malware can do to persist itself in the device and prevent you from running exactly what you want and nothing else. You can just insert a known good uSD card, and the SoC will boot from it.

So you can conceivably use an OS from uSD card as an outside root of trust for verifying/reflashing the changeable parts of the phone.

Normally the trust is rooted in some fused keys and hopefully properly implemented bootloader, which seems inherently less trustworthy and much more complex.

[blihp]

The security advantage it offers is specifically to remove aapl/goog from the equation. The security features big tech is offering these days is primarily designed to lock you into their ecosystem and out of your device rather than actually securing it for you. The primary security they're offering is from casual hacking, which of course has value if you're not tech savvy and unable to do that for yourself.

[captainchris]

is that really the case? apple as example, they develop secretive and innovative security measures that, while compatible with their corporate mandates, do actually aim to protect end users. yes, this is in contradiction to certain privacy needs, user lock-in, etc as you mentioned

primarily, i am interested to learn what pine or other offering does outside of the obvious benefits of it being open. specifically, what security measures on their own merit, hardware and/or software, does pine offer, either uniquely or in an effort to "catch up" (e.g. secure enclave)

[blihp]

Yes, I believe it is. You're dismissing out of hand one of the primary security benefits of an open device while giving far too much credit to Apple.

For the open device, (with one glaring hole: they don't support full device encryption i.e. the bootloader etc... yet) you can encrypt your data such that if you lose the key, it is effectively unrecoverable. There is no communication with any 3rd parties that you don't specifically allow/enable. That is a killer security feature of the device: there's no 3rd party between you and your data.

On the Apple side, you're crediting them with 'secretive and innovative' when the reality is they only provide users as much security as their business model requires. All Apple really offers is security from casual hackers and when it suits their purposes, from the user/purchaser of the device. The fact that Apple is in a position to respond to a government demand with anything other than a blob of encrypted data tells you all you need to know about how secure your data really is with them. (I'd love to be corrected if it's realistic these days to use an i-device without their cloud services enabled... I left their ecosystem years ago so I am speculating that it's not)

There's no magic when it comes to security: either you provide the foundation to allow for a secure environment (which Pine appears to be working toward) or you don't (Apple likely never will as they appear to not want to piss off various governments).

[captainchris]

Not dismiss but inquire.

I don't know enough about Pine, but aapl/goog have had hackers battle testing their platforms for a while. I don't see how an open platform can leapfrog ahead unless aapl/goog truly are sabotaging security for "big bro"

yes, cloud is a big hole, but are we hiding from the law? aapl only responds to warrant requests -- supposedly.

(on a side note, afaik, aapl is building their own baseband proc, which presumably will be a good thing for security)

What you said makes a ton of sense, but curious to see in practice how the security of such a device will hold up. you'd have to expect that the platform will have holes, being so new -- and that there wont be enough eyes on, not without adoption. paradox.

yes, open device means far greater flexibility on security posture but this presumes a mature, battle tested tool set. (and may or may not be built on a better foundation than corporate closed phone tech -- hence inquiry)

contrarily and back to my original inquiry -- i still wonder if there are fundamental design choices inherent to Pine that separate it from (or bring it on par with) commercial offerings. (besides those elucidated by you and another commenter -- thanks). for instance, physical boundaries such as a secure enclave, etc

i challenge the notion about aapl and casual hackers. every non-trivial platform has bugs, whether open or closed. there isn't a way to casually own an up to date iOS device, for instance -- if one had such an exploit it would be worth a lot of money to aapl or a broker

sorry for free form reply