> When we develop security solutions, we develop them without looking down on the user or thinking of them as som[e]body that we have to protect almost like a parent-child relationship. We try to build a solution that gives them control over their own security.
That's many words for saying we don't have any sort of security measures.
> Because all the code in the root file system of the Librem 5 is free/open source, all of it can be reviewed to verify that it doesn't contain backdoors and doesn't do anything that the user doesn't want it to do
At most it answers privacy but not security. Also, non-existent security can so easily add a "backdoor", especially on top of an all-memory-unsafe environment where memory bugs are everywhere.
But I will give them that they do list basically all my gripes with it:
> It lacks a secure boot process to verify that none of the boot files have been changed.
> It lacks a hardware-backed key store.
> The apps are not run in a secure sandbox.
> PureOS doesn't have shim kernel drivers that do most of their execution in userspace libraries like Android and iOS.
> PureOS doesn't have low-level protections such as Control Flow Integrity and ShadowCallStack in Android and Pointer Authentication Codes in iOS.
> Most of the operating system and applications are written in memory unsafe languages like C and C++.
> The Librem 5 lacks a permission system where each app is required to ask the user for permission to access parts of the phone like Android has.
And unfortunately the answer to these is that there are some distant plans for some of these. Hopefully both desktop and mobile Linux will improve heavily in this area in the coming years.
Some nitpicks (not directed at you at all):
> When we develop security solutions, we develop them without looking down on the user or thinking of them as som[e]body that we have to protect almost like a parent-child relationship. We try to build a solution that gives them control over their own security.
That's many words for saying we don't have any sort of security measures.
> Because all the code in the root file system of the Librem 5 is free/open source, all of it can be reviewed to verify that it doesn't contain backdoors and doesn't do anything that the user doesn't want it to do
At most it answers privacy but not security. Also, non-existent security can so easily add a "backdoor", especially on top of an all-memory-unsafe environment where memory bugs are everywhere.
But I will give them that they do list basically all my gripes with it:
> It lacks a secure boot process to verify that none of the boot files have been changed. > It lacks a hardware-backed key store. > The apps are not run in a secure sandbox. > PureOS doesn't have shim kernel drivers that do most of their execution in userspace libraries like Android and iOS. > PureOS doesn't have low-level protections such as Control Flow Integrity and ShadowCallStack in Android and Pointer Authentication Codes in iOS. > Most of the operating system and applications are written in memory unsafe languages like C and C++. > The Librem 5 lacks a permission system where each app is required to ask the user for permission to access parts of the phone like Android has.
And unfortunately the answer to these is that there are some distant plans for some of these. Hopefully both desktop and mobile Linux will improve heavily in this area in the coming years.