[ollieparanoid]

I'm involved in postmarketOS, one of the Linux phone distributions the article talks about. Also a heavy Qubes OS user and previously user of a certain hardened android project on the nexus 5x while strcat was still involved in it.

I think it's quite simple,

* if you are a more casual user with strong security and privacy needs, then the Linux phone distros are not there yet. Use something else.

* if you are a Linux enthusiast/developer/hacker who is interested in getting away from Google and Apple eco systems, consider getting involved in one of these Linux phone projects and helping out there.

This should not be seen as competition, it's all free and open source software. Android hardening projects focus on delivering a reasonable solution today while Linux phone projects focus on getting something truly independent in the long run.

[fouric]

When you say:

> the Linux phone distros are not there yet

Is there any indication that Linux is going to catch up to Android/iOS in terms of security?

From my perspective, not only has Linux userspace security barely improved at all over the past few decades (almost all programs run as the user with all of their privileges, no sandboxing, barely any permission/access control to speak of (and yes, I know that there are some projects that aim to fix this, but they're all woefully immature and barely adopted)), but the Unix philosophy itself seems opposed to these security measures. Am I just being overly pessimistic?

[doubled112]

I like to think there are some groups thinking about these problems.

Could using something like Fedora Silverblue or OpenSUSE MicroOS (immutable OSes) plus Flatpak (containerized apps) plus SELinux (access controls) get you almost there?

These already exist, but I've seen the push back to the concepts in real life among admins around me, so I wouldn't expect the mass adoption it'd need to stabilize anytime soon. I'm not even including the Internet rage and arguments about these technologies.

[the_rectifier]

No an immutable OS does not help, also flatpak is necessary and selinux not powerful enough. You just need sandboxing.

[goodpoint]

> strong security and privacy needs, then the Linux phone distros are not there yet

Citation needed. Android does plenty of homecalling and also a lot of phones came preloaded with bloatware with tracking functions.

You have to provide some justification to claim that a Linux phone protects users privacy less than Android.

[nicce]

I have no idea how Linux phones are different, but if you compare Android to traditional Linux, app sandboxing is huge difference alone. Is anyone implementing it? How are app specific permissions handled? How full e2ee or secure boot is implemented? By default, you have to add alot in top of Linux kernel.

[goodpoint]

> app sandboxing is huge difference alone. Is anyone implementing it?

No, sandboxing exists in Linux and tools like firejail are built-in in Debian/Mobian.

> How are app specific permissions handled?

With fine grained security profiles.

Besides, this is all largely irrelevant when the average android TORCH app is a blob of closed source code that can do telemetries.

Contrasted to FOSS applications developed in the open, reviewed by package managers and users, built reproducibly.

> How full e2ee or secure boot is implemented?

It's there and it works. And secure boot is really unimportant for the attack vectors of most phones.

> By default, you have to add alot in top of Linux kernel.

Not at all, it's all supported by seccomp, cgroups and co.

[m4rtink]

For one, apps in a Linux distro are generally built from source on distro infrastructure, often maintained by a separate person - the distro maintainer - from the original authors of the software. With the source code fully in the open like this, its much harder to slip in user hostile behavior, without anyone noticing and doing something about it.

In comparison on Android or iOS Autors directly upload unauditable binary blobs to an app store that then pushes app updates without almost any user control, often fully automatically. Sandboxing makes more sense in this context as a result.

[nicce]

Unauditable binary blobs will come to Linux phones as well, if they hit the mainstream. It should exists on phones already if the want to say that they are privacy friendly.

There area already many closed source apps such as Spotify client or Slack. Nothing is stopping those apps to read your browser cookies if they want, in case they are installed as regular apps and not sandboxed.