Hacker News new | ask | show | jobs
by dmw1 1593 days ago
I would argue this is the exact opposite of what we want to do.

The primary cause of this problem is the conventional desktop OS which has no meaningful security model.

IOS and Android have the correct approach to mitigate this, strong sandboxing and mandatory access control.

GNU/Linux phones bring these problems to mobile, which considering how much of our lives are on these devices, is an absolute disaster.
1 comments
fsflover 1593 days ago
Here you go: https://qubes-os.org
link
dmw1 1592 days ago
So I actually use this as my daily driver, but I think it illustrates the point quite well.

The only way to meaningfully secure a GNU/Linux desktop is to run multiple instances of it through a type-1 hypervisor.

For a mobile device, a user prioritizing privacy, security and FOSS would be much better served by GrapheneOS.

link