[fsflover]

The kill switches will work independently on a compromise. Why are they moot? Also, it's possible to completely reflash the device in case of doubt.

"quite easily" strongly depends on what exactly you are doing. For example, if I use Firefox with NoScript, then it is not very easy.

[kuhsaft]

> The kill switches will work independently on a compromise. Why are they moot?

Kill switches only work as a security feature when you activate them before you know you're compromised. But that's impossible.

It's a reactive "security" feature not a proactive one.

> For example, if I use Firefox with NoScript, then it is not very easy.

Security vulnerabilities aren't only JS related.

https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

https://www.mozilla.org/en-US/security/advisories/mfsa2026-3...

Adding an extension that can access all your browsing data doesn't seem very secure either.

Required permissions:

- Access browser tabs

- Access browser activity during navigation

- Access your data for all websites

[fsflover]

> Kill switches only work as a security feature when you activate them before you know you're compromised. But that's impossible.

Indeed, if you use the kill switches in a stupid way, you get no benefit from them. I use them whenever I want to be sure that I can't be tracked or listened to, either because of a potentially compromised device or closed modem that can connect to towers without my knowledge. In other words, they are a proactive feature. I can get 100% privacy whenever I want, independently on any software, which in principle might always get secretly compromised one way or another. Even the amazing, secure GrapheneOS!

How can you be sure your modem on GrapheneOS doesn't send your location to the mothership all the time, even in an "airplane mode"?

[fsflover]

Good links, thank you. I agree that my protection is not perfect in general. Fortunately I do not open random websites on my phone; I have my laptop with Qubes OS for that.

> Adding an extension that can access all your browsing data doesn't seem very secure either.

This is not just a random extension but an officially recommended one, https://support.mozilla.org/en-US/kb/recommended-extensions-.... It's also regularly verified by the community. I trust it as I trust Firefox.

[kuhsaft]

> Fortunately I do not open random websites on my phone

That's the main use for almost everyone. You're suggesting people use a less secure device and are stating that it's more secure if they don't use it in the way it's mostly used?

That doesn't sound like freedom. That sounds like living in paranoia. You bring up FUD in so many comments, but you seem to be living it. Ironically though, you choose to use systems that enable FUD when there are systems that let you not worry.

There are people building secure software and hardware, so people don't have to live in fear when using their devices. That's the freedom that many people care about.

There's the freedom to shoot yourself in the foot. Most people don't care about that.

[fsflover]

You missed that I do not recommend Librem 5 to "almost everyone". We are not on a normies forum but on HN.

Also, I do not recommend Librem 5, when somebody asks for a secure device. I mention it, when somebody asks about alternatives to the duopoly, a possibility to have a full, general-purpose computer in a pocket allowing you to tinker with it, or wants to run GNU/Linux baremetal. Such people aren't the audience of GrapheneOS anyway.

And I'm not against GrapheneOS. I never said it was less secure than Librem 5 for typical tasks. I only say, that if you want to have a third option, you can have it today. There will be compromises, which can be dealt with by technical users.

[kuhsaft]

> We are not on a normies forum but on HN.

Being on HN does not mean that you are familiar with the intricacies of hardware and low-level software.

> I only say, that if you want to have a third option, you can have it today. There will be compromises, which can be dealt with by technical users.

I think it’s irresponsible to promote it as an alternative device without noting that it’s less secure and full of footguns. Also, disingenuous to promote it as FOSS when it only fits that definition under FSF technicalities. And lastly, to promote it as more open than phones with AOSP distros that utilize the same set of proprietary hardware, just with different communication mechanisms/boundaries.

[fsflover]

This is not a forum with legal advises. I inform people about an option, which they asked for. GNU/Linux phones have a similar security approach to GNU/Linux on desktop. People explicitly seeking GNU/Linux should know this. They can also ask or search the Internet.

> I think it’s irresponsible to promote it as an alternative device without noting that it’s less secure and full of footguns

I disagree with you here. Informing about options is better than not informing. "Less secure" depends on a threat model. GNU/Linux on desktop is working well enough for millions of people. So it is a viable security approach for many. Saying that your threat model is the only one that should exist and be promoted is crazy.

> only fits that definition under FSF technicalities

This is one of the strictest definitions there is. By which definition does GrapheneOS run FLOSS?

> same set of proprietary hardware, just with different communication mechanisms/boundaries

More choice is always good, isn't it? If it is not for you, you are free to use and promote the duopoly. (Yes, I consider AOSP obeying Google's development strategy long term. It will not end well. See: this topic.)