lemmeee

Impressive! I'm looking at postmarketOS wiki and it's amazing how many phones are supported now. But it seems they are not working as well as PinePhone or Librem 5 yet.

forgot to turn it off at around 80 % and a few days later it was at 58 %

Damn, I wish my PinePhone was this energy efficient!

PinePhone's modem is isolated through USB. I don't know about other components, though.

Also as a matter of fact, permission control, unless you’re using flatpak/bwrap/firejail is actually better on Android than Linux. Plus long before the first usable part of Linux written in Rust was released, large parts of low level AOSP code were already rewritten in it.

I understand that, but none of that makes GNU/Linux insecure and that's what the GrapheneOS developer has claimed. They said it was insecure. I can't say if GrapheneOS is more secure than GNU/Linux, because I don't know enough about it or how libre it is, so I'm not arguing with that. It's possible that it is (I would have to check opinions of independent experts). My point was that those people can't be taken seriously if they make such ridiculous claims. I don't know if I can believe anything they say.

https://madaidans-insecurities.github.io/linux-phones.html

This person says that Android (a proprietary operating system) is more secure than GNU/Linux. Ridiculous. It's nice that Android has all those security features, but it's still proprietary, so can't be trusted. Keep in mind that he didn't just say GrapheneOS, which might be entirely free software, so unlike Android, it might have a chance to be secure.

PureOS also uses linux-libre. This will prevent the user from loading any proprietary firmware updates, which just so happens to be almost all of them.

I don't think this is true at all. The firmware in Librem 5 is stored on some separate chips and I think users can flash new firmware to them. But even if he was correct, I'm not entirely convinced that you get a security benefit from being able to change from one proprietary firmware version to another, since both those versions can't be trusted. I will need to read more about this at some point.

Then he says the same stupid thing about the killswitches and just like the GrapheneOS dev pretends that they have no benefit. I'm starting to wonder if they are the same person. Never mind, I can now see that he quotes him in his GNU/Linux article, so he is probably just repeating after that guy.

The microphone kill switch is useless since audio can still be gotten via the sensors (such as the gyroscope or accelerometer).

I doubt that. I'm pretty sure that in reality the audio levels you can get from those sensors is too low to be usable (unlike a microphone). Here is a fun fact that this person doesn't know about. The microphone killswitch on one of the PinePhone versions doesn't actually kill the microphone, it just disconnects the amplifier or something. So the microphone technically still works, but it's not gonna pick anything up, even if you yell directly at it. I know this, because people have figured it out from looking at the schematics and tested it.

The unorthodox way in which the Librem 5 attempts to isolate the modem is via the Linux kernel USB stack, which is not a strong barrier, as shown in the Linux article.

I can't find where he explains this, but I think the problem was that he just doesn't know about USBGuard. The author's two articles are full of errors or false information, they don't understand that proprietary systems can't be considered secure. I see no reason to trust their opinions on security.

I daily drive it, just like some other people here. It lets you run the same software that you use on desktop. Some apps don't have a UI that works well on mobile (possible workaround: play around with scaling) and some old ones might not have touch support (you would have to use those with mouse or keyboard), but often there are mobile friendly alternatives, so it's better to use those instead. It can't replace a proper PC, even if you plug it into a monitor and it's not a fast device, but it's usable and you can do fun stuff with it. You can run CLI programs and servers, run Kali Linux (NetHunter Pro), distro hop, make hardware addons (there are some exposed pins on the back) or simply use it as phone. You just have to be an advanced GNU/Linux user, because sometimes workarounds are required.

And when you add the keyboard addon, you can look like a true hackerman:

Alpine Linux is actually a great example of why you are right. Because when people say Linux to describe the OS, they almost always mean GNU/Linux (Linux Mint, Arch Linux, etc). But then there is Alpine, which also calls itself Linux, but its developers actually mean something very different, because it's not GNU/Linux. So that only makes things even more confusing. Android doesn't even use the mainline Linux kernel, so calling it Linux is probably even worse than with Alpine.

If we always used the correct names, there wouldn't be so much confusion.

https://grapheneos.social/@GrapheneOS/111957964224325239

This only talks about the Fairphone. The only mention of PinePhone and Librem 5 is that according to the author providing schematics is not enough to call it "open hardware".

https://grapheneos.org/faq#future-devices

No mention of PinePhone or Librem 5.

https://grapheneos.social/@GrapheneOS/111738765361100063

Same as above.

https://grapheneos.social/@GrapheneOS/111676448278523353

It's a misconception that the Librem 5 and Pinephone are open source. Their hardware components including the CPU, GPU, Wi-Fi, Bluetooth, cellular, etc.

The word "open source" usually refer to software, but ok. Those companies provide schematics for the motherboard and Librem 5 also provides PCB designs. But they don't provide those for the chips, so that is correct. I don't think anyone says otherwise.

Their hardware/firmware/software is all much less private and secure

What? :D The person doesn't even explain why. Then they talk about physical killswitches misunderstanding what they are really for (they are there so that you don't have to fully trust the software/firmware to turn something off - especially the proprietary modem firmware) and claim that all of those devices are insecure somehow, because on GNU/Linux any program can access the microphone. But that's exactly why we use free software, isn't it?

I'm sorry, but this is ridiculous, so I won't read the rest. I'm not a hardware expert, though, so maybe some of their other points were valid. I guess those phones's hardware is probably as secure as any other computer's. I don't think anyone says otherwise, but the killswitches are always a good idea.

Mobian Bookworm contains 2 non free firmware packages: https://packages.mobian.org

According to the FSF, GrapheneOS also contains non free firmware:

GrapheneOS is a version of Android which is described as “open source,” but it seems to include software that isn't free software or even “open source”. For instance, it comes with firmware programs for installation and it appears that at least some of them are binaries without source code. It is said to be “de-Googled,” but includes a way to download and install the nonfree Google Play program.

https://www.gnu.org/distros/common-distros.html

You are right. But it seems to be just as easy to use.

Still many people bought the thing, because they wanted the freedom of GNU/Linux. They were willing to sacrifice something to get it. Sometimes that's what you have to do. Pine64 makes the hardware and does not contribute to the software development. That sucks, but there is nothing we can do about it, since they don't have a lot of competition.

Ah, good point.

It's just that freedom sometimes requires sacrifices. Switching to GNU/Linux is also not easy. It requires that a person learns to use a completely new operating system (schools usually only teach Windows). This is hard even for many technical people and it requires time. Windows users can also say that GNU/Linux is just not ready yet or that it's too inconvenient (and some of them do). But if we don't fight for freedom, we will never get it. Through hard work of many people over decades, we managed to get freedom on the desktop. Now it's time for phones. After that becomes easier, there might be some other, new challenge. Maybe firmware or something else. But it will probably always be inconvenient in some way, because you will have to switch from something you already know to something else that is new, even if it has similar features. Just like Reddit users could switch to Lemmy, but they won't. So they will not have freedom and Reddit continues to have power over them.

It would be nice to have an inbetween

I guess maybe Ubuntu Touch would be something in between. It uses Android kernel, so some Android phones support it.

I don't know if PinePhone would work for you, but you can check my short review and my other comment for some information.

Ah, I didn't know about that. That's really good to know! A lot of libre software has issues with freedom and they need to be documented. I think Libre Planet wiki has some page about that (can't find a link to their wiki, though) and there is a small section in Pure OS's bugtracker.

Thanks for the suggestion on software and domains. That is really helpful. Since this post hasn’t received a ton a of activity I’m going to go ahead and put creating a wiki on the back burner.

Not many people hang out here in general (yet). But there is also a free software subreddit (if you are fine with using Reddit or maybe there is some libre frontend? there used to be Teddit) and some channels on Matrix. If you post about it in multiple places, it might be doable. But also I guess it will be easier to get people involved once the website is actually running.

Sure, you can have more freedom on the OS level, but is it really a big benefit compared to just using GrapheneOS?

With more freedom comes more privacy and security. I don't think GrapheneOS is entirely free software, but correct me if I'm wrong.

The killswitches on the phone seem nice, but I do wonder if they’re using any proprietary firmware or something to make it switch on or off?

I think they just electrically disconnect the modem (so that you don't have to trust its proprietary firmware to turn it off) or the microphone or whatever from power.