44

GrapheneOS, Pixel 8 Pro £709 or Pixel 9 Pro £1,099?

posted
*
by
Avatar
Autonomous User@lemmy.world
in
Avatar
privacy@lemmy.ml
51 comments
hidereport

Update I have come to a decision. Thank you to all who contributed suggestions. Please feel free to keep the discussion going to help others.

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
haui@lemmy.giftedmc.com
1 point

Because android. PostmarketOS is linux (based on alpine linux)

permalink
report
parent
reply
Avatar
Lemongrab@lemmy.one
1 point

Interesting. I have a vastly divergent opinion on linux for mobile, mostly that it is not secure. This is true for Desktop linux but is more important considering the threat model necessary for mobile device Security.

permalink
report
parent
reply
Avatar
haui@lemmy.giftedmc.com
1 point

Feel free to elaborate. Everything I have read over my life (couple thousand pages I guess) suggestd that linux can be a lot more secure than windows and ios.

permalink
report
parent
reply
Avatar
Lemongrab@lemmy.one
1 point
*

Linux is not security hardened. It does not properly sandbox applications (and there is nothing as secure as android’s sandboxing on linux). In fact, most linux package managers do not feature any sandboxing of applications, period. Linux does not implement verified boot. It does not harden against physical port attacks. It does not use a hardened memory allocator. Privilege escalation is simple because of how straightforward it is to compromise a wheel user (sudo user). Linux does not harden it kernel flags by default. Alpine (and most linux package managers) are not secure (aka does not pass the TUF threat model). Most linux distros dont feature a read-only root filesystem, which would help to improve security. Also, Systemd is a bloated init system and has a massive attack surface. GNU’s tooling is also bloated and freebsd’s would make a good alternative (like what is done by Chimera Linux)

Here are some readings on linux security:
Article by one of the Whonix Devs https://madaidans-insecurities.github.io/linux.html and also are hardening guide from them https://madaidans-insecurities.github.io/guides/linux-hardening.html
Wiki page of Whonix considering many linux distros for whether they make a good base for Whonix’s security distro: https://www.whonix.org/wiki/Dev/Operating_System#Alpine_Linux
Kicksecure’s wiki: https://www.kicksecure.com/wiki/Documentation

Here are some Security hardened distros (Note that none meet the threat model for a mobile phone OS as they dont feature verified boot):
https://www.kicksecure.com
https://github.com/secureblue/secureblue
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix.

Special mention which isnt hardened but has great potential: https://chimera-linux.org/

permalink
report
parent
reply
Show more comments

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 7.1K

    Monthly active users

  • 1.5K

    Posts

  • 19K

    Comments

Community moderators