Mastodawn

Teleonomic Oct 7, 2017

@Purism ditto.

scops Oct 8, 2017

@Purism let's reach the 4 m! \o/

@Purism I don't see any mention of how applications are isolated from the rest of the system and other applications. To me, this is the #1 privacy risk on a mobile device, and just saying that you will run applications from an open ecosystem on a Linux base system sounds incredibly insecure.

@WAHa_06x36 @Purism
I think they are planning to use flatpak for the applications.

@eang @Purism Flatpak's descriptions sounds equally infuriatingly vague on what it actually does, and protects. It does not sound at all like the kind of user-relevant protection you get on something like iOS or even modern Android.

@WAHa_06x36 @Purism
I think their goal is to have something like the Android permissions model, yes. Have a look here: http://docs.flatpak.org/en/latest/working-with-the-sandbox.html

Working with the Sandbox — Flatpak documentation

@eang @Purism Mmm. The old Android permissions model was rubbish. They have been working for years now to fix it. That document doesn't really address any of those issues, either.

@WAHa_06x36 @Purism
Fair enough. I can't really speak for Purism or the flatpak devs, so I'd like to hear more from them (there is a #flatpak IRC channel on freenode, in case you want to reach the flatpak people).

@WAHa_06x36 @Purism
Btw I do think the threat model is different: in Android/iOS anyone can publish an app in the official store, while Purism will likely install apps from some kind of "controlled" FOSS repository (Flathub?). So even if the sandboxing tech is less mature than on Android/iOS, it's not a big deal. My 2 cents.

@eang @Purism The iOS App Store requires all apps to go through review, but the assumption is still that bad behaviour will slip through, because finding it in review is nearly impossible. This will not change as long as you allow running third-party code, no matter where it comes from or how.

Find us on Librem One Oct 8, 2017

@WAHa_06x36 The phone will be centered around Linux/Debian both of which have a tremendous track record for security, privacy and stability.

@Purism That is exactly the kind of statement that is making me highly suspicious of this project. Linux and Debian have basically zero support for the kind of privacy features you want and *need* in a mobile OS. It sounds like you don't even understand what the problem you are trying to solve is.

What I want to hear is this: How are handling giving access to various resources to apps? Camera, microphone, accelerometer, how are those protected? Location? Photos, media, contacts?

@Purism How are you blocking apps from reading the files of other apps? How are you storing passwords and cookies securely?

@Purism What specific features do you provide to match (and hopefully exceed) those offered by iOS and Android? On iOS I can install an app and trust that it will not be able to spy on anything on my phone I do not give it explicit permission to. And I can trust that even with physical access to a stolen device, nobody can get my passwords and credentials. What about your device? What does it do to ensure the same level of protection?

@Purism You allow installing different OSes on the device. How do you *prevent* somebody who has stolen my device from doing that to circumvent protections and access my data?

@WAHa_06x36 @Purism
You have to trust Apple though. iOS applications may not be able to spy on you, but what about iOS itself?

@eang @Purism Sure. But I'd rather trust Apple than trust every single app on my phone. Ideally, I'd have to trust nobody. But if I have to choose, I worry more about apps than I do about Apple. Apple has little incentive to spy, while app makers have massive incentive.

Find us on Librem One Oct 8, 2017

@WAHa_06x36 If you post your questions in our forum, the developers will all have a chance to look at them and provide better answers for you. https://forums.puri.sm/

Purism community

@Purism You really should be putting this stuff on your site. As of now, it sounds like very empty claims.

Find us on Librem One Oct 8, 2017

@WAHa_06x36 https://puri.sm/why-purism/

https://puri.sm/faq/

Why Purism? – Purism

Purism respects your digital life Being a social purpose company means doing social good for society before maximizing profits, and that makes us quite a different company indeed – one started because our founder and CEO, Todd Weaver, wanted to change the future of technology so his two growing daughters could participate in a digital …

Purism

@Purism Yes, those are the ones I read, and did not find satisfactory at all.

Eugen Rochko Oct 8, 2017

@WAHa_06x36 @Purism The point is that the phone is a linux system, just like a desktop. I don't see how the problem you are describing exists on phones but not desktops - both have cameras, microphones, geolocation capabilities. Just like you wouldn't execute a random binary from the net as sudo and expect that nothing bad happens, same is true on a phone.