@Purism I don't see any mention of how applications are isolated from the rest of the system and other applications. To me, this is the #1 privacy risk on a mobile device, and just saying that you will run applications from an open ecosystem on a Linux base system sounds incredibly insecure.

@WAHa_06x36 @Purism
I think they are planning to use flatpak for the applications.

@eang @Purism Flatpak's descriptions sounds equally infuriatingly vague on what it actually does, and protects. It does not sound at all like the kind of user-relevant protection you get on something like iOS or even modern Android.

@WAHa_06x36 @Purism
I think their goal is to have something like the Android permissions model, yes. Have a look here: http://docs.flatpak.org/en/latest/working-with-the-sandbox.html

@eang @Purism Mmm. The old Android permissions model was rubbish. They have been working for years now to fix it. That document doesn't really address any of those issues, either.

@WAHa_06x36 @Purism
Btw I do think the threat model is different: in Android/iOS anyone can publish an app in the official store, while Purism will likely install apps from some kind of "controlled" FOSS repository (Flathub?). So even if the sandboxing tech is less mature than on Android/iOS, it's not a big deal. My 2 cents.