I open this topic to list and discuss extra software/hardware specs and things I thinks are important.
I am interested to have/see a phone that is able to act as a secure device for application like payment of privacy.
There is a huge business potential there that is still largely addressed by proprietary/legacy technologies (ApplePay/GooglePay…)
For that you need the following extra specs:
TrustZone OS ((TEE…) ==> Allows running secure application : encryption/decryption without access to keys/sensitive data
NFC reader ==> enable phone working as a payment terminal or device
2nd SIM slot (a SAM slot) ==> some payment companies rely on custom secure chip on SAM module.
Once you get that, your phone become as secure as high end payment terminals and debit/credit cards.
This open the door to a whole new range of applications for the phone and more importantly put it on par with commercial phones for payments. Don’t forget that nowadays nearly everybody pays its phone .
Other added value of it is the possibility to encrypt/decrypt strongly calls/VPNs and to use encrypted blobs from commercial companies
Well, NFC is a no-brainer IMHO and just has to be on board on phones nowadays (additional kill switch?). Every phone that does not have NFC gets criticized for that in press, and rightfully so.
As for the 2nd SIM slot, they probably should do a SIM/micro sd card combo. You see these a lot nowadays and they give the user the freedom to use them for whatever serves them best. More cost effective for the user.
Regarding payment terminals, I imagine there are a lot of additional regulations and specifications you need to fulfill to actually be considered to be as secure as those devices. For example, being able to open the device and exchange the battery without a special tool probably already disqualifies the device. So, I don’t think that should be the goal they’re going for. In the end, it’s an end user smartphone, not an industry grade payment terminal.
I think that NFC is only a no-brainer if it’s possible to have an NFC chip that works without any proprietary firmware, and that’s where the difficulty is going to be and that’s what will drive the specs and what is included and what isn’t.
I’ve just joined Librem 5 campaign with my $599. I’ve been enchanted by a free/libre software for many years (roughly, since linux kernel 2.0.60-something) and only now I’ve came acroos the place when I can put the money where my mouth is. Also, I’ll be needing a new phone in a year or two
Reasons I decided to put my money in are:
Frustration at vendors for their lock-in practices and artificial constraints put in their products.
Lost trust in their good intentions. Big data changed world. Before it, they had no financial incentive to install backdoors in firmware, now they do.
I believe - judging by myself - that all people ale lazy and they minimax everything. For closed products this means lots of vulnerabilities are present - because of lack of audit.
But there are some positive reasons too:
That Purism draws from Debian. Out of many GNU/Linux flavors available they’ve chose one developed by a non-profit organization. This avoids many conflicts of interest.
That Purism is an SPC. This may help the company stay on good course during coming years, even if ownership changes. Debian has social contract, Purism has SPC status. Those things are very important for me.
The business model - to sell hardware and do not care what people do with it - in a positive sense. Whatever you run, you get a support. Your warranty is not voided just because you did a sudo.
As it comes for technical specs…
I’m not picky about processor line, megapixels, screen resolutions and few other details. If the device can run firefox smoothly - it’s good enough. Of course the more the better, but those numbers should be the last on the criteria list.
What I do care about is:
Ability to run offline. This might sound strange for a phone. But consider a navigation case: to navigate privately, you need to fit a map on the device. So put in support for sd cards or whatever other storage gizmos, and go for very large limits of their capacity. Speed is less important.
Component isolation. Everything should be separate and have access to the rest of the system only via well implemented interface. Modem, GPS, storage - all separate with mandatory restrictions when accessing memory. Those things cannot be trusted, after all they run proprietary firmware in all cases. I’ve learned about Qubes here, and hey, if you take their security by compartmentalization concept, it does go a long way with enforcing user policies on various black boxes. This is not to mean that I’d like Librem 5 to run Qubes, just do a similar thing in hardware: isolate verything from everything.
Ability to communicate with anything - the choice of modem supporting nearly all flavors of cellular network, the wifi and the BT
The hardware kill switches - the more, the better.
There are some hardware choices which I find to be antifeatures:
Dual sim. I can’t think of a use case, where I would need such thing. I’d certainly never put a sim from my work phone into my private phone. I want to keep my work separated from my free time.
Fingerprint reader or any other biometric sensor, unless you supply a bodyguard with it. I’d rather disclose my password/pin to the mugger rather then have my fingers cut off. Especially that in a former case I could give them an anti-theft password, which would present them access to some fake data while destroying the real data in the background and make a silent 911 call or whatever.
Wish you all the best and hope you will succeed. It’s also in my interest!
+1 for this. I too am more concerned about getting a phone that does the basics right in a secure way while preserving your privacy.
As Librem 5 evolves I am sure it will improve on the hardware front… one small step for Pusrim one giant leap for freedom.
Dual sim can be nice when operating internationally. For instance you might have bank authorization tied to one number which perhaps all your friends and family also assume you will be able to be contacted on, so you would like to keep that accessible, but at the same time you can use a much cheaper local sim for most of your data when in another country. This situation probably comes up more often outside of the US, for instance in Europe where one tends to cross borders more frequently.
A SIM/micro sd card combo sounds nice, but I have no idea about firmware. Anyway, duel sim would simply be icing on the cake for me…
@Dwaff True about temporary roaming as of June this year. Things are improving (slowly!), but previously it was a bigger deal in the EU, if not quite the over 15 euros per MB my main (European) provider asks for when outside the EU, including Switzerland.
Also, I think you were probably referring to roaming, but just to point out pricing isn’t really equal across the EU in general and “fair” use clauses mean if you spend too long outside the country of your provider, roaming charges can again apply even if you haven’t left the EU.
NFC support would allow us to use security tokens like the Yubikey. I currently use my Yubikey as a PGP Smart Card with my Android phone over NFC thanks to OpenKeyChain. It would be a disappointing step backwards to have to start installing my PGP keys directly on my phone again - https://www.grepular.com/An_NFC_PGP_SmartCard_For_Android
Both NXP and STM NFC portfolios might be interesting, they are quite open-source friendly.
That would be a nice addition to Librem5 design, although we would understand that is outside of the scope of the project. But who knows, at the pace the campaign is going, maybe a 2 million stretch goal could appear : “NFC and Trustzone re engineered”
You seem all-set on most of your sensor choices. What Inertial Measurement Unit and GPS do you plan to bring? I have been contributing to open source drone stacks, I can only recommend Invensense and Ublox.
I’d like to second (or third) the Dual-SIM funktionality: For me (and maybe others users out there) this would make the perfect phone - linux-goodness and all mentioned specs aside.
There are people who need a second sim slot: in addition to a main (personal?) SIM, one can pop in a SIM dedicated for either work, traveling, data or whatsoever. Most smartphones out there either have combined SIM slots (2nd SIM or MicroSD) or only one SIM plus a MicroSD slot - or SIM-only (without MicroSD).
Since I’m no phone manufacturer I couldn’t tell how much more it would cost to include both; Dual-SIM and MicroSD. For sure the 2nd SIM slot raises production cost by some pennies/dollars and the OS has to support it as well, but I’d gladly pay a couple of dollars extra…
So if cost of production and software development for that feature don’t go through the roof, i.e. affecting those not needing it notably, I’d absolutely appreciate Purism (at least) considering.
Really Important (i haven’t found anything about this): led-notification (for messaging-app-messages etc). If there will be LED light for charging/battery status: can i disable this? I hate that so much. Moreover: choosing different luminous colors for different apps would be great
For me, what you have generally mooted for the phone, is fine by me; but a “replaceable Battery”, would be one thing, that would add value to the phone, & would be something that would add some longevity to the phone, & some peace of mind; having outlayed $599 USD for it; when some batteries can fail early, & this is a fairly big problem with non-replaceable batteries.