Librem 5 updates tangent

For sure. Maybe I did not describe well what I meant to say. On at least one occasion, I recall hearing in the news that Apple was monitoring the internet traffic of one of their cloud server clusters and discovered that the servers were sending out internet packets before booting. This led them to the realization that the hardware – manufactured in China – had Chinese government hardware surveillance built in secretly when the hardware was constructed, and it had been done so lazily that it was still calling home even when the server was “turned off” or something like this, so then Apple was able to find it. The implication was that the “surveillance chip” shoved secretly onto the servers Apple bought was doing its own computing and networking independently. I would imagine that if an Apple developer were to run tcpdump on one of those compromised servers, they would never see the packets in question since tcpdump is an operating system program that looks at what packets the operating system is sending. If your operating system has compromised hardware sitting outside of it but on the same chip, you’re going to need some physical device capturing what crosses the wire, which in the example I’m referring to I recall hearing it sounded like Apple indeed had.

I live in the United States so I can type in here and say that it’s quite likely that Joe Biden, Kamala Harris, and Donald Trump are all three old and stupid compared to who should be running this country. I can say that I want different leadership that isn’t at retirement age. (Kamala was advertised as a “young” person because she is at the retirement age instead of past it.) And it’s really nice, I can even go so far as to say that maybe all these people have weird romances, and maybe the three of them are hugging in a bed together right now.

But from a technological standpoint, I’m posting on Purism forums without a VPN, so Purism can look up my IP address and geolocate that IP if the government asks them to, and even if they don’t the Dlonk account has shared enough random anecdotes about myself that a government operative could EASILY link the Dlonk account to a certain other online account of mine on another website, and then link that other account to my real life name using other publicly available information. Ergo, my first and last name, and address, will be associated with this post in the future if the United States is taken over by an AI dictator, and my accusation that all this country’s leaders are old people in bed with each other WILL be used against my social credit score if that AI dictator wants it to be.

There are obviously a huge number of things wrong in a country run by such old and stupid humans, but one of the things that we got right (at least for the time being) is that some of our “free speech” rights remain.

Realistically, even without knowing what CVEs are affecting you, I have a hard time imagining that using a “phone” of any nature is a good way to have “sensitive political discussion.” If I was going to do that – for example if I was going to visit China and then post accusations that a certain person resembles Winnie the Poo, I think that I would probably use a VPN, then use the Tor network, then while using both of those at the same time I would probably create new accounts for any site where I was going to post. And most sites don’t even allow that anymore, so I fail to see where you’re even thinking you would post information at that point. Then, after I posted the memes insulting the glorious leader on a burner account made from behind the VPN+Tor – if I was going to do that – I would probably erase the hard drive of my local computer to try to dissociate myself from the record of what I had done. Then, I might consider fleeing the country calmly anyway. Isn’t that how it works over there? I’m a bit out of touch. To be honest, when I was a kid I really enjoyed watching Winnie the Poo cartoons, so if I made the “mistake” of accusing someone as being similar to one of my nostalgic childhood experiences, it wouldn’t even feel like an insult to that person from my perspective. But it’s been a long time since I saw those cartoons. Maybe I’m missing why this is such a touchy subject for some people.

But, point is, I would do all of that stuff with a PC where it was easier to get it done. I’m not sure I want to bother with the VPN+Tor+possibly more stuff on a “phone.” I guess the Librem 5 could probably download a browser with Tor, but can you even do that on Android and iOS? I personally haven’t tried.

1 Like

Got it, I misunderstood before. This sounds true to me.

To clarify, I don’t mean simply expressing a political point of view, I mean strategic and tactical discussions about how to advance a political agenda (potential legislation, demonstrations, etc). A political opponent would find these conversations valuable even though everything discussed is completely legal.

Thank you! These are helpful. The comparison to typical smartphone cards in Faerber’s forum post and the picture of the removable WiFi/BT m.2 card in the purism article helped it “click” for me. It sounds like this is stronger isolation than I would typically find, but not quite “trust as little as my router”.

The ability to check for malicious hardware devices by releasing specs and x-rays is good and should be an industry standard, but I don’t think I’m knowledgeable enough about hardware to check it myself. I have looked at the motherboard on my Librem 14 before, and I can identify what some of the components are, but I don’t know if any of the components are malicious. I’m also concerned abut the presence of 2 chips available for flashing when following the hardware flashing instruction. Why are there 2 chips? Is one of them a spy chip? Reading the images from a Raspberry Pi wired directly to it showed identical copies, but if it is a hardware spy device I would expect it to just send the wrong image unless it’s unlocked through some magic mechanism. I don’t know how to investigate this further and it’s entirely possible that there’s a legitimate reason for this, so I just keep using the laptop. I am worried about ending up in the same position with the phone.

1 Like