[MyL5] Librem 5 Evergreen: first impressions

It has been indicated by a Purism developer that patches for both of these are in flight. So keep a lookout for updates as they become available.

I assume you are really referring here to full disk encryption / full partition encryption.

On the one hand, I’m sure Purism is aware of that as a gap and in conjunction with future Librem Key support will want that to be available for the root partition.

On the other hand, this is far from the only way to put personal info securely on the phone.

For example, if you can resolve the issue with your µSD card then perhaps you can put a LUKS encrypted file system on that and leave the eMMC file system as it is.

And, for example, LibreOffice can be used to create password-protected documents.

(There are some trade-offs either way, depending on exactly what your threat model is.)

1 Like

And here I thought Site feedback was so slow that it would be the one place it wouldn’t get lost. Besides, it would be there more for posterity than actually anyone reading it. And I would have liked to ask there questions about which messages qualify to have it and possibly debate weather there should be some new official categories (or old ones rethought) or other tags.

Since recently one can easily build and flash an encrypted image by themselves: https://source.puri.sm/Librem5/image-builder/-/merge_requests/177

A work on proper out-of-the-box FDE experience with key regeneration and initial password setup is still ongoing.

8 Likes

The first thing I did as I learned Linux, was to figure out how to re-create everything I had in Windows. But eventually, my paradigms gradually started to change. Linux is more of a network operating system whereas Windows is a desktop operating system with some network capabilities if you’re willing to pay the right tolls, typically in money… or you can get all of those paid Windows features (and more) in Linux, and for free. Android and Apple phones are more like living in a motel and never owning a home. When you get your L5, you’ll no longer be just a guest. You’ll be an owner. And like my eventual paradigm changes long after I started using Linux, maybe your paradigms should change now when using your Linux phone. Some new Linux Desktop users might see Linux as an impaired or deficient version of Windows. Of course, that thinking is so wrong for a multitude of reasons. Perhaps, some new Librem 5 users shouldn’t be as worried yet about all of the Android and Apple phone features not being available in their Linux device just yet. Those features will show up and probably in the not-too-distant future. But now that you’ve been released from your walled garden (your prison cell) and have landed as a root user in the middle of the world’s premier network operating system on your own mobile device, what can you do with your new-found freedom? Everyone here writes about how they can or can not obtain their Android and Apple features on the L5. Fair enough. But why upon escaping from your prison cell, would your first actions be to recreate the semblance of the old prison cell? Has anyone here even attempted to use their Librem 5 to access their files and programs found on their home Linux PC, or perhaps any cloud-based servers they may personally own? What capabilities does your mobile Linux device have that don’t exist on your Android or Apple phone and what could all of the other network operating systems that you manage (or could create) be capable of doing from your Librem 5? I am hoping to do away with many Android apps and finding new ways to meet those same needs through new ways from my Librem 5. Maybe close to everything that I access from my L5 could be cloud-based to one or more servers that I own and manage myself and not through any commercial service. Maybe I can create a server that works for me and invite my friends and family members to use it. So the idea is to move away from these Android and IOS apps and to find something better to meet specific needs in your life.

Try not to think about how much harder this might be to implement and how the existing infrastructure is so much easier. Fix your mind on that day that everyone tells Google, Facebook, and Twitter to F-off because we don’t need them and their surveilance anymore. Then take things one step at a time to get what you want now while maintaining your privacy.

11 Likes

Todd actually hand wrote all of them and yes his hand got sore after awhile. But we thought it was worth it to give the personal touch. We want to continue this practice as long as we can, although at some point we will probably transition from handwritten notes to printed notes with a handwritten signature from Todd, so it still has the personal touch, but doesn’t require him to sit there for hours writing.

14 Likes

Yes, we wanted to have encryption completed by the time we shipped, but we just weren’t able to get it done in time. As mentioned already in this thread we have images in place at this point but are still completing the final finishing touches so we can securely enable this before shipping for customers so they can change the encryption PIN at first boot, like we do for our laptops.

At the moment the plan is for encryption to go out with our transition from “amber” to our “byzantium” PureOS release on the phones.

16 Likes

I do agree with the majority of your post. But to answer why people are looking for what they had on android or apple, is because those are so far developed, we are used to the conveniences that those bring us. They are almost idiot-proof. Anybody can use them really. 95% (guessing) of people in the general public would rather have an iPhone 2 than a Librem 5 put in their hands right now simply due to usability. As sort of a second part to my answer, the tools (or apps) that were created on those platforms all seek to solve a problem we have in life. It would only make sense that we would want to retain those problem solving abilities. “Forging your own path” in this area would mostly just be reinventing the wheel. I will say though, its is obvious that PureOS has limitless possibilities when compared to competitor’s apps and tools made available to users and devs. It is def important to move as far away from Big “Brother” Tech companies spying and stealing data, proprietary software and hardware, no right to repair, etc… I think everyone here could agree on that.

3 Likes

Put Todd to work in modem installation and shipping dept. jk

I don’t know that we would be re-inventing the wheel so much as tearing down the toll booths and forcing big tech to respect our privacy and our rights to use the computer of the phone how we want to use it. In some countries around the world, there are not even landlines anywhere because they went right from no-tech to having cell phones. Perhaps the open source technology can cause similar leaps in cases where big-tech wouldn’t otherwise take the next step until after they could find a way to erect new toll booths there first. The wifi network data sharing is a good example. Due to only reasons of greed and not having anything to do with technology limitations, most carriers in the US typically block the sharing of your phone data with your laptop via wifi. FCC rules appear to have changed that just recently after roughly a decade of abuse. The carriers disabled that data sharing feature that is otherwise built in to the phone in other parts of the world, and then created ways to accomplish the same thing if you would pay them extra for it. That allowed the creation of data plans with so much data available and then a different (smaller) amount of data that could be shared with other devices via wifi. My thought is that if I pay for a given amount of data access, it’s none of their damn business on which device I use it. In many cases, when you go in to the network settings on the phone, you find a section that says something like “Allow data sharing via WiFi”, and the toggle switch is in the “Off” position and greyed-out (locked there). Then the carrier creates a toll booth in to an app that makes data sharing possible through that toll booth app. That is such an abusive practice. So any revenues that the L5 can strip from the carriers is something that I am all for. I really like the idea that the tables are turned to where the phone owner has root access while the carrier has no access to the operating system. When commercial companies start committing abuses, it’s my philosophy that their product needs to be commoditized as quickly as is possible. Put their product in to the same category as rock salt and toilet paper. We all need it to one degree or another and can buy it almost anywhere to get the lowest price. Essentially, this is the hammer that Linux (being free) places on Microsoft. There are other sources available if any supplier becomes a bully. And the Librem 5 makes that possible in the cell phone market.

3 Likes

Ooh, ooh, I hope I get my phone before his hand or patience is exhausted. :wink:

7 Likes

This is required by the carrier for international shippings, so they can contact the client if there is any issue.

This is being worked on and when it is available, we will provide instructions to reflash the phone. There are two issues to get Full Disk Encryption working.
1 - Usually with full disk encryption on a desktop/laptop you have a physical keyboard to type the password. In case of the Librem 5, where there is no keyboard, but a touchscreen, you need a virtual keyboard installed outside of the Operating System that can be used to type the password. This is in the works and a keyboard has been packaged for this.
2 - We want to be able to provide a OEM like experience similar to the one on our laptops. The user receives the device with the image installed and encrypted, and in the initial setup creates it’s user and changes the disk encryption passphrase to one he chooses.

vcards can be imported to GNOME contacts using the application librem5-goodies, GNOME contacts supports carddav with nextcloud instances.
The calendar app is not yet adaptive, but it also supports caldav via nextcloud. Yes this is a limitation as both applications were initially made with nextcloud in mind.

This is in the to do list. In GNOME Control Center (A.K.A settings) the VPN dialog is one of the most complex, due to all the vast configurations options. And it is a challenge to make that section adaptive, that design wise is still very GNOME2, in a adaptive panel with sane defaults that allows configuration.

There is work being done as we speak to make nautilus adaptive, by GNOME devs, and purism devs that are also GNOME devs, it will still take some months for it to be implemented, and there will be the issue of back porting it. But yes, it is being worked on.

until then you can scale nautilus to fit the screen.

have a look at: https://siskin.im/

I can be wrong but I believe this is also in the to-do list

9 Likes

Better than that.

@dos says here: [MyL5] Librem 5 thoughts that it already works and that a patch is already wending its way through the system.

tbh I am not a huge fan of auto-rotate. After 13 years the spiPhone still can’t always “do what I want” with auto-rotate. Of course, this is Linux, so people who want auto-rotate should be able to have auto-rotate - and people who don’t like it should be able to turn it off.

For where the L5 is right now, yes, it definitely needs auto-rotate.

3 Likes

Even better :smiley:

1 Like

Yeah on my Android phone auto-rotate means: rotate then shake once toward the ground so it detects it. Then wait as the UI catches up.

6 Likes

I don’t use facebook and social media in general because I don’t understand why I should communicate to others what I do or how good what I eat is. I don’t download podcasts to my pc. I think mobile phones take worse pictures than a good manual camera. I use my mobile phone to call and send mail. I need the contacts and appointments directory on my mobile and that it is synchronized with my nextcloud server. All this is on the Librem and that’s enough for me. I just need the battery to last a long time.

1 Like

That is likely to be true but then, for me at least, there are a lot of times when I have my phone with me but I don’t have my digital camera with me.

2 Likes

Speaking of auto rotate. The manual - if I recall right - only switches between one side of horizontal and one end of vertical, but will the auto rotate (or the manual for that matter) rotate also “upside down” to the other end and side? Reason is that some USB-thingamajigs that are connected to the end of the phone are really usable only when they are on top of the phone. I’d hate to have to be limited to only to two sides and not be able to play spin the phone, is all.

1 Like

I think there’s a lot to be said for having the USB connector at the top.

On the spiPhone there’s a weird inconsistency.

The home screen won’t rotate at all.
Some (most?) apps will rotate 90 but not 180.
Some (few?) apps will 90 / 180 / 270.

For example, Safari won’t rotate 180 but will rotate 90 and 270 - while Firefox will rotate 90 / 180 / 270.

This sort of inconsistency drives me nuts. I don’t know whether there are settings that I have never stumbled upon.

1 Like

I think best would be to have dialer-like VKB and smart-card with strong key. Dialer is simple to implement and smartcard provides good keys with simple pins.

To avoid complications one could simple provide an option to import ovpn profile and then make simple settings for wireguard. And *swan deserves own section in settings menu as it cannot be simplified down to single profile import or described with one tab settings.

1 Like

As for auto-rotate - in general I hate it when phone rotates unexpectedly (eg when you are not fully upright and it swinging between different angles) but i must confess when something doesn’t fit the narrow screen I’m reflectory rotating the phone.

On pine the iio reports full rotation cycle but not sure how would it work on L5.

purism@pureos:~$ monitor-sensor | grep -v Light
    Waiting for iio-sensor-proxy to appear
+++ iio-sensor-proxy appeared
=== Has accelerometer (orientation: left-up)
=== Has ambient light sensor (value: 2.600000, unit: lux)
=== No proximity sensor
    Accelerometer orientation changed: normal
    Accelerometer orientation changed: left-up
    Accelerometer orientation changed: bottom-up
    Accelerometer orientation changed: left-up
    Accelerometer orientation changed: normal
    Accelerometer orientation changed: right-up
    Accelerometer orientation changed: bottom-up
    Accelerometer orientation changed: right-up
    Accelerometer orientation changed: left-up

It doesn’t report screen-up screen-down though

1 Like