New Post: Anbox on the Librem 5

sudo systemctl restart anbox-container-manager should be enough, but reboot is faster to type :smiley:

6 Likes

Some of what people have written in this thread reads like strong echos of the discussions about Android support on SailfishOS, with the user community divided into two camps:

  • Android support on SFOS is a bad thing, because it inhibits the development of a full native app ecosystem
  • Android support on SFOS is a good/essential thing, because it allows SFOS to become mainstream before a native app ecosystem is fully developed.

After many years of this kind of argument, what we see is that while there are some absolutely superb native apps for SFOS, they are maintained by a small core of developers and support is not assured (one example: the developer of the native SFOS Keepass app has had to stop working on it, and no-one has taken it up AFAIK).

As someone who uses SFOS on an older Sony Xperia X (which offers Android support only up to 4.4.4 via Alien Dalvik), I have seen my ability to use various apps fall away as they start to require Android 5 or later. I have had to choose between dropping particular Android apps, or where possible sticking with older versions where they continue to work. It is extremely rare for a native SFOS app to appear as a viable replacement. I have held off buying a more up-to-date device to run SFOS, because I have been hoping that when I get my Librem 5 it will fill the gap :wink:

One of the arguments against Android app support in the SFOS community, is that it is better to access a service via a web browser rather than an app. An example of where this falls down though is with banking services. Some banks detect whether you are accessing their web site using a mobile platform, and simply redirect you to download the (Android or iOS) app. Even where this doesn’t happen (or could be stopped via some trick like agent spoofing), it is arguably a bad idea to have fully functional access to your banking services when using a small-format device - the consequences of fat-fingered mistakes can be very serious.

There are big differences between mobile PureOS and SFOS of course, that make me optimistic about the Librem 5, such as:

  • PureOS seems to have a decent native web browser (believe it or not, SFOS’s native browser is severely crippled by the use of an ancient version of Qt, and Jolla has been unable for many years to fix this)
  • Thanks to libhandy, far fewer native apps need to be developed from scratch for PureOS than for SFOS.

I suspect that I when I get my Librem 5, I will end up using Anbox for a very small number of apps, but I will be extremely grateful that the facility is available.

There is another related argument in the SFOS community about native app development being inhibited by there being no way for app developers to charge for their products. That is a discussion for another thread though.

9 Likes

donations are an option that is better than having to pay for an app … the thing is that not everybody CAN do that or some people just don’t see the particular app as deserving of a donation … this is both a good thing and a bad thing imo.

just look at the proprietary ecosystem … if MOST people were forced to pay for that software and piracy wasn’t an option then perhaps MORE people would have been using free-software :sweat_smile:

imo the wide adoption of proprietary software has been facilitated by the vast availability of pirated material and heavy artificially inflated R&D budgets … i haven’t seen the books of m$ but i imagine it would be an interesting read :sweat_smile:

from this link > https://taler.net/en/wallet.html < it says " Android 4.4 (API 18) or later "
GNU taler news > https://taler.net/en/news/index.html
GNU taler principles > https://taler.net/en/principles.html

it’s not the same principle as BITCOIN or other fully Anarchic blockchain currencies more like > https://en.wikipedia.org/wiki/Kerckhoffs’s_principle

I am a little torn on my opinion of Andbox for several reasons. I used to like running some Windows programs via Wine, in my Linux OS. It can be very convenient when there is no Linux equivalent program for what you need. Then one day, I realized that my Linux OS seemed polluted by the Windows programs and I had concerns about spying. With Andbix on the L5, I am concerned about Security. If you install a program that contains Spyware, how do you use that program without allowing the spying? Why would we buy an L5 and then install Spyware on to it? We may say “well… less spying”. But once I switch over to the L5, I don’t even want google to know I exist. I want to just disappear one day and never show up on their radar ever again. If I show up a few times a week instead of once per hour, that still defeats your ability to disappear. If the app spys on you all day every day and then uploads your data at the first opportunity, maybe you should just stick with an Android phone. How do you stop spying when you don’t know exactly how the spying games work, unless you just don’t allow those programs in at all?

3 Likes

Is this being installed on the L5 as a SNAP?

I think that is a legitimate concern but generally in some kind of virtualized environment you can limit the damage.

That is, the app will spy on you and leak everything it can but you can limit how much personal data it has access to.

In that respect, you probably want to ensure that Anbox doesn’t have access to your (real / exact) location.

2 Likes

OT: Regarding donations: I provided a free, heavily used service serving millions of people a year for more than a decade. After some years i provided the possibility to make donations if someone should like (i didn’t force or press anybody to donate). Just out of memory some numbers from that time to get an idea (numbers regarding 12 month/1 year):

people using the service: 7-digit
people saying thank you: early 4-, later 3-digit
people donating: 2-digit

an exception from that: When i announced to close down the service within a some weeks (and provided a long letter why), there was an uproar (even paper-magazins in several countries announced it and spent full pages on the topic). My mailbox was flooded with 10thousands of emails within the first day. People wrote they were surprised to a) realize, the full thing was run by just one person b) realize, that they had never thought about saying thank you for the free great thing and found they finally had to do it before it’s to late.

That last bit was a pleasant, really overwhelming experience. But generally regarding donations one should keep in mind:
a) the internet is a place of much distance, cold and abstract; people/humans react to humans (optically, accoustically) - so it’s better to create proximity than keeping distance - showing a face, pictures, providing details about oneself might be essential to get closer (i never did so and kept completely in the background)
b) if necessary - although one might not like that - people have to be reminded if it should prove necessary

Perhaps those experiences might be of help for somebody

6 Likes

Sorry, mate. But that’s fairytales and wishful thinking only. Once you connect to the internet and hit the first webpage your hope/dream’s broken. All those pages are that full of tracking-logic, you won’t be able to stay unrecognized.

Never, ever visit any webpage with your L5 - that might be the 1st step in a direction to make your dream real. But than - why do you need a smartphone anyways?

1 Like

Purism specifically recommended using F-droid apps as they follow Purism’s philosophies on the matter.

My question to you though, is how do you know that any of the software you use isn’t spying on you?

3 Likes

I think, it’s funny, if we try to look from the distance, how much our devices try to spy from inside/within and how much they’re spied at from outside.

Even taking a device that presumably totally disables spying from within, that particular one falls into focus of external surveillance/tracking even more. Especially if it’s a not so often to be found device it pops out of the grey masses like a jumping red dot.

One has to keep that in mind. Tracking and fingerprinting is that heavy nowadays it can only be avoided if one doesn’t take part in the game.

Imagine one of thousand identified L5s worldwide. IP suggests the location. Typical usage of visited websites - all using the same tracker-network. And booom. You’ve got a more precise profile than of one of the millions of androids around the same area.

That might sound a bit pessimistic. But hey - here we go. It’s what happens today.


Not being spied at from within nevertheless has a lot of positive sides. Closely focused for example nobody sends all my positions, the positions of WiFis found, the position of bluetooth-contacts and all this for example also once in a big bunch getting off a plane where during flight there was no network-connection.


Good luck and all the best everybody

Not if you use something like a VPN.

Always using it? WiFi, LTE? Sure, your VPN-Provider isn’t compromised/otherwise compromising himself?

You’re generally right. Add the non-spying-from-inside-phone to it and you’re quite well positioned. On spied-from-within the 1st connection to WiFi or Bluetooth could show your exact location.

I put my above mentioned comment into a bit more specific boundaries: You can stay a bit more private. But you’ve got to take a hell lot of regular precautions like not using location based luxury to keep it that way. Provide your GPS-location to one website connected to a tracker-network and you’re wasting money on monthly VPN-expenses.

Like that guy pulling a kids’ wagon full of cell phones down a street that caused a traffic jam report?

1 Like

Isn’t it possible to use an open-source web browser, don’t sign in, and put the settings to a perpetual in-cognito mode? Have cron jobs that run once every half-hour or so to clear-out all cookies. I would think that this should keep you virtually invisible. Without Google and others having user agreements with you where you give them permission to spy on you, any spying against you would then be illegal. Google has deep pockets. The world has an abundance of attorneys who will go after any pot of money if it is big enough. A couple thousand L5 owners could go after anyone who spies on them, as a class action suit.

No, it’s a .deb package.

2 Likes

The problem with modern fingerprinting is, the more you switch off or kind of mask, the more you’ll stand out from the grey masses (the amount of different criterias for fingerprinting is mind-boggling). In the best case you would a) have to coordinate yourself with a big group of people all taking absolutely the same amount and set of precautions to create a new big group or b) provide a set up to the masses that is that idiot-proof, that the new big group is creating itself automatically.

The fingerprinting nowadays is that fine-grained that even setting back all your cookies in a different rythm than mine could theoretically distinguish both our devices (if one would really be interested to go after it - automation, ai and big-data-collections cross-connecting everything should make that a cheaply available hunt already today).

As for class action suit: Not every country in the world has laws that allow something like this. The majority will live somewhere, where the amount of energy you’d have to invest by far outruns the possible outcome of such cases.

It will not help against fingerprinting: https://panopticlick.eff.org/.

This is exactly what Tor Browser is doing: https://www.torproject.org/.

4 Likes

yeah but with TOR Browser if you change anything in their COC you can get ZUCC-ed either way … TOR Browser is a good idea if you use a window-manager that is minimal and non-tiling so it’s harder to resize the window by mistake :sweat_smile:

or just TAILS and hope you do NOT massage anything you shouldn’t …

Or just use Whonix and do whatever you want with a very low chance or revealing your IP.