PinePhone vs Librem 5


#61

Just because someone else is doing the software doesn’t make any less of a viable option for the hardware, it’s all open source so anyone that wants to can review it. Just because it’s all done in house doesn’t make it better.


#62

I believe the person who makes it all from scratch more when they say it doesn’t have this or that in it. I mean it might be splitting hairs, but it is true.

Also I didn’t point anything out to bad mouth the pinephone. It is all good.


#63

PinePhone vs Librem 5?


#64

All from scratch? Calm down… Purism is doing a great job but let’s not loose the sense of science and community here: “ PureOS is a GNU/Linux distribution based on Debian. …PureOS uses free and open source software exclusively and is endorsed by the Free Software Foundation.”


#65

I said I believe the person not Purism. I was speaking generally. Don’t put words in my mouth and there won’t be a need to calm down.


#66

We’re talking about two cellphones (and every one involved) here and you come up with that? A person that makes it all from scratch? Sorry! I couldn’t foresee that turn!!! Man!!!


#67

Sorry you misunderstood. It wasn’t intentional and I can see how you made the mistake.

If you want to be specific there isn’t a computer of any kind built today that is truly made from scratch.


#68

just so we’re clear, he was ONLY 29 years old back in 2013 when he PONDERED what to do and how to proceed … i dare anybody to do better than he did including myself … those of us who are STILL here i mean …


#69

One of the reasons why Purism publishes both the schematics and x-rays of their phone is that customers can independently verify that nothing has been added to the phone’s hardware. It is planned that the Librem Key will eventually support the Librem 5 to detect tampering in the software.

PINE64 operates out of Shenzhen, Allwinner is headquartered in Zhuhai, Guangdong and Quectel is based in Shanghai, so the companies that designed the PinePhone and made its processor and its cellular modem are all Chinese. However, I don’t think there is much risk of the Chinese government slipping chips into a PinePhone, like it did with Supermicro servers, because important targets are not buying a phone designed for Linux geeks and modders.

Knowing that people are going to be looking at the schematics and playing with the hardware, it would frankly be stupid to try and slip something onto the PCB of either the PinePhone or Librem 5. There are much easier targets in world.


#70

Foolish argument, IMHO. None of us know the options he really had. None of us know the people he knew .Furthermore we aren’t aware of all the stuff he really had access to.

We can form our opinion on what was reported and that is it. So insinuating that he made the best decision simply because we don’t have a clue about his options is pointless.


#71

probably. i wasn’t THERE with him to KNOW if that’s what you’re saying but does that make your counter argument any less foolish ?


#72

Says?

I’m not going to make a strong argument either way that the Chinese government will or won’t be compromising any of the relevant chips (in either phone). I can make the following comments:

  • it is possible therefore it should not be discounted
  • compromises at the lowest level make it harder to be specific about what you are trying to achieve and to achieve it - for example, if you compromise a generic, widely used CPU - how do you trigger it? how do you prevent an avalanche of intercepted data?
  • in theory the cellular modem does not need to be trusted - since the phone network leaks like a sieve anyway, any “interesting” material would be communicated encrypted over a data call, thereby making it opaque to the modem - although the modem would still be useful for location tracking

You would hope so.

So much easier to put something into a blackbox operating system.


#73

reC, your not alone. My BQe with Ubuntu Phone is 5 y old and still up and running. Observing my wife’s Huawei 9, i’m so glad of NOT having Whatsup, it takes all your time and mem space. :smiley: :smiley:


#74

Think about this from the perspective of a Chinese government spy agency. If you are going to spend millions of yuan developing a secret spy chip, are you going to spend it on a phone model that only has 10k orders per year? Are you going to waste your resources on a phone that uses an NXP or Allwinner processor that no other phone model in the world uses, and has a BroadMobi or Quectel cellular modem that no other phone model uses (because it was designed for laptops)?

Frankly, I doubt that a Chinese spy agency is going to target phone hardware in the first place, because the technology changes every year, so it makes a lot more sense to target server hardware that doesn’t change often and can collect data from thousands of users, rather than just one user. Second, the Chinese spy agency would target a phone model that lots of business and government leaders are using. I doubt that the PinePhone will ever be used by anyone important who the Chinese government cares to spy on. The Librem 5 might eventually be used by relevant people, but it will be several years before there are enough apps and PureOS is good enough to attract users who are worth spying on.

However, if you are going to spend the time and resources to develop a secret spy chip for a particular phone model or modem and then infiltrate the assembly plant, you are not going to do all that work for some oddball phone that uses bizarre hardware and software that no other phone model in the world uses. It is simply too much trouble and there isn’t much reward. Also, you never want to be caught, because companies and governments are going to be alerted to your secret trick, so you have to start over from scratch developing a new spy chip that targets new hardware. Why risk all that on a low-value target when there is a high probability of your secret spy chip being discovered in the Librem 5?


#75

I know that this is about pinephone etc,
But, I see Snowden described as a low level IT guy etc, but reading of his book doesn’t support this. It appeared to me that he climbed the IT ladder to a pretty high level. I mean just look at the access he had (yes, I also know how he sneakily gathered his info). But if you’re going to dis his skills…


#76

I never dissed his skills. I also did not say he was a low level IT, but rather that he was a lowly IT. IE: not head of the agency.

My argument was that of his motives. Never his skills.


#77

the lower the level of the IT guy the more he can access it would seem … computers are like hookers - all you need is one good PIMP :slight_smile:

i’m not sure it’s them assuming anything at this point but maybe rather the fear of the social credit system hitting 0 or bellow zero … remember the HUNGER GAMES films ?

it’s kinda hard beeing alone in such a big world don’t you think so ?


#78

I don’t know about other chips. But as an embedded controls engineer, the brand of chips that I use can change the function of the nRESET pin to disable it during initial programming of the fuse settings. In some chips, these ‘fuse settings’ can be written to from executable code (as opposed to initial programming). One possible result is that the chip could be programmed to allow executable code to disable your kill switch. If the chip manufacturer publishes the device data sheet, you could read that data sheet to find out what the chip can do.