Pixel/GrapheneOS vs Librem/PureOS

Hot take but, GrapheneOS might be better then PureOS.
If the Android OS works for you and not for a company, like in the case of GrapheneOS, then is more secure. Everything is sandboxed and even if you get hacked with something like PRISM software, a restart will get read of it.
With the Librem 5/Pure OS combo, you have the benefit that is such a small percentage of mobile phones, that they don’t have an exploit for it yet (probably). But if you do get hacked, the hack would persist between reboots.
Maybe stock Linux on a mobile device is not such a good idea. Something specifically designed like Android (still a fork of Linux : D) makes more sense.
Mobile phones are special computing devices, they have cameras, know your location. The ideal phone hardware would be something like an iPhone, with lots of sensors to feel the would around them, turning into an Air Tag when powered off, making their own Bluetooth Low Energy network, etc. The security considerations and many other considerations are different from Linux.
Is forking Android the way, like GrapheneOS :thinking:? You still have to watch out for hardware backdoors I guess.

1 Like

I did a bit more digging on Android and GrapheneOS. I really like everything, except one thing: NO ROOT ACCESS.
I hear about this “Android Security Model” and everything. But I just can’t make heads or tail of it. If adding something like sudo is a security threat how does Desktop Linux work, or any computing for that matter?

2 Likes

Hmmm,
I spent a lot of thinking resources on this. Maybe, a phone should not have root access, not even by the user. That’s what makes a phone different from a generic computer. The data on it is so important, and the phone is such a potent spying tool, that maybe the security gained from no root access is worth it.
Maybe Google’s “Android Security Model” is not just propaganda treating users like incapable sheep.

2 Likes

How secure is the Librem 5 compared to an Android phone?

4 Likes

:thinking::thinking::thinking: I just can’t live without me being the root of the device. Not the OS. Surely we can grant root access to the user without compromising security.
The GrapheneOS / Android Security Model makes sense when any process running on your device could be malware. And with the proprietary nature of software, kinda’ makes sense. Almost all software running in the Android ecosystem is, at some level, malware.
But that’s no way of doing computing. I don’t want to live in a world where all programs could be malware.
With stock Linux, sudo works because open source programs exist. Without it, running a binary with sudo would be madness.

Librem 5 with PureOS is more secure then a Pixel with GrapheneOS.

You just have to understand what being the root of the device means. In the future I am not against PureOS restricting root access if it substantially increases security. But, the user must always be able to become root.

2 Likes

Kyle Rankin is 100% right. And the FAQ, :pushpin::hammer:.
Maybe in the future root access should be a bit more hard to get. Right now, the screen unlock PIN is the sudo password.

1 Like

Calamares is not available for PureOS on ARM64 yet, but that would be the optimal solution to configuring operating system installation.

My reasoning here is quite simple, it goes like this:

GrapheneOS is Android. Android is made by Google. I don’t want to be dependent on Google, so GrapheneOS is not interesting for me, at all.

Also, I find it disgusting that some people who claim to care about privacy at the same time recommend buying those “pixel” phones or whatever they are called, phones made by Google. The combination “I care about privacy” and “I recommend buying Google products” just does not work for me.

8 Likes

Usually the justification provided by Pixel owners are focused on security, not privacy, although such claims are dependent on users’ respective threat models.

I’m pretty sure that /etc/sudo.conf can be edited to change that situation.

1 Like

Which I dislike.

You can easily remove purism from the sudo group or otherwise ensure that purism is not able to sudo at all - however I have concerns that this will break things pretty quickly. Has anyone tried that? (someone who knows how to reverse that if it does break things :wink:)

Otherwise there would need to be some way of changing the screen unlock PIN so that it is not dependent on the purism password - and then the purism password could be something longer and stronger, and would be used strictly for sudo. (One, more complex, approach is to use a screen unlock mechanism that is not just a fixed string at all, and that gets discussed in this forum from time to time, but hasn’t been implemented as far as I am aware.)

However this issue is pretty superficial in the overall scheme of things. I guess it will be fixed eventually.

4 Likes

In my experience there is nothing more permanent than a temporary solution…

4 Likes

Is not that bad.
I was under the impression that all that stand between me and me getting hacked, is the Linux permission system. But that’s not the case. I guess that’s what happens when you get your information from ChatGPT.
There is also AppArmor. AppArmor can even stop root.
I just need to learn how it works and I will fell fully secure.

2 Likes

Here you go:

2 Likes