Reddit: "Don't use PureOS or the Librem 5"


#1

There is currently a quite controversial topic going on in the Linux and privacy subreddits which caught my eye:

I personally don’t know enough about pureOS or the Librem 5 hardware so I would really like to hear your thoughts on this matter. Maybe even one of the devs can say a few words? Is there some truth to what he claims? Is a modern Google Pixel with LineageOS more secure/private than a Librem 5? Will there be no firmware updates after the release?


#2

In every thread on Reddit and Phoronix there are people who will relentlessly criticize Purism. Some of the criticism is warranted, e.g. Purism not finalizing the hardware (and even now it’s not completely finalized) until one month into Q3 and still not having a firm release date. A lot (and I mean a lot) is not, e.g. “the Librem 5 is too expensive, just look at the hardware you get for $650.”

This person seem to take issue with a lot of PureOS’s security settings being the default in Debian, which falls into the latter category. I don’t know about the SELinux thing, maybe that’s true.

His issues on the Librem 5 seem far less legitimate:

  • He doesn’t like the idea of hardware kill switches. Oh well.
  • He doesn’t like that it doesn’t run Android (???)
  • He doesn’t like that Purism won’t be shipping proprietary binary blobs for firmware updates.

#3

Well, that’s of course at least a lot of FUD, if not BS.
Purism has proven that they keep updating their devices. And even by now, almost everything they developed is mainlined (Linux kernel) and up-streamed (Gnome).

I mean… if somebody basically titles a post “Don’t support a company that tries to free up as much as possible” because (supposedly) an existing alternative might offer you more, but not because the vendor stands for freedom, but because you can flash an alternate OS on it… what argument is that?
Purism (in contrast to Google) does stand for freedom and also allows you to flash on it whatever you want.

By the end of the year, you can probably already choose between PureOS, UBports, PostmarketOS, and maybe even LineageOS or Replicant (Note that the Replicant page says that they don’t provive ready-made images to flash, because for all known devices, binary blobs would have to be included - the Librem 5 could be the very first device for which this restriction does not apply, and thus an image can be made available).


#4

They write very often

Most of the firmware is proprietary

I don’t understand what they mean. Is there really that much proprietary firmware? I thought only the modem is proprietary but the rest is open source now?


#5

He doesn’t like that Purism won’t be shipping proprietary binary blobs for firmware updates.

It’s not totally clear what exactly was meant in the reddit post, but I think the poster criticizes how firmware for the phones components is handled due to the FSF RYF requirements. As far as I understand, RYF certification requires either that the user can build the firmware from source or that the firmware of the device is immutable and can thus be considered as part of the electronic circuit. The latter option means that the firmware can’t ever be updated, since it can’t be modified. Hence, Purism can’t provide updates in case of a security flaw and the only option is to throw the device away.


#6

There’s also the option of physically replacing the component yourself with a compatible alternative, if one exists.

I wonder if an ICSP solution would satisfy the FSF RYF requirements. If the components had upgradeable firmware, but only using a dedicated circuit that required an external computer, wouldn’t that essentially still count as “immutable” firmware?


#7

my s3ns0rs are tingling - it’s probably just trolling but this time on Reddit


#8

The exact formulation is:

However, there is an exception for secondary embedded processors. The exception applies to software delivered inside auxiliary and low-level processors and FPGAs, within which software installation is not intended after the user obtains the product. This can include, for instance, microcode inside a processor, firmware built into an I/O device, or the gate pattern of an FPGA. The software in such secondary processors does not count as product software.

https://www.fsf.org/resources/hw/endorsement/criteria


#9

I can’t speak for a phone that doesn’t exist. Regarding the laptop however… saying you can’t update the firmware of different chips because the firmware update isnt available for your OS is silly.

One COULD USB boot windows, update the firmware, and then go back to pureos/whatever.

I’ve had computers where the only way to update firmware of some devices was to boot their proprietary utility from USB, that is OS independent so it’s really irrelevant in my opinion.


#10

The argument there is completely silly / uninformed. Purism put a lot of effort in it so no component needs runtime blobs. For the rather unlikely case of needing to update embedded firmware, of course Purism could provide updates, just like with the me_cleaner script. Possibly it could not be part of a PureOS update, to not lose the FSF endorsement, but that’s a really little issue in comparison to the fuzz they make about it …


#11

right - don’t use PureOS or the Librem 5 - use G/F/M/A


#12

This.

Does the person complaining on reddit have a Librem 5 phone? Suspect not. So criticism even if well-meaning is at best not fully informed.

A lot of the criticism seems silly. You can boil a lot of it down to “Librem has not achieved perfect freedom, therefore I am going to stick with being a serf of surveillance capitalism”.


#13

Yes it is the defeatist all or nothing argument. If they cannot have it all, then they insist on having nothing. I often heard this when talking about health. Just because our fruit and vegetables have been messed with we supposedly might as well give up hope and eat the worst of the worst food. Why be slim and feel great if you might still might get sick once every 10 years? Better just weigh 150KG and die at age 50 of a heart attack. It’s all supposedly the same to them. Same here: Why have privacy if sometimes something small could leak out? Might as well live in a glass house with a Google camera in every room.

IMO it is often just an excuse to justify not putting in the effort of improving their lives. Being defeatist is easy, but improving is often hard.


#14

«The camera kill switch is also useless as you could just cover the camera with tape»
Aahahahahah YoU cOuLd JuSt CoVeR iT wItH tApE!!1! Because that’s really convenient and everyone brings tape with them!

«The mic kill switch is useless as they don’t block access to the sensors so audio can still be gotten»
Apparently he didn’t get the fact that the kill switches are hardware. How can the software get access to the mic if the mic doesn’t have the power?

This dude is high.

I mean, some stuff he said may be true, i honestly don’t care too much because GNU/Linux is already more secure than Android or iOS. It’s surely not more secure than those bricks that cost several thousand of bucks, but normies like us don’t need that.


#15

«The mic kill switch is useless as they don’t block access to the sensors so audio can still be gotten»
Apparently he didn’t get the fact that the kill switches are hardware. How can the software get access to the mic if the mic doesn’t have the power?

He meant that someone could use the acceleration sensor to record your voice. But who is capable of such an attack? This is not easy to do and needs a lot of computation power… and if someone really wants to know your passwords or something like this it would be easier to beat someone until he tells you. Your Librem 5 won’t protect you there!

honestly don’t care too much because GNU/Linux is already more secure than Android or iOS.

I wouldn’t say that Linux is more secure than Android. Linux has better privacy than Android but not a better security.
Android does a pretty good job in isolating all apps which is not that good in Linux and Google puts a lot of money into Android to be save against harmful software or hacking. But as said there is a BIG difference between security and privacy. And if you only use open source software from the repository you do not need that much security.


#16

He’s referring to the fact that a gyro/accel sensor can possibly be abused as a microphone. But then he’s also not aware that the L5 allows you to turn off all sensors with the killswitches, too…


#17

Yeah, i meant privacy.


#18

Isn’t than software, tho’? Well, even if it is, it would be hard to hack it and turn it on without a backdoor, i guess.


#19

The kill-switches are hardware. Flipping all 3 kill-switches to off turns off a whole lot of sensors.


#20

Oh yeah, it says cut power. That’s good.