[liberationtech] Advice on secure phones

Tue Jul 13 00:14:12 CEST 2021

..on Mon, Jul 12, 2021 at 04:13:31PM +0200, Marc Juul wrote:
> I'm not sure to what extent LineageOS is de-googlified on its own (e.g.
> does it use a google server for captive portal detection? i'm not sure) but
> https://e.foundation/ seems to have that more as a focus and ships with
> microG as an alternative to google services. None of these makes your phone
> secure as you still have at least the baseband processor running closed
> firmware. You might want to look at librem or pinephone (with reverse
> engineered baseband firmware).

I think this needs to be underscored again and again. Our smartphones run two
OSs on them, effectively, and so a compromised baseband (RF) firmware - that
talks to the kernel of the primary OS - effectively undermines any protection
afforded by it and anything.

Nonetheless, I too think Lineage hits a sweet spot as an after market firmware.
A rooted phone with kernel level firewall, strong filesystem encryption, and
careful choices of packages and browser, with appropriate extensions and good
VPN, can make for a reasonably secure device.

It's just that baseband.

Cheers,

Julian

> On Mon, Jul 12, 2021 at 3:34 PM Steve Phillips <steve at tryingtobeawesome.com>
> wrote:
> 
> > LineageOS is solid. They start with AOSP (the open source core of Android)
> > then add a few enhancements. You can decide how degoogled you want it to
> > be. I once went too far and Google Maps wouldn't work right in the browser,
> > but I dialed that back a little and it was perfect for me.
> >
> > I recently got a new Android phone and need to switch back to Lineage so
> > that Google doesn't auto-steal ("auto-sync") my contacts and more...
> >
> >
> > On Sun, Jul 11, 2021, 23:56 Sam de Silva <sam at edge.lk> wrote:
> >
> >> Hi all
> >>
> >> I’ve been doing some research into secure mobile phones. There’s
> >> familiarity with ANOM and why not to use it, but there are also other such
> >> secure mobile phones.
> >>
> >> There’s a few out there, or coming soon - such as ‘e
> >> <https://e.foundation>’ and OSOM
> >> <https://www.droid-life.com/2020/11/16/osom-is-building-a-privacy-phone-that-shouldnt-be-1000/>
> >>  ….
> >>
> >> Curious to know if there’s anyone that’s researching this space, or has
> >> any opinions on devices like OSOM.
> >>
> >> Thanks and best, Sam.
> >>
> >>
> >> —————————————————————————
> >>
> >> Sam de Silva / CommonEdge
> >> --
> >> Liberationtech is public & archives are searchable from any major
> >> commercial search engine. Violations of list guidelines will get you
> >> moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
> >> change to digest mode, or change password by emailing
> >> lt-owner at lists.liberationtech.org.
> >>
> > --
> > Liberationtech is public & archives are searchable from any major
> > commercial search engine. Violations of list guidelines will get you
> > moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe,
> > change to digest mode, or change password by emailing
> > lt-owner at lists.liberationtech.org.
> >

> -- 
> Liberationtech is public & archives are searchable from any major commercial search engine. Violations of list guidelines will get you moderated: https://lists.ghserv.net/mailman/listinfo/lt. Unsubscribe, change to digest mode, or change password by emailing lt-owner at lists.liberationtech.org.