destiny and not depending on incredibly flawed OEMs with incompatible goals. You're treating the device being made with using open source drivers as a core goal as if that's the hardest and most important aspect. It's one of many aspects, and is far from the hardest thing to do.
Conversation
I am not saying purism/Librem5 should be the end goal but I think they are the current best case studies of small companies pulling off open-source-first hardware being very transparent about the process which is huge.
Gotta crawl before you can walk.
1
I don't see it that way at all. They're incredibly dishonest, not at all transparent, and do not really have the goal of making open hardware. They are explicitly anti-security and anti-privacy in many ways too. It's not a good hardware target and they won't ever make a good one.
2
1
They do not share the goals or concepts of GrapheneOS at all. It is a bad target, they will always make bad targets for it, and they are not a viable partner or collaborator with an actual privacy/security focused project. Been burned already, others have too. No thanks.
2
1
You're bringing it up at the same time as Pine64 which has similar technical issues but without nonsense from the company / leadership including lots of harm. It's also a bad target, with no sign of ever wanting to make a good one, but at least they don't lie and cause harm.
1
1
IMO Librem5 has better hardware but the marketing and misrepresentation of it is a black eye to be sure.
Still if forced to pick between them or Google right -now- while we spend a few years making long-term sustainable/secure hardware I take Purism.
2
You can't make a device with decent security based on it and it's far from being able to run a fully functional AOSP particularly with the security features supported (but far beyond that) so not sure what you plan on doing with it.
1
At least Pine64 doesn't have deliberate anti-security measures and anti-security policies / ideology. It's just not technically advanced in that regard so it's far behind the status quo / industry standards (applies to both) but the reasons are better (lack of resources).
2
Anyway, if you want to support charlatans it doesn't just mean definitely not having my support, but I'll actively oppose it.
Really not interested in building something offering trash tier security and robustness along with even worse usability.
Not a long-term path either.
2
Again. I just need something maintainable I can run in my pocket today at least as secure as my laptop.
Pixels are a dead end.
Long term I want exactly what you describe but until thaf project actually breaks ground I have to hack ogether the least bad of terrible options.
1
What you're talking about is already dead on arrival: remotely exploitable over the air via known vulnerabilities without being able to provide over-the-air patches for the issues.
What's not terrible about rolling back security so much + not having updates?
What's not a dead end about building on a product from an incredibly dishonest company that's actively against security?
How are you going to make something usable out of AOSP on that? Not even sure how it overlaps with anything to do with security when it'll be so much worse.
2
You're really going to develop a whole proper Treble implementation, a bootloader with A/B updates, recovery and everything else that would have to be done, just to have a far from fully functional AOSP platform with far less security? I really can't understand. Way harder too.
1
Show replies
Explain how a Librem5 or Pinephone running Debian with just a browser with the GSM disabled except for emergencies is any worse security than my laptop running Linux.
It is just a Linux laptop with a smaller screen to me until I can someday get something I can trust to do more.
1
2
If your laptop was purchased recently from a decent company, it will at least have firmware updates for all of the major components including Wi-Fi and Bluetooth, and you can apply those by keeping the OS up-to-date as long as it's decent. Of course, you did say *Debian* so...
2
Show replies