Daily driving a Linux phone, but why?
thefoggiest.dev146 points by ingve 3 days ago
146 points by ingve 3 days ago
But why, indeed.
Years ago, I met someone (through another friend) who worked in CS, and was super into digital privacy. He was the first person I knew to run a Linux phone, for privacy reasons. He tried to pay for as much as possible by cash, and maintained his accounts manually on paper. The only way to contact him was by text message (intermittently, unreliably) or via a specific client using the Matrix protocol. My friend and I both installed the client to be able to contact him and maintain a friendship.
After a few months, we both lost contact with him simultaneously: something was updated in the client, and it was impossible to re-establish contact with him without a F2F interaction (="privacy"). Sadly, he was also uncontactable by text message. For both of us, the friendship simply ceased to exist.
My reflection is that such things --as with many things in life-- are on a spectrum. At some point on the spectrum, as you head towards the extreme end, your position on that spectrum (be it voluntary or --as with disease-- involuntary) start to impair your ability to live (what might be considered) a normal functional life. I'd also hazard that moving towards that extreme end of the spectrum beings increasing small gains, coupled with increasingly large downsides.
I'm not suggesting that running a pure Linux phone is extreme, but it's definitely in the middle zone where there are definite downsides.
It is kind of extreme. I personally daily drove the OG Pinephone for about a year-and-a-half, back in 2020. I bought in during the postmarketOS edition.
I'm still dealing with the fallout from the choices I made in order to conform with that phone. And at the end of the day... I got nothing out of it. Nothing but issues, problems and inconveniences.
The modem eventually stopped working for some reason, and I moved to an iPhone 7 that had been abandoned for quite some time.
It felt like I had let out a breath I had been holding in for years.
As a layman in terms of security and operating systems, is this actually more secure or private than using iOS in lockdown mode and communicating via iMessage? Feels OTT for anything you might talk about in a personal relationship
A lot of privacy fanatics (myself included) are also open source fanatics. I like to be able to wrap my own tinfoil hat even if it is harder and a bit more uncomfortable.
Uncomfortable yes, but you need to pay attention to details that big tinfoil fashion can't be bothered with. For example, you can't use Reynolds wrap because it was modified with preforations for the government. They say that was to keep your Jonny Wurster's from smoking crack, but obviously sub-nanometer waves..
I'm usually wearing a simple double-williams wrap with a D-battery on top for charge. Keep safe from those 5G's, friend.
Does this mean that open source is more important than privacy to people of this mindset? Again from my layman’s perspective I would expect the hardened iPhone, using iMessage and key verification, to be more secure.
Well, first of all I think if something is open source it will tend to be more privacy-focused since it will disclose what it tracks. People will either find that acceptable or fork and change.
> Does this mean that open source is more important than privacy to people of this mindset?
Not exactly, but I think the questions should really be something like "who is the guarantor of your privacy?"
If you are happy with it being a corporation like apple then you're fine. I'm not, and what we consider more secure would have to be a much deeper conversation in which we actually define our threat models.
True, I’m very interested in understanding how secure the open source alternative is, I struggle to believe it is as secure as there are so many layers, and the surface seems much bigger. I guess if you are worried about being hacked then the open source method is likely less secure, but if you are worried about being monitored then Apple is more of a risk as you don’t know what goes on behind their servers etc.
i feel you, but these downsides have nothing to do with a linux phone, but with your friends privacy preferences. i am trying to be like that friend, except that i keep more communications channels open. i mean, verifying contacts face to face is one thing, but then we ought to at least have one unverified channel to arrange a meeting or a video chat.
also there are more safe options, like deltachat that don't depend on a phone at all. if we live in the same city we could have regular hangouts where we'd be able to meet without any prior arrangements. or if we know each other well enough you know where i live, or have contact to family members.
this is a matter of priority. i keep using the chinese wechat despite privacy concerns because it is the only way to stay in touch with friends and family in china. i long refused to use it, but as a consequence some friends from that time are now lost.
but outside of china matrix and deltachat are the best options even with android. and matrix unfortunately isn't even that good[1]. it still fails some times, and it is difficult to maintain a server and keep it spam free.
[1] matrix is getting better, but the key handling is complex, and at least one seurity minded friend rejected it in disgust last year when for unknown reasons at one point the encryption between us failed and we could not talk to each other. it's a problem when even tech oriented people privacy minded people reject matrix.
> but with your friends privacy preferences.
Network effects and human nature combines to make this a completely insurmountable obstacle. You'll likely never convince even a sizable minority of your own friends & family to do tech things the hard way because you think it's more private that way.
That is the argument in favour of being a bit more mainstream - you get to interface with the rest of humanity with much less friction.
It was the easiest thing of all time to get friends and family onto Signal, actually, before the idiots took SMS out and it became just another confusing messenger app.
No, you don't understand. They need the developer bandwidth and velocity for things like their sketchy cryptocurrency and GIPHY integrations.
They can't waste the time they can use on shitcoins for something like SMS.
I had a similar experience with GrapheneOS. There is a balance in act between continuing down the privacy rabbit hole versus being able to communicate effectively with your social circle and it is easy to double down on privacy at the cost of relationships if you are not aware of how it is affecting others.
I have my own problems with GrapheneOS, but I thought they made a great effort to make sure that it didn't really have that kind of downside. What problems did you hit?
Not using platforms in general and GAFAMs in particular goes beyond privacy issues though, especially outside USA.
If you want a Linux phone that could be your daily driver, I would highly recommend the furiphone of furilabs (https://furilabs.com/).
I got one from the Fosdem and it is truly amazing! Contrary to previous things I tried, like the pinephone, this one is really totally usable for everyday with everything that you could need (phone, SMS, 4g/5g, ...). Especially, for one time it has a very good camera, on par with some Xiaomi phones, that is really ok when you like to take pictures.
Basically, it is a kind of a debian, but there is something very amazing, waydroid, that allows to run Android apps like if it was native apps but with full control other their rights, like being in a sandbox.
The only issue that is not really solvable is that a lot of apps are requiring the Google integrity verification shit, so your are forced to connect with your Google account to the play store or Google services to be able to use them. Like these shitty OpenAI and Mistral apps...
It's an Android device with an old unsupported kernel that runs a hacked up Debian-ish userspace on top of Android layer. While that may be good enough for some, it's not what some of us want.
I'll stay with my Librem 5, which is also totally usable, runs actual Debian, runs Waydroid too, and does not bring me Halium pain.
I have been using an Altair 8800 as my daily driver for about 50 years now. It's really not a big deal to enter instructions through the switch panel, especially with good gloves, and it does basically everything I want it to.
Good for you, though I prefer my device to be reasonably capable for real world tasks and hassle-free while providing me the ability to run the latest software and to hack on it however I want. Otherwise I would stay on N900, as I still miss its keyboard.
Most of what I have read has indicated that the Librem 5 is NOT a great daily driver (which was a huge letdown for me). How do you like it?
Looking at what's missing from their roadmap here: https://puri.sm/products/librem-5/
No videos? Fine, I rarely take videos.
No bluetooth? Mildly annoying, but especially with the 3.5mm jack, I could live without it.
No GPS? This one would be a deal-breaker for me.
But depending on the person I can see it being usable.
That image is seriously out of date. Bluetooth, GPS, and even recording video all work fine.
That's great to know; but Purism really ought update that, I'm sure they are losing sales from that being so out of date.
Video recording implementation could be better though, but other stuff works well indeed :)
In fact all things from that chart are there and have been there for years now, including 20h battery life and encrypted SIP calls.
20h battery life? Mine comes nowhere close to that with all hw switches off and only playing mp3's... Are you quoting a when suspended figure or something?
It can get up to 20h either when idle with all hw switches off or when suspended with the modem on (less with poor signal coverage, of course). Looking at a power meter right now I'd roughly expect at least 12h of music playback.
Using the latest greatest stock pureOS?
My L5 gets nowhere near that listening to MP3s on road trips.