@muad_dibber @knfrmity I think this statement does not apply to open source firmware. Where could the malware hide if everything is open?
mariubrlu
joined 2 years ago
@comfy Same like Intel ME is able to take full ownership of your computer without your approval or awareness. This can only happen due to the closed source firmware these devices are using. If I could electrically kill these components, or the possibility of having them removed, I would consider myself fully protected. Again, this approach might not be good for everyone. Maybe "full" is not the correct wording. I guess "ideal security and privacy" is what I was looking for. You are right here.
@comfy The hardware approach has already surpassed most of androids due to their open firmware nature. In my scenario, let's say I'm going to a protest and enforce my human rights upon the establishment. I turn off cellular, WiFi, Bluetooth, BLE, NFC, UWB and just use my phone as a pocket computer to take video footage. Later I read a security article that the cellular modem in my phone is able to transmit data outside phone's operating system.
@comfy in terms of software linux phones still have a long way to catch android. Even when taking the desktop flavors, against windows, linux is still not a match. Thanks for sharing that article. Is good to know exactly which are the areas where linux must improve.
@comfy @thursday_j GrapheneOS is the best flavour of Android that you can get with the downside that is limited to one single phone brand. But Android itself is far from being perfect. That's when Linux phones step in. Currently they are just in development stage and not really intended as daily drivers. But that changes with adoption.
@comfy @thursday_j Indeed you need context, but let's limit the concept of "full privacy and security" to things that are in your control. E.g you might control the physical safety of your device but you can't control how many man-in-the-middle are between your phone and the rest of the internet. As a regular technology user my threat actors are big-tech and establishments.
@comfy Indeed you need context, but let's limit the concept "full security and privacy" to aspects that are under your control. E.g you might control the physical security of your phone, but you might not control how many men-in-the-middle are between you and the rest of the internet. Like any regular technology user my threat actors are big-tech and establishments.
@shreddy_scientist @Grouchy You might also have a look at mobile phones that offer electrically kill switches or can even have these components physically removed. E.g: Pinephone PRO, Librem 5, Fairphone 4
@shreddy_scientist @Grouchy Any device connected to a wireless technology lacks full security and privacy.
You might carry on your mobile phone with you as there are lots of other functions you can do on it. But, in order to benefit from full privacy and security you should disable: cellular modem, wifi, bluetooth, nfc, uwb. And you must run an operating system that is entirely open source to be sure that these components stay off after you disabled them.
@nachtigall @lemmyreader As already seen from the elections in Italy during covid, EU does not work for people anymore and now favors the people in power. Massive exits are now to be expected like frexit, itext, gexit etc.
@muad_dibber Lately, I saw a broader adoption of open source practices. One big example being:
https://www.techspot.com/news/98604-amd-planning-replace-agesa-firmware-open-source-alternative.html