this post was submitted on 25 Aug 2023
154 points (88.1% liked)

Asklemmy

43945 readers
808 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy ๐Ÿ”

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

Don't say, hey android has Linux in it, yeah no, idc, I want to know how far we are from buying a Linux phone at a price point of 200 USD.

A Linux phone is one which is built completely on Linux, uses Linux apps and most important has a terminal.

I don't want a Linux Phone for privacy, although that's a great reason, but I want it for the freedom it provides me. Hell, I don't care if Android itself comes with a terminal and has similar features to Linux, I just want a Terminal which can install apps, where I can write commands and it will execute it. Complete Control on my phone and how it behaves is what I want.

I want to tell it when to sleep, when not to sleep, when to boot, when to edit a file and how, when to take a screenshot and what to do with it and where to save it, etc, etc. I hope you get the idea.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 1 points 1 year ago* (last edited 1 year ago)

Note: Linux phones are notoriously insecure (source) but please correct me if you know better

A few points

Operating systems like Android and ChromeOS have full system mandatory access control, every process from the init process is strictly confined.

Android uses SELinux for mandatory access control as per their own docs

As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root/superuser privileges (Linux capabilities)

As for ChromeOS, it's built upon Linux and that blurred line between Chrome and Linux is being completely removed --> hello Linux And ChromeOS aka LACROS

To make matters worse, some system daemons are not designed with permission control in mind at all. For example, PulseAudio does not have any concept of audio in or out permission.

PulseAudio is due to be replaced by PipeWire which

was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy.

https://github.com/mikeroyal/PipeWire-Guide

There's also Wayland, which is being written to replace X11. It has better security

Wayland isolates the input and output of every window, achieving confidentiality, integrity and availability for both.

While it's true that many apps aren't designed with security in mind, flatpak and snap packages have their portals API. The author did mention that they are underutilized, but that's slowly changing.

Additionally, immutable distros (nixOS, Fedora silverblue) do exist, which make it quite hard for unauthorised applications to modify root partitions since they are mounted as read-only. Mobile NixOS is still in its infancy, but it's being worked on.


In conclusion, security on linux isn't hopeless, there are solutions being worked on, and improvements in linux phones will benefit all desktop users, unlike distros like Android and ChromeOS that build custom solutions that aren't contributed back to the community.