this post was submitted on 20 Jul 2024
70 points (100.0% liked)

Privacy

789 readers
27 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Im considering buying a new phone and i don't really consider a Pixel. I really like Fairphones approach, with the self repairable stuff. Even though they don‘t have a headphone jack. But well… I can’t change it. I’ll definitely go with the adapter over wireless headphones.

But to my question: What private OSes are there? Fairphone sells FP4s with eOS, how is that? And does it work on the FP5? GrapheneOS only works on Google Pixels right?

you are viewing a single comment's thread
view the rest of the comments
[–] shortwavesurfer@lemmy.zip 21 points 4 months ago* (last edited 4 months ago) (2 children)

Graphene does only work on the pixel devices. What makes it special is that you can lock the bootloader again after installing it, which with things like lineage, you cannot do. I have never used /e/OS but i use lineage as my daily and it can be installed on FP

[–] Ilandar@aussie.zone 10 points 4 months ago (1 children)

What makes it special is that you can lock the bootloader again after installing it

I'm not sure why this is considered special. You can also re-lock the bootloader with CalyxOS, iodéOS and DivestOS. This is a Pixel thing, not a GrapheneOS thing.

[–] shortwavesurfer@lemmy.zip 4 points 4 months ago

Okay, I was not aware of that, so thanks for the information.

[–] possiblylinux127@lemmy.zip 4 points 4 months ago (4 children)

Honestly trusting the bootloader feels very risky

[–] shortwavesurfer@lemmy.zip 26 points 4 months ago (2 children)

In that case, have fun coding up your own bootloader and flashing it onto the device. If you can't trust the bootloader, then you can't trust anything at all from the operating system that sits on top of it, because it could be compromised. If you can't trust a bootloader, then the only thing you can trust is a pen and a piece of paper.

[–] possiblylinux127@lemmy.zip 5 points 4 months ago

True but it feels like obscurity via obscurity.

[–] Chickerino@feddit.nl 1 points 4 months ago (1 children)

why dont we just put uefi on phones

[–] Cube6392 2 points 4 months ago (1 children)

Phones don't use an IBM-PC architecture. You'd need a phone based on an architecture phones aren't usually based on or You'd need to re-engineer UEFI to work for an architecture it wasn't designed for

[–] vaionko@sopuli.xyz 3 points 4 months ago (1 children)

UEFI has supported ARM for years now...

[–] BearOfaTime@lemm.ee 2 points 4 months ago

And "phones don't use UEFI"

[–] LodeMike@lemmy.today 9 points 4 months ago (1 children)

GrapheneOS uses pixels because not even Google employees can break into it.

[–] henfredemars@infosec.pub 4 points 4 months ago (1 children)

I'd be more worried about the ROM that runs before the bootloader that you can't inspect, or possible hardware implants if you don't trust the bootloader shipped to you from the vendor.

[–] possiblylinux127@lemmy.zip 3 points 4 months ago

I don't trust it not to be flawed

[–] Andromxda@lemmy.dbzer0.com 1 points 4 months ago (1 children)

Ok what is your alternative? Android Verified Boot with a secure hardware keystore like the Google Titan M2 is basically the best thing you can get.

[–] possiblylinux127@lemmy.zip 2 points 4 months ago

Strong encryption with a password you know only. The password should have a high enthropy