@iska @safiuddinkhan @cyberspook @m0xee @dushman

"Distributions like PureOS are not particularly secure. They are mostly a reskinned Debian and do not include substantial hardening."

https://madaidans-insecurities.github.io/linux-phones.html
Follow

@inference @safiuddinkhan@fosstodon.org @cyberspook @iska@mstdn.starnix.network @dushman You may be right, but this article is just bad. Hardening in the OS is not good enough so we can just install Android 🤷
Hardware switches are not good enough because we can just use software airplane mode 🤦
Having modem on a separate board so that we can physically disconnect it is not good enough because we can just ask SoC to do it (and trust it) 🤯
It doesn't mean that Liberm5 is perfect, but these points are just awful!

@m0xee The developers actually stuffed up the librem5 initially - even though the mobile chipset is connected over usb, they have stuffed up something, theoretically allowing taking over the usb controller if I remember correctly (while usb doesn't have DMA, the usb controller often does).
Such issue has been corrected now mind you.
The article makes so many wrong claims that it's not worth listing them.
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml