Ever since Apple announced/doubled-down on implementing client-side scanning, I’ve stopped recommending Apple devices as privacy-protecting stopgaps.
Do I have other suggestions for everyday people who use technology as an everyday thing?
Not really.
For phones, perhaps a NitroPhone with GrapheneOS (https://www.nitrokey.com/news/2021/nitrophone-most-secure-android-planet) (and you’re still indirectly making Google richer)
All other phones/Linux laptops come with security trade-offs compared to a Mac/iDevice.
Things aren’t great right now.
@aral I am also seeing the problem that instead people buy shitty 3G dumb phones which have a lot of garbage Java applets and are no more "dumb". The idea - reducing technical clutter - is good, but in practise they have connected phones with no encryption or security at all.
In my opinion there is no other option than graphene with a second hand pixel device right now.
@claus I tend to agree. Hence my comment about things not being so great right now.
And it’s no better on the Linux laptop side of things either. I don’t think I know of a single one (including the one I bought) that isn’t a security nightmare. (And if anyone does, I’m all ears and will be happy to stand corrected.)
Lack of verified boot, encryption of home directories during suspend, lack of TPM (I believe Purism’s laptops have it as an option), lock screen flashes, X11… 👀
@aral @claus We take a different approach for boot security with PureBoot because I don't believe in the control tradeoff you must make with verified boot and similar "jail vs jailbreak" solutions.
Any solution that depends on blocking binaries the vendor didn't sign anchors too much trust in the vendor and removes control from the user over what software they run.
What do you think about the "System Transparency" thing?
I think it seems good, it lets the user decide what should be on the system from the ground up.
@eliasr @aral @claus In skimming the docs it looks like it lets the user set their own root certs, which is good. LinuxBoot is a reasonable alternative if you have a system that doesn't support Heads.
I still personally prefer the fact that Heads/PureBoot authenticate the host to your USB security token and think that's a bit stronger and more flexible.