Privacy

31253 readers

615 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

[email protected]

GrapheneOS, Pixel 8 Pro £709 or Pixel 9 Pro £1,099? (lemmy.world)

submitted 3 days ago* (last edited 2 days ago) by [email protected] to c/[email protected]

46 comments fedilink hide all child comments

Update I have come to a decision. Thank you to all who contributed suggestions. Please feel free to keep the discussion going to help others.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 19 hours ago (1 children)

Because android. PostmarketOS is linux (based on alpine linux)

[–] [email protected] 1 points 8 hours ago (1 children)

Interesting. I have a vastly divergent opinion on linux for mobile, mostly that it is not secure. This is true for Desktop linux but is more important considering the threat model necessary for mobile device Security.

[–] [email protected] 1 points 5 hours ago (1 children)

Feel free to elaborate. Everything I have read over my life (couple thousand pages I guess) suggestd that linux can be a lot more secure than windows and ios.

[–] [email protected] 1 points 37 minutes ago* (last edited 34 minutes ago)

Linux is not security hardened. It does not properly sandbox applications (and there is nothing as secure as android's sandboxing on linux). In fact, most linux package managers do not feature any sandboxing of applications, period. Linux does not implement verified boot. It does not harden against physical port attacks. It does not use a hardened memory allocator. Privilege escalation is simple because of how straightforward it is to compromise a wheel user (sudo user). Linux does not harden it kernel flags by default. Alpine (and most linux package managers) are not secure (aka does not pass the TUF threat model). Most linux distros dont feature a read-only root filesystem, which would help to improve security. Also, Systemd is a bloated init system and has a massive attack surface. GNU's tooling is also bloated and freebsd's would make a good alternative (like what is done by Chimera Linux)

Here are some readings on linux security:
Article by one of the Whonix Devs https://madaidans-insecurities.github.io/linux.html and also are hardening guide from them https://madaidans-insecurities.github.io/guides/linux-hardening.html
Wiki page of Whonix considering many linux distros for whether they make a good base for Whonix's security distro: https://www.whonix.org/wiki/Dev/Operating_System#Alpine_Linux
Kicksecure's wiki: https://www.kicksecure.com/wiki/Documentation

Here are some Security hardened distros (Note that none meet the threat model for a mobile phone OS as they dont feature verified boot):
https://www.kicksecure.com
https://github.com/secureblue/secureblue
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix.

Special mention which isnt hardened but has great potential: https://chimera-linux.org/