Oh please. Like you're more secure running some ancient downstream kernel or outdated android version that your phone's manufacturer has long since abandoned? Or do you enjoy "needing" to buy a new phone every 2 years because it no longer receives security updates for purely business (and non-technical) reasons?
Linux on phones isn't perfect right now (early android wasn't either, lol), but it's definitely a step in the right direction.
So you know, you CAN update the firmware in the Librem5. Purism even has a repo for it!
Also, that article has a bunch of stuff wrong with it. I'll just name the gyroscope "microphone" for one.
If the gyroscope microphone was at all possible. it would have to provide updates in the KHz range (I would say at least 8 KHz, but more realistically 16 KHz). I sincerely doubt the gyroscope even does that.
Ahh here's the repo https://source.puri.sm/Librem5/redpine-firmware-nonfree
@kop316 @mobian @Utgardloki yeah IIRC that's a fairly recent possibility, the redpine wifi driver in the kernel had to be modified to allow for updating firmware. I hacked around that a while back to 'fix' my wifi card, which seems to corrupt the firmware on it every time it reboots, so now it loads firmware on driver load like every other wifi chip out there :P (the 'hack' for that has been in pmOS for a few months now)
Ehh, for fun, I will point out more issues with your article:
It complains about USB links to:
https://madaidans-insecurities.github.io/linux.html "ctrl+F USB" is empty.
The article compares Firewire to USB, then talks about DMA attacks on Firewire. USB does NOT use DMA, so DMA attacks ARE NOT POSSIBLE. Likewise, an IOMMU makes no sense in context of USB, because DMA isn't used!
I am happy to discuss security merits, but let's actually do it in good faith and not spread bad info.
Madaidan makes a few good points about Android having a more hardened kernel that the one found in most Linux distros, but there are lots of problems with his arguments. See the links here:
Read the answer from GrapheneOS dev:
Purism and Librem phones are just insecure shit and a joke.
They’re many years behind Android
@Utgardloki @bart @nitrokey
whats the point of this blog entry?
saying everyone shall stay in the unhealty and becoming creepy android/ios ecosystem? Buying a new phone every year because we do not care about future? I love to be part of a small niche searching for free and open solutions, dont be one of does iditos saying: 'ah, who cares, i have nothing to hide and already sold my soul anyway...'
I'm afraid there is *no single factual information* in the following paragraph:
> PureOS also uses linux-libre. This will prevent the user from loading any proprietary firmware updates which just so happens to be almost all of them. The Librem 5 prevents the user from updating new firmware even with an alternative kernel which forces the user to use outdated and insecure firmware with known vulnerabilities.
Moin! Dies ist eine Mastodon Instanz für Nordlichter, Schnacker und was sonst noch so aus dem Norden kommt. Administriert wird der Norden von Niklas & Benny. Zusätzliche Moderator:innen sind Marius und Kurzi.
Bitte gebt bei der Registrierung einen kurzen Text ein. Das erleichtert uns euch schneller freizugeben.