I really don’t get the doomsayers in this thread, all boasting about how android is secure and private – that’s bullshit. Android may be secure, and Google has a rep of doing secure stuff, but it’s hardly private, 'cos Google.
Then they go on about how you just can’t do that with regular linux. Wtf?
For the most part, mobile linux distros are adapted desktop distros and all the tools you can use on android for sandboxing et al you can use on regular linux.
Are there linux distros for mobile that are on par with android? No, not at the moment and not with that attitude. Can there be? For sure, and Google’s pushing it in that direction.
If you’re gonna be doomsayers bitch about hardware drivers, that’s indeed an issue and even that, it’s, like regular linux, a matter of time until someone reverse engineers them.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
Pixels have a secure element that limit the amount of guesses an attacker could make.
This isn’t available on any Linux distro by default.
Also on GrapheneOS you can have a longer password for decryption and a shorter one + fingerprint for unlocking.
Also a longer phone password would be more practical then an long desktop PC password. You can take the phone with you on toilet unlocked while having to lock and unlock your PC for going on the toilet.
I really don’t get the doomsayers in this thread, all boasting about how android is secure and private – that’s bullshit. Android may be secure, and Google has a rep of doing secure stuff, but it’s hardly private, 'cos Google.
Then they go on about how you just can’t do that with regular linux. Wtf?
For the most part, mobile linux distros are adapted desktop distros and all the tools you can use on android for sandboxing et al you can use on regular linux.
Are there linux distros for mobile that are on par with android? No, not at the moment and not with that attitude. Can there be? For sure, and Google’s pushing it in that direction.
If you’re gonna be doomsayers bitch about hardware drivers, that’s indeed an issue and even that, it’s, like regular linux, a matter of time until someone reverse engineers them.
Mobile phones are not secure. By design
Show me a better Sandbox than the one for android apps.
QubesOS.
How usable is it in comparison to Android? Not usable. Heavy hardware and skill requirements.
Flatpak tries to be like Android app on Linux, but is not that advanced like it.
Flatpak is a security nightmare. again, stop focusing on just sandboxing and look at the whole.
It has potential. Of course Android is much better. But In comparison to other Linux application formats its better.
I mean its pretty fundamentally broken. Seems the devs don’t care about security. Better to use something like apt
That’s still standard virtualization. It doesn’t harden the applications you run inside the sandboxes.
Virtualization is better than sandboxing for security.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
https://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html?m=1
deleted by creator
Lol that’s worthless when I can unlock your phone because you use a short passphrase
Everyone can decide on the length of their passphrase according to their threadmodell.
If you use a >50 character passphrase for your phone, its no longer useful as a phone. That’s the point.
Pixels have a secure element that limit the amount of guesses an attacker could make. This isn’t available on any Linux distro by default. Also on GrapheneOS you can have a longer password for decryption and a shorter one + fingerprint for unlocking. Also a longer phone password would be more practical then an long desktop PC password. You can take the phone with you on toilet unlocked while having to lock and unlock your PC for going on the toilet.
It’s not about thief. It’s about not letting random apps access everything in system.
Lol you can make anything seem secure if you narrow security to a very narrow definition.
Phones are the most insecure devices, if you look at the big picture. They’re literally designed to be convenient. That’s the enemy of security.