Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
Pixels have a secure element that limit the amount of guesses an attacker could make.
This isn’t available on any Linux distro by default.
Also on GrapheneOS you can have a longer password for decryption and a shorter one + fingerprint for unlocking.
Also a longer phone password would be more practical then an long desktop PC password. You can take the phone with you on toilet unlocked while having to lock and unlock your PC for going on the toilet.
Mobile phones are not secure. By design
Show me a better Sandbox than the one for android apps.
QubesOS.
How usable is it in comparison to Android? Not usable. Heavy hardware and skill requirements.
Flatpak tries to be like Android app on Linux, but is not that advanced like it.
Flatpak is a security nightmare. again, stop focusing on just sandboxing and look at the whole.
It has potential. Of course Android is much better. But In comparison to other Linux application formats its better.
I mean its pretty fundamentally broken. Seems the devs don’t care about security. Better to use something like apt
That’s still standard virtualization. It doesn’t harden the applications you run inside the sandboxes.
Virtualization is better than sandboxing for security.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
https://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html?m=1
deleted by creator
Lol that’s worthless when I can unlock your phone because you use a short passphrase
Everyone can decide on the length of their passphrase according to their threadmodell.
If you use a >50 character passphrase for your phone, its no longer useful as a phone. That’s the point.
Pixels have a secure element that limit the amount of guesses an attacker could make. This isn’t available on any Linux distro by default. Also on GrapheneOS you can have a longer password for decryption and a shorter one + fingerprint for unlocking. Also a longer phone password would be more practical then an long desktop PC password. You can take the phone with you on toilet unlocked while having to lock and unlock your PC for going on the toilet.
It’s not about thief. It’s about not letting random apps access everything in system.
Lol you can make anything seem secure if you narrow security to a very narrow definition.
Phones are the most insecure devices, if you look at the big picture. They’re literally designed to be convenient. That’s the enemy of security.