Security, Privacy Focused Librem 5 Linux Smartphone Successfully Crowdfunded

prisoninmate shares a report from Softpedia: Believe it or not, Purism's Librem 5 security and privacy-focused smartphone has been successfully crowdfunded a few hours ago when it reached and even passed its goal of $1.5 million, with 13 days left. Librem 5 wants to be an open source and truly free mobile phone designed with security and privacy in mind, powered by a GNU/Linux operating system based on Debian GNU/Linux and running only Open Source software apps on top of a popular desktop environment like KDE Plasma Mobile or GNOME Shell. Featuring a 5-inch screen, Librem 5 is compatible with 2G, 3G, 4G, GSM, UMTS, and LTE mobile networks. Under the hood, it uses an i.MX 6 or i.MX 8 processor with separate baseband modem to offer you the protection you need in today's communication challenges, where you're being monitored by lots of government agencies.

Re:And the App Store?

[ClickOnThis]

You're a bit hasty, expecting an app store for a phone that hasn't even shipped yet. But if you examine the link in TFA, you'll see the following:

- they are offering developer's kits for a donation of $299, to be delivered June 2018
- their PureOS platform will ship initially with basic apps (phone, email, messaging, voice, camera, browsing) with others to follow
- they will offer a secure collection of apps, as part of the Matrix ecosystem
- they have added a stretch-goal to support Android apps in an isolation layer

Re:apps, apps, apps

[ClickOnThis]

Fingers crossed with you. But to address the points you raised:

1) You must have apps people want.

They are addressing that. From another post I made on this story:

- they are offering developer's kits for a donation of $299, to be delivered June 2018
- their PureOS platform will ship initially with basic apps (phone, email, messaging, voice, camera, browsing) with others to follow
- they will offer a secure collection of apps, as part of the Matrix ecosystem
- they have added a stretch-goal to support Android apps in an isolation layer

An obvious goal will be the necessity to somehow support Android/Google apps. And an emulation/isolation layer to do so is certainly technologically possible.

See above re "stretch" goals.

It is even exciting to think about a device that might run quality non-Android Linux apps AND run Android apps in an isolated environment, denying it access to personal stuff, and/or feeding it fake data when wanted.

Check. Again, see above. Per the link in TFS, the phone "[r]uns PureOS by default, can run most GNU+Linux distributions." The openness in the dev environment ensures that the kind of privacy and security you're talking about can be baked in.

But there are a lot of legal and monopolistic minefields in trying to do so.

Such as?

And trying to keep it compatible over time would be a big, big hurdle; especially on a tight budget with little resources.

Well, Gnu/Linux has fared rather well under similar circumstances.

Chipset

[DrYak]

Their main arguments are around the chipset :

Most of the current smartphone use chipset (mainly Qualcomm) that have the modem integrated into the SoC.
That modem (for radio licensing reason) must run a closed proprietary blob, while having full access to the SoC's RAM.
Thus you're only an OTA live update away (not even installing an Android upgrade, just sending new bits to your modem to execute), before wire taping law get applied to you and your data start getting siphoned away.

Purism want to make a phone with most of the sensitive part shut away in separate boxes that only speak a standard protocol. i.e.: modem in a separate chip, that only speaks a standard protocol (e.g.: showing up as an ethernet network) with no access RAM. No matter what rogue firmware it runs, such a modem cannot see your data, only sees an ethernet connection (and you're encrypting what goes through that one anyway, unless you stupidly trust the entire internet to be secure).

Thus, for all you concerns, 100% of your system runs opensource auditable code. It's not guaranteed to be secure *yet*, but can eventually be reviewed and secured.