Slashdot Mirror
Security, Privacy Focused Librem 5 Linux Smartphone Successfully Crowdfunded (softpedia.com)
prisoninmate shares a report from Softpedia: Believe it or not, Purism's Librem 5 security and privacy-focused smartphone has been successfully crowdfunded a few hours ago when it reached and even passed its goal of $1.5 million, with 13 days left. Librem 5 wants to be an open source and truly free mobile phone designed with security and privacy in mind, powered by a GNU/Linux operating system based on Debian GNU/Linux and running only Open Source software apps on top of a popular desktop environment like KDE Plasma Mobile or GNOME Shell. Featuring a 5-inch screen, Librem 5 is compatible with 2G, 3G, 4G, GSM, UMTS, and LTE mobile networks. Under the hood, it uses an i.MX 6 or i.MX 8 processor with separate baseband modem to offer you the protection you need in today's communication challenges, where you're being monitored by lots of government agencies.
I'd wager they're going to go with F-Droid to start.
Learning HOW to think is more important than learning WHAT to think.
You're a bit hasty, expecting an app store for a phone that hasn't even shipped yet. But if you examine the link in TFA, you'll see the following:
- they are offering developer's kits for a donation of $299, to be delivered June 2018
- their PureOS platform will ship initially with basic apps (phone, email, messaging, voice, camera, browsing) with others to follow
- they will offer a secure collection of apps, as part of the Matrix ecosystem
- they have added a stretch-goal to support Android apps in an isolation layer
If it weren't for deadlines, nothing would be late.
The app store follows the Linux philosophy. Here's your toolkit: 0, 1. Now go make your own apps!
#DeleteFacebook
This feels like a well-timed entry. You won't get Android-level market penetration, but the chans, among others, are starting to want smartphones to use as dev machines. This not only makes it possible, but assumes the user will do it. I hope to God they pull it off.
The app store for this is?
Given that it's
powered by a GNU/Linux operating system based on Debian GNU/Linux
the "App Store" will probably the Debian software repository.
The app store follows the Linux philosophy. Here's your toolkit: 0, 1. Now go make your own apps!
You are aware, of course, that the success and convenience of Linux package repositories was both the inspiration and proof of concept that caused app stores to exist, right? On an OS built by developers for developers, "go make your own apps" actually works.
No thanks, that's a seriously old SoC.
i.MX 8, sure 2x A73 + 4x A53.
i.MX 8M. which is their goal... average. 4x A53 @ 1.5GHz is a low to mid range phone.
Yup. The Apt Store.
Sure I believe it's been crowd-funded. What I'm skeptical of is whether it'll ship.
"I don't know, therefore Aliens" Wafflebox1
If we have learned one thing about all the failed phone attempts out there, it should be one lesson:
1) You must have apps people want.
There are other lessons, but that one is primary. Of course, there is a niche market that will exist for this Librem phone/platform. But if people can't play the games, or use the utilities they want, it will never get beyond niche. We are all dependent on quality maps, notification magic, multi-device syncing, advanced texting options, etc.
An obvious goal will be the necessity to somehow support Android/Google apps. And an emulation/isolation layer to do so is certainly technologically possible. It is even exciting to think about a device that might run quality non-Android Linux apps AND run Android apps in an isolated environment, denying it access to personal stuff, and/or feeding it fake data when wanted. But there are a lot of legal and monopolistic minefields in trying to do so. And trying to keep it compatible over time would be a big, big hurdle; especially on a tight budget with little resources.
Fingers crossed....
There's actually quite a bit of demand for such a phone. Ever since the demise for Ubuntu phone (which was due to utter stupidity rather than no demand), this looked promising. Believe it or not, there was quite huge demand for the Ubuntu phone and it went over expectations for the developers. Lack of production of real products destroyed it because they couldn't secure deals for hardware manufacturing, otherwise it would still exist. I hope they don't make the same mistake.
Over time, I've realized that my critical smart phone apps are:
1. Phone calls and messaging
2. Maps and directions
Is there any phone where I can get just #1 and #2, and as long a battery life as possible?
+1000 Awesome.
If it weren't for deadlines, nothing would be late.
Calm the f*** down. "Free" has two meanings: (1) no cost, and (2) no restrictions. "Freedom" (in the latter sense) is not "free" (in the former sense.)
If it weren't for deadlines, nothing would be late.
I believe that the Librem 5 at its current stage and with these proposed specifications doesn't stand a chance against iOS or Android. but still, I think that we need it as a third option.
I have written a piece on why do we need an Open Source smartphone. Here's the link http://www.consumeit.io/librem-5/31005
Frankly, I'm not impressed with either of the top two posts in this thread. I'm not sure why you feel the need to call out only
one of them.
And BTW, have you actually looked up the word liberal in a dictionary? It doesn't mean what you desperately want it to mean.
For being a "security focused" phone, they didn't really mention anything about security on their site. Perhaps I'm wrong, but this sounded awfully lot like smoke and mirrors type of pitch.
Am I actually supposed to just believe "It runs GNU/Linux kernel, it's secure" or do they actually plan to audit the kernel and components they're including for real? Because that kind of effort costs a helluva lot of money.
I'm guessing they're not and they're just referring to the "many eyes, shallow bugs"-mantra here, but c'mon now... seriously?
Their target is to make a phone that can run 100% on exclusively free/libre opensource code.
That severly limits which SoC they can choose :
- they need a chipset WITHOUT built-in modem, so the modem and its mandatory blob can be pushed out of the main system into an isolated box that only talks a standard protocol (so it doesn't have direct access to RAM. Unlike Qualcomm's chipset, where sometime the modem serves as the northbridge)
- they need a chipset with opensource drivers supported by upstream linux kernel.
Currently, only Freescale i.MX6 fits the bill (Vivante GPU supported by Etnaviv driver), and the Freescale i.MX 8 is their best hope of next chip to be similarly supported.
Yes, it's an old SoC, with low to mid perf, but it's about the only one that fits the bill.
(It might have also been possible with some of the Nvidia Tegra chipsets that are supported by nouveau, but they don't fit the power envelope.
Intel's is fully opensourced officially, but doesn't produce anything currently targeting the tablet/smartphone form factor.
Qualcomm is completely out of question : even if some are supported by Freedreno, the integrated modem running untrusted proprietary binary firmware, while having full access to RAM is problematic)
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
Their main arguments are around the chipset :
Most of the current smartphone use chipset (mainly Qualcomm) that have the modem integrated into the SoC.
That modem (for radio licensing reason) must run a closed proprietary blob, while having full access to the SoC's RAM.
Thus you're only an OTA live update away (not even installing an Android upgrade, just sending new bits to your modem to execute), before wire taping law get applied to you and your data start getting siphoned away.
Purism want to make a phone with most of the sensitive part shut away in separate boxes that only speak a standard protocol. i.e.: modem in a separate chip, that only speaks a standard protocol (e.g.: showing up as an ethernet network) with no access RAM. No matter what rogue firmware it runs, such a modem cannot see your data, only sees an ethernet connection (and you're encrypting what goes through that one anyway, unless you stupidly trust the entire internet to be secure).
Thus, for all you concerns, 100% of your system runs opensource auditable code. It's not guaranteed to be secure *yet*, but can eventually be reviewed and secured.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
If this 'phone is successful then many apps will be developed that people will want to install. Today many such apps demand all sorts of permissions that are then abused by the app vendor. Refuse to give the permission most apps will not work.
I want to regain control by: giving each app a different contacts database; a different call history; a different GPS location; ... Running each app in its own Linux kernel container should do the job.
And BTW, have you actually looked up the word liberal in a dictionary? It doesn't mean what you desperately want it to mean.
For at least the past 6 decades in the US, the term "liberal" has had a radically-different meaning to the old traditional "liberal" as in "libertarian" meaning.
In the US a "Liberal" is about as "liberal"-as-in-libertarian as the DPRK is democratic. US "liberals" are mostly "Progressives" who hijacked the term after their collectivist policies totally failed both in practice and in winning any significant support at the voting booths in the early-1900s, and leadership is mainly composed of a mix of socialists and communists by either their own declarations or their actions.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
I can take your insult, but why do you think so ?
The default O.S. for the phone will be Debian-based (Ubuntu is also based on Debian). Debian has been around for nearly 20 years and it's main features is security. They audit and review all packages for security before releasing them to users in their stable release.
A lot of the staff working on the Librem 5 are actually experienced core Debian developers, and the former Debian Project Leader, Stefano Zacchiroli is working with Purism as well.
The security credentials for this phone are quite strong. And in case of any potential hack or issue, the phone will have physical hardware switches for the camera, microphone, baseband, WiFi and bluetooth. So even if any software is compromised, a hacker wouldn't be able to access your microphone or camera at all, which is the best insurance in my view
As to my knowledge, the IP-based calls and messaging is a next level feature in call and text security, since it will add encryption from end to end, which would prevent your cell carrier from being able to record or listen to your calls/texts.. the Librem 5 phone still allows regular calls and texts like any other phone, but comes with the in-built feature to make encrypted communication if you wish to
Synaptic?
If it runs Debian... That's what I use.
You can always buy a Jolla, oops no, an Intex Aquafish, oops no, a Sony Experia X and install Jolla's Sailfish OS.
It's 'a' Debian variant and has an Android VM which runs, well, Android apps.
"Trump!!", the new Godwin.
There is an awful lot of talk on this thread about the necessity of some gargantuan "app store". I don't think this is all that big a deal. I'm guessing many if not most of the users of these phones are not going to be all that interested in playing angry birds or for that matter most of the other spy/crap ware floating around in the Apple and Google ecosystems. I don't see the lack of 5 million crappy apps to be that big a problem.
Dear Microlimp: I give you 2 valid product keys for win7 and you reject both of them. Piss off you wankers!!!
leadership is mainly composed of a mix of socialists and communists by either their own declarations or their actions.
Darn commernists. I'll bet they'll start fluoridating your water any day now.
I bet they're a bunch of preverts too.
SJW n. One who posts facts.
For at least the past 6 decades in the US, the term "liberal" has had a radically-different meaning to the old traditional "liberal" as in "libertarian" meaning.
Only in the fantasies of right-wingers who strive to redefine anything to the left of them to be double-plus ungood. Attempting to change what people think words mean is the first step in mind-control.
It's clear from your sig that you have an obsession with this very topic. You need to get out more.
If it weren't for deadlines, nothing would be late.
So current-day US "liberals" believe in Libertarian principles of small central government and minimal regulation and interference in general by the government?
#IDon'tThinkSo
Better check the date on those definitions of yours, that one is about 60 years past it's 'best used by' date.
Strat
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
I've been adamantly against smartphones in general for a number of reasons but security (and the lack thereof) has always been at the top of that list; this potentially changes that. However, what will this device cost? I've seen nothing about that.
Question: Do you think Tor would work on a phone like this? Or would wireless companies block Tor?
11/10
You are aware, of course, that the success and convenience of Linux package repositories was both the inspiration and proof of concept that caused app stores to exist, right? On an OS built by developers for developers, "go make your own apps" actually works.
All closed source commercially controlled software takes queues from open source software, some even just take the software verbatim... that doesn't mean it retains the open and non-commercially controlled aspect of it. The whole point of this phone is not "another phone OS" or "another app store" it's about choice and freedom, if you don't give a crap about that stuff and want maximum choice of utility at this very moment in time at any cost, then this phone is not for you.
Oh suck... this is what happens when I dont read the quote, sorry. I read your response from the other side.
A key problem with the Linux phone is figuring out timing.
Personally, I have no doubts that not only there's demand for a device like that these days, but it'll only increase as more and more people gets their identity stolen, their private content thrawled through, and their personal security ravaged overtime.
It's the direction we're walking to, and we're currently only seeing the tip of the iceberg.
But a private Linux phone only has chances of keep going when there's enough money and interest into it to keep projects going. Kickstarting a project is one thing, delivering on time is another, but the important part here is a stream of development and the upgrade path.
Don't get me wrong, I'm very glad that this was backed, but I really don't want to see yet another privacy oriented project dying off because of lack of support.
Infotainment unit's don't have batteries. Car dashboards don't have batteries.
Technically they all run out of 12v lead batteries (internal combustion engine) or massive lithium battery stacks (electrical vehicle). But...
There isn't a single use case for the i.MX8 series where the SoC is the biggest consumer of power in the system.
...yes indeed, the infotainement basically just feeds out of the 12v instrument bus.
It's the job of other completely different devices to manage the power, and any way the consumption of the infotainment is dwarfed by that of the spark plugs and starter (ICE) or the electric motor (EV), and in both case the battery can be charged using the same electrical motor (respectively by the alternator / by regenerative braking).
At that scale, the power to the infotainment basically comes "for free".
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]