12-10-2020, 01:46 AM
(12-10-2020, 12:05 AM)ryo Wrote: In Linux the general rule is, safety depends on what's between the keyboard and chair (or in the case of smartphones, what's touching the screen).Hi ryo thanks for your very informative reply that will be helpful to more noobs like me. I am aware of those anonymization strategies, and yes it all depends on what the user is doing on the device as well. So I'm more specifically wondering what I need to look for in a secure Linux mobile OS. Are some more secure than others as far as sandboxing apps or how the OS is built? Or are the various Linux mobile OS mostly the same security-wise? I don't know how to evaluate what makes a distro secure and private, other than staying away from ones that are partly proprietary. Why do some say Ubuntu Touch is more secure because of app isolation, does Mobian or other mobile OS not do that? I guess what I'm asking is, when I'm reading about all the different mobile OS for the Pinephone, what characteristics should I look out for that indicates it's built with security/privacy in mind? Sorry if my questions are confusing, hard to articulate it since I still don't know what I'm talking about lol.
Mobian is the most daily driver ready OS for Pinephone.
However, if you have a Nexus 5 or a Moto G7, then Ubuntu Touch will be the ultimate daily driver ready OS.
Some examples of OS independent privacy concerns:
・Do you go online using your real name, a nickname, or a fake name (not the same as a nickname).
・If you use a nickname and/or fake name, do you use the same name on all websites, or do you invent new names on each site or service?
・If you use your real name, do you just blast it all over the internet, or just limit it to certain websites?
・How about your address, birth date, phone number, among other person specific information?
・Do you use Fakebook or any of its other services (WhatsApp, Instagram)?
・Do you use a VPN? If so, which provider?
・Do you have multiple email addresses for multiple purposes, or do you use the same one again and again?
・Do you have different, randomly generated passwords for every site or service? And where do you store your passwords?
・Are you active exclusively on big tech SNS, exclusively on alt tech SNS, or do you diversify your content across many different SNS?
And it's just a very few things that really determine security issues that aren't specific to a certain OS.
For some of the OS specific stuff:
・iOS sends your information to Apple, and there's no way to stop it.
・Android sends your information to Google, you can block it to a certain extend.
・Degoogled Android sends misinformation to Google (is needed for it to operate).
・Linux does not send anything to Google, Apple, Pine64, Purism, distro maker, etc.
On the other hand, degoogled Android has storage encryption, while Linux doesn't have it yet (although it's in development).
And there are 2 more entities to consider: your carrier, and the government.
Your carrier tracks you using your SIM card and the cell towers.
You can hide using a VPN, to a carrier it'll just seem like you're just using a VPN and nothing else.
Government on the other hand has its own methods they'll refuse to let the public know unless some hacker leaks it.
