this post was submitted on 21 Feb 2024
277 points (96.3% liked)
Linux
48328 readers
617 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
None, because a phone is useless without applications.
Edit: I'm all for a truly open-source phone with no tracking but at some point things must be useful as well and applications from the Play Store or App Store are something people have to get and use everyday. For instance in my country, if you exclude browser-based banking no bank will work those Linux phones and the NFC / contactless payment system here requires either Apple Pay, Google Wallet or a proprietary app develop by a banking alliance. Govt provides electronic versions of your identity card, driving license and a ton of other cards related to the govt that also require an Android/iOS app they make... Even something simple like setting up a TP-Link Tapo wireless security camera will require an app these days.
I haven't made the full switch to mobile Linux yet, but my Android phone has 0 proprietary apps besides the firmware and it's 100% usable
Well, the question is why are you excluding web banking? While it's less convenient at times, banking apps collect every piece of info about you they possibly could collect, they try to prevent you from "messing" not only with the banking app, but with the phone itself - they are one of the most egregious cases of "normalized privacy invasion", so web banking is much preferable to banking apps. If you're allergic to webapps for some reason (which would be a very weird thing to say for someone who installs banking apps), fine, switch to a bank that allows doing operations via SMS (that's the only feature I miss from Sberbank).
Why are you using contactless payment? Unsatisfied with the amount of data your bank collects, you want to give the same data to Apple/Google? What's the problem with just carrying a card with you? I genuinely don't understand. This certainly isn't a "100% unavoidable requirement", but just a fad you didn't even think whether you could do without
That's absolutely true, which is egregious. You should petition your government to open-source those apps (public money = public code), you should reverse engineer those apps to get their functionality without the proprietary code (if they just show a barcode/qr code/picture, it's easy, but it gets harder if it uses NFC). Either way, this isn't something you "need", as carrying your documents around really isn't a problem... for me, anyway, YMMV I guess
...first you buy an IoT device that connects to "the cloud", then you say you need proprietary software to access it. Of course you do, that's the kind of device you bought - the vast majority of IoT devices are made with zero regard to the user's privacy and security, to hackability or right to repair.
That said, it's very easy to find hackable devices if you do the bare minimum research. Examples from my home - Valetudo (FOSS robot vacuum firmware) on Viomi V2 Pro, Tasmota (ESP32 firmware) on an AiYaTo light bulb. This is not a problem with mobile Linux, but rather you choosing a device that's made to collect data from your phone.
In conclusion, everything you listed so far isn't a problem with mobile Linux, but a problem with your approach to software/hardware freedom. Chances are, you aren't a hacker, and by extension aren't a part of the target audience of a Linux phone. That's fine, but don't pretend there's some insurmountable barrier preventing anyone from using it - it's just that you don't need it. Waydroid exists, which makes all of the claims in your comment invalid (besides maybe banking apps which may detect Waydroid), but you won't consider Linux phones viable anyway - because, again, you don't need it.
So while I agree with some or the majority of your commentary I would like to add a bit of context.
I'm not allergic, I just happen to live in a country where banks unfortunately force you get their mobile app for certain operations / you can't do everything on their web app because of "security" . There's a big thing in Europe around secure transaction authorizations that require a secure 2FA methods (not SMS) and banks here decided to implement that in way that their mobile apps kinda work as a 2FA to the web version. Heck I can't even generate a virtual credit card here without installing an app. Compatibility layers / emulation, such as Waydroid, even GrapheneOS is flagged by most of the banking apps here as well and they don't allow you to proceed.
If I'm using the app from the banking alliance they won't gather more info than what they already do whenever I swipe a debit or credit card on a payment terminal. I kinda becomes about convenience at that point. Obviously the same can't be said for Apple Pay / Google Wallet and I avoid them.
Actually that's something I need, let me tell you why: I'm required to digitally sign a LOT of documents everyday and here you've two ways to do that. The classic one is by having a smart card reader in your computer, open a desktop app, choose a file and place the identity or professional card into the reader and type a PIN code. The second way is to open the application and click "sign with your phone", this will prompt you to open the govt phone app and enter a PIN / biometric authentication there and the document will get signed as well. While the first option works fine it's just annoying to have to carry a card reader around to meetings and other places and it also takes way more time for the desktop app to respond and sign the document if you se the identity card.
You proceed to give examples of vacuum cleaners and other stuff that is indeed easy to find more open.
I'm all for open-source IoT, I like it as an hobby and I run HomeAssistant and most of my IoT is DIY ESP32-S2 devices with sensors and relays. I also have some cheap relays and plugs from Aliexpress that are BL2028N and I managed to flash with ESPHome / Libretiny however things become a LOT harder when it comes to CCTV.
Cameras in general aren't as easy as cheap plugs to deal with. There's the OpenIPC project but it seems only to support very specific chips that are sometimes older, hard to find or not price/feature competitive with TP-Link offers.
For what's worth TP-Link Tapo cameras (TC70, 71 etc.) aren't that bad when it comes to privacy, there isn't much "cloud". They do require you to use their mobile app to setup the camera but afterwards you can just run them on an isolated VLAN / firewall them from the internet completely and you'll still be able to use all of the camera's features. Those cameras provide a generic rtsp stream that even VLC can play and there's also a good HA integration that provides all features of the TP-Link Tapo application like pan / move / download recordings from the camera's SD card and whatnot 100% locally / offline.
No, but it would make my life considerably worse or at least impractical in some cases.