UPDATE (2017-10-11):
So as noted, Purism reached their funding goal. It will be a while till the devices are ready to ship but I was very happy to hear this and hope it opens the door for additional open-hardware phone projects in the future. I would also be great to be able to continue getting OS patches for a long time... I know it has been common practice in the Android world for big companies to stop pushing updates after awhile; really hoping this will take the traditional desktop Linux update approach to phones too.

ORIGINAL:
So I recently backed a crowd-funding project for Purism's Librem 5 privacy-focused phone and I'm waiting to see if it makes it's funding goal. I've been wanting to see open-source hardware and Linux smartphones in particular get even a small foothold in the mobile market for a LONG time now. I don't expect that most people care about that....I even did some GA's recently for my Linux groups but only got a couple responses... But maybe people care about privacy/security more than they care about Linux...

Anyway, I figured in the true SG-fashion, I needed an official poll with some gibs X-D.

L0:
Pang Adventures

L1:
Mainlining
VoidExpanse

L2:
Septerra Core
Konung 3: Ties of the Dynasty

L3:
Hero of the Kingdom II
Two Worlds II: Velvet Edition
Flame in the Flood

EDIT Sept 24:
Emailed the Purism team to request some more info related to some of the points below and they responded pretty quickly (unfortunately I was sleeping in and did not see till just now :-D). To the folks at Purism, if you happen to be reading this, thanks for the fast response and I wish you the best of luck in the crowdfunding so that I too can look forward to a Librem 5 :-)

In response to asking who their security expert is, they responded

Have a look at here, please: puri.sm/about/advisory-board/ (for example, Nicole Færber actively participates in our campaign, have a look at some of her posts in our forums).

With regards to the bulleted list that Movac asked about below, the response was:

All this is planned, we will see how much of this we will manage to implement on time. Our first concern is to make the campaign succeed, after that we will start sourcing and negotiating with our suppliers and finalizing the specs, then we'll start implementing the software. As I understand, much of this is already possible with the current technologies, it's just a matter of adapting it for our specific case.

Finally, they said they will see about getting some more details added on the main Librem 5 page as well.

EDIT Sept 25:
Got some additional details shortly after my last edit. Here's what they said (this was second hand)::

App isolation will happen for sure, secure boot likely not initially, code-signing ties in with secure boot, so "maybe", storage encryption is something I'd like to have (maybe using ext4's built-in encryption feature, but in that case we would not encrypt the OS), centralized management is too vague to say anything about it (what exactly does that mean? there are different levels to it)

I too was somewhat unclear on what layer was being asked about for 'central management' but as I said in my comment below, most Linux distros handle both OS updates and software updates through package management. PureOS is based off of Debian so I would expect it to be somewhat similar to other Debuan based Linux distros like Ubuntu or Linux Mint (in Mint, I usually see an icon by my clock when updates are available and when I click on it I can select which updates to apply and/or change my source servers from where I download updates from. Meaning I can use official Linux Mint servers or if I live far away I can instead select an unofficial source that I trust but which us geographically closer to speed up download times).

6 years ago*

Comment has been collapsed.

Interested in a more security/privacy-focused phone

View Results
Sounds awesome; hope it gets funded
Like the idea; hate the implementation
Sounds ok but not for me
Meh... hackers/gov'mint can have my info, I don't care
I only store my data in Potatos

Thanks

6 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 2 years ago.

6 years ago
Permalink

Comment has been collapsed.

Fair enough. I would even go as far as to say there's no such thing as a secured computer. :-)

In any case, it's all relative.

6 years ago
Permalink

Comment has been collapsed.

Custom self-compiled Android OS is enough for security these days. If they don't want to manufacture all components themselves but use e.g. broadcom for Wi-Fi/baseband then the phone will end up with crapload of proprietary blobs anyway. And if they do want to do all of that, then good fucking luck.

Making a 100% privacy-oriented phone is not possible at this point. I like how they ditch Android and load PureOS on it instead of using open-source AOSP base and writing open-source proprietary google services replacements which would benefit not only their own cause, but all custom android users like me in particular. They're kinda killing their own target at this point, devs that could offer their help are automatically out and they're re-inventing the wheel from the beginning instead of making use of what is already available. There is a reason why Google decided to use Linux kernel in Android.

As much as I want them to succeed, this simply won't happen, at least in my own dev-experience-powered opinion. At best you'll get another generic device that claims to be secure without backing up that claim, while having closed and crappy ecosystem nobody will contribute into.

6 years ago*
Permalink

Comment has been collapsed.

My understanding was that:
a) Purism does not do their own h/w (or they do a small number of components if they do). But I think from what I have read that they are trying for as close to 100% open-source hardware as they can manage in the current market without making their own h/w

b) They are trying to leverage existing work done by Canonical (Ubuntu Mobile) and I believe I read somewhere that they had also partnered with Gnome in hopes of reusing existing Linux apps. I don't think they are "reinventing the wheel" in terms of whats available in the Linux ecosystem (but guessing you probably are meaning in terms of what Android has today) but there would definitely be a long road to make existing Linux apps play nice on mobile.

Anyway, while I would love for them to succeed and I am not overly confident that it will succeed*... I too am a senior developer and realize full well everything that needs to fall in place here. My hope is rather that they could open the door into the mobile space for Linux and open-hardware...I like Android more than iOS but hate the lack of freedom as compared with any Desktop OS. I think if Linux/FOSS-H/W emerged onto the mobile scene in a respectable form it would also help out the Android ecosystem as well (for example, how nice it would be to have open-source boot-loaders on even some of the commercial android phones? Or fine-grain app security permissions ala the blackberry days but without having to use blackberry os... I hate the all-or-nothing app permissions model that most users have to deal with today).

* EDIT: I had meant this mostly referring to what I have seen with other attempts at a Linux smartphone and trying not to get my hopes up too much just in case. That said, I do have faith in the company being decent folks and really really hope it comes to market.

6 years ago*
Permalink

Comment has been collapsed.

Have you tried LineageOS? It addresses most of your claims, including app permissions or lack of freedom. Like I said, you won't get much better than that, as blobs will be here regardless if we like it or not, and that situation is already possible with any popular Android phone and modding community. The only things that aren't open-source and otherwise can't be built from source in such situation are hardware blobs responsible for making it work, such as baseband, wi-fi, sensors and so on. But I doubt those will be open-source if Librem 5 happens anyway.

6 years ago
Permalink

Comment has been collapsed.

Sounds cool. Will try to look into it a bit later...sounds pretty useful for flashing my old dino-phone with. Still doesn't fix boot-loader issues (not that I expect it to) and I would have to rewrite any existing Linux apps to port them to Android (unless someone else did it for me already). Main reason I bring up the bootloader is that if I go for a more modern phone then I would still need to run some kind of OS exploit or limit myself to a select few handsets that don't require one to be able to flash it with LineageOS, right? (Asking seriously... I used to root my Android handsets back in the day but have been away from that stuff for quite some time and I'm mostly going from memory)

6 years ago
Permalink

Comment has been collapsed.

Locked bootloader is mainly carrier thing, phones don't come with locked bootloader 99% of time, at least in Europe. Situation in US might be "worse", here barely any phone that doesn't come from specific carries has locked bootloader, it's very rare and sometimes even illegal thing to do.

6 years ago
Permalink

Comment has been collapsed.

Damn I wish that was true in the US. Our oligopoly of cell carriers and ISP's is really annoying. I really need to finish learning German and move over there for awhile

6 years ago
Permalink

Comment has been collapsed.

Bump!

6 years ago
Permalink

Comment has been collapsed.

Doesn't run android or iOS is another way of saying "none of your apps are gonna work here". That's a non-starter for a smartphone. A few enthusiasts will buy it, and then it'll die out because it can't reach enough market saturation because people don't want to give up their favorite chat apps that all their friends are using.

If they want to make a really secure phone make a feature phone. If they want to make a really useful smartphone they should make a security focused android version. Notable though that there are many of those already and they can't really make headway either because android is secure enough for the average user as is and the drawbacks of extra security isn't worth the loss of convenience for the average user.

6 years ago
Permalink

Comment has been collapsed.

Doesn't run android or iOS is another way of saying "none of your apps are gonna work here"

Not necessarily. It will support HTML5 apps, which should make most traditional mobile apps possible. In addition, being based on traditional Linux distributions means we should also be able to port some Desktop Linux apps to mobile.
-> For example, things like Signal/WhatsApp/Facebook Messenger/Hangouts etc should work fine considering that I can even run those as Chrome-extensions on Linux Desktop and that's not all that far removed from html5. Throw in FOSS software repos and libaries and I think that stuff is easily achievable. I would be more worried about services from companies that are really restrictive with their APIs and only support access through their native-apps.

What I dislike about Android is the refusal of its developers to use fine-grained app permissions ala the old blackberry OS's (e.g. I should be allowed to download a Notepad app that requires Internet access and then block it from using the Internet... without needing additional apps to do so.). I believe the main reason for this is that Google likes Ads and knows that by allowing this that people would block in-app ads. In addition, the current market has locked boot-loaders, proprietary h/w, and for most users you don't even get AOSP meaning you get bloatware galore preloaded onto your device. It is a sad, sad state especially when compared against the desktop Linux experience today.

6 years ago*
Permalink

Comment has been collapsed.

Not far removed is unfortunately not the same as will run without any changes by the company... and those changes will just not happen. Good luck getting Telegram, Snapchat, Instagram and so on to spend effort on something they have zero financial incentive for. You might be able to access some things you like via hacks and half measures or using web clients and third party clients that run the html5 version under the hood - but that means nonsupported solutions that make the non-technical cry to even think about, and can be gone in a moment when some company changes their API like twitter once did.

I will just say I agree that Android is in a sad state, but let's leave the linux discussion entirely to the side because it's far too controversial and unrelated. The thing is though Android is in a sad state depending on what device you choose to buy, and Android is actively working in getting better. It's in a sad but improving state and already at the point where anyone interested in getting things secure can do so without most of the compromises this new device would require.

In fact the plans as drawn up, the roadmap for the next version of Android and forward, will basically mean that in the future all devices should be certified to the point where you can basically compile AOSP and slap it on any device you want, thanks to the new interface layer. Which means open source you can compile yourself without having to make compromises on device quality OR app access. And yeah, access to the google apps and eco system is kind of essential to most people as well.

6 years ago
Permalink

Comment has been collapsed.

I agree that even in the truly best-case scenario that Librem 5 gets funded and comes out with better than proposed h/w specs etc that the first phone they put out will be geared more toward enthusiasts and it is very unlikely that even the best-case version would be comparable to what the masses expect from a modern Android or iOS phone. It would be more than fair to say I am looking at their entire project as a stepping stone.

BUT and -- you will note that that's a big but (but not a big butt :-D) -- it might pave the road for an eventual third/fourth/whatever option which would be great for myself and others who would like to be able to run desktop apps on our phones. And I'm not meaning the UI convergence stuff like Windows Metro/Modern/Store/etc apps or Canonical's Unity Convergence, I still think that front-ends should be separate for each. But I would love to see more reuse of desktop libraries/console apps on mobile. Not to mention the ability to reuse the same configs or low level scripting for both (such as if I want to have a whitelist firewall setup on both or run a bash shell script) Anyway, my point is that I think open h/w would be great for letting that happen by allowing you to load whatever the hell you want even if its an OS-platform that the handset manufacturer never intended.

But as you said, leaving the "could Linux apps be made" discussion to the side, I am still interested in seeing if this project could pave the way for more open-hardware. What you say above sounds interesting and I apparently need to read up on the latest and greatest changes in the Android world because even if Linux does make it, it won't be immediately.

6 years ago*
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 1 year ago.

6 years ago
Permalink

Comment has been collapsed.

Bump ! Thank you 1

6 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 1 year ago.

6 years ago
Permalink

Comment has been collapsed.

Not denying that its a lot of work. But also keep in mind that:
a) they are not doing it alone... they are leveraging work done in previous Linux-to-mobile attempts as well as partnering with one of the largest/most popular Linux GUI teams: Gnome
b) Android is just using the Linux-kernel whereas starting from an existing Linux OS means they should be able to spend most of their focus on apps, experience, and performance tuning.
c) Although I do not know all the specifics there; they claim they have already been in testing for 18 months so I don't believe they are starting from day 1. This I think would be why they are saying 2 weeks.

Could I be wrong about some of this stuff? Sure. Hell, I would bet $$$ I'm wrong on at least a couple details. But I don't think these guys are schmucks either... they have a pretty good track record in the laptop sector. You may very well have a point that it would take more than 2 weeks but that doesn't automatically mean that they say "fuck it, let's deliver it as-is"; they would probably adjust their timeline to compensate if it was a serious issue. It is a crowd-funding effort after all.... and how often do crowd-funding projects get their proposed timelines right first try?

Hell... how often do developers anywhere get their proposed timelines right? (Saying this last part as a software developer who has been in the tech industry working for a fortune 500 company for over a decade... and getting my proposed timelines wrong at least 1/3 of the time due to everything from missing business requirements to scope creep to uncovering serious problems that weren't caught in the design scope)

6 years ago*
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 1 year ago.

6 years ago
Permalink

Comment has been collapsed.

I do agree that the details are poorly organized and there should be a lot more info present, especially security-oriented details. I haven't had time to look into all of the things you mention and I should note that I am neither a security expert nor affiliated with Purism but from what I can tell I think the expectation is something along the lines of "Linux desktop does x therefore if we make a phone that loads Linux desktop we can do x too". I'm also not sure for some of the bullets if you mean them in the context of apps, OS, or hardward but here are a few examples I can think of off the top of my head that seem relevant and would be handled purely by using a full Linux-based OS rather than just using Linux-kernel as Android does.

  • App isolation - this is possible in Linux desktop OSes using either SELinux or app-containers such as Docker. I also see a stretch goal of allowing Android apps to run in Linux in isolation mode. Not saying it is easy to set up for the average user mind you, just that you have the ability to do so. If all of the default apps were to use Docker that would be a step in that direction but obviously a user could circumvent it by downloading something that isn't running in isolation and shoot themselves in the foot that way.

  • Data-access perms / Encryption / signing - all possible on Linux, you're right that there's no documentation here on if they plan to do anything special or specifics.

  • Secure boot - As far as I can tell, descriptions of "android secure boot" sound very much UEFI on desktop in that its main purpose is to prevent rootkits and the like. Not sure if that is what you are referring to? If so, many Linux distros support UEFI (Ubuntu/Mint/RedHat). I have no clue how Purism is planning to handle it and agree they should mention it specifically. I do see mention of an open-source bootloader, so I assume they have something in place but you are absolutely right that they don't go into detail.

  • Centralized management - not sure if you mean for software management or something else. Obviously Linux had package managers long before Android had a market but I don't think that's what you're talking about. Guessing you probably mean for OS updates which would still be through package management sources but not sure.

EDIT: You had such good points, I decided to send them an email to see if I could get them to update their page and provide some additional details. If they respond, I will try and update my main post.

6 years ago*
Permalink

Comment has been collapsed.

Bump

6 years ago
Permalink

Comment has been collapsed.

Those topics should come with free Prozac: always so many reactions like "Meh, they'll never succeed. I really don't like Google but actually I'll keep using it anyway. Oh, and did I tell you they'll never succeed?" 😐

Heard about it a while back. Actually, with phone CPUs becoming more and more powerful, it really starts to make sense to try putting a "normal" Linux on them, with not much more than UI tweaks. Hella good luck to them! πŸ‘€ Not as much for the security as for just getting free from close source stuff (yes, AOSP is unforkable) where just changing the ROM is an adventure by itself

6 years ago
Permalink

Comment has been collapsed.

AOSP is not unforkable. Clear AOSP is totally possible to work with. GMS is unforkable and closed-source, that's true, and this is what Librem 5 devs could try to improve, like I stated above, instead of re-inventing the wheel. There are already replacements for e.g. Google location API that your site claims is such "problematic" thing in GMS. I wonder why they didn't point out anything else, oh, wait, I actually do know why, because location API is the only API that GMS exclusively comes with that isn't in standard, since it uses Google servers.

I've been ROM developer for around 3 years if not more, during that time my ArchiDroid ROM always made GMS fully optional and not mandatory to use, which was a very good option for people that simply do not use apps and just want a phone that will ring, accept SMSes and browse internet. You do not need a single piece of GMS for that. GMS is extending normal AOSP base by proprietary functionality such as location API, Google wallet, cloud and likewise, not limiting AOSP in something that does not depend on Google servers, such as making calls or saving contacts on local storage. Claiming that GMS is "mandatory" is like saying that you need Steam to run video games. Sure you do, but DRM-free games exist too.

I feel like the person who wrote your article has never ever managed to successfully compile AOSP base for any phone, neither has used such base. Reading his claims is hurting my eyes as a dev who spent with Android source over 3 years. It's like reading thoughts of random user on xda-developers.

Edit: Ahh, now everything is clear, that person is Microsoft developer, I don't know what I've expected :3.

6 years ago*
Permalink

Comment has been collapsed.

Bump !

6 years ago
Permalink

Comment has been collapsed.

bump and thanks

6 years ago
Permalink

Comment has been collapsed.

Nice find. This topic deserves a bump

6 years ago
Permalink

Comment has been collapsed.

So what shady business you running, you want one? ( Ν‘Β° ΝœΚ– Ν‘Β°)

6 years ago
Permalink

Comment has been collapsed.

Bump

6 years ago
Permalink

Comment has been collapsed.

I like the idea, but I would never spend anywhere close to 600$ on a phone ever.

6 years ago
Permalink

Comment has been collapsed.

I hope there will be more projects focused on the matter of privacy. I'm terrified about lack of it these days.
Btw. I'm still using classic Nokia phone which is actually a PHONE and not a tracking device :D

6 years ago
Permalink

Comment has been collapsed.

Regarding privacy, a quote I saw long time ago was "If you upload it in the network, it's no longer private". Private means only you have the information and isn't available anywhere else. In this matter, I avoid to give personal information in anything online.

6 years ago
Permalink

Comment has been collapsed.

Deleted

This comment was deleted 2 years ago.

6 years ago
Permalink

Comment has been collapsed.

bump

6 years ago
Permalink

Comment has been collapsed.

I like the idea behind this and they have some lofty goals. Hope it encourages more efforts/projects of the same kind.

6 years ago
Permalink

Comment has been collapsed.

Bump

6 years ago
Permalink

Comment has been collapsed.

Look really interesting, but I'm not going to back it. I wish them good luck, and hope it becomes widely available.

If it has decent battery life, I would definitely consider it for my next phone. I really have never cared about "apps" ... I want phone, email, text, and a browser. A few other things are nice but not required. I have found most apps are just locked-down web pages; I never really understood the appeal.

6 years ago
Permalink

Comment has been collapsed.

bump

6 years ago
Permalink

Comment has been collapsed.

Thanks, joined two!

6 years ago
Permalink

Comment has been collapsed.

Bumpy :3

6 years ago
Permalink

Comment has been collapsed.

Looks cool, but I need my Pokemon go fix. For real.

But I use Lineage on my phone, so it's pretty decent privacy/security.

6 years ago
Permalink

Comment has been collapsed.

Sign in through Steam to add a comment.