I really don’t get the doomsayers in this thread, all boasting about how android is secure and private – that’s bullshit. Android may be secure, and Google has a rep of doing secure stuff, but it’s hardly private, 'cos Google.
Then they go on about how you just can’t do that with regular linux. Wtf?
For the most part, mobile linux distros are adapted desktop distros and all the tools you can use on android for sandboxing et al you can use on regular linux.
Are there linux distros for mobile that are on par with android? No, not at the moment and not with that attitude. Can there be? For sure, and Google’s pushing it in that direction.
If you’re gonna be doomsayers bitch about hardware drivers, that’s indeed an issue and even that, it’s, like regular linux, a matter of time until someone reverse engineers them.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
I really don’t get the doomsayers in this thread, all boasting about how android is secure and private – that’s bullshit. Android may be secure, and Google has a rep of doing secure stuff, but it’s hardly private, 'cos Google.
Then they go on about how you just can’t do that with regular linux. Wtf?
For the most part, mobile linux distros are adapted desktop distros and all the tools you can use on android for sandboxing et al you can use on regular linux.
Are there linux distros for mobile that are on par with android? No, not at the moment and not with that attitude. Can there be? For sure, and Google’s pushing it in that direction.
If you’re gonna be doomsayers bitch about hardware drivers, that’s indeed an issue and even that, it’s, like regular linux, a matter of time until someone reverse engineers them.
Mobile phones are not secure. By design
Show me a better Sandbox than the one for android apps.
QubesOS.
How usable is it in comparison to Android? Not usable. Heavy hardware and skill requirements.
Flatpak tries to be like Android app on Linux, but is not that advanced like it.
Flatpak is a security nightmare. again, stop focusing on just sandboxing and look at the whole.
That’s still standard virtualization. It doesn’t harden the applications you run inside the sandboxes.
Virtualization is better than sandboxing for security.
Sandboxing is a general term and I used it as a general one. Sandboxing can include virtualization.
Virtualization alone isn’t enough if the external interfaces aren’t protected. With QubesOS you are for example expected to not mix data from untrusted sources with data from trusted sources in the same virtualized environment. You’re expected to use the right tools to open untrusted documents;
https://theinvisiblethings.blogspot.com/2013/02/converting-untrusted-pdfs-into-trusted.html?m=1
Lol that’s worthless when I can unlock your phone because you use a short passphrase
It’s not about thief. It’s about not letting random apps access everything in system.
Lol you can make anything seem secure if you narrow security to a very narrow definition.
Phones are the most insecure devices, if you look at the big picture. They’re literally designed to be convenient. That’s the enemy of security.
Everyone can decide on the length of their passphrase according to their threadmodell.
If you use a >50 character passphrase for your phone, its no longer useful as a phone. That’s the point.