Yes but my problem is when “experts” begin attacking FOSS, decentralization, and software freedom in general and act like we must all abandon our ideologies and support big tech companies or else we’ll inevitably get hacked, or even worse exaggerating the insecurity of anything. It gets annoying being told that the Google Pixel phone for example is the “only way” or F-Droid being a “security nightmare” for simply allowing third-party repos (in that case, Obtainium would be security hell). Especially when some users make Madaidan look like Richard Stallman.
I care about security but I don’t need to abandon my “ideologies”, support companies I hate, or change my setup to an unusable one like GNOME (unusable for me at least).
From my perspective this is all coming out of left field and frankly I’m not sure what in this thread you’re responding to. secureblue is a FOSS project… GrapheneOS is a FOSS project…
Google Pixel
It’s the only phone that meets the reasonable security requirements of GrapheneOS. That doesn’t mean you have to use it.
F-Droid being a “security nightmare”
F-Droid is a less secure option than alternatives. That doesn’t mean you can’t use it.
I care about security but I don’t need to abandon my “ideologies”, support companies I hate, or change my setup to an unusable one like GNOME (unusable for me at least).
Option A could be nonfree but architecturally more secure than Option B, a FOSS but less secure alternative. The facts of the matter aren’t an attack on your preferences or ideology. How you incorporate information into your decision making is up to you.
Yeah, ultimately if you think that enterprise security solves the same needs that the average user needs solved, then we just won’t be aligned on that point.
It isn’t something that I think. It’s the reality of how these systems work. It’s the same potential vectors, and often literally the same components (like with the linux kernel). It boils down to whether users have something worth protecting in the same way that enterprises do. Like I said, I think they do.
To me this is about as out of left field as the other post
Nothing I said has anything to do with restricting user freedom, at all. Enterprise security guidance largely doesn’t conflict with FOSS values, and in particular the guidance I’m referring to. I’m not advocating whatsoever for this so-called “tyrant security”… The objective for secureblue is precisely the opposite in the sense that the goal is to give people who do want to use a FOSS system on their desktop a relatively secure option to do so. So, I don’t see the relevance here at all.
People can’t help but bring GrapheneOS into every topic and it’s usually best to not engage
So what’s the next best (or least worst) thing? A Samsung that doesn’t even support bootloader relocking? A Fairphone that’s notoriously insecure but happens to support CalyxOS?
Less secure than Obtainium and the Aurora Store?
I’m convinced GrapheneOS is a necessary lesser evil for now.
I agree with this. At least Secureblue’s security hardening doesn’t conflict with FOSS values unlike Apple and Microsoft security.
An iPhone is the next best choice for a private and secure smartphone. Most Android devices have atrocious security and so do most aftermarket operating systems. If you need a fallback device for apps banning using anything other than iOS or Google Mobile Services Android, then your best choice is iOS.
I would think Samsung would take bronze.
If you look at the order of app stores on this PG section, F-Droid would be the least
I’ll practice more self control from now on , but people also can’t help but constantly ask for “best private and secure Linux” lol