this post was submitted on 04 Sep 2023
327 points (96.1% liked)

Linux

48141 readers
522 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 4 points 1 year ago (4 children)

termux targets an extremely out of date sdk and is therefore quite insecure.

[–] [email protected] 19 points 1 year ago (1 children)

It targets that because those old "insecure" SDKs allows people to use their system as something that isn't a toy. Newer sdk versions refuse to run code that wasn't included in the apk

[–] [email protected] 1 points 1 year ago

Mobile platforms like android and iOS (more specifically GrapheneOS), are leagues ahead of desktop operating systems in terms of security because of these strict policies. and besides, you are treating untrusted code as untrusted code. I don't see the flaw in that logic.

sure, they could use more apis for accessing system directories and stuff like that securely, but that's not really in scope. this is for end users. not field deployment on an sbc for something.

[–] [email protected] 7 points 1 year ago (2 children)

Im gonna be honest i really don't care about that. There is no sensitive data on my phone except maybe social media logins and i have a recent backup so🤷

[–] [email protected] 6 points 1 year ago (3 children)

Odd choice to use GrapheneOS if you don't care about security. More power to you, though.

[–] [email protected] 11 points 1 year ago

Odd choice to use GrapheneOS if you don't care about security

Not really. People's threat models differ, some just want to escape Google's spyware without also requiring your device be a portable iron mountain. Some may also just want the additional control GrapheneOS provides for restricting permissions of apps, or their unique play store handling etc.

GrapheneOS has a ton of positives besides its security IMO.

For me it's just a little saddening that their secure focus conflicts with extending the life of mobile devices. Although really that's something that probably won't change unless we get a truly open source mobile platform, with firmware development out in the open.

[–] [email protected] 6 points 1 year ago (1 children)

Was more a privacy switch than a security switch

[–] [email protected] 2 points 1 year ago

I trust you have your own threat model and know what's best for you, but in my opinion privacy necessitates security.

[–] [email protected] 5 points 1 year ago (1 children)

The long term support might make it worth using, even if you don't care about security/privacy

[–] [email protected] 3 points 1 year ago (1 children)

@SomeBoyo What "long term support"? Official GrapheneOS releases for a device end when the official Android support ends because they don't support hardware where the firmware is not updated anymore. Or did that change recently?

[–] [email protected] 2 points 1 year ago (1 children)

I'm referring to "... and a minimum 5 year guarantee from launch for full security updates and other improvements", from their FAQ.

[–] [email protected] 5 points 1 year ago

@SomeBoyo Yeah that's the normal devices guarantee you also get with normal android on pixel devices. So in terms of longevity GrapheneOS doesn't offer any advantages. There are other advantages of course.

[–] [email protected] 2 points 1 year ago

that's fair I suppose, I wasn't saying not to use it, just that it is worth noting. these strict security policies are what makes mobile platforms much more secure than desktop platforms. I typically use my phone for security sensitive tasks because of this, so I tend to care a lot more about this stuff. if you have any banking info or password managers stored on the device, be careful.

I'll admit, it is pretty unlikely anything to happen, though. always just better knowing.

[–] [email protected] 2 points 1 year ago

Do newer SDK work on obsolete devices running Android 9/10?