• Evil_Shrubbery@lemmy.zip
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    2 months ago

    Yeah, I though of those two & it’s just a thing that would get/will get developed if we get to daily drive Linux phones, imho.

    Its not like it didn’t take Android years to get those two aspects covered.

    • Turret3857@infosec.pub
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      I mean if you want to get technical, KitKat (4.4 in 2013) introduced verified boot. So from Android 1 to 4.4, it took about 5 years. I believe some form of sandboxing has always existed in Android, but the earliest version I can find online was in Android 5.

      I feel like with the backing of Google, they were able to implement such tight security in their mobile OS without much pushback. Mobile Linux in it current state is entirely hobbyists with very few daily drivers. Unless someone can release some stunning Linux mobile hardware that a lot more enthusiasts buy I don’t think we will see any sort of major progression in mobile Linux for some time, as the current method most mobile Linux uses is replacing the bootloader on the phone with an open source implementation which takes a lot of man power to achieve, and it would take even more to make it secure.

      I would absolutely love to be proven wrong about the time frame however. The sooner secure Linux phones hit the market, the better the world will be.

      • Evil_Shrubbery@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        2 months ago

        Didn’t know/remember about KitKat verified boot, but the sandboxing thing was prob just to kernel & perhaps some system files, def not user or hardware such as cameras. Including between apps & phone contacts, etc.

        And I totally agree about lack of Linux phones (as hardware), the phone market with its size & megacorp subsidies to preinstall spybloatware is a giant hurdle.

        And the real reason for closed sauce drivers (as a practice, not as if they should open-sauce old hardware now - that’s a security risk for unsuspecting folk & iot … but we could def transition the practice).