Security or privacy or many other things holds not more then it’s weakest link.
If someone wants to protect from data siphoning apps from GP (I’m unsure if any of top ten is open source, so I assume they leak more than they should as often discovered) on the OS level it would require a lot of effort as there are many ways such app can hide something unwanted in it’s data stream with it’s parent cloud/server. Many of them would require supercomputer to break the possible encryption. Many would require a lot of reverse engineering to discover leeks. On top of that such app can change it’s data structure, encryption or anything else at random times. Which means that one unprotected access after that and they have your data.
That’s all assuming that apps protected in such a way would even work.
There is FireJail but I’m far from expert so I can’t comment how much it can isolate apps. Most big data siphoning firms can afford to fingerprint their users with very little data. So I’m unsure how much such isolation can really help.
I believe that the safest way is not using such apps. Even then many of your online activity can still be tracked on many many other ways. Total online privacy is unfortunately a myth.
I also don’t believe that Andy does what it claims it does regarding either security or privacy. Even rooting it doesn’t give you full access to apps data.
After all most of the big firms have a huge revenue generated from our online data. So why would they voluntary limit their profit???
At this point your arguing is more and more looking like trolling.
Tell me more about how you demand the same from desktop Linux, and how that is going for you.
I find it rather peaceful to not have any of the common Windows spammyness on my desktop. The same goes for my phone - because why shouldn’t it?
You are basically chanting “usage of data-predatory applications is mandatory” like some sort of mantra.
It is you that are saying “The world belongs to corporations.” in demanding to use each and every of their applications - not us.
I believe that the safest way is not using such apps. Even then many of your online activity can still be tracked on many many other ways. Total online privacy is unfortunately a myth.
We can’t know how safe an application is without installing it and examining it from all sides, right? Therefore, the OS needs strict control over access rights to all kinds of sensors and databases (contacts, SMS, etc.).
Total online privacy is unfortunately a myth.
Complete confidentiality is not required. As I have already written, we need tools that will make user identification as expensive and unprofitable as possible.
Tell me more about how you demand the same from desktop Linux, and how that is going for you.
I find it rather peaceful to not have any of the common Windows spammyness on my desktop. The same goes for my phone - because why shouldn’t it?
On desktop Linux I write articles in LibreOffice, are you sure I will write them on a smartphone?
On desktop Linux I watch Netflix in the browser, on smartphone in the browser it does not work because of DRM. It can only be watched in the app. So give me a link to the Open Source Netflix app, I will gladly use it.
On Android I deny it access to my SMS, contacts, etc., I leave it only with internet access.
Under the pretext of automating the authorization process, various applications ask for access to SMS in order to parse the received authorization code and log in automatically. It is not difficult for me to enter the code from the SMS manually, but I completely block its access to SMS and am sure that there will be no leakage.
What about DJI Osmo? Is there an Open Source app for it?
On Android, I leave it only access to the camera and Bluetooth, I prohibit everything else. With SFOS, as I understand it, it will work with all the access rights that exist.
You will, of course, reduce the conversation to demagogy, that it is necessary to use separate devices. But this will not answer the questions that interested me at the beginning of the topic.
You identify tasks that are solved on a desktop with tasks that are solved on a smartphone. You have no idea how different they can be.
The examples above show how little you understand the topic. Please do not call others trolls, because you have a pronounced Dunning-Kruger effect. Do not clutter the thread with your meaningless messages.
I can’t answer your questions about SFOS, but I join others who have found a way to best (not completely) protect their privacy and behave accordingly in life.
I use three devices
Linux desktop for all necessary work (except phone calls),
SFOS for calling and several natural SFOS applications (I do not use the AppSupport),
Android phone (without G… account) for a few applications (not critical), I only turn it on when I need to do something in those applications, otherwise it is turned off. I blocked everything that G… offers in the UI, but that doesn’t mean that the system won’t use it if “someone or something so decides”. What I do in the UI settings cannot be verified at the system level because Android is closed.
The issue of privacy is not only about the UI phone’s settings, as it was already said here, it is about the decision of each person how he trusts the environment and whether he can verify that trust. It is largely possible in Linux and SFOS, certainly not in Android, …
And yes, I changed the bank when it was not willing (able?) to provide the application to my environment.
I wish you to find the right answers to your questions.
This is a built-in Android feature. The source code is fully available in the AOSP repository. I have not seen any sensational claims from programmers who have examined the source code that it does not work, nor any information about exploits.
No, without access to the source code and the build recipes from which the binaries of any software are built, you will not be able to make any proper assessment about safety and security of that software with feasible efforts. I.e. if you only have the binaries, you have to reverse-engineer the software under scrutiny, which is so time consuming that it is practically infeasible. Consequently “knowing” what a proprietary software does is an illusion, rsp. equivalent to believe the statements of its maker.
You never answered why you do not believe so WRT your desktop Linux.
Can you please try to explain that, at least.
The Android app permission system is unsuitable to raise this bar significantly, in contrast to deliberately only installing software of which the source code is available and the build process is documented or being executed publicly.
You are deliberately diverging. You definitely could with software which is equally trustworthy as LibreOffice.
Are you sure that watching Netflix is impossible with Firefox mobile, as it is built from exactly the same source code as Firefox desktop? All settings which cannot be accessed via Firefox mobile’s GUI settings can be configured via about:config. But as I have no interest in Netflix I never researched that or tried; IIRC Netflix, Amazon Prime etc. require one dreaded piece of proprietary software for that, which often has (or had) issues on desktop Linux browsers, too.
You need Netflix for your tasks as a journalist?!?
You still insist on putting the cart before the horse. If there is no Open Source Software to use an internet service, that service cannot be used safely / in a privacy preserving manner. Full stop!
If you insist in using such internet services, then there is no way to reclaim privacy. But you sure can use such services, on SailfishOS as well as on proper AOSP distributions (I named the best ones). E.g. you sure can install the Google Play Services on SailfishOS or a proper AOSP distribution, but why the all the effort not to use a stock Android in the first place?
Oh, how do you do that for the Google Play Services? And what do you do when an app does not run with “only internet access”? According to your logic, you sure grant all requested permissions, because you want to use this app. But why do you insist in making all these configuration efforts: I cannot see any other reason than to feel safe, because you did so much for privacy.
Besides that, “only internet access” is fully sufficient to leak some privacy relevant data (starting from the IP address other apps on your device also use and which can be used for geolocating you), as was pointed out before. You have already given up privacy at this point, Android’s whole app permission system fulfils its purpose (of multiple ones) of shrouding that, to make people believe they can use any software while preserving privacy, safety and security to a significant extent. You just exhibit in this whole thread how well this scheme works (which was a bit surprising to me, but I sure live in a techno-bubble).
BTW, do not be afraid on Android apps running in Jolla’s “Android App Support (AAS)” (ex-AlienDalvik) execution environment to directly access Bluetooth, WLAN or SMS: They cannot. And for your contacts on SailfishOS you can configure if they can. The whole AOSP part of AAS with all installed Android apps is running in an LXC container and Android apps can only access the hardware SailfishOS offers them (i.e. emulates).
AFAICS the first “You” ought to be spelled “I”. Please speak for yourself and do not project your beliefs and thinking onto others!
And the second sentence should have been amended with a “… for me.” for the same reason.
Technically these assessments you make for yourself are completely unfounded, any Open Source Software which runs on a desktop Linux or internet service which can be accessed by it can be adapted to run on SailfishOS (with varying efforts required) and vice versa. In general, smartphones are just computers with some special hardware to directly access a telephony network, which can be accessed from any other computer via a SIP gateway. A while ago some Android phone manufacturers (e.g. Samsung) and Microsoft (for their Windows tablets) even marketed that as “convergence”: Attach your smartphone or tablet to a proper keyboard and screen to substitute a desktop computer. But ultimately there always was too little software which can be equally well operated by mouse and keyboard as it can be operated by using a touch-screen.
P.S.: Please refrain to directly attack people or a group of people, especially not in a such a derogative way. It may make people want to push the censoringopinion suppressing wonderful “let this forum be a better place” buttons the dreaded Discourse forum software offers. I can assure you that @attah has much deeper understanding of the relevant technologies in the context of this discussion than you have shown so far.
I can well understand his (as usual) openly and quite directly stated assessment:
It does so for me, too. In my perception your “arguments” have become more and more evasive, insisting on usage models which ditch privacy while demanding mechanisms which appear to counter that. AFAIK Google never claimed that their app permission system is able to restore privacy, safety and security for software which has significant flaws in regard to any of these three points. But you have shown well that some people strongly believe that, and combined with a strong urge to use such software demand that “snake oil”. If you think you need the app permission system Android offers, then use Android! But please stop believing you can outsmart data-gathering software (which presumably most of the “top 10 Android apps” you resorted to are) with this.
Have you ever considered why you face a handful of people in this thread who confront you with the basically same, consistent line of arguments expressed in slightly different words and from varying perspectives. I can assure you 99% of us have never met (i.e. likely nobody participating in this discussion) or communicate privately about this thread. Sure, we all came to the conclusion that SailfishOS is the right smartphone OS for us despite its drawbacks, hence some implicit alignment was to be expected, but it was quite interesting for me to see that the similarity of considerations and reasoning goes much further than that. Still the strategies vary in detail: While some use some Android phone to run privacy-breaking apps in a “hardware sandbox”, others simply refrain from using these apps (e.g. me).
P.P.S.: Pointing to SailJail (which basically is a preconfigured Firejail) as an equivalent to Android’s app permission system is a bit misleading:
They have slightly different technical properties, but aim at the same technical use case: In this regard they are quite similar.
SailJail does not allow / demand the user to configure a lot: In this (psychological) regard they are very different, because the user cannot make her- / himself feeling safe, because of the lot of configuration work performed.
SailJail is only mandatory for apps in the Jolla Store: Even though most basic functionality of a smartphone can be performed with these and Jolla’s pre-installed apps, some have restricted functionality (e.g. Pure Maps as an excellent maps and navigation app) due to SailJail and / or the restricted set of allowed APIs for apps submitted to the Jolla Store. Apps provided by OpenRepos or SailfishOS:Chum can opt-in or -out of SailJail, all a user can do is transparently check their SailJail configurations (it is text-based configuration files readable for everyone). If I would restrict myself to only use apps from the Jolla Store and F-Droid I would be down from almost 200 apps to 50, about half of them being SailfishOS native apps from the Jolla Store. While this still far more than @desmond’s passive-aggressive phrase “the users have never had the need to launch anything other than a calculator” respectively “I understand that they only use the built-in Calculator and Notes”, I would feel restricted (or rather self-limited), because I know how much more nice native software there is.
As an Android user for now I wonder if most apps on Jolla Store is closed source too, just for curiosity…
I thought AppSupport on Sailfish is something like WSA on Windows. Personally I don’t like any Linux distribution on desktop.
No, I am only aware of a single one (ex-Nokia’s navigation software Here; I never used it) for which a Open Source Software alternative exists (Pure Maps, and additionally OSMscout), as it is the case for the very few other proprietary apps for SailfishOS which once existed, e.g. “Weather” aka Foreca (is dysfunctional now) → MeeCast (OSS).
I have no idea what “something like” addresses:
Technically AAS (ex-AlienDalvik), Waydroid (ex-Anbox) and WSA seem to implement the same concept, but WSA seems to be bound to the Amazon App Store and is EOLed (supports ends 5. March 2025) in contrast to AAS and Waydroid. The crucial point WRT usability is the integration into the host OS, for which I have no idea how WSA performs, because I primarily use Linux for the past 30 years and ceased to have a Windows installed for 20 years.
This is right in legal terms but it’s technically no problem to have a look into the source texts and modify them for your private use. Also I hope that it’s no problem to chat about tweaks here on the forum. As I understood it, it’s only prohibitted to redistribute proprietary files of SFOS, hmm… Can anyone tell us more and possibly confirm?
No, “closed source” is no legal term: The antonyms are “Open Source Software” (as defined by the FSF, the OSI or the DFSG, whose definitons are basically equivalent) and proprietary software. The only thing which is relevant to distinguish them is a software’s license.
Actually there is a third, completely different (to both!) and rarely utilised category, which is “software in the public domain”.
Just a side note: I’m using Plasma 6 on my tablet PC (Starlite from Starlabs) and this is already quite near to the convergence goal. I just need to switch from Plasma Mobile session to a Plasma Desktop session and with it, I switched from touchscreen to full Desktop mode. With Plasma 6 many apps are already useable on both modes (Kirigami framework). Even Kontact is useable, not very comfortable with touchscreen, but useable. Of course using something like LibreCalc in touch mode does not really make sense.
I was really surprised and impressed by the great progress between Plasma Mobile 5 and 6.
Like Android apps have little (or none if I set shared folders to none) access to files outside WSA. Or need to wait some time for WSA to start when launching an Android app after reboot. Feels like a virtual machine…
(The Amazon App Store seems to have been closed, other apps work fine though none of the games I installed managed to start…I know it’s far from important how Android games run on Sailfish.
I’m running it on my Starlabs Starlite tablet, so not on a phone. As distro I use OpenSUSE Tumbleweed (because they have Plasma Mobile 6 already available in the official repos).
