Scorpion8741

joined 2 years ago
[–] Scorpion8741@mastodon.social 1 points 1 month ago

@kuketzblog@social.tchncs.de

Würde aufgrund zahlreicher fehlender Sicherheitsfeatures wie Renderer-Sandboxing, Sandboxing für andere Prozesse, Site-Isolation, strikter ioctl-Filter, backward- und forward-edge CFI, unsicherer Speicherallokator usw. immer zu Chromium-Beowsern unter Android raten.

Androids Standard-App-Sandbox (untrusted_app) reicht für Webinhalte als Schutz nicht. Weder ist sie für diesen Fall ausgelegt, noch schützt sie Inhalte in der Sandbox (Cookies, Passwörter andere Browsertabs, Verlauf).

[–] Scorpion8741@mastodon.social 2 points 1 year ago (1 children)

@didek @duckweed @linuxphones

That's utter nonsense. Open-source doesn't necessarily mean private or secure. In fact it's quite easy to build an open-source app with a bugdoor which is very unlikely to be found just by looking at source code, especially if you use memory-unsafe languages, as long as it's not just a tiny code base. The things I mentioned are important security measures and shouldn't be neglected just because you run open-source apps. They are the basics of modern secure OS's.

[–] Scorpion8741@mastodon.social 0 points 1 year ago (1 children)

@duckweed @linuxphones

Btw GrapheneOS and other Android OS's run with the Linux kernel, so technically they are Linux even though they aren't called this way.

[–] Scorpion8741@mastodon.social 1 points 1 year ago (5 children)

@duckweed @linuxphones

Linux phones lack in all aspects compared to AOSP: security and privacy enforcement (mandatory sandboxing, permission control, full-system MAC, verified boot), usability and compatibility with the mobile app ecosystem. The much better approach would be to get a Google Pixel and install GrapheneOS. This will get you a very secure and private smartphone with almost perfect Android app compatibility. Recommend reading about Linux phones on madaidans-insecurities.github.io