this post was submitted on 25 Aug 2023
154 points (88.1% liked)
Asklemmy
43958 readers
1158 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Just sharing a recent 5-minute talk from CCCamp:
link
Haven't tested it myself but sounds cheap enough to give it a shot. I Plan to.
Note: Linux phones are notoriously insecure (source) but please correct me if you know better
yeah, now I am not buying it lol. I wanted a daily driver not a phone for some habit :(
For most linux users I'd say less security is a necessary evil. Security hardening is a tradeoff and I'd guess most people dont want their systems to be as locked down as ios or android. Or even modern MacOS, there are quite a lot of modifications that will require you to turn of System Integrity Protection, which blocks modifications of system files in normal use.
A few points
Android uses SELinux for mandatory access control as per their own docs
As for ChromeOS, it's built upon Linux and that blurred line between Chrome and Linux is being completely removed --> hello Linux And ChromeOS aka LACROS
PulseAudio is due to be replaced by PipeWire which
https://github.com/mikeroyal/PipeWire-Guide
There's also Wayland, which is being written to replace X11. It has better security
While it's true that many apps aren't designed with security in mind, flatpak and snap packages have their portals API. The author did mention that they are underutilized, but that's slowly changing.
Additionally, immutable distros (nixOS, Fedora silverblue) do exist, which make it quite hard for unauthorised applications to modify root partitions since they are mounted as read-only. Mobile NixOS is still in its infancy, but it's being worked on.
In conclusion, security on linux isn't hopeless, there are solutions being worked on, and improvements in linux phones will benefit all desktop users, unlike distros like Android and ChromeOS that build custom solutions that aren't contributed back to the community.