Maybe Linux phones are less secure but more private? With Android and iOS a lot of effort has been put into restricting what each application can do. With standard Linux that’s less rigorously controlled, which is why there are security enhancements and sandboxing extras a distro can optionally add. So standard Linux may be less secure by default. But it doesn’t have all the surveillance built in that the mainstream phone OSs do, so it’s also by default more private.
Still, “security nightmare” sounds extreme. Wouldn’t a phone running a version of Debian be comparably secure to a computer running it?
That’s the problem, unfortunately - being comparably secure to Debian isn’t very secure at all. The state of linux desktop security is very much a nightmare (madaidan’s insecurities is a good primer everyone points to, though you should take it with a grain of salt and it’s a few years old), and without security you’re an exploit away from having no privacy either.
So we’re left with few options, none of them ideal, while the world becomes increasingly more difficult to be participate in without making android or ios a part of your life:
Use a stock android phone, which is just straight up and unabashedly a spying device meant to milk you for value like a dairy cow. Sacrifice privacy for convenience.
Use an iphone, which is the same thing shrouded in a layer of niceness. Sacrifice privacy for convenience and a bit more security.
Use an android variant that focuses on freedom, like lineageos. Sacrifice a bit of convenience for some freedom and some privacy.
Use grapheneos. Sacrifice a bit of convenience for security, some freedom, and some privacy.
Use a linux phone, running something like postmarketos. Sacrifice security for freedom and privacy.
Read up on the options, understand the realities, and choose the tradeoff that best fits your preferences and lifestyle.
Maybe Linux phones are less secure but more private? With Android and iOS a lot of effort has been put into restricting what each application can do. With standard Linux that’s less rigorously controlled, which is why there are security enhancements and sandboxing extras a distro can optionally add. So standard Linux may be less secure by default. But it doesn’t have all the surveillance built in that the mainstream phone OSs do, so it’s also by default more private.
Still, “security nightmare” sounds extreme. Wouldn’t a phone running a version of Debian be comparably secure to a computer running it?
That’s the problem, unfortunately - being comparably secure to Debian isn’t very secure at all. The state of linux desktop security is very much a nightmare (madaidan’s insecurities is a good primer everyone points to, though you should take it with a grain of salt and it’s a few years old), and without security you’re an exploit away from having no privacy either.
So we’re left with few options, none of them ideal, while the world becomes increasingly more difficult to be participate in without making android or ios a part of your life:
Read up on the options, understand the realities, and choose the tradeoff that best fits your preferences and lifestyle.
Thanks - that was interesting and informative, if a little depressing.