SoylentNews is people
SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.
SoylentNews
Someone shared on Trisquel's forums a direct email communication with Purism revealing the way the company avoids being fully transparent about the fact that their device does not offer better privacy when used *as a phone* — it has privacy advantages only when the phone functionality is completely turned off, in which case the questioner claims it is nothing more than a pocket (or even stationary) PC.
Source:
https://trisquel.info/en/forum/librem5-and-why-i-am-no-longer-interested
This discussion has been archived.
No new comments can be posted.
Librem5 - Purism Avoids Admitting it Does Not have Better Privacy When Used as a Phone
|
Log In/Create an Account
| Top
| 26 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
(1)
94% of the women in America are beautiful and the rest hang out around here.
(Score: 5, Insightful) by Anonymous Coward on Wednesday March 06 2019, @07:35PM (11 children)
Everyone knows that everything sent over to the isp is being recorded. The point of these phones is that you know whether or not your phone is currently recording anything and/or connected to the isp.
(Score: 5, Insightful) by Anonymous Coward on Wednesday March 06 2019, @07:39PM (4 children)
Yea, this guy is an idiot. Nothing in the emails is the least bit surprising to someone who did basic research on what this phone is.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @06:40AM (3 children)
I don't think so. You simply seem to be missing the whole point of his questions which is: Purism is not fully open and honest about what they are selling. They keep waving a flag with a "we give you privacy" title, while they actually don't (on the phone side). Of course they cannot possibly give real privacy protection without fully addressing the valid concerns he raises. Their overly lengthy articles cunningly trick the user into getting an overall impression that one is buying a "phone" which "is for anybody and everybody interested in protecting his/her data, communicating privately to your loved ones, or supporting a future of protecting your digital rights" (https://puri.sm/products/librem-5/). If you read carefully though you will see that Purism don't exactly say "your phone calls are protected" (so they cannot be accused later). They just mesmerize you with tons of other words about privacy and security on the software side of things, so that you focus your attention on that and "Preorder now".
The questioner is quite correct when he says that the device looks fine (from freedom and privacy viewpoint) but only when used as a pocket PC through the Ethernet port. And Purism are the idiots who don't reply when they are asked directly to clarify how exactly their device is more privacy respecting when used *as a phone*. They never even replied to that because he pressed the painful spot.
So no, he is not an idiot. He actually exposed their tricks quite well.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @10:23AM
Anything you say will be misinterpreted by someone somewhere, they are quite upfront about that this device does for anyone who reads more than a tagline about it.
(Score: 2) by bobthecimmerian on Thursday March 07 2019, @12:17PM (1 child)
The important feature of this phone is that it has hardware switches for everything you want to disable. So you can have the device off and be certain it's off - there have been rumors, I'm not sure of the validity, that for Android and iPhone devices some models allow remote access to location, cameras and microphones even when the device is off.
Even if those rumors are not true, or are not true yet, you can have the Purism device on and be completely certain the camera and microphone are off. That's still a huge step forward from every other Android and iPhone device.
If you want genuine privacy, including location and network usage metadata privacy, you can't use a cellular network device at all. No individual company can fix that, ever, unless some kind of global peer to peer mesh wireless network takes off. I don't think anyone was expecting Purism to fix that problem.
(Score: 0) by Anonymous Coward on Thursday March 28 2019, @03:26PM
there was a court case in NY in the early 2000's where a mob boss got convicted based on evidence gathered that way
it wasn't a phone software thing, it was functionality of the hardware (think Intel and there above the OS mode)
(Score: 3, Interesting) by urza9814 on Wednesday March 06 2019, @08:29PM (4 children)
He does actually have two decent points if you read through the post...although I certainly wouldn't consider either one a reason to not buy the device (which I *am* planning on doing...would have pre-ordered already if they didn't keep pushing back the launch date, but at this point I'll wait until they have a solid release date).
1) there are apps which already exist for Android which attempt to detect ISMI catches (ie, "stingray" fake cell towers) -- they *could* included that kind of feature standard, but they don't. Personally I've always wondered why there's no easy way to just get notified of new towers -- I pretty much stay in the same areas most days, so if a new cell tower suddenly appeared near my office, I might like to know about that. If the OS is done right, the OS doesn't need to include that itself, it could be an external app...but this thing is a custom linux distro, the existing android apps won't necessarily be compatible, so it'd be nice if they would implement such features themselves since they're marketing it as a privacy device.
2) There's apps for encrypted calling, but those apparently only work on wifi; seems like they can't be used over cellular data. That could actually be an advantage though -- if you want your call secured, you probably don't want your network provider tracking you at the same time. But if that was actually the intention they could probably add additional processes to totally shut down the cell modem while encrypted calls were in progress. Maybe they will, but they haven't mentioned it....
(Score: 2) by Absolutely.Geek on Wednesday March 06 2019, @08:39PM (2 children)
on point 2; I use signal on cell data for calls and messages; not sure if you mean the Librem only does encrypted calls on WiFi (no I didn't read TFA).
Also I live in NZ not sure if there are restrictions on what you can do where you live.
Don't trust the police or the government - Shihad: My mind's sedate.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @11:52AM
Unless you are using 160 character or less TEXT messages, all your non-phone calls are going over IPv4/v6 anyways. The MMS provider service, at least for ATT/T-Mobile/etc is already using IP on private address ranges on the backend for passing your messages around. And with LTE, as I understand it, so are phone calls. With that said, there is no reason to be using phone numbers for private calls anymore. They weren't REALLY private in the analog days except due to the lack of pervasive recording, and today we know that recording is normal and handled by the NSA, FBI and/or CIA depending on who they are hiding it under to avoid the citizenry finding out.
If you're trying to keep your communications/encryption keys private, not your location, the real question is if the cellular modem is properly isolated from the main system SoC. If it is, and there is no way for the cellular modem to either access system ram, or exploit the OS to gain system level privileges, then the Purism 5 is a good investment. If you are concerned with location tracking, then yes Wifi is a better bet, where coverage is available.
(Score: 2) by urza9814 on Thursday March 07 2019, @12:19PM
Right, according to the response from Purism, you can't use the encrypted call features over cellular data. They say it can only be used on wifi or ethernet. Seems to be a limitation of the phone, not the network, although I can't understand what the reason would be unless it's an attempt at a security feature.
(Score: 1, Insightful) by Anonymous Coward on Wednesday March 06 2019, @10:14PM
Pretty sure Librem is just hoping to be able to reliably make/receive phone calls and texts upon launch.
These I want a pony requests for the initial release of an open product by a small team, but where anyone can add the features they want later are just silly, and it is a good thing that Librem is ignoring them. Once there is a product released, additional features can be discussed, and I'm sure they will accept patches / Librem is not preventing you from porting your favorite app yourself.
(Score: 2) by hemocyanin on Wednesday March 06 2019, @08:33PM
Exactly -- the device is addressing all of the binary blob drivers and proprietary hardware that a rational person would view as insecure, and gives us the ability to physically turn that shit off when we don't want it doing whatever it does. The other option is to carry a phone and a PDA -- that might even be a safer solution -- but having the hardware switches is sort of a happy medium in my thinking.
(Score: 2, Insightful) by Anonymous Coward on Wednesday March 06 2019, @08:44PM (7 children)
I do not see anyone else offering a better alternative.
That guy is a moron who does not understand todays reality.
(Score: 4, Insightful) by MostCynical on Wednesday March 06 2019, @10:33PM
He wants perfection, delivered cheaply, by someone else, yesterday
Sounds like a typical project manager.
"I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
(Score: -1, Flamebait) by Anonymous Coward on Wednesday March 06 2019, @10:49PM (2 children)
I don't see anyone offering a worse alternative either... It's always the same offer: the proprietary GSM modem controls the rest of the unit. But you get to pick the color of the phone!!!
If compromising on privacy/security is not an option, or anything serious is at stake (e.g. political activism or journalism in a sensitive area), it is advised to avoid using a telephony-enabled device at all. -- https://replicant.us/freedom-privacy-security-issues.php [replicant.us]
(Score: 4, Informative) by exaeta on Thursday March 07 2019, @12:06AM (1 child)
The Government is a Bird
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @09:34AM
Wake me up when they get the FSF RYF certification or even some other credible party's declaration.
For now all we have is their soothing words and slick marketing, much like any android or ios turd.
They might be in it for real but all we have now is hot air.
(Score: 2) by c0lo on Thursday March 07 2019, @12:33AM
But is good to know the limits of the 'best available today', is it not?
https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
(Score: 2) by darkfeline on Thursday March 07 2019, @06:21AM
Just because your placebo is better than that other placebo that causes cancer doesn't mean you can advertise your placebo as a cure.
Just because other phones actively violate your privacy doesn't mean you can advertise your phone which doesn't protect your privacy as a phone that protects your privacy.
"I do not see anyone else offering a better alternative." is not a valid argument against "This phone does not do what it is advertised to do".
Join the SDF Public Access UNIX System today!
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @11:20AM
He actually understands things much better than all those who would simply click "Preorder now" or think that "there is nothing better, so let's buy the least worst and dream of privacy".
(Score: 2) by krishnoid on Wednesday March 06 2019, @10:37PM (2 children)
By having a "completely turn off the phone functionality" feature in the first place? That sounds like ... success?
(Score: 2) by hemocyanin on Thursday March 07 2019, @01:10AM (1 child)
I presume you mean a hardware break the circuit type "turn off" not a software signal indicating it should turn off (exactly why one must currently remove the battery to get privacy presently) -- but yeah, that is basically the best we can get at this point if you wish to have a phone.
(Score: 2) by krishnoid on Thursday March 07 2019, @01:42AM
I don't know why it can't be a 'slide a plastic strip across the battery contacts' thing instead of removing the whole battery, though.
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @12:00AM (1 child)
You connect with Verizon/AT&T/Skynet, you are getting tracked.
What do you want, magic privacy?
(Score: 5, Insightful) by exaeta on Thursday March 07 2019, @12:08AM
The Government is a Bird
(Score: 0) by Anonymous Coward on Thursday March 07 2019, @09:54AM
sigh