Replicant is a fully free Android distribution running on several devices, a free software mobile operating system putting the emphasis on freedom and privacy/security. It is based on CyanogenMod and replaces or avoids every proprietary component of the system, such as user-space programs and libraries as well as firmwares.
Replicant aims to be an ethical system: it does not ship nor recommend the use of non-free software.
...and that The Replicant blog reports on devices which are now available with Replicant pre-installed:
[More after the break.]
A few months ago, we were contacted to discuss the endorsement of an online shop selling mobile devices pre-installed with Replicant. [...] We asked for some conditions to be met before endorsing the shop, especially conditions that have to do with informing final users:
- Users should not be mislead into believing that the devices are fine for freedom and privacy/security. There are plenty of issues remaining, that are explained in general on the Freedom and privacy/security issues page of the website and in greater details on each device's wiki page (when documented).[...]
- The devices should ship with the official version of Replicant, not a version that was built from source and signed with different keys. However, it is fine to pre-install free applications originating from F-Droid on top of the system, as long as users are made aware of it.
[...] At this point, the following devices can be bought pre-installed with Replicant:
Replicant gets kickbacks donations from sales of the Qibre devices. Both Replicant and the F-Droid app repository benefit economically from sales of the Tehnoetic devices.
[1] Redirects to a numerical IP address for me. (...and that's a dead link. 8-() [Takes me to http://92.19.232.58:59999/ and that DOES work for me. -Ed.])
WRT blogs: Does it irritate anyone else when comments are numbered top-to-bottom but are listed chronologically bottom-to-top?
Does anyone know of a trick to make those paradigms work together seamlessly?
(Score: 3, Touché) by jmorris on Tuesday December 08 2015, @03:43AM
Yea! Hell Yea! Sign me up! Oh, hold on.... ancient hardware, no WiFi, no BT, no 3D, no GPS, no hardware assisted video or sound, maybe no camera either. Hmm, what works. 2D "works" and on a few select handsets it even says "works fast". The phone seems to work, both voice and data. And without WiFi you better have a hell of a data plan, Jack.
Perhaps not.
(Score: 0) by Anonymous Coward on Tuesday December 08 2015, @03:58AM
where do you get the idea Wifi does not work?
I Checked [replicant.us]. I looks like binary blobs for WiFi.
Now that you bring it up, it seems silly to disable the untrusted Cellular modem because you don't know what it does...only to run a binary blob WiFi modem driver.
(Score: 3, Interesting) by jmorris on Tuesday December 08 2015, @04:14AM
The point is 100% RMS Pure, no blobs. So go follow the links to Replicant's hardware support list. All of the WiFi requires blobs as does the BT and most of the NFC and of course all 3D and all of the hardware assisted media playback. Battery life is going to suck ass and your data bill will be yuge. This is the sad state of mobile hardware. And they do not say but we can also assume the closed bootloader is still installed but again, there is no other option.
(Score: 0) by Anonymous Coward on Tuesday December 08 2015, @04:28AM
Sounds like it's running HURD.
(Score: 2) by q.kontinuum on Tuesday December 08 2015, @08:03AM
I'm currently looking for a new toy (smartphone) for myself, considering Replicant, Ubuntu Phone and Tizen. The purchase is planned to happen probably but not necessarily before Christmas. My priorities are
1. Free SDK available ==> Available for all candidates
2. open source / free as in freedom ==> All of the candidates clam that, but not sure which of them has most binary blobs
3. messanger app Telegram
4. Support for wifi
I'd like to have also Spotify, WhatsApp and some VOIP-enabled app, but that it lower priority..
Which one would you recommend, based on listed priorities?
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 1) by radu on Tuesday December 08 2015, @09:15AM
If you want WhatsApp, I recommend a Windows Phone. No, seriously, why would you want a privacy-focused OS on your phone when you are planning to use apps that track you?
(Score: 3, Insightful) by q.kontinuum on Tuesday December 08 2015, @10:05AM
Because on an open source phone I expect to have control over the APIs the app can use, and what these APIs return. E.g. if WhatsApp requires location-API, it should be possible to feed fake-data. The camera- and microphone-API can be blocked without uninstalling the app. Access to my personal address-book can return an empty list. This is one of the reasons I want to have a privacy-friendly platform: I won't be able read all privacy-reviews on all apps I'd like to use, nor will I be able to educate developers to request only those APIs they actually need. So, being able to restrict access after the app is installed is essential.
WIndows Phone: Actually I am using it. Privacy-vise its no worse than GAndroid or iOS, usability is IMO better, and gives better HW for same money. It's just that I would like to get something better in regards to privacy now.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 2) by Celestial on Tuesday December 08 2015, @05:42PM
IMO, the best privacy and usability combination you can get is a combination of Windows Phone, a VPN, and separate e-mail accounts for everything.
(Score: 2) by q.kontinuum on Tuesday December 08 2015, @06:11PM
If you trust MS, that is. Together with Zarafa [blog.com] and DynDNS it can be great. You just have to be careful to disable all cloud - synchronizations.
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 2) by RamiK on Tuesday December 08 2015, @10:09PM
No FOSS drivers anywhere. Just buy the cheapest Chinese if you're American or the cheapest European if you're Chinese. Hopefully, the animosity between the different parties will keep back-doors from getting shared. But there's no real security just some off hand lucky obscurity.
compiling...
(Score: 2) by q.kontinuum on Tuesday December 08 2015, @10:43PM
Bad luck :-( What do I do as a German? Our Government is owned by US (as became evident with the close cooperation between our "Bundesnachrichtendienst" and your NSA), yet not hostile enough with China to feel safe using a Chinese device...
Registered IRC nick on chat.soylentnews.org: qkontinuum
(Score: 2) by RamiK on Wednesday December 09 2015, @12:25AM
Not my NSA.
Otherwise, again, there's no security or safety in obscurity. Buying a random Chinese device simply puts a language and diplomatic barrier between the local police department's fishing expedition and your data. It won't work if you're being targeted individually. At most, it will prioritize your phone further down the list. With some luck, they'll need to bulk up on evidence before making the request through official diplomatic channels as opposed to calling the local FBI liaison for some friendly help without a court order or even the approval and knowledge of their superiors.
That much still holds true for a police officer, as it is for a BND officer, as it is for an FBI officer, as it is for a Mosad officer... There's simply more barriers between the parties.
compiling...
(Score: 0) by Anonymous Coward on Tuesday December 08 2015, @01:46PM
This is going to give users a false sense of security which can be even more dangerous than having no security at all.
What about device drivers? Android ones are closed as hell. Both on phones/tablets and PCs, device drivers are the most dangerous place to install spyware into, and the most looked for by famous agencies: they always run, they always have the highest privileges, they get installed by default on every device and they're nearly impossible to replace with alternative ones, ie the perfect place to plant spyware code.
Want to snoop what an user writes in a highly encrypted application? No need to crack the encryption, just call a well hidden function in a driver and snoop the keyboard or the touch screen *before* it gets encrypted: instant access to personal data, emails etc. Same thing for accessing files or networked devices: hard drives have closed firmwares as well as wireless cards. Processors have their binary blobs too, and don't get me started on UEFI for motherboards.
Need a proof of concept? Do a search for the infamous "Interbase backdoor". It's like 15 years old stuff that should be taught as an example on why having access to source code is so important. TL;DR version: Interbase was a well known database engine used also by corporations and governments, Borland decided to open its source and in a short time a
backdoor that went unnoticed for almost eight years is discovered and fixed.
So we better stop talking about secure devices, especially when referring to mobiles. If it's Android or Apple or any other not 100% open operating system then it's neither secure nor reliable, no matter how much rooted it might be.
(Score: 0) by Anonymous Coward on Wednesday December 09 2015, @01:46AM
Windows Vista and up actually keep most driver code in ring3.