can an average person use a linux phone?
I’ve been reading some articles about mobile Linux and many of them state one must be an “advanced user” or that the software isn’t secure. How true is this?
I already use Linux on my laptop, but I’m not a software developer or anything like that. Would I be able to slap a new OS onto an old Android phone and be on my way, or would I run into problems?
Linux phones lack in all aspects compared to AOSP: security and privacy enforcement (mandatory sandboxing, permission control, full-system MAC, verified boot), usability and compatibility with the mobile app ecosystem. The much better approach would be to get a Google Pixel and install GrapheneOS. This will get you a very secure and private smartphone with almost perfect Android app compatibility. Recommend reading about Linux phones on madaidans-insecurities.github.io
That’s utter nonsense. Open-source doesn’t necessarily mean private or secure. In fact it’s quite easy to build an open-source app with a bugdoor which is very unlikely to be found just by looking at source code, especially if you use memory-unsafe languages, as long as it’s not just a tiny code base. The things I mentioned are important security measures and shouldn’t be neglected just because you run open-source apps. They are the basics of modern secure OS’s.
Open-source doesn’t necessarily mean private or secure.
Agreed, especially if you get your software directly from the developer. But if you get your software from a distribution that you trust, with dedicated maintainers, then the chances of such backdoors are greatly reduced.
They are the basics of modern secure OS’s
Also agreed that this is the way things are going in linux desktops as well as commercial platforms, thanks to the increasing complexity of software. These approaches are very useful if I want to run curl | bash
from some random git repository, run nonfree software, or have something very important to hide on my computer.
But these approaches also come at the cost of simplicity, ease of configuration and “tinkerability”. So I think it can be valid for some people to choose not to use the approaches you mentioned, given their individual priorities.
Btw GrapheneOS and other Android OS’s run with the Linux kernel, so technically they are Linux even though they aren’t called this way.