I wanted to create a space to share interesting links with other users. There should be some connection to Fairphone.
If you want others to click them, make sure to also describe them properly
Because I started on development of an app, I stumbled over those two sites:
Harmful Apps and the Play Store
"Ongoing monitoring by Verify Apps found that efforts to deliver Potentially Harmful Applications (PHAs) continued at low levels throughout 2014, less than 1% of all devices had a PHA installed. Fewer than 0.15% of devices that download only from Google Play had a PHA installed." Android Security Report 2014, Page 3
Most importantly, it shows that Android is relativly secure from Potentially Harmful Applications (PHAs), but it also shows that the risk to install such an app is multiple times higher if you install apps from outside the Play Store. As we were talking about such stores here, this indicates you should actually be careful from were you install your apps.
Btw: Even if you prefer to install your Apps from F-Droid if availabe (like me) or buy payed apps outside the Play Store, the Google Play Services can be of benefit: The Verify Apps functionality is part of the Play Services and regulary scans apps (and each app once when installed or updated) for malicous behavoiur. Android Security Report 2014, Page 5 As is it installed on millions of devices, i think they have pretty good data to work with.
On Page 19 following you find detailed information on PHAs.
Security in Android 4.4 and 5.0
I do not want to reinforce the discussion about why we do not get below Android 4.2.2 on the Fairphone. And i think it is great that Fairphone continues to integrate security updates into our Android 4.2.2 based OS (see the end of the 1.8.5 changelog for a list of fixed CVEs).
However, the following system level improvement will certainly not get backported, they would require an update to 4.4 and then/or 5.0: Updatable Webview, Enforced SELinux Mandantory Access rules (can be roughly seen as a kind of sandbox for Android Apps by restricting access to system parts to reduce the potential impact of malicous aps) and improved Full Disk Encryption. Android Security Report 2014, Page 4
But keep in mind: Disk Encryption is avaible in the Fairphone already – and i am using it since about a year with no noticable impact on the usability. I recommend turning this on as it improves the security of your data in case you loose your device.
OEM/ SOC Specific Vulnerabilites
"Android devices are generally implemented by an Original Equipment Manufacture (OEM) in partnership with a System On a Chip (SOC) to implement a kernel and device drivers that enable the Android Platform. Although not strictly part of the open-source Android Platform, these components are critical to the security of specific Android devices. … The inclusion of SELinux in full enforcing mode on Android 5.0, for example, is expected to reduce the chance of exploitation of these vulnerabilities." Android Security Report 2014, Page 9-10
The great Ars experiment—free and open source software on a smartphone?!
An interesting read for people on this forum interested in finding out more on the status of running a free and open source Android phone. Also gives information on the alternative app store F-droid!
I read the article as well. I immediately thought back of first batch people who were actively trying to avoid using Google’s Services. Seems that it’s just not really worth it, at least, not with an Android phone.
I found the article instructive, but a somehow carricatural. Running a “Google free” Android is not necessarilly having only 100% FOSS on it. There are many option for installing third party apps. Just like when you’re using Ubuntu on a desktop, you may need third party apps, and we can all deal with this. It’s true that the apps store limitation is an issue. FDroid is a very interrestinf option, but you can also use Aptoid, to find and downloads all the apks you need. Just choose wisely, because on aptoid you may find legal sources, but also illegal copies. My option is not to install parmanently aptoid on my phone, but only when I need it, and then I uninstall it. And true, there is a long way to go before we have a true and user friendly FOSS ecosystem for smartphones (Even Jolla is not satisfactory in that point), but the choice is growing.
Well, I opted not to install Google’s services on my new second batch Fairphone, and so far I’m not missing anything. Maybe I will some day, but then there’s F-droid.
Hey guys. I just stumpled upon (no, not by using StumbleUpon) the new Project by Dave Hakkens who many of you probably know and I thought you might like this site. On Story-Hopper Hakkens shares videos of cool stories; I watched some of them - fun to watch. Here’s the link.
Apart from the video in the link above, I really like this video too
Right now, you’re nowhere. Tomorrow, your aim is to persuade consumers that they shouldn’t buy an iPhone, or a Samsung Galaxy, or any number of well-known smartphones.
How can you do it? Can it even be done?
You’ve got to think about the hardware itself — the specs, the materials, the look and feel of the handset. You’ve got to find someone to build it, someone you trust. Then there’s the OS, of course, maybe with a custom UI on top too. Then there’s the question of after-sales — the helpdesk, the support, the marketing. You’ve got to handle the finance side of things too, taking payments for the devices and taxes, making sure you’re on the right side of the law in all the countries where your customers are.
For the likes of Apple and Samsung, making all that mobile hardware is the matter of thousands of employees and years of work.
Imagine instead undertaking the whole enterprise with a tiny team, and no partners, and a brand no one’s heard of. And you have to get all your customers to pay up, in full, for their phone before they’ve ever seen a working prototype of the handset, let alone another model on the shelves. And, you’ve got to do all that while making sure your device is as ethical as it can be, and as transparent as you can make it.
That’s the situation Amsterdam-based Fairphone found itself in when, in 2010, it launched a plan to make its own socially conscious smartphone and sell it across Europe.
bye !
Deutschsprachige Benutzer können zum gleichen Thema auch bei