I wanted to create a space to share interesting links with other users. There should be some connection to Fairphone.
If you want others to click them, make sure to also describe them properly
Because I started on development of an app, I stumbled over those two sites:
#interestingarticles in other languages:
A customer just send us a link to a nice little sketch we didn’t know yet. I hope you like it!
Not sure if this works … but hey … it’s also phone related and an useful advice. His anger reminds of a gentler form of Bill Hicks.
We have a lot of discussion here about the security of our Fairphones. So i thought this Google Android Security Report might be of interest.
I found it via this German article @ Golem: Wie Google Android sicherer macht.
Things that i find interesting:
Harmful Apps and the Play Store
"Ongoing monitoring by Verify Apps found that efforts to deliver Potentially Harmful Applications (PHAs) continued at low levels throughout 2014, less than 1% of all devices had a PHA installed. Fewer than 0.15% of devices that download only from Google Play had a PHA installed." Android Security Report 2014, Page 3
Most importantly, it shows that Android is relativly secure from Potentially Harmful Applications (PHAs), but it also shows that the risk to install such an app is multiple times higher if you install apps from outside the Play Store. As we were talking about such stores here, this indicates you should actually be careful from were you install your apps.
Btw: Even if you prefer to install your Apps from F-Droid if availabe (like me) or buy payed apps outside the Play Store, the Google Play Services can be of benefit: The Verify Apps functionality is part of the Play Services and regulary scans apps (and each app once when installed or updated) for malicous behavoiur. Android Security Report 2014, Page 5 As is it installed on millions of devices, i think they have pretty good data to work with.
On Page 19 following you find detailed information on PHAs.
Security in Android 4.4 and 5.0
I do not want to reinforce the discussion about why we do not get below Android 4.2.2 on the Fairphone. And i think it is great that Fairphone continues to integrate security updates into our Android 4.2.2 based OS (see the end of the 1.8.5 changelog for a list of fixed CVEs).
However, the following system level improvement will certainly not get backported, they would require an update to 4.4 and then/or 5.0: Updatable Webview, Enforced SELinux Mandantory Access rules (can be roughly seen as a kind of sandbox for Android Apps by restricting access to system parts to reduce the potential impact of malicous aps) and improved Full Disk Encryption. Android Security Report 2014, Page 4
But keep in mind: Disk Encryption is avaible in the Fairphone already – and i am using it since about a year with no noticable impact on the usability. I recommend turning this on as it improves the security of your data in case you loose your device.
OEM/ SOC Specific Vulnerabilites
"Android devices are generally implemented by an Original Equipment Manufacture (OEM) in partnership with a System On a Chip (SOC) to implement a kernel and device drivers that enable the Android Platform. Although not strictly part of the open-source Android Platform, these components are critical to the security of specific Android devices. … The inclusion of SELinux in full enforcing mode on Android 5.0, for example, is expected to reduce the chance of exploitation of these vulnerabilities." Android Security Report 2014, Page 9-10
Yea! One of the bugs being 6 years old shows the level of security we get on Android for sure
The great Ars experiment—free and open source software on a smartphone?!
An interesting read for people on this forum interested in finding out more on the status of running a free and open source Android phone. Also gives information on the alternative app store F-droid!
I read the article as well. I immediately thought back of first batch people who were actively trying to avoid using Google’s Services. Seems that it’s just not really worth it, at least, not with an Android phone.
I found the article instructive, but a somehow carricatural. Running a “Google free” Android is not necessarilly having only 100% FOSS on it. There are many option for installing third party apps. Just like when you’re using Ubuntu on a desktop, you may need third party apps, and we can all deal with this. It’s true that the apps store limitation is an issue. FDroid is a very interrestinf option, but you can also use Aptoid, to find and downloads all the apks you need. Just choose wisely, because on aptoid you may find legal sources, but also illegal copies. My option is not to install parmanently aptoid on my phone, but only when I need it, and then I uninstall it. And true, there is a long way to go before we have a true and user friendly FOSS ecosystem for smartphones (Even Jolla is not satisfactory in that point), but the choice is growing.
Well, I opted not to install Google’s services on my new second batch Fairphone, and so far I’m not missing anything. Maybe I will some day, but then there’s F-droid.
Hey guys. I just stumpled upon (no, not by using StumbleUpon) the new Project by Dave Hakkens who many of you probably know and I thought you might like this site. On Story-Hopper Hakkens shares videos of cool stories; I watched some of them - fun to watch. Here’s the link.
Apart from the video in the link above, I really like this video too
EDIT: Aaaaaand this one!!!
I know a really cool forum. It’s can be found here.
I suggest this very interesting (even if a bit longer) read.
Deutschsprachige Benutzer können zum gleichen Thema auch bei Heise und Golem lesen.