English

🇬🇧 🇩🇪 🇫🇷 Interesting links / news articles somehow related to FP (collection)

A customer just send us a link to a nice little sketch we didn’t know yet. I hope you like it!

5 Likes

Not sure if this works … but hey … it’s also phone related and an useful advice. His anger reminds of a gentler form of Bill Hicks.

We have a lot of discussion here about the security of our Fairphones. So i thought this Google Android Security Report might be of interest.

I found it via this German article @ Golem: Wie Google Android sicherer macht.

1 Like

Things that i find interesting:

Harmful Apps and the Play Store
"Ongoing monitoring by Verify Apps found that efforts to deliver Potentially Harmful Applications (PHAs) continued at low levels throughout 2014, less than 1% of all devices had a PHA installed. Fewer than 0.15% of devices that download only from Google Play had a PHA installed." Android Security Report 2014, Page 3

Most importantly, it shows that Android is relativly secure from Potentially Harmful Applications (PHAs), but it also shows that the risk to install such an app is multiple times higher if you install apps from outside the Play Store. As we were talking about such stores here, this indicates you should actually be careful from were you install your apps.

Btw: Even if you prefer to install your Apps from F-Droid if availabe (like me) or buy payed apps outside the Play Store, the Google Play Services can be of benefit: The Verify Apps functionality is part of the Play Services and regulary scans apps (and each app once when installed or updated) for malicous behavoiur. Android Security Report 2014, Page 5 As is it installed on millions of devices, i think they have pretty good data to work with.

On Page 19 following you find detailed information on PHAs.

Security in Android 4.4 and 5.0
I do not want to reinforce the discussion about why we do not get below Android 4.2.2 on the Fairphone. And i think it is great that Fairphone continues to integrate security updates into our Android 4.2.2 based OS (see the end of the 1.8.5 changelog for a list of fixed CVEs).
However, the following system level improvement will certainly not get backported, they would require an update to 4.4 and then/or 5.0: Updatable Webview, Enforced SELinux Mandantory Access rules (can be roughly seen as a kind of sandbox for Android Apps by restricting access to system parts to reduce the potential impact of malicous aps) and improved Full Disk Encryption. Android Security Report 2014, Page 4
But keep in mind: Disk Encryption is avaible in the Fairphone already – and i am using it since about a year with no noticable impact on the usability. I recommend turning this on as it improves the security of your data in case you loose your device.

OEM/ SOC Specific Vulnerabilites
"Android devices are generally implemented by an Original Equipment Manufacture (OEM) in partnership with a System On a Chip (SOC) to implement a kernel and device drivers that enable the Android Platform. Although not strictly part of the open-source Android Platform, these components are critical to the security of specific Android devices. … The inclusion of SELinux in full enforcing mode on Android 5.0, for example, is expected to reduce the chance of exploitation of these vulnerabilities." Android Security Report 2014, Page 9-10

4 Likes

Yea! One of the bugs being 6 years old shows the level of security we get on Android for sure :wink:

1 Like

I moved a post to an existing topic: Need to un-root my phone to install a banking app

The great Ars experiment—free and open source software on a smartphone?!

An interesting read for people on this forum interested in finding out more on the status of running a free and open source Android phone. Also gives information on the alternative app store F-droid!

1 Like

I read the article as well. I immediately thought back of first batch people who were actively trying to avoid using Google’s Services. Seems that it’s just not really worth it, at least, not with an Android phone.

I found the article instructive, but a somehow carricatural. Running a “Google free” Android is not necessarilly having only 100% FOSS on it. There are many option for installing third party apps. Just like when you’re using Ubuntu on a desktop, you may need third party apps, and we can all deal with this. It’s true that the apps store limitation is an issue. FDroid is a very interrestinf option, but you can also use Aptoid, to find and downloads all the apks you need. Just choose wisely, because on aptoid you may find legal sources, but also illegal copies. My option is not to install parmanently aptoid on my phone, but only when I need it, and then I uninstall it. And true, there is a long way to go before we have a true and user friendly FOSS ecosystem for smartphones (Even Jolla is not satisfactory in that point), but the choice is growing.

Well, I opted not to install Google’s services on my new second batch Fairphone, and so far I’m not missing anything. Maybe I will some day, but then there’s F-droid.

1 Like

Hey guys. I just stumpled upon (no, not by using StumbleUpon) the new Project by Dave Hakkens who many of you probably know and I thought you might like this site. On Story-Hopper Hakkens shares videos of cool stories; I watched some of them - fun to watch. Here’s the link. :slight_smile:

Apart from the video in the link above, I really like this video too :smiley:

EDIT: Aaaaaand this one!!!

I know a really cool forum. It’s can be found here.

9 Likes

Quoting an oooold MOTD:

There is no place like 127.0.0.1

:stuck_out_tongue: bye !

3 Likes

I suggest this very interesting (even if a bit longer) read.

2 Likes

Right now, you’re nowhere. Tomorrow, your aim is to persuade consumers that they shouldn’t buy an iPhone, or a Samsung Galaxy, or any number of well-known smartphones.

How can you do it? Can it even be done?

You’ve got to think about the hardware itself — the specs, the materials, the look and feel of the handset. You’ve got to find someone to build it, someone you trust. Then there’s the OS, of course, maybe with a custom UI on top too. Then there’s the question of after-sales — the helpdesk, the support, the marketing. You’ve got to handle the finance side of things too, taking payments for the devices and taxes, making sure you’re on the right side of the law in all the countries where your customers are.

For the likes of Apple and Samsung, making all that mobile hardware is the matter of thousands of employees and years of work.

Imagine instead undertaking the whole enterprise with a tiny team, and no partners, and a brand no one’s heard of. And you have to get all your customers to pay up, in full, for their phone before they’ve ever seen a working prototype of the handset, let alone another model on the shelves. And, you’ve got to do all that while making sure your device is as ethical as it can be, and as transparent as you can make it.

That’s the situation Amsterdam-based Fairphone found itself in when, in 2010, it launched a plan to make its own socially conscious smartphone and sell it across Europe.

8 Likes

Children as young as seven mining cobalt used in smartphones, says Amnesty

http://www.theguardian.com/global-development/2016/jan/19/children-as-young-as-seven-mining-cobalt-for-use-in-smartphones-says-amnesty

4 Likes

:de: Deutschsprachige Benutzer können zum gleichen Thema auch bei Heise und Golem lesen.

1 Like

Und bei Spiegel Online:

A German group started a petition:

http://stop-mad-mining.org/act-now/

5 Likes

Direct link to the document:
Democratic Republic of the Congo: “This is what we die for”: Human rights abuses in the Democratic Republic of the Congo power the global trade in cobalt

1 Like