UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    De-Googling, binary blobs and other privacy concerns

    Scheduled Pinned Locked Moved
    General
    oneplus 3t google privacy librem 5 foss
    5
    7
    885
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 3
      3T_Ed
      last edited by 3T_Ed

      Currently owning the Oneplus 3T I'm wondering how much I have really gained by switching to this device using UT in terms of de-Googling.

      Fortunately this market seems to be increasing with devices aimed towards privacy, open source and being blob free.

      I'm curious to know as to whether the OPO 3(T) is in fact meeting these parameters. What factors could still make my UT device, originally having Android written all ovet it, still 'attached' to that platform both hardware and software wise? Are there any aspects that cannot be ruled out? And how would one compare a OPO 3T (or any other UBports supported device for that matter) to a Librem 5, PinePhone, VollaPhone in that regard?

      Asking because I'm still torn between keeping my 3T (relatively cheap, money already spent) and aforementioned devices to be presumed 'Google free'.

      Not looking for extensive arguments, just a quick and comprehensive overview of any shortcomings of the 3T when it comes down to privacy and blobs leaking data to external parties.

      The outcome could make it easier for potential UT users to decide between installing UT on their current device, purchasing one for exactly that purposr or simply making a switch to any of the new privacy oriented device running Ubuntu Touch.

      edit: removed 3T in header as this thread may be of interest to all (potential) users of UT supported devices

      Critics are the true Positives | OnePlus 3T, Lumia 950

      dobeyD AppLeeA 2 Replies Last reply Reply Quote 1
      • dobeyD
        dobey @3T_Ed
        last edited by

        @3T_Ed said in De-Googling, binary blobs and other privacy concerns:

        Not looking for extensive arguments, just a quick and comprehensive overview of any shortcomings of the 3T when it comes down to privacy and blobs leaking data to external parties.

        In short, the probability of anything doing it in the kernel directly is very small. Most all the standard privacy concerns about Google are about stuff happening in userspace with Google's build of Android which includes all their proprietary services and integrations. These are not present in AOSP builds like LineageOS and Ubuntu Touch.

        The binary blobs for drivers don't come from Google either, but from the manufacturers of the hardware components. So it's unlikely they are going to be sending any data to Google. Writing code that runs in kernel space to find interesting things from userspace and transport them to some remote site, is also not worth the trouble to do in something like a driver that controls the vibration motor when you tap the on-screen keyboard for example. It's way too much work, and risk, for too little benefit. It's far easier to just trick you into downloading some app and running it as root.

        3 1 Reply Last reply Reply Quote 1
        • 3
          3T_Ed @dobey
          last edited by 3T_Ed

          @dobey said in De-Googling, binary blobs and other privacy concerns:
          So it's unlikely they [the hardware manufacturers] are going to be sending any data to Google. Writing code that runs in kernel space to find interesting things from userspace and transport them to some remote site, is also not worth the trouble [....]

          Thank you very much @dobey for a comprehensive explanation. Sorry for this somewhat late reply.

          If binary blobs should not be a real concern to UT users I still have some questions, hoping to get a straight forward and comprehensive answers again by you or any knowledgeable person on this subject.

          What made the data flow stop?
          We have all flashed a mainstream device, we know have constantly sent our information to Google or Apple, not to mention many vague data mining companies. Which identifiable process in the flash/installation of UT made that data flow stopped?

          Have data mining companies been cut off?
          The data is coupled with the imei number of my device, so what would keep data mining companies and app makers from retrieving data from our devices directly? Of course someones internet browsing behavior is of influence on that.

          Hypothetically speaking, if I would flash a device and only install UT with default apps (submitted to Open Store), keep it on stand by (wifi on) and not use it actively, would it still transmit to third party companies? Will the data flow actually be stopped because we decided to run a different OS on the same device?

          Other Linux communities, different views?
          When looking at FLOSS oriented companies like Purism they really push very hard to remove every binary blob. Their user base is very keen on getting it blob-free and core booted while (if binary blobs should not be a real concern ...) they could simply flash and install UT on a device rather than getting a Librem 5 brick-like phone at a $750+ premium price tag. What's keeping them from doing so, just having a great designed smartphone with UT ? Isn't their persistency in removing every binary blob showing we actually should care and be aware? Having spent some time on the Purism forum myself I wouldn't characterize the members as being tin foiled hat paranoids (on the contrary).

          Critics are the true Positives | OnePlus 3T, Lumia 950

          1 Reply Last reply Reply Quote 0
          • AppLeeA
            AppLee @3T_Ed
            last edited by AppLee

            @3T_Ed
            There are several topics in your question and I'm not an expert so I might get things a bit wrong.

            The overall idea is that there are many layers in a phone: hardware, drivers, OS and apps to keep it simple.
            As for de-googling, the hardware and drivers are not part of the picture because Google as a company is not responsible for them.
            In that aspect Ubuntu Touch is Google free.

            But to nuance that, some kernel patches (from Google) in order to use the drivers have to be used in order for UT to work on ported devices.
            Considering that, the PinePhone or Librem5 use a mainline kernel so it's not Google dependent.

            Blobs from chip manufacturer or closed source drivers can cause another threat, but it can hardly be avoided even with more open solutions. So that is another debate IMHO.

            As for the real problem about de-googling it's not about the phone you're using but more about the apps.
            Using a de-googled Android phone is almost as good as using UT, but you still require apps within the Google influence and even with alternative solutions you'll be revolving around Google.
            My opinion is that in order to break free you have to make sacrifices and choose Google free apps. UT has many google apps, but I don't use them: no google search, no youtube, no gmail, ...

            De-googling with just changing your phone and not your apps is like de-petroling by using and hybrid. You're not doing much.
            You need to change your habits and break your dependency.

            Edit: I realize I answered the older question.
            But to answer the following questions, the flow stops when you stop using apps that send your data away.
            If you still use Facebook, Gmail, Youtube or similar, the flow will continue.
            Same answer for data mining.
            Being blob free is always good for FOSS projects because it helps being compatible with a wide range of hardware. Having to deal with binary blobs you (as FOSS project) don't have access to the very expensive support Google can afford.

            1 Reply Last reply Reply Quote 0
            • D
              domubpkm
              last edited by

              An internet use sold as google free reminds me of when I saw lollipops sold as 'fat free'....

              1 Reply Last reply Reply Quote 0
              • 3
                3T_Ed
                last edited by

                On the Purism forum currently the 'Ubuntu is good for privacy? - thread is very active and is mainly discussing the Cononical position regarding data leaking in Ubuntu.

                I'm well aware that UBports and Cononical are separate entities and the discussion is about Ubuntu (not UT), yet building on that same legacy I wonder what UBports' point of view is.

                Critics are the true Positives | OnePlus 3T, Lumia 950

                1 Reply Last reply Reply Quote 0
                • R
                  rogier.oudshoorn
                  last edited by

                  That thread is full of FUD (Fear, Uncertainty and Doubt) over an incident from 2015 when there was an integration (now removed, in a desktop environment that is no longer used) that would allow you to search amazon store from your desktop.

                  Ubuntu is just as trustworthy as any other major linux distro.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post