UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Safety of Xiaomi Redmi 7 (onclite) Port

    Scheduled Pinned Locked Moved Off topic
    18 Posts 3 Posters 881 Views 1 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • ? Offline
        A Former User @JGSvz9Wkgxka4UfH
        last edited by

        @JGSvz9Wkgxka4UfH Opinion about what? You're asking the code creators what's their opinion about what they have written? The code cannot be changed without anyone noticing. The only thing that can be changed is when you download the UT image. Someone could alter the code of that image (this can happen if you download stuff from unknown sources), but even then is the checksum image check that consist in some keys that need to match (Not sure how that works in UT).

        J 1 Reply Last reply Reply Quote 0
        • ? Offline
          A Former User @JGSvz9Wkgxka4UfH
          last edited by

          @JGSvz9Wkgxka4UfH Just to ease your doubt: think it logically, if the lead developers trust the code and use UT, why are you so afraid? How do you know that the phone manufacturer didn't hide a part of the CPU that secretly communicate with the Chinese Government?

          1 Reply Last reply Reply Quote 0
          • J Offline
            JGSvz9Wkgxka4UfH @Guest
            last edited by

            @C0n57an71n said in Safety of Xiaomi Redmi 7 (onclite) Port:

            @JGSvz9Wkgxka4UfH Opinion about what? You're asking the code creators what's their opinion about what they have written?

            I was asking for the opinions of persons who didn't create this specific port. I trust UT, but I wasn't sure about this specific port.

            @C0n57an71n said in Safety of Xiaomi Redmi 7 (onclite) Port:

            @JGSvz9Wkgxka4UfH How do you know that the phone manufacturer didn't hide a part of the CPU that secretly communicate with the Chinese Government?

            This is actually a concern.

            ? 2 Replies Last reply Reply Quote 0
            • ? Offline
              A Former User @JGSvz9Wkgxka4UfH
              last edited by

              @JGSvz9Wkgxka4UfH :face_with_tears_of_joy: Take it easy mate. I don't say this in a disrespectful manner.
              How do you trust if the tap water is clean and safe to drink, how do you trust car, plane, train manufacturer, how do you trust the pilots? How do you know the Earth is round?
              See where am I going?
              There are more persons that deal with code reviewing, plus, there is the option to check the code and the security features by third parties (entities that have nothing to do with UT).
              Still not convinced?
              Do you want to speak with the manager? 😛

              1 Reply Last reply Reply Quote 0
              • ? Offline
                A Former User @JGSvz9Wkgxka4UfH
                last edited by

                @JGSvz9Wkgxka4UfH Do you want to know the UT weakest point from the security point of view?

                J 1 Reply Last reply Reply Quote 0
                • J Offline
                  JGSvz9Wkgxka4UfH @Guest
                  last edited by

                  @C0n57an71n said in Safety of Xiaomi Redmi 7 (onclite) Port:

                  @JGSvz9Wkgxka4UfH Do you want to know the UT weakest point from the security point of view?

                  Sure.

                  ? 2 Replies Last reply Reply Quote 0
                  • ? Offline
                    A Former User @JGSvz9Wkgxka4UfH
                    last edited by

                    @JGSvz9Wkgxka4UfH Look in the mirror. Most of the times is the user's fault for security breaches (except when you are a passenger on a Boeing 737 Max that is hurdling towards ground , then no, is not your fault 🙂 ).
                    Developers are checking and re-checking stuff to make sure everything is nice and safe, your duty as a user is to use your common sense and not leave sensitive private info all over the place.
                    Apps in UT run in a "container", that means that they cannot access other parts of the system that they should't do.

                    1 Reply Last reply Reply Quote 0
                    • ? Offline
                      A Former User @JGSvz9Wkgxka4UfH
                      last edited by

                      @JGSvz9Wkgxka4UfH See the latest Twitter accounts breach which was a human error.

                      1 Reply Last reply Reply Quote 0
                      • J Offline
                        JGSvz9Wkgxka4UfH
                        last edited by

                        All right, thanks for your help.

                        ? AppLeeA 4 Replies Last reply Reply Quote 0
                        • ? Offline
                          A Former User @JGSvz9Wkgxka4UfH
                          last edited by

                          @JGSvz9Wkgxka4UfH For nothing! Could you please mark your thread as a "question" please? That is in the first post, where the Reply is, to the right: Topic(Thread?) Tools. Thanks!

                          1 Reply Last reply Reply Quote 0
                          • AppLeeA Offline
                            AppLee @JGSvz9Wkgxka4UfH
                            last edited by

                            @JGSvz9Wkgxka4UfH
                            As @C0n57an71n said everything rely on relative trust.

                            As for UT, there is not 100% safety, because the bootloader is unlocked, because the android ports rely on closed source firmwares.
                            But the upper layers produced by the community are trusted because there are code reviews and that it is mostly open source (some apps might be closed if the developer wants).

                            So basically when you send a SMS the user has to trust the firmware, the carrier and the recepient with sensitive personnal data (phone numbers and message).
                            What UT does is limiting the exposure. You can choose to send evy pictures on your phone to Facebook with geotags. But in order to do so the user has to explicitly select and send those pictures (or contacts or whatever).

                            1 Reply Last reply Reply Quote 0
                            • ? Offline
                              A Former User @JGSvz9Wkgxka4UfH
                              last edited by

                              @JGSvz9Wkgxka4UfH Could you set the thread to "question" please as it isn't a bug or a problem that needs to be solved and not to create confusion Thanks!

                              1 Reply Last reply Reply Quote 0
                              • J Offline
                                JGSvz9Wkgxka4UfH
                                last edited by

                                I think I did?

                                AppLeeA 1 Reply Last reply Reply Quote 0
                                • AppLeeA Offline
                                  AppLee @JGSvz9Wkgxka4UfH
                                  last edited by

                                  @JGSvz9Wkgxka4UfH , @C0n57an71n
                                  I think in this case it should be marked as normal thread actually.
                                  And I think that's what @C0n57an71n wanted.
                                  I fixed that.

                                  1 Reply Last reply Reply Quote 0
                                  • ? Offline
                                    A Former User @JGSvz9Wkgxka4UfH
                                    last edited by

                                    @JGSvz9Wkgxka4UfH Since you are so safety-focused person, just a foot note: do not leave your phone in hands of unknown persons. UT doesn't suport drive encryption yet, that means that any person with a little technical know-how could access your information, but as I said: they need phisical access to your phone. Stay safe!

                                    1 Reply Last reply Reply Quote 0
                                    • First post
                                      Last post