UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    A question in regards to privacy in UT

    Scheduled Pinned Locked Moved General
    11 Posts 3 Posters 2.0k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • twinkybotT Offline
        twinkybot
        last edited by

        Hello,

        I was wondering as I undestood that Android is the Base of UT, how much can we then trust the system?

        From https://redmine.replicant.us/boards/33/topics/5001?r=5013#message-5013
        I got
        Ubuntu Touch and Firefox OS are equally as bad as Android. I suggest you use a community Android version such as CyanogenMod or OmniROM if Replicant is not a possibility for you

        How true is it and if so, what can be done about it?

        H 1 Reply Last reply Reply Quote 1
        • H Offline
          hans1977se @twinkybot
          last edited by

          @twinkybot I think it would be very interesting to have comments on this question from the core developers, but i also think the information you link to is probably not relevant anymore because according to the ubports wiki they develop on CyanogenMod 12.1.

          1 Reply Last reply Reply Quote 0
          • flohackF Offline
            flohack
            last edited by

            Hello,

            both CyanogenMod and Ubuntu Touch are using the low-level libraries of Android, so there is no difference to privacy. Actually we are not buildin "on" CyanogenMod, but just leverage their way of removing unnecessary stuff from the Android tree for a certain device.

            BR Florian

            My languages: ๐Ÿ‡ฆ๐Ÿ‡น ๐Ÿ‡ฉ๐Ÿ‡ช ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡บ๐Ÿ‡ธ

            twinkybotT H 2 Replies Last reply Reply Quote 1
            • twinkybotT Offline
              twinkybot @flohack
              last edited by

              @Flohack
              And those Low Level Libraries are Open Source?

              flohackF 1 Reply Last reply Reply Quote 0
              • H Offline
                hans1977se @flohack
                last edited by

                @Flohack Do you know any privacy issues caused by using the low-level Android libraries the CyanogenMod way? If so, what kind of privacy issues are they?

                Removing unnecessary stuff, does that include removing privacy issues? ๐Ÿ™‚

                flohackF 1 Reply Last reply Reply Quote 0
                • flohackF Offline
                  flohack @twinkybot
                  last edited by

                  @twinkybot No, these arenยดt. There are no open-source drivers currently on the market for RIL, GPU, sensors etc. Reason among others is that vendors are afraid that the get sued for patent infringement, probably many vendors have stolen their hardware & software design from others ๐Ÿ˜‰

                  BR

                  My languages: ๐Ÿ‡ฆ๐Ÿ‡น ๐Ÿ‡ฉ๐Ÿ‡ช ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡บ๐Ÿ‡ธ

                  1 Reply Last reply Reply Quote 0
                  • flohackF Offline
                    flohack @hans1977se
                    last edited by

                    @hans1977se Well theoretically the firmware together with the driver and the kernel (which is the only open source part) can do fancy things which we donยดt know and cannot see. I donยดt know details, but Edward Snowden could tell you more stories ๐Ÿ™‚

                    And no we cannot remove the essential parts to talk with the hardware. There is no way around this. Thatยดs also why some devices will not be able to be upgraded, they are stuck on a kernel version, because their drivers have been compiled against a certain kernel and libc. We can only remove java addons from the vendor, useless Dalvik stuff, and stuff for higher levels of Android that we dont use in general.

                    Mediatek is such an example of a vendor that does not disclose anything to us. We cannot even build the OS for the existing UBuntu 15.04 versions of the BQ devices for example. And we cannot upgrade them to 16.04 except probably the tablets.

                    Unfortunately UBuntu Touch is currently bound to this model. The advantage is that we can run it on much more phones (in theory) than if we would rely on custom drivers. I donยดt even know if smth like this would be possible.

                    The approach of the Librem5 phone is by the way to have these hardware switches to disconnect the parts of the system where open source is not an option. Probably even thme cannot have an open-source baseband processor etc.

                    BR

                    My languages: ๐Ÿ‡ฆ๐Ÿ‡น ๐Ÿ‡ฉ๐Ÿ‡ช ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡บ๐Ÿ‡ธ

                    1 Reply Last reply Reply Quote 3
                    • twinkybotT Offline
                      twinkybot
                      last edited by

                      @Flohack
                      Thanks for the explenation.

                      1 Reply Last reply Reply Quote 0
                      • H Offline
                        hans1977se
                        last edited by

                        Thanks for interesting info @Flohack . ๐Ÿ™‚

                        Like you say this model goes together with a "price", but i hope that in the long term it will not have to be just this model. I hope that in the long run there will as well be some open phones that run Ubuntu Touch in addition. I have read that the goal is that Librem5 will be completely open, but of course it is also quite uncertain whether it will be anything at all.

                        I think that linked post indicates that the privacy leaks are in the low-level libraries, and i was kind of hoping that someone would know. I'll wait for Snowden to show up. ๐Ÿ˜‰

                        1 Reply Last reply Reply Quote 0
                        • flohackF Offline
                          flohack
                          last edited by

                          I really do not like IBM but what they did in the 80ies was genius, and a path that many others should have followed: They designed the IBM-PC to be open for 3rd parties, and gave all the specs for hardware manufacturers. Clearly, because they could not do everything alone, but still it was key to the success of the PC.

                          If we would have again such a hardware company things would improve in months ๐Ÿ˜‰

                          BR

                          My languages: ๐Ÿ‡ฆ๐Ÿ‡น ๐Ÿ‡ฉ๐Ÿ‡ช ๐Ÿ‡ฌ๐Ÿ‡ง ๐Ÿ‡บ๐Ÿ‡ธ

                          1 Reply Last reply Reply Quote 0
                          • H Offline
                            hans1977se
                            last edited by

                            I agree that IBM have done a lot to allow 3rd parties in, and also Microsoft have done a lot to simplify for us developers. Same there though, i'm not a Microsoft fan either. ๐Ÿ™‚

                            Nevertheless, i also think that people developing for phones exaggerate how bad it is on phones. There are a lot of similarities between phones as well. Many use the same soc:s and probably also are based on the same development kits. Displays are also many times very similar although different brands, I think probably the baseband is the most difficult part, which is quite essential on a phone of course, but hopefully not all the drivers would have to be closed in one big blob the way it is now. I guess it's fair to say that this is all goes into kind of defacto standards, which makes it essentially different from the PC, but i do think it is possible benefit a lot by focusing on the similarities.

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post