I'd like explanations about the different types of port ?
-
The difference between the two is the Pinephone runs directly on top of the main arm kernel. With the Nexus 5 and all hallium builds, the Ubuntu Touch user interface runs on top of the android hardware stack, using it to access the phone's hardware. The android stack is read only, so much harder to compromise. All UT devices receive updates to enable features and keep them secure.
-
UT is not running in a virtual machine. It replaces the android user interface.
-
@plexfex As far as the security question, the halium 5 devices, such as the Nexus 5, are being upgraded to android 7 as a base.
Which is safer, halium builds vs pinephone?, i'll let the developers weigh in on that.
-
@rocket2nfinity Will it be correct, if i say : when I am using UBports on Nexus 5 I am actually using an Open-Source Android but i am using linux, to control Android ?
so actually Nexus 5 Ubports it is still Android 7? Does Ubports on Nexus 5 still have same security problems, as Android 7 ?
-
@plexfex said in I'd like explanations about the different types of port ?:
so actually Nexus 5 Ubports it is still Android
No it is not, as i understood it only use the linux kernel from android for a given phone as it contains closed source drivers (blobs) from manufacturers to run phone hardware, but i'll not explain further because i may tell something not accurate enough.
Wait for a ubport dev to answer exactly how it works in details. -
@rocket2nfinity Or it actually Linux, that using Android like a base of drivers for phone? So, basically using Ubports = using desktop Linux that using proprietary drivers from Nvidia? Android 7 for UBports = Nvidia drivers for desktop Linux ?
-
Yes basically it is that, and on pinephone linux kernel is "pure" and drivers open source.
-
@Keneda ok, that's sound much better
- Do i understand correct, if someone can hack Android 7, it can get access to my UBport Nexus 5 ? Or because android files is read-only it impossible?
- If some malware/virus could work on Android 7, it could work theoretically it could work on Ubports ? For example, malware that making backdoor to your microphone? i don't know if it does exist, it just for example
-
See here : http://docs.ubports.com/fr/latest/systemdev/kernel-hal.html
Only "android" part on any android device port should be HAL.
-
@plexfex Let me see if I can explain this better. Think of UT using Halium as a three layer cake:
The lowest layer is the hardware. The middle layer is the android drivers and software that interacts with the hardware to make it work, but is not "android" the UI and apps you know. The top layer is that UI or user interface.With a halium build, we remove the top layer known as android, and replace it with UT (or another system such as Lune). Because the android drivers are proprietary, UT must keep the middle layer to interact with the hardware. But, that middle layer is locked down and cannot be altered by a virus. I guess theoretically someone could write a linux exploit that could somehow mess with the hardware driver layer, but it would have to be a linux virus because what you know of as android is no longer present.
The Pinephone does not require that middle layer, because all the parts are as open sourced as possible and linux drivers are available. So the UI can talk to the hardware directly. It's weak spot is the modem, which is proprietary, but is well isolated from the rest of the hardware. Both devices could be compromised by a linux virus, the chance of that happening though a linux security type will need to answer.
-
This post is deleted! -
@rocket2nfinity Great! Super thanks, I am now finally understand the different!
-
@Keneda Thanks for help
-
Even more precise look here : https://halium.org/
There is a graphcal i knew i saw somewhere (probably on this very site lol) and wanted to show you, it makes easy to understend. -
@Keneda thanks for link, Android service doesn't mean Google service, correct ?
-
@plexfex
Correct.
Google services are just apps going on top of android (AOSP). -
@AppLee AOSP is open source Android, but if i uderstand correct still developed by Google. Does it have any tracing tools like gservices ?
-
@plexfex
I'm no expert in this domain, but I don't think so.
Our friends at LineageOS based their OS on AOSP which means they have a fully open source OS (blobs from firmwares like UT) with compatibility with the whole android ecosystem.But they don't add any of google's services, play store or anything of sort.
IMHO AOSP is pretty safe on the privacy front. But I don't like the Java built apps, the APK system and all the memory space lost to the app.
I also prefer confined apps for privacy. -
@AppLee ok,
-
but will I able to use Linux applications only? (without any apk, java, etc.) I mean, what I need is browsing, phone, and sms.
-
can I install any application that work with arm debian Linux, or i have to only applications that on UBports repository ?
-
-
@plexfex
Ubuntu Touch has a wide-ish range of apps in the open store.
You can check them out from your computer: https://open-store.io/Many are webapp (a confined app accessing a unique website ; you can see that as a shortcut but it's much more), but there are also very nice native apps.
You can also install "legacy" apps from arm debian within Libertine.
Libertine is a container available for this purpose but you might have trouble with some apps.Then you have the most experimental feature: Anbox.
Anbox will allow you ton install APK but don't expect a full support.
Apps using Anbox will have only access to the network and all access to media files, contacts, ... won't work.You can find more information regarding Anbox and Libertine on the forum.