UB Touch and privacy/security
-
@MK73 This should be sticky
-
Generally I'm inclined against using do-not-track in browsers. It is widely disregarded so has limited effect, yet being also used by relatively few people, it makes them easier to fingerprint.
On Ubuntu Touch, however, we have to accept that we are highly fingerprintable simply because of the platform that we use. Therefore there might be little harm in enabling do-not-track.
That said, I've never found a do-not-track setting in UT. Does one exist?
Another consideration is physical security. With an unlocked bootloader and no local data encryption*, in this area the platform currently lags far behind Android and Ios, as anyone with physical possession of the phone can extract user data simply by flashing an Android recovery like TWRP, regardless of any screen lock PIN or password the user might have set.
(* There is a terminal workaround discussed elsewhere on this forum that allows encrypting /home/phablet, but it's not for the faint of heart, is liable to break with large updates, and is not supported by the UBPorts developers.)
-
You may also find these three Why Ubuntu Touch Matters blogs of interest on general ways to keep things safe online.
https://ubports.com/blog/ubports-blog-1/post/why-i-am-fan-of-ubuntu-touch-os-201
https://ubports.com/blog/ubports-blog-1/post/internet-and-some-precautions-we-can-take-205
https://ubports.com/blog/ubports-blog-1/post/ubuntu-touch-safety-architecture-208
-
@trainailleur Even with encryption, there's no real protection, as we cannot re-lock the bootloader. It is unfortunate, but it is what it is.
As for the encrypting of home directory data only with ecryptfs, it should be noted that ecryptfs is deprecated, and no longer used in upstream Ubuntu either.
-
@dobey said in UB Touch and privacy/security:
@trainailleur Even with encryption, there's no real protection, as we cannot re-lock the bootloader. It is unfortunate, but it is what it is.
Someone with physical access who flashed a recovery could indeed copy an encrypted file or partition. At that point they still have to crack the encryption though. I would agree that's not absolute protection, but very little is (even a hardware keystore on a phone not captured live for a cold boot attack is likely vulnerable to an electron microscopy attack). How many people are going to be up to cracking luks encryptiion compared to simply flashing recovery and seeing what data can be copied from an unencrypted device?
Basically I don't want to lose sleep over a B-grade criminal pawing through my private data on a lost or stolen device. If a state intelligence agency wants what's on my phone, I have to assume they have it already.
And if the phone is turned on but locked and developer options aren't turned on, is the phone any more vulnerable than any other turned on, locked smartphone?
As for the encrypting of home directory data only with ecryptfs, it should be noted that ecryptfs is deprecated, and no longer used in upstream Ubuntu either.
Those whom I know are doing it are encrypting a file with luks, then mounting the mapper device of the unlocked file on top of /home/phablet. Not perfect, but better than nothing, and luks/cryptsetup doesn't appear to be going anywhere. If it did, I seem to recall from many years ago that it's not too hard to compile.
Long-belated edit correcting description of the mount (I had described it initially in the wrong direction).
-
@MK73 So, for example, can I safely assume that none of the apps or webapps on an Ubuntu Touch device can use the camera and/or microphone to "spy" on me or record activity without my knowledge (as can and has happened on android devices)?
-
@dln949 you can pretty safely assume that UT apps don't spy on you while they are not focused/actively in use by you as long as they are confined, as they get suspended (given you haven't deactivated it for the app) as soon as you have another app in the foreground or you turn off the screen. When it comes to unconfined apps: they all have to be opensource (their source code has to be publicly available) and have been reviewed if they are in openstore, so everyone can check what the app does in the background (if at all). The apps could still spy on you while in foreground/in use (if they announced to use camera/mic). But also most most of the (native) apps in the openstore are opensource anyway. So you can never be 100% sure, but its very very unlikely.
-
Hello @MK73
I am not an expert in OS, but I would like to ask : in what way Ubuntu Touch OS vision of the control about digital life differ to the vision of degoogled Android OS, like e/OS or GrapheneOS ?
Thank you for insight
Thomas -
@Thomas I presume your choice between a de-Googled Android and Ubuntu Touch should revolve around whether you want Ubuntu as your Operating System on the phone or not. We take security seriously and we're slowly catching up, see encryption of your data being a thing on 24.04.
-
Hello @fredldotme
Thank you very much for your answer !!
Sorry for the delay, I was not notified
Actually, I am a very infrequent phone user. My main point is privacy, notably avoiding tracking.
What make me hesitate is :-
On UT, there are probably no tracker at all in the OS, but maybe some in the (web) apps. And there are still some when browsing the web
-
On DeGoogled OS, there may be links with Google Servers (but I think spoofing the identity with microG), but some systems may block a list of trackers at DNS level, and some VPN (suited to Android but not UT) can block even more trackers
Which side is the balance tipping toward ?
Thanks again
Thomas
-
