UBports Robot Logo UBports Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    UB Touch and privacy/security

    Scheduled Pinned Locked Moved General
    16 Posts 12 Posters 2.9k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
      Reply
      • Reply as topic
      Log in to reply
      This topic has been deleted. Only users with topic management privileges can see it.
      • LakotaubpL Offline
        Lakotaubp
        last edited by Lakotaubp

        You may also find these three Why Ubuntu Touch Matters blogs of interest on general ways to keep things safe online.

        https://ubports.com/blog/ubports-blog-1/post/why-i-am-fan-of-ubuntu-touch-os-201

        https://ubports.com/blog/ubports-blog-1/post/internet-and-some-precautions-we-can-take-205

        https://ubports.com/blog/ubports-blog-1/post/ubuntu-touch-safety-architecture-208

        1 Reply Last reply Reply Quote 0
        • dobeyD Offline
          dobey @trainailleur
          last edited by

          @trainailleur Even with encryption, there's no real protection, as we cannot re-lock the bootloader. It is unfortunate, but it is what it is.

          As for the encrypting of home directory data only with ecryptfs, it should be noted that ecryptfs is deprecated, and no longer used in upstream Ubuntu either.

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            trainailleur @dobey
            last edited by trainailleur

            @dobey said in UB Touch and privacy/security:

            @trainailleur Even with encryption, there's no real protection, as we cannot re-lock the bootloader. It is unfortunate, but it is what it is.

            Someone with physical access who flashed a recovery could indeed copy an encrypted file or partition. At that point they still have to crack the encryption though. I would agree that's not absolute protection, but very little is (even a hardware keystore on a phone not captured live for a cold boot attack is likely vulnerable to an electron microscopy attack). How many people are going to be up to cracking luks encryptiion compared to simply flashing recovery and seeing what data can be copied from an unencrypted device?

            Basically I don't want to lose sleep over a B-grade criminal pawing through my private data on a lost or stolen device. If a state intelligence agency wants what's on my phone, I have to assume they have it already.

            And if the phone is turned on but locked and developer options aren't turned on, is the phone any more vulnerable than any other turned on, locked smartphone?

            As for the encrypting of home directory data only with ecryptfs, it should be noted that ecryptfs is deprecated, and no longer used in upstream Ubuntu either.

            Those whom I know are doing it are encrypting a file with luks, then mounting the mapper device of the unlocked file on top of /home/phablet. Not perfect, but better than nothing, and luks/cryptsetup doesn't appear to be going anywhere. If it did, I seem to recall from many years ago that it's not too hard to compile.

            Long-belated edit correcting description of the mount (I had described it initially in the wrong direction).

            1 Reply Last reply Reply Quote 2
            • D Offline
              dln949 @MK73
              last edited by

              @MK73 So, for example, can I safely assume that none of the apps or webapps on an Ubuntu Touch device can use the camera and/or microphone to "spy" on me or record activity without my knowledge (as can and has happened on android devices)?

              H 1 Reply Last reply Reply Quote 0
              • H Offline
                hummlbach @dln949
                last edited by hummlbach

                @dln949 you can pretty safely assume that UT apps don't spy on you while they are not focused/actively in use by you as long as they are confined, as they get suspended (given you haven't deactivated it for the app) as soon as you have another app in the foreground or you turn off the screen. When it comes to unconfined apps: they all have to be opensource (their source code has to be publicly available) and have been reviewed if they are in openstore, so everyone can check what the app does in the background (if at all). The apps could still spy on you while in foreground/in use (if they announced to use camera/mic). But also most most of the (native) apps in the openstore are opensource anyway. So you can never be 100% sure, but its very very unlikely.

                1 Reply Last reply Reply Quote 0
                • T Offline
                  Thomas @MK73
                  last edited by

                  Hello @MK73
                  I am not an expert in OS, but I would like to ask : in what way Ubuntu Touch OS vision of the control about digital life differ to the vision of degoogled Android OS, like e/OS or GrapheneOS ?
                  Thank you for insight
                  Thomas

                  fredldotmeF 1 Reply Last reply Reply Quote 1
                  • fredldotmeF Online
                    fredldotme @Thomas
                    last edited by

                    @Thomas I presume your choice between a de-Googled Android and Ubuntu Touch should revolve around whether you want Ubuntu as your Operating System on the phone or not. We take security seriously and we're slowly catching up, see encryption of your data being a thing on 24.04.

                    For a list of my contributions to Ubuntu Touch visit: https://fredl.me

                    If you have enjoyed my work on Ubuntu Touch over the years, please donate to my causes:

                    • PayPal: https://paypal.me/beidl
                    • Liberapay: https://liberapay.com/fredldotme
                    T 1 Reply Last reply Reply Quote 1
                    • T Offline
                      Thomas @fredldotme
                      last edited by

                      Hello @fredldotme

                      Thank you very much for your answer !!

                      Sorry for the delay, I was not notified

                      Actually, I am a very infrequent phone user. My main point is privacy, notably avoiding tracking.
                      What make me hesitate is :

                      1. On UT, there are probably no tracker at all in the OS, but maybe some in the (web) apps. And there are still some when browsing the web

                      2. On DeGoogled OS, there may be links with Google Servers (but I think spoofing the identity with microG), but some systems may block a list of trackers at DNS level, and some VPN (suited to Android but not UT) can block even more trackers

                      Which side is the balance tipping toward ?

                      Thanks again

                      Thomas

                      I 1 Reply Last reply Reply Quote 0
                      • I Offline
                        idonthatevests @Thomas
                        last edited by

                        @Thomas You can block many web trackers on UT using uAdblockNG application. Running Firefox on UT requires some additional steps, but possible.

                        T 1 Reply Last reply Reply Quote 0
                        • T Offline
                          Thomas @idonthatevests
                          last edited by

                          @idonthatevests
                          Thank you very much for your answer
                          Actually, I already have a Degoogled Android on Fairphone
                          I wonder what UT do more for privacy
                          I have not read the page refered by @lakotaubp : it will probably answer my question
                          Thanks again
                          Thomas

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post