I'd like explanations about the different types of port ?

plexfex

Hi, i am not from IT, linux is more my hobby.
Could you please explain me differents between GSI UBports Linux on Nexus 5, and UBports on PinePhone?
If I understand correct, linux that you can install on PinePhone is using of arm linux core, while GSI for Nexus 5 works on a base of Android.

1.Could you please explain, what does it mean based on Android? Does it mean, that it just modified open-source Android, that launch linux on "virtual machine" ?

2.Will i get updates for UBports on Nexus 5 ?

3.Is using Linux on Nexus 5 will be same secure as using UBports on PinePhone, i mean if UBports for nexus 5 based on android, if i understand correct, it should be less secure, because Android 4 less secure than Android 10.

I like linux because of less tracking and more secure(less malware, more control, ability customising)

rocket2nfinity

The difference between the two is the Pinephone runs directly on top of the main arm kernel. With the Nexus 5 and all hallium builds, the Ubuntu Touch user interface runs on top of the android hardware stack, using it to access the phone's hardware. The android stack is read only, so much harder to compromise. All UT devices receive updates to enable features and keep them secure.

rocket2nfinity

UT is not running in a virtual machine. It replaces the android user interface.

rocket2nfinity

@plexfex As far as the security question, the halium 5 devices, such as the Nexus 5, are being upgraded to android 7 as a base.

Which is safer, halium builds vs pinephone?, i'll let the developers weigh in on that.

plexfex

@rocket2nfinity Will it be correct, if i say : when I am using UBports on Nexus 5 I am actually using an Open-Source Android but i am using linux, to control Android ?

so actually Nexus 5 Ubports it is still Android 7? Does Ubports on Nexus 5 still have same security problems, as Android 7 ?

Keneda

@plexfex said in I'd like explanations about the different types of port ?:

so actually Nexus 5 Ubports it is still Android

No it is not, as i understood it only use the linux kernel from android for a given phone as it contains closed source drivers (blobs) from manufacturers to run phone hardware, but i'll not explain further because i may tell something not accurate enough.
Wait for a ubport dev to answer exactly how it works in details.

plexfex

@rocket2nfinity Or it actually Linux, that using Android like a base of drivers for phone? So, basically using Ubports = using desktop Linux that using proprietary drivers from Nvidia? Android 7 for UBports = Nvidia drivers for desktop Linux ?

Keneda

@plexfex

Yes basically it is that, and on pinephone linux kernel is "pure" and drivers open source.

plexfex

@Keneda ok, that's sound much better

1. Do i understand correct, if someone can hack Android 7, it can get access to my UBport Nexus 5 ? Or because android files is read-only it impossible?
2. If some malware/virus could work on Android 7, it could work theoretically it could work on Ubports ? For example, malware that making backdoor to your microphone? i don't know if it does exist, it just for example

Keneda

@plexfex

See here : http://docs.ubports.com/fr/latest/systemdev/kernel-hal.html

Only "android" part on any android device port should be HAL.

rocket2nfinity

@plexfex Let me see if I can explain this better. Think of UT using Halium as a three layer cake:
The lowest layer is the hardware. The middle layer is the android drivers and software that interacts with the hardware to make it work, but is not "android" the UI and apps you know. The top layer is that UI or user interface.

With a halium build, we remove the top layer known as android, and replace it with UT (or another system such as Lune). Because the android drivers are proprietary, UT must keep the middle layer to interact with the hardware. But, that middle layer is locked down and cannot be altered by a virus. I guess theoretically someone could write a linux exploit that could somehow mess with the hardware driver layer, but it would have to be a linux virus because what you know of as android is no longer present.

The Pinephone does not require that middle layer, because all the parts are as open sourced as possible and linux drivers are available. So the UI can talk to the hardware directly. It's weak spot is the modem, which is proprietary, but is well isolated from the rest of the hardware. Both devices could be compromised by a linux virus, the chance of that happening though a linux security type will need to answer.

plexfex

This post is deleted!

plexfex

@rocket2nfinity Great! Super thanks, I am now finally understand the different!

plexfex

@Keneda Thanks for help

Keneda

@plexfex

Even more precise look here : https://halium.org/
There is a graphcal i knew i saw somewhere (probably on this very site lol) and wanted to show you, it makes easy to understend.

plexfex

@Keneda thanks for link, Android service doesn't mean Google service, correct ?

AppLee

@plexfex
Correct.
Google services are just apps going on top of android (AOSP).

plexfex

@AppLee AOSP is open source Android, but if i uderstand correct still developed by Google. Does it have any tracing tools like gservices ?

AppLee

@plexfex
I'm no expert in this domain, but I don't think so.
Our friends at LineageOS based their OS on AOSP which means they have a fully open source OS (blobs from firmwares like UT) with compatibility with the whole android ecosystem.

But they don't add any of google's services, play store or anything of sort.

IMHO AOSP is pretty safe on the privacy front. But I don't like the Java built apps, the APK system and all the memory space lost to the app.
I also prefer confined apps for privacy.

plexfex

@AppLee ok,

1. but will I able to use Linux applications only? (without any apk, java, etc.) I mean, what I need is browsing, phone, and sms.

2. can I install any application that work with arm debian Linux, or i have to only applications that on UBports repository ?