Hey #InfoSec, I am starting to look for a new phone and am considering #Copperhead:
Any thoughts? Is it worth its salt?
@rysiek Librem 5 is a phone by Purism, which aims to be as secure as possible with no nonfree microcode on cpu, separated baseband/cpu, and hardware killswitches. It runs PureOS which is a linux distribution recently approved by FSF. They're still developing it so first batch of prototyping boards will be shipped June 2018, and first batch of complete phones will be shipped January 2019. You can learn more on their website: https://puri.sm/shop/librem-5/
(2/2) »Copperhead is also the only Android ROM that supports verified boot, which prevents exploits from modifying the boot, system, recovery, and vendor device partitions. Coppherhead has also extended this protection by preventing system applications from being overridden by Google Play Store apps, or from writing bytecode to writable partitions (where it could be modified and infected).«
Okay, and yet another ;) : »Unlike stock Android, CopperheadOS treats sensor access as a user-facing permission with a toggle. For compatibility, it’s enabled by default for apps targeting the modern Android platform unlike other runtime permissions. Stock Android only treats heartbeat sensor access as dangerous.«
And here's where/how I discovered Copperhead (in 2015): https://airvpn.org/topic/15527-how-to-improve-cell-mobile-phone-security/
@rysiek Librem 5 promises to be a full Linux system, so it will inherit the ability to control what's going on in the system to a greater degree than with any Android. Even AOSP systems have security issues. There's also the promise of separating the baseband from the CPU, which keeps any binary blobs from being able to do as much damage. The hardware switches for camera and mic are huge, too. And Purism is wildly committed to privacy and ownership of hardware.
@rysiek using it on a nexus 5x and am more relaxed and happy about carrying a phone around than ever, so yes that's good stuff. Now, for pixels you'd have to build yourself or pay for a binary. Situation for European handsets still unclear to me, but I don't have to sort that out until nexus EOL in November so pushing that ahead.
@jeff depends on your threat model™.
For most people I work with that's what we're doing. For myself, Apple's stranglehold on their devices is unacceptable. Things like these are absolutely revolting:
Plus, Apple's security track record during the last few months is... less than perfect:
I get it. My response would be that as far as I know there was no user data leaked when the iPhone crashed and that while scrappy thing for anyone moving in China the VPN apps meeting removed doesn't effect me for the most part.
My threat model is not the same as someone living in China. This is not to belittle the plight of those living in China just to point out that in the US the most secure off the shelf phone is iPhone.