Add references. Improve text.
This commit is contained in:
commit
2cfc06cb8d
@ -19,65 +19,96 @@
|
||||
<h2>FOSS is Working Against Itself</h2>
|
||||
<br>
|
||||
<p>Posted: 2022-01-27 (UTC+00:00)</p>
|
||||
<p>Updated: 2022-10-29 (UTC+00:00)</p>
|
||||
<p>Updated: 2022-11-09 (UTC+00:00)</p>
|
||||
<br>
|
||||
<h4>Introduction</h4>
|
||||
<p>The world has become a dangerous, privacy invading, human rights stripping,
|
||||
totalitarian place; in order to combat this, people are joining a growing,
|
||||
and dangerous, trend, which I will refer to in this post as the "FOSS
|
||||
movement".
|
||||
and dangerous, trend, which I will refer to in this post as the "Free and
|
||||
Open Source (FOSS) movement".
|
||||
With that stated, I will now debunk the misinformation being spread inside
|
||||
of this extremely flawed movement.</p>
|
||||
<br>
|
||||
<p>The FOSS movement is an attempt to regain privacy and control over our
|
||||
<p>The
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Free_software"
|
||||
>FOSS</a> movement is an attempt to regain privacy and control over our
|
||||
devices and data, but the entire concept of FOSS-only, at the current time,
|
||||
is severely, and dangerously, flawed. What the FOSS community does not seem
|
||||
to understand is the fact that most FOSS software cares not about security.
|
||||
to understand is the fact that most FOSS software cares not about
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Security"
|
||||
>security</a>.
|
||||
"Security"; keep that word in mind as you progress through this article.
|
||||
What is security? Security is being safe and secure from adversaries and
|
||||
unwanted consequences; security protects our rights and allows us to
|
||||
protect ourselves. Without security, we have no protection, and without
|
||||
protection, we have a lack of certainty of everything else, including
|
||||
privacy and control, which is what the FOSS movement is seeking.</p>
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Privacy"
|
||||
>privacy</a> and
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Control_(psychology)"
|
||||
>control</a>, which is what the FOSS movement is seeking.</p>
|
||||
<br>
|
||||
<p>FOSS projects rarely take security into account; they simply look at the
|
||||
surface level, rather than the actual root cause of the issues they are
|
||||
surface level, rather than the actual
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Root_cause_analysis"
|
||||
>root cause</a> of the issues they are
|
||||
attempting to fight against. In this case, the focus is on privacy and
|
||||
control. Without security mechanisms to protect the privacy features and
|
||||
the ability to control your devices and data, it can be stripped away as
|
||||
if it never existed in the first place, which, inevitably, leads us back to
|
||||
the beginning, and the cycle repeats. With this ideology, privacy and
|
||||
the beginning, and the cycle repeats. With this
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Ideology"
|
||||
>ideology</a>, privacy and
|
||||
control will *never* be achieved. There is no foundation to build privacy
|
||||
or control upon. It is impossible to build a solid, freedom respecting
|
||||
platform on this model.</p>
|
||||
<br>
|
||||
<h4>Example: Smartphones</h4>
|
||||
<p>A FOSS phone, especially so-called "Linux phones" are completely
|
||||
<p>A FOSS phone, especially so-called
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Linux_for_mobile_devices#Smartphones"
|
||||
>"Linux phones"</a> are completely
|
||||
detrimental to privacy and control, because they do not have the security
|
||||
necessary to enforce that privacy. Unlocked bootloaders prevent the device
|
||||
from verifying the integrity of the boot chain, including the OS, meaning
|
||||
any big tech or government entity can simply inject malicious code into
|
||||
necessary to enforce that privacy.
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Bootloader_unlocking"
|
||||
>Unlocked bootloaders</a> prevent the device
|
||||
from
|
||||
<a class="body-link" href="https://source.android.com/docs/security/features/verifiedboot/"
|
||||
>verifying the integrity of the boot chain</a>, including the OS, meaning
|
||||
any adversary, whether a stranger who happens to pick up the device, or
|
||||
a big tech or government entity, can simply inject malicious code into
|
||||
your software and you wouldn't have any idea it was there. If that's not
|
||||
enough of a backdoor for you to reconsider your position, how about the
|
||||
trivial evil maid and data extraction attacks which could be executed on
|
||||
your device, whether with coercion or not? With Android phones, this is
|
||||
trivial
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Evil_maid_attack"
|
||||
>evil maid</a> and data extraction attacks which could be executed on
|
||||
your device, without coercion? With Android phones, this is
|
||||
bad enough to completely break the privacy and control the FOSS movement
|
||||
seeks, but "Linux phones" take it a step further by implementing barely any
|
||||
security, if any at all. Privilege escalation is trivial to achieve on any
|
||||
Linux system, which is the reason Linux hardening strategies often include
|
||||
restricting access to the root account; if you root your Android phone, or
|
||||
security, if any at all.
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Privilege_escalation"
|
||||
>Privilege escalation</a> is trivial to achieve on any
|
||||
Linux system, which is the reason Linux
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Hardening_(computing)"
|
||||
>hardening</a> strategies often include
|
||||
restricting access to the root account; if you
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Rooting_(Android)"
|
||||
>root your Android phone</a>, or
|
||||
use a "Linux phone", you've already destroyed the security model, and thus
|
||||
privacy and control model you were attempting to achieve. Not only are
|
||||
these side effects of FOSS, so is the absolutely illogical restriction of
|
||||
not being able to, or making it unnecessarily difficult to, install and
|
||||
update critical components of the system, such as proprietary firmware,
|
||||
which just so happens to be almost all of them. "Linux phones" are not as
|
||||
free as they proclaim to be.</p>
|
||||
update critical components of the system, such as proprietary
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Firmware"
|
||||
>firmware</a>, which just so happens to be almost all of them.
|
||||
"Linux phones" are not as free as they proclaim to be.</p>
|
||||
<br>
|
||||
<p>You may ask "What's so bad about using LineageOS?", to which I answer with
|
||||
<p>You may ask "What's so bad about using
|
||||
<a class="body-link" href="https://lineageos.org/"
|
||||
>LineageOS</a>?", to which I answer with
|
||||
"What's not bad about it?".<br>
|
||||
<br>
|
||||
- LineageOS uses debug builds, not safe and secure release builds.<br>
|
||||
- LineageOS uses
|
||||
<a class="body-link" href="https://github.com/LineageOS/hudson/blob/master/lineage-build-targets"
|
||||
>debug builds</a>, not safe and secure release builds.<br>
|
||||
- LineageOS requires an unlocked bootloader. Even when installed on devices
|
||||
which support custom Android Verified Boot (AVB) keys, the bootloader cannot
|
||||
be locked due to lack of the OS being signed.<br>
|
||||
@ -85,10 +116,14 @@ be locked due to lack of the OS being signed.<br>
|
||||
flashing, requiring users to perform a second update to install this firmware;
|
||||
this likely causes users to ignore the notification or miss firmware
|
||||
updates.<br>
|
||||
- LineageOS does not implement rollback protection, meaning any adversary,
|
||||
from a stranger who picks up the device, to a goverment entity remotely, can
|
||||
simply downgrade the OS to a previous version in order to exploit known
|
||||
security vulnerabilities.<br>
|
||||
- LineageOS does not implement
|
||||
<a class="body-link" href="https://source.android.com/docs/security/features/verifiedboot/verified-boot#rollback-protection"
|
||||
>rollback protection</a>, meaning any adversary,
|
||||
from a stranger who physically picks up the device, to a goverment entity
|
||||
remotely, can simply downgrade the OS to a previous version in order to exploit
|
||||
known
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Vulnerability_(computing)"
|
||||
>security vulnerabilities</a>.<br>
|
||||
<br>
|
||||
LineageOS is not the only Android OS (commonly, and incorrectly, referred
|
||||
to as a "ROM") with such issues, but it is one of the worst. The only
|
||||
@ -101,21 +136,33 @@ production OS.</p>
|
||||
you to use logic, fact, and evidence, not emotion, which is a difficult
|
||||
pill for most people to swallow. Use your adversaries' weapons against
|
||||
them. The only way to effectively combat the privacy invasion and lack of
|
||||
control of our devices and data is to become a renegade and not take sides.
|
||||
control of our devices and data is to become a
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Turncoat"
|
||||
>renegade</a> and not take sides.
|
||||
Yes, that means not taking sides with the closed source, proprietary, big
|
||||
tech and government entities, but it also means not taking sides with any
|
||||
FOSS entities. The only way to win this war is to take *whatever* hardware
|
||||
and software you can, and use it tactically.</p>
|
||||
<br>
|
||||
<p>The only solution for phone security, privacy, and control, is to use
|
||||
a Google Pixel (currently, Pixel 4-series or newer) running GrapheneOS. Google
|
||||
Pixel phones allow you complete bootloader freedom, including the ability
|
||||
to lock the bootloader after flashing a custom OS (GrapheneOS includes a
|
||||
custom OS signing key to allow locking the bootloader and enabling verified
|
||||
boot to prevent malware persistence, evil maid attacks, and boot chain
|
||||
corruption), long device support lifecycles (minimum 3 years for Pixel 3a
|
||||
series to Pixel 5a, minimum 5 years for Pixel 6 series), and fast,
|
||||
guaranteed security updates for the entire support timeframe of the
|
||||
a Google Pixel (currently, Pixel 4a-series or newer) running
|
||||
<a class="body-link" href="https://grapheneos.org/"
|
||||
>GrapheneOS</a>. Google Pixel phones allow you complete bootloader freedom,
|
||||
including the
|
||||
<a class="body-link" href="https://android.googlesource.com/platform/external/avb/+/master/README.md#pixel-2-and-later"
|
||||
>ability to lock the bootloader after flashing a custom OS</a>
|
||||
(GrapheneOS includes a custom OS signing key to allow locking the bootloader
|
||||
and enabling verified boot to prevent
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Malware"
|
||||
>malware</a> persistence, evil maid attacks,
|
||||
and boot chain
|
||||
<a class="body-link" href="https://en.wikipedia.org/wiki/Data_corruption"
|
||||
>corruption</a>),
|
||||
<a class="body-link" href="https://support.google.com/nexus/answer/4457705"
|
||||
>long device support lifecycles</a> (minimum 3 years for
|
||||
Pixel 4a-series to Pixel 5a, minimum 5 years for Pixel 6-series and newer), and
|
||||
<a class="body-link" href="https://source.android.com/docs/security/bulletin/pixel/"
|
||||
>guaranteed monthly security updates</a> for the entire support timeframe of the
|
||||
devices.</p>
|
||||
<br>
|
||||
<h4>Conclusion</h4>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user