• le_saucisson_masquay@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    15
    ·
    7 months ago

    Linux on phone is great for privacy but can you say that on security ?? It’s open source, not very popular. We’ve seen how it can go wrong recently.

    Id put it in third after grapheneos. But the end result is that it’s not suitable anyway.

    • uis
      link
      fedilink
      English
      arrow-up
      8
      ·
      7 months ago

      Do you understand what you say?

        • Aniki 🌱🌿
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          1
          ·
          edit-2
          7 months ago

          There’s no “us” – just your dumbass.

          It’s open source, not very popular.

          • le_saucisson_masquay@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            arrow-down
            10
            ·
            7 months ago

            Your dumbass should check XZ Backdoor.

            It was open source, yet only blind luck led a Microsoft developer to uncover it. It would have gone in most Linux installation otherwise.

            All because of an unpopular package that was maintained by a very few people.

            • Aniki 🌱🌿
              link
              fedilink
              English
              arrow-up
              11
              arrow-down
              2
              ·
              edit-2
              7 months ago

              Which was an exception to the rule and found immediately because of open source but go on with your bad self. Hell, they did so much investigative work they figured out it was a Russian hacker masquerading as a Chinese hacker.

              • bitfucker@programming.dev
                link
                fedilink
                English
                arrow-up
                7
                arrow-down
                1
                ·
                7 months ago

                Wait, they have figured out the source now? Can you give me the link for more reading on how they did it?

              • le_saucisson_masquay@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                3
                ·
                7 months ago

                Exception to the rule ?? I’d argue you have no idea how many times it succeeded because that’s the point. We only know what failed, if this worked I have no doubt that companies running Pegasus which have hundreds of millions of dollar of budget every year can success.

                Open source when not maintained properly is fundamentally flawed, there just need one weak element in the chain, one package maintained by a handful of people on their own time.

                • CrazyLikeGollum@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  7 months ago

                  Do you know how many times Microsoft has had a supply chain attack inject a critical vulnerability into Windows? Or how many times a malicious insider at Apple has added a backdoor to iOS?

                  Nope, and you cant possibly know because those systems are closed.

                  With open source software you have the ability to audit the code for vulnerabilities. We have the ability to reasonably state that that incident was an exception to the rule because its so easy to see the available code and major security incidents tend to become major news.

                  • le_saucisson_masquay@sh.itjust.works
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    arrow-down
                    1
                    ·
                    7 months ago

                    An open not maintained system is worst than a well maintained but closed one. There are billions of $ behind window and macos. Some critical package on Linux are maintained by 2 guys during their spare time…