Follow

The new "lockdown mode" on the Purism phones really bugs me.

puri.sm/posts/lockdown-mode-on

Tried to avoid saying anything, because heck, I'm not doing it. But this is exactly the problems you start having when you don't have application confinement and lifecycle considerations built into your core.

Purism isn't building a phone, they're building a 5" portable laptop with an on-screen keyboard.

Perhaps some people want that, but I definitely don't. I expect many customers won't be impressed also.

@ted why is that not a phone (all smart phones these days are basically computers that can make a phone call)

This lockdown mode while a bit radical does make it so you can again “trust” your phone to not do something when you do not want it to do.

Purism is itself targeting a niche market with there machines that can not boot windows at all.

Similarly they try to target this market with the phone. (I just wish they were not subject to the patriot act, so I could get 1)

@sysosmaster for a few reasons.

Phones spend most of their time trying to go to sleep, which basically requires at least help, if not control over the applications. Standard desktops doesn't have that.

The lockdown mode justification starts from the fact that if GPS is on, all applications can access it constantly. That assumptions a failure on most phones. They can access it if you give them permission. You should be able to trust an Open Source phone to enforce that permission.

@ted well let’s take GPS (and alternatives). Having it on means that anyone that manages to bypass / breakout of the sandbox or has root access can read the current location of the device. The only way around that is powering the chip down.
If you are someone that might be targeted by a state level actor this means you can be assured they (during the lockdown) can not track your phone or extract the location data at a later time.
1/2

@ted Think of activist or journalist in oppressive regimes (or even the USA with there patriot act) that are being critical on the current regime. They might not want to make it easy for them to proof there case.

Or what if your a member of a targeted group (say a cristian in Iran) and you want to visit a church without any records to show you were there.

There can even come a time you would want a feature like this.
It is something to ponder about.
2/2

@sysosmaster what if that same state-level actor that could load software on your phone without you knowing also modified the switch to not work?

@sysosmaster @ted So now you've got suspicious gaps in your GPS record where you've turned it off?

Far better for apps to *always* not have GPS access when you're not deliberately using them.

@sysosmaster @ted If the choice is “I can flick this switch and then my phone doesn't work properly, but I can't be tracked” then to a first approximation flicking that switch is strong evidence of nefarious activity.

@RAOF @ted you can always explain the gap with gps as “my phone was off” (something that’s hard to do these days...) and yes you could infer nefarious activity took place in between the gaps. But proof it you can’t. It’s also not a switch for the lockdown mode it’s all three of the hardware switches together.

@RAOF @ted So you always have the “camera & mic”, the “Wifi and Bluetooth” and the “Baseband” chips powered off electrically before the gps, light sensor, compass and accelerometer are powered down.

I would not consider my phone to not be working properly for that time. But I would properly not use this mode much. (If I had the option).

But I do think there is a niche market that would love this option so it’s good it now exists.

@ted @sysosmaster "you should be able to trust"

> should

this kind of redundancy and hardware-based enforcement looks like a great idea to me!

(also because sometimes i'd like to turn off gps or whatever without having to look at the phone, unlock the screen, etc.)

@carcinopithecus @ted the more I learn about Infosec / RoP (gadgets) and other techniques the less I trust just software. (It’s not that I do not trust developers it’s that it’s so hard to make secure applications at all)

@ted "Purism isn't building a phone, they're building a 5" portable laptop with an on-screen keyboard." 😆 That made me slurp and laugh. Sassy, but not inaccurate I guess.

Sign in to participate in the conversation
Mastodon

A server setup for the users of gould.cx to connect to the greater ActivityPub network.