[sf-lug] Got Money? Want Privacy?

Rick Moen rick at linuxmafia.com
Tue Jun 22 02:17:09 PDT 2021


Quoting John Strazzarino (jstrazza at yahoo.com):

> If you’re Uber concerned about security, the. This is right for you.

I don't agree.

The more you look into the details of the Purism smartphone's design and
implementation, the less impressive it looks after you blow away the
smokescreen of rhetoric about how much they believe and aspire to open
hardware.

The more you look, the more fine print you find that undermines their
claim, e.g., those key components for which binary-only BLOBs are
required and form blackbox components into which neither Purism nor
users have any visibility at all.

Upon checking the fine print, you find that Purism deeply regret that at
_present_ a bunch of the hardware components used are not yet open
hardware, and that Purism hopes to eventually develop genuine open
source code for it, at some future time that cannot be scheduled or
promised other than "we hope it happens".  And, because of that, its
security is crippled from the bottom up in a very important and basic
manner.

Maybe if they spent less on hype and more on product development, they'd
have done at least a little better.

I don't blame them for their product being crippled in its security
aspirations by uncooperative chipset manufacturers, unwilling to give
full specifications except perhaps under NDA (which precludes open
source).  I blame them for misleadingly suggesting, in their promotional
material, that they've pulled off a miracle of open hardware + software
development, when they simply have not.




More information about the sf-lug mailing list