Meta-Issue: Hardware Section #904
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#904
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
I'm making this issue to track hardware related issues to build a new "Hardware" standalone recommendations section. We're also tracking these issues and pull requests in Milestone 2.
We need to split hardware into multiple sub-categories, because there's just too much to cover in a simple top 3 recommendations section. I'm writing down every recommendation here and linking to their respective issues, regardless of whether or not they'll actually be added. Discuss each recommendation in their own issue.
Hardware Recommendations
1 Recommended by FSF: https://www.fsf.org/resources/hw/endorsement/respects-your-freedom
Hardware Comments/Other
More Info...
If you have a suggestion for a new sub-section or any ideas on how we should organize a new hardware section, please comment in this issue! If you have a concern with a specific recommendation, please go to the related standalone issue for that recommendation and comment there! If a standalone issue for a recommendation does not yet exist and you want to discuss it, please create a new issue and link back to here so we can get this list updated!
Some of the projects listed rely heavily on non-free software.
Please view: #616
Non-free List:
Google Pixel - I don't feel like I need to expand on this one.
There is a reason Purism chose NitroKey.
Haven't looked much into U2F Zero or Usb Armory.
Edit:
I would like to correct myself on the Tallos 2.
https://www.fsf.org/blogs/licensing/support-the-talos-ii-a-candidate-for-respects-your-freedom-certification-by-pre-ordering-by-september-15
Sorry
If it is necessary to add a non-free phone.
I could stand by one of the old galaxy phones.
Maybe list the S2 or N2 or S3?
Fairphone isn't the worst?
https://blog.replicant.us/tag/fairphone/
Maybe just add to worth mentioning?
Edit:
Also the Librem 5 isn't released yet and I have doubt that it will actually be RYF certified.
Wifi/Bluetooth will be hard getting to work and even then the name is very similar to the other devices.
This might be a disqualification.
A device to add: EOMA68
Must agree with @asddsaz Google Pixel is non-free regardless of how you look at it.
If I recall properly Yubikey is non-free.
Is USB Armory or U2FZero fully FLOSS to FSF standards?
EOMA68 looks very intriguing. Not yet released though.
In relation to NitroKey: https://github.com/Nitrokey/nitrokey-pro-firmware/issues/48
Of course the Google Pixel is non-free, but it's also the most secure option available out of any Android phone so I wasn't sure if that should factor in. Requirements are unclear.
Well first of all we want to seperate secure from free, and see what we see as more important, should one run libresoftware thats barely maintained, or rather run not fully libresoftware thats actively maintained and known to be secure.
Replicant has one of the worlds best bug tracking programs and is backed by the FSF.
More info: https://www.wikipedia.org/wiki/Replicant_(operating_system)#Security
As for Android devices, the Fairphone does a good job in the security department.
https://www.wikipedia.org/wiki/Fairphone_2#Software, https://archive.is/omCtt#Software
Read warning: https://blog.replicant.us/tag/fairphone/
Privacytools.io is supposed to recommend the best tools. Not all of them.
I think that the hardware-section is a grand idea, but I would strongly suggest that it should be tied to the software-sections. People don't buy "hardware" what they buy is "something to run the apps that I need".
In the case of privacyToolsIO, we have a huge long list of all the apps that a privacy-conscious person might need. Thus, the key question that the hardware-section should answer, is: what is the maximally privacy-respecting hardware, that is compatible with a large percentage of the software listed in all the other privacyToolsIO listings?
And then, the reverse question: some particular person in the readership, is getting [software tool X] and is wanting to know, which hardware is the most privacy-respecting hardware, which is compatible with [tool X] specifically? Ideally, there would be some kind of a system where the enduser can tick checkboxes of the tools they like, in the /summary ...and then, when they get to the hardware-section, see some kind of indicator that tells them "of your 9 checkbox'd software tools, you will be able to use them on [samsung1 lg2 samsung3] smartphone simultaneously with [intel1 amd2 intel3] laptop" type of thing.
If I check the box for LineageOS in the mobile section, I want to see S9/S9+ listed, but I also want to see S5 listed (removable battery is a kinda-sorta form of baseband killswitch). If I am interested in Replicant however, it won't run on the S9/S9+ and that means I want to see the S3 listed, or whatever. TorBrowser only official runs on laptops and desktops, it is unofficial on mobiles. Signalapp probably won't run on the Librem5, at least on launch-day, because Librem5 is going to be a DebianPhone and signalapp only runs on android + iOS right now. Maybe the Librem5 will get an unofficial android-multiboot option, or maybe signalapp will get an unofficial volunteer-port to the Librem5, or maybe both. GrapheneOS is super-secure, but only runs on very specialized hardware: Pixel 1/XL/2/2XL/3/3XL, and is best on 2+ units.
My point is, the software-choices are what determine the hardware-choices, not vice versa. Because a lot of the privacyToolsIO listings are cross-platform (which is a very helpful feature), plenty of tools will run on most kinds of hardware. GrapheneOS has very specific hardware-requirements, but once you have a Pixel, you can run almost any Android-app as long as you are able to install FDroid and then Yalp, to get around the (purposeful and privacy-oriented) lack of playStore. Signalapp will work fine thataway, and so on. But you cannot run TorBrowser on your GrapheneOS device, unless you are okay with alpha-state software. You can run FirefoxFocus with one "fairly benign" tracker, or FirefoxKlar with zero-but-some-headaches. You can also install BraveBrowser, presumably, no trackers detected by exodus, but I'm not sure if that means zero or it just means none-detected.
@five-c-d Last I checked Replicant supported F-Droid. 1
Therefore F-Droid apps would be available to install. Plus, you can still install Yalp Store.
As for the other devices,
Most of the listed laptops/tablets/SoC ship with a Debian fork like gNewSense, PureOS, or Trisquel. These all support .deb packages.
If I recall correctly the rest utilize a more ARM-freindly OS like Parabola (based on Arch).
Yeah, I think Replicant is decent in terms of software-support. Like with GrapheneOS, you start with FDroid, and if you need more than that, you can install Yalp/similar. The main limitation of Replicant, is that if you want to run replicant, you have to get very specific hardware: an old samsung S3, or whatever. You cannot just install Replicant on "any android handset" ... but once you do have a replicant-compatible handset, you can install "pretty much any android app" with the exception of apps needing hardware support that your handset/drivers don't provide and other normal issues like that.
By contrast, you can install Debian (and variants like Trisquel) onto pretty much anything: laptop, tablet, etc. Even the Librem5 will have a debian-distro. So when it comes to "picking hardware that will run debian" about the only thing that WON'T run debian one way or another, is an iphone-device. But not every piece of software in the privacyToolsIO list, works properly on Debian: there are privacy-addons for android, which are android-specific (and thus won't work on Librem5). Wireapp is unofficial on Linux, including Debian. Signal4desktop officially supports Debian, but only as a slave-device, without cryptocalling ability, and requiring an upstream ios-or-android when you first link the debian-slave. This is fine for debian-based-laptops, but not fine for debian-based phones like Librem5.
To me, this is what the new 'hardware section' should help to highlight: hardware choices that are going to let you run all the stuff you want to run from the other listings, AND be secure (from an infosec standapoint and maybe an opsec standpoint) whilst doing so, ideally with a high-quality support community and ideally-ideally with libre-licensed drivers/firmware/etc. Some kind of pricepoint indication is also needed: ~$50 used S3 to install Replicant, is somewhat cheaper than ~$100 mid-grade s7 running LineageOS, which is much cheaper than ~$300 Pixel2 needed for Graphene, versus the Librem5 ~$600 pre-order. The VPN provider and webmail providers give exact pricing, but the hardware-pricing will have to be 'street prices' since cost will vary depending on where the enduser lives.
We should indicate notify the users what the criteria were once this is all set and done, so it might be worth writing a blog post on what we chose and why, and put a link to that above the hardware section.
@five-c-d Debian isn't really made for mobile.
And if privacytools.io is gonna recommend hardware they can recommend hardware with support for Replicant. This doesn't mean that users cannot install LineageOS.
Plus most if not all Replicant devices are also supported by LineageOS.
Not sure what the question is.
@blacklight447-ptio I'm a big fan of the RYF Certification process.
Sets things out pretty clear: ryf.fsf.org
Unlike other certifications like OSHWA, IMHO it is very reasonable,.
Basically it must be free software, must not be easily confused, no reported spyware, no DRM, and must have a bounty program.
The concerns should be with Intel as a whole, see Zombieload, another weird bughole.
@Atavic Hopefully Risc-V and projects like the EOMA68 will be better.
and cpu.fail
I would suggest removing Purism, at least from the mobile part because their phone doesn't seem anywhere near completion and most of the specs are listed as TBD. Right now, they are just asking for money for a product with no real or serious timeline.
Also, is there a reason System76 isn't listed? Not sure if I missed part of that conversation or not.
They keep slipping the schedule, yes, but there are test-handset-hardware in the hands of developers is my understanding (since early this year). Supposed to be 2019 Q3 that they release, last I heard, but the hardware-section is still "under development" just like the Librem5. Maybe it is listed because the hardware-section won't be done until the phone ships? :-) But yes, agree the Librem5 should not be listed until an everyday enduser can actually order one and receive it a few days later, which is not the case as of June 2019. Librem13+Librem15 laptops, and LibremKey, should be listed now however.
Agree, apparently the OryxPro has disabled ME, and it ships with 18.04 LTS out of the box. To me that means it is worth listing, though it is not aiming at the libre-market it is aiming at the linux-programmer-and-sysadmin market.
But that begs the question, is any high-end laptop which offers Linux worth listing? If we want something for everyday endusers, we could list Lenovo+RHEL:
Thinkpads with RHEL-or-Ubuntu have the 'ThinkShutter' to physically slide over the webcam when it is not in use (handy way to save on post-it notes). Should they qualify, as privacy-respecting laptops? They are definitely more aimed at everyday endusers than most of the hardware-listings mentioned up until now.
Most places on the interwebz also have Dell Precision and Dell XPS in the "best linux laptop" listings, though I dunno whether Dell has any especially-privacy-oriented features.
System76 isn't really privacy focused.
They aren't even a listed Coreboot vendor yet. They also do not state if they require non-free firmware.
Plus, PopOS is based on Ubuntu which has had privacy issues in the past.
I would propose a rule being added to the contributing guidelines requiring hardware not not depend on non-free drivers. Otherwise OSes like Trisquel would not work and even vanilla Debian might not work.
Users need to be able to run whatever OS that want, even Linux-Libre.
Google Pixel requires non-free drivers. So do like 99% of modern phones, but unless I'm mistaken it can't even boot without non-free software.
Ya'll are kinda limited to some old Samsung deices and maybe the Golden Delicious GTA04 board.
Good resource: https://www.wikipedia.org/wiki/Replicant_(operating_system)#Likely_additions
I have high hopes for the Librem 5, possibly too high as others have stated.
Unpinned in favour of https://github.com/privacytoolsIO/privacytools.io/issues/1319.
For people wanting to include Fairphone, here is a warning.
Fairphone only ship to EU countries, not internationally.
Technically EBay exists, but the Fairphone is rarely found outside of Europe.
Plus, they do have a fairly large presents in Switzerland.
Edit: There have been some reports of users getting the Fairphone to work in the United States:
https://support.fairphone.com/hc/en-us/articles/115001535686-Will-the-Fairphone-2-work-outside-of-Europe-
https://www.reddit.com/r/fairphone/comments/2yrzgv/fairphone_users_in_the_usa/
https://forum.fairphone.com/t/has-anybody-used-fairphone-in-the-united-states/949
Lindy USB port locks: It's basically a lock for your USB ports which unlocks with some weird kind of key. It's used to prevent evil butler/maid attacks.
Mic-Lock microphone blocker: It tricks the device into thinking that there's a microphone plugged in, therefore rendering useless the in-built one. This is only useful against BigTech tracking since an attacker with the ability to inject malware could easily select which microphone to use.
Anti-Spy RF scanner: This is used to detect hidden cameras, microphones and anything that creates a radio signal, it may detect other types of signals too, someone should check better.
PortaPowUSB data blocker: It's a USB condom, it prevents anything except electricity over the USB wire. It's used to charge your device when you are in an unknown or public space.
Tableau forensic bridge kit: From the Amazon URL "The T8u is the first Tableau Portable Family forensic bridge that supports write-blocked imaging of USB 3.0 devices through a SuperSpeed USB 3.0 host computer connection. T8u's powerful combination of a new, high-performing product architecture and USB 3.0 technology provide the speed you need to image USB 3.0 flash drives, multi-terabyte hard drives, or all USB 2.0/1.1 drives conforming to the mass storage "bulk-only" specification. Using controlled, real-world configurations and modern forensic imaging software, we've measured forensic data transfer with the T8u in excess of 300 MB/second (while simultaneously calculating MD5 and SHA-1 hashes). No other USB write-blocker can match the T8u's forensic performance and value. "
StarTech 1:5 USB flash drive duplicator and eraser: It's used to erase various thumb drives at the same type, it supports different protocols for this and you can also duplicate them.
StarTech 4-bay drive eraser: It is used to erase HDD/SDD, it supports up to 4 at the same time and it has different "erasing methods" or something like that (maybe it encrypts the data before deleting it?).
Lowell Destruct hard drive eraser: It is USB kind of thing that factory-resets your HDD/SDD when plugged in. I think it only supports windows.
Apricorn Aegis Padlock Fortress FIPS USB 3.0 hard drive: This one is so damn cool. It is a hard drive which has a keypad to unlock it and encrypts the data.
Brick House Security stuff: It's a company that sells a bunch of stuff to prevent unwanted spies.
BusKill: A Kill Cord for your Laptop: It's a rubber ducky that if unplugged from your laptop it self-destructs it.
White Noise Audio Jammer AJ-34: This one is from my favourites. If you have been tapped and there's a posibility that someone's listening to you, this will generate a white noise that doesn't allow recording devices to capture clear audio.
Faraday Bags: A bag that prevents any kind of signal of going in or out.
Camera blockers: It blocks the camera of different devices.
Minifree is a casualty of COVID-19. Leah is fine but she is shutting down the company and is crowdfunding to keep the lights on.
This is an index of companies selling hardware with GNU/Linux preloaded:
https://linuxpreloaded.com/
There is also Pine64.org, who are developing and selling a range of ARM-based single-board computers, including PineBook, PinePhone, PineTab (tablet), and PineTime (watch). Like Purism, their production and shipping has been affected by COVID-19 restrictions, but they are publishing updates on the status of each of their lines on a monthly basis. They've just announced pre-orders for a UBports version of the Pinephone:
https://www.pine64.org/2020/04/02/pinephone-ubports-community-edition-pre-orders-now-open/
In terms of laptops it's hard to imagine any recommendation of currently available software than a Librem 13 or Librem 15. When it becomes available, the Librem Mini should be a good recommendation for a desktop PC.
As the proud owner of both an x200 with Libreboot and an x230 with Coreboot and cleaned Intel ME, I can confidently say they cannot be recommended to the average user. No one except hobbyists are going to use an SPI flasher to flash aftermarket firmware and run me_cleaner. Even if you can get one of these machines into their hands, they are outdated in terms of performance relative to any 2020 laptop. They're just too old.
I think the privacy community over-emphasizes an absolutist vision of privacy based on unrealistic purity tests rather than what can reasonably be expected in 2020. There is no such thing as a fully open source computer. Worse, there are many recommendations made in the name of "privacy" that sacrifice security. The Librem 5 is a great example: Purism used what is essentially a loophole in the FSF's recommendations to secure an endorsement. The phone's (closed-source) firmware is not writeable, meaning if a security vulnerability is discovered in device's hardware, it cannot be patched! You really have gone too far down the purity test hole if you're so concerned with the idea of "freedom" that your device is plagued with security vulnerabilities that have available patches because you insist on maintaining "control" over your device, whatever that means.
I think a Librem 13/15 with PureBoot and a decent, hardened operating system such as Arch Linux with the linux-hardened kernel and AppArmor support would be a great recommendation. I use this setup on my x200. It's resistant to most kinds of attack that your average user would be worried about, Arch Linux gets very up-to-date security patches very quickly, and the machine is modern and will be usable for years to come.
By the way, I'll be using GrapheneOS on my Pixel 4 XL as soon as it's available. GrapheneOS is another excellent recommendation for a modern phone: extremely secure and extremely private while still being very usable relative to other modern options.
Maybe add: https://esolutions.shop
They sell phones with /e/ on it directly. A good solution for non techies in need of a smartphone that does limit a lot of spying from Google.
Not sure how that helps. If I would make a surveillance to I surely would make it record all available mics, not just the default.
Seems like a knockoff of https://www.securedrive.com/
I bought one of these. A refurbished Galaxy S7 Edge running /e/ has been my primary phone for about a year now (I was among the very first to get one of these). Minor hiccups aside, it has been a very good product / OS / service ... it is not quite 100% private/secure/deGoogled, but it's close (or at least, it wasn't the last time I checked, 6-8 months ago ... they may have improved since then). They are trying to hit a "sweet spot" between truly private and non-techie-user-friendly.
I generally recommend them (/e/) to anyone looking for a deGoogled phone.
I'm willing to provide details on my experience with it, if it would help determine whether or not to recommend /e/Phones on PT.io.
Edit: The /e/ OS is FOSS and available to anyone anywhere, as is most (all?) the associated services they provide (like private cloud-based data backup/sync) ... but the "buy a phone with /e/ pre-installed" option is still only available in Europe.
Add these to the long list of reasons not to use Signal.
EDIT: I've always picked which mobile apps to commit to on the basis of how well they support desktop GNU/Linux, because it's a signal (pun intended) of how well they'll be supported on mobile GNU/Linux.
thank you very much for the effort of creating software recommendations. They helped me to choose the right alternative!
I would love to see hardware listed as well. Especially people who have little experience with hardware will benefit from this.
Is there an update?
The pinephone is so interesting compared to the devices runnings the Android custom roms, because to install the systems there's no necessity to root and no risc of breaking the phone and it's totally libre. The list of mobile systems should be updated as well with systems for this device and others, because everthing developed for the Pinephone will work well on other devices.