• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Android to Fully Libre (FOSS)

S

Sabir Saleem

Lurker
HI I found that an Android uses the Same Kernal of Linux same of (Linus Torvalds)
which contains Non-free blobs (proprietary code) as per my research these blobs can
be harmful as Linus Torvalds tells in his wordings that it is on the user to use or not but they will never remove it when asking by FSF.

Anyways my question lie in the category of is it risky to use an Android because
it uses Linux Kernal I am not saying it is legit or not I know it is legal at all so please do not make my point in other words...

I found Replicant (Without any Free Binary Blob) OS but it is not supported many new devices it supports older devices.
Any good suggestions are welcome
Many Thanks
 
I would not regard the Linux kernel as a risk myself, but if you are a purist then you will have to live with limited hardware support. Graphene claims to use a hardened version of the kernel, but their description says nothing about binary blobs, and while it is available on newer devices than Replicant (which is a dead project even if the handful of people still involved don't want to admit it) it is still only available on a limited range of devices: if you want a pre-built ROM this means a Pixel model, otherwise see whether you are able to build your own or can find someone else supporting a build for your favoured device.

Of course if you are a real purist you just can't have a smartphone, as the device firmware (bootloader, radio etc) will be a closed source binary no matter what OS you run.
 
Yes and Pure OS seems best but much expensive and contains non free modem firmware as FSF (GNU) Stated.

GNU Also endorsed Replicant OS For Android (Removed Non Free blobs), but it is managed by few devices and right now seems dead no support.

And other Pinephone, LineageOS and Replicant also contains non free firmware.

So Right now for me personally seems not possible to move any alternatives.

While I am using Trisquel for my desktop OS as it is FREE OPERATING SYSTEM

While even BIOS we're using contains non free firmware

Youtube contains non free libraries

Gmail, Google, PayPal, Facebook contains non free libraries.

So it is on service providers to prevent Harmful things as we users giving them business and generating their business so in my opinion it is not an unethical practice at all.

Note: I was only worrying and concerned because read in forum that Non Free Firmware can be used to do crypto mining from our instances.


otherwise I was not afraid for data leak as I have not any sensitive data. :)
 
Sabir Saleem said:
Note: I was only worrying and concerned because read in forum that Non Free Firmware can be used to do crypto mining from our instances.


otherwise I was not afraid for data leak as I have not any sensitive data. :)
Click to expand...
I genuinely would not worry that proprietary firmware in your phone is secretly doing crypto mining in the background.

However, I'm surprised that you don't think you have sensitive data: you don't have anyone's contact details on your phone? Have you got the consent of everyone in your contact book to allow their contacts to be shared with unknown parties? Anyone who doesn't recognise that their phone has other people's sensitive data on it needs to give a little more thought to the matter.
 
Hadron said:
I genuinely would not worry that proprietary firmware in your phone is secretly doing crypto mining in the background.


Well the issue of data sharing most of the sources affirms that facebook, and ubuntu and other linux based os collects user's data and share with third parties like WhatsApp Shares its with Facebook for their campaigns.

Regarding this matter I am not much conerned user should not share sensitive information thorugh these platforms I use personally care of it.

Regarding the matter of illegal things can be done from our instances (Like I mentioned they could be doing crypto mining in background) I was very concerned that we are allowing them to do that by knowingly.

But we're not sure so we can't spread these information....
Click to expand...
 
Last edited:
I am not worried about data sharing thing but more concerned about these firmware as aren't open sources is not doing something illegal activities like crypto mining in background and we do know even know anyways these can be conspiracy or anything we do not know...:)
 
Hadron said:
I genuinely would not worry that proprietary firmware in your phone is secretly doing crypto mining in the background.


Otherwise I have no issues in using any non free things as it is in Freedom perspective not pricing perspective so it is closed source and free (as regard price) to use.:)
Click to expand...
 
Sabir Saleem said:
I am not worried about data sharing thing but more concerned about these firmware as aren't open sources is not doing something illegal activities like crypto mining in background and we do know even know anyways these can be conspiracy or anything we do not know...:)
Click to expand...
But the question is why would a binary used by the kernel - in most cases a device driver - be doing something like crypto mining? Yes, in principle a phone manufacturer might decide to use a sketchy driver from some warez site rather than one developed by the device manufacturer themselves, but in the real world does that seem remotely plausible, never mind likely? Then you have to assume that the manufacturer didn't notice anything in their testing (e.g. poorer than expected standby time), and doesn't bother to check the behaviour of their devices (despite the fact that it would be a real threat to their business for it to be known that they released a device containing such malware built deep into the OS - and since this stuff would require network connections it would be visible, and I know people who look for such things). And then you must assume that anyone with the skills and connections to sneak this stuff into a phone OS via a kernel module without it being detected somehow doesn't know what a waste of time crypto mining on a low-powered device like a phone is?

Look, I'm a fan of OSS, but I'm not going to waste my time on conspiracy theories, and would suggest that you worry more about the real risks, which are mostly from user behaviour (dodgy app installs, weak account security, giving away your security question answers in social media "quiz" posts,...).
 
Last edited:
Yes I got your point

Anyways we can block crpyto related all sites in host.txt file of an android an do some security tweaks and we should not browse any infected or pirated site can prevent us from these stuff while Linux Kernal OS doesn't seems in this practice as we have not proper news on it, but we have only news of data leaks and related to it that's it.

Anyways thanks for helping in this matter we can close this thread.:)
 
You must log in or register to reply here.
Back
Top Bottom