Librem 5: First Impressions

Have you seen how thick the librem 5 is? I think it is think because of the two m.2 slots in it, but I don't think you would want it any thicker.

> So they took away the user's ability to update the firmware, fused it in a ROM

That's simply not true. Users can upgrade those firmwares if they want (and absolutely no weird tricks like disassembling or soldering are necessary for that). PureOS doesn't distribute any non-free updates, but if you want, you absolutely can reflash these blobs.

Don't you need hooks on the application level so the app can handle the lifecycle to avoid polling?

https://developer.apple.com/documentation/uikit/app_and_envi...

https://developer.android.com/guide/components/activities/ac...

I'm not an app expert nor an expert on GNOME development either, but I got a bit sceptical when I read their app example code, python with GNOME, neither is famous for being snappy.

It's more often a case of misaligned incentives than being all that difficult. When your business model (both Google's and most 3rd party developers) depends on constantly streaming telemetry from a device to a server you're going to have battery life challenges. Much of Google's effort has gone to providing decent battery life while still providing the telemetry. No doubt that a fair amount of effort has gone into specific use cases like background streaming audio apps (i.e. phone/music/etc) but the hours those take are a drop in the bucket compared to making the whole advertising ecosystem work (efficiently enough) on mobile.

When I used a Pixel 3a with LineageOS, I recall never having to think about battery life unless I didn't plug it in overnight, and even then, it would survive just fine for a second day, it would just be at like 20-30%?

I don't really give a damn about battery /efficiency/. I care about battery life. The impact on my power bill of charging up a 5000mah battery vs a 2500mah battery is completely insignificant.

If Apples battery efficiency is so good they should release a phone with a 5000mah battery /as well as/ said efficiency and market their battery life that beats all their competitors by multiple days, I'm sure a lot of people would buy that in a heartbeat.

My oneplus 8t gets 3-6 days of batterry life with lineageos depending on screen use. It lasted only a day before lineage.

Android has great battery life, spyware doesn't ;-).

I always thought that iPhones weren’t more efficient — they just dropped a major feature: running background apps.

I remember being able to run Ubuntu in the background on an unrooted Android phone while browsing the Internet. You can’t do that with iPhone.

That said, I rather have battery predictability over features, but I always thought that if Android dropped background apps, they would have the same battery usage as an iPhone.

It's not like you're going to run plasma OS on your iPhone, are you? You're running the Linux phone OS on the androids with the big batteries.

The point was that it's reasonable to expect the battery life of plasma OS and friends to be comparable to Android, similar to how Linux on a laptop is comparable to Windows.

Got some of that data?

It depends on your goals. If you donate to the GNOME Foundation, your donation won't help develop Phosh (which is the leading mobile Linux interface according to 3 different PinePhone user surveys) and it probably won't be used to make GTK/GNOME ecosystem become adaptive and mobile-friendly. If your goal is to advance mobile Linux on the GTK/GNOME/Phosh platform, then ordering the Librem 5 is the best way to get funds to the 10 software devs working on it at Purism. See: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

I own both the PinePhone and Librem 5 USA, and I'm seriously impressed by the amount of work the Purism devs do for PinePhone users (who are the majority of the Phosh users).

I personally tell you that the full time Purism devs were instrumental in helping me port MMS/VVM to Phosh/Chatty (without their help, MMS/VVM would not exist for Mobile Linux) and they have gone well beyond what I would expect any company would do to help out Mobian/pmOS/overall PP/PPP development (they no doubt help out other distros too, but I don't interact as much in those areas).

I also have an L5 sitting on my desk that I am using full time, and have had it for several months by now.

Can't hardware have backdoors? How about the firmware?

Every modern proprietary operative systems and mobile operative systems is designed to generate revenue for the developer when it is running on the users own hardware. Advertisement, selling personal information, tracking for marketing and r&d purposes, locking down for product positioning and upgrade/upsale paths, and occasionally discreet access for three letter agencies in order to keep politicians at bay. Linux desktops are not designed for that purpose.

Security can be many things for different people. Preventing criminals from abusing vulnerabilities in software is one kind of security. Preventing companies from black/grey hack patterns is an other. Making people feel less icky from ubiquitous tracking is one. Stopping advertisements from wasting peoples time and preventing planned e-waste is additional ones.

Maybe we need to invent a new word for security. Something about making people feel safe and preventing actions that would harm them.

> Linux desktops are not secure in any meaning of the word.

Yes, they are: https://puri.sm/security and https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque....

Sure, if you run (most of) them in their default configuration. However, they can trivially be made much more secure which is one of the appeals of Linux to some: you're not limited to whatever set of compromises a vendor decided was acceptable.

They may not be secure in any absolute sense, but they are way safer than any proprietary OS.

For around the house/office, a two (or more) device solution is fine for many. But when you're truly mobile people generally want to minimize the number of devices they have to deal with. For most Linux users, including myself, we're not there yet but the day is getting closer.

What is this 'if' of which you speak? I've been using Linux as my daily driver desktop for over a decade ;-) It's not likely to ever become a mainstream desktop, nor are these Linux phones, but there are a fair number of us who don't care if they do or not. We just want them for ourselves.

> GrapheneOS and AOSP are Linux-based and there are no closed source kernel modules.

I ran AOSP builds for years and that's a half-truth at best. Sure for the kernel proper, you have the source. However, there are a fair number of closed source drivers for the GPU, modem, wifi etc. From the GrapheneOS Wikipedia page[1] it sure looks like they're following this model.

If I am mistaken and there is a miraculous state-of-the-art SoC with completely open source drivers being used by a major handset maker, do tell. You'll be a hero in the open source world for pointing out something everyone else has overlooked.

> Sticking to an LTS kernel branch for the lifetime of the device isn't due to anything closed source.

It has everything to do with things being closed source. Try doing a Linux kernel major version upgrade with binary-only drivers for key components sometime. It sounds like the only reason GrapheneOS works is because they're 'drafting' off of the kernel and driver work done by Google, not that they've cracked that particular nut themselves. Nothing wrong with that, but it does limit the useful life of a device to the first major security issue they can't fix due to a lack of source code.

Regarding the rest of your response, you're assuming that I was speaking to the Librem 5 specifically, I was not. Notice that I was only speaking about the goal of a 'pure' Linux phone since that was what seemed to be being asked about. Personally, I have a PinePhone[2] and wasn't interested in rehashing the various issues with the Librem 5.

[1] https://en.wikipedia.org/wiki/GrapheneOS

[2] which itself is far from perfect, but comes a lot closer to being a 'pure' Linux phone.

strcat is right here. Purism designs and markets their devices, effectively, to cater to a crowd that believes that devices with actual security are inherently evil, because they do not understand it. You can have better security with user control, but for that you need to look at the details. They don't care about the details; their story is all fluff under the guise of freedom and privacy.

Purism's marketing material is outright deceptive, e.g. they insist that in competing phones the baseband blob has access to system memory, which is a lie. The reality is that the baseband blob in the Librem 5 (which is every bit a giant blob as that in the competition) has access to the USB port of the AP and there is no filtering implemented yet, so the attack surface it is exposed to is every USB driver in the Linux kernel, which is much worse than systems with embedded basebands and proper memory firewalling where the baseband has no more inherent access, but is exposed to a smaller attack surface. That means that you are more vulnerable to giant blobs doing evil things with a Librem 5 than with, say, an Android phone running a free OS build.

Then there's the whole hilarious situation with the RAM initialization blob where Purism went and hid it behind two layers of CPUs (not execution, just handling it), because somehow doing that - which provides absolutely no benefit to the user, it's just a waste of engineering time - made it possible to certify the phone under the FSF's utterly broken and nonsensical "Respects your Freedom" program, even though precisely zero freedom was gained by doing this, since it still running the same blob on the same final CPU with the same access. All the while while reducing security, since the blob is then made no longer part of the normal OS image and is not validated with it, so it could be backdoored as part of a supply chain attack and you would be none the wiser.

The whole thing just stinks the more you look into it, and it is completely evident that the folks behind Purism are a mix of deliberately deceiving people and just clueless about security and modern embedded platforms.

> Marketing something as private/secure and spreading tons of misinformation and outright lies about the mainstream options doesn't make it secure or more secure than those.

That's true and relevant to Purism.

Now, how about something true and relevant to your post wrt FOSS:

> GrapheneOS only supports devices with proper security support for all the firmware, drivers, etc. and again there are no closed source kernel drivers.

Tell me about the license for the source of "all the firmware." And keep in mind you found it important enough to reiterate the point about "no closed source" for the kernel drivers.

> More developers are familiar with Android than the desktop Linux software stack. More work goes into it. Far more apps are written for it, and that includes a very active open source app ecosystem.

The problem is that the Android app ecosystem has a very large number of apps which are based on collecting users' personal information and violating people's privacy, and it is hard for a normal user to avoid all the spyware and malware in Android. In my experience using CyanogenMod/LineageOS and the F-Droid repo since 2015, I inevitably fall back to installing some proprietary apps when using AOSP-derivatives, whereas my PinePhone and Librem 5 USA only have FOSS apps and drivers installed on them. If the goal is to use FOSS as much as possible, you are better off buying a Linux phone in my opinion.

By the way, one of the apps that I helped develop is on F-Droid (https://f-droid.org/en/packages/com.ketanolab.nusimi/ ) and I have given workshops on how to install LineageOS on phones, so I speak as someone who tries to promote the use of FOSS on Android phones, but the phone industry does put up a lot of barriers to make it difficult to install AOSP-derivatives.

> GrapheneOS only supports devices with proper security support for all the firmware, drivers, etc. and again there are no closed source kernel drivers. We can support pretty much any mobile device with alternate OS support since any serious one will have AOSP support. Most devices have lackluster security and don't meet our requirements.

The problem is that Google only sells Pixels in a very limited number of countries. Whereas Purism offers free worldwide shipping for the Librem 5, the Pixel 6 is only being sold in 8 countries (Australia, Canada, France, Germany, Japan, Taiwan, UK, USA), so your security requirements exclude over 90% of the world's population from being able to use GrapheneOS. Plus, many people don't want to financially support a company like Google which is based on Surveillance Capitalism.

> We're working with a hardware vendor to get a non-Pixel phone actually meeting reasonable security requirements.

Good to hear. I look forward to seeing it.

> Librem 5 has a bunch of components where they are not shipping updates.

Not true. Purism has promised to provide updates to the proprietary firmware on the Librem 5, and already provides instructions for how to update the firmware on the WiFi/BT and USB controller. See: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

> It has a bunch of poorly secured and insecurely configured legacy hardware often without proper updates available

What are you talking about? Purism purposely designed the Librem 5 to avoid planned obsolescence, so it looked for component suppliers who support their hardware for a long time. For example, NXP guarantees that that it will provide updates for the i.MX 8M Quad for 15 years (Jan. 2018 - Jan. 2033). See: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

In contrast, Google only promises to provide 3 years of OS updates and security updates for the Pixel 3/4/5, and 3 years of OS updates and 5 years of security updates for the Pixel 6. Qualcomm announced in Dec. 2020 that it will support its Snapdragon processors (which are used in Pixel devices) for 3 years of Android updates and 4 years of security updates.

Linux phones like the Librem 5 and PinePhone use separate components which are supported for many years by the manufacturers, whereas most Android phones (like the Pixels) use integrated mobile system-on-chips which are only manufactured for 1-2 years and only supported for 3-4 years by the manufacturer. Because Linux phones use components with long-term support by the component suppliers, the Librem 5 is the first phone to be sold with the guarantee of lifetime software updates, and PINE64 promised to manufacture the PinePhone for 5 years, which is longer than any other smartphone ever sold.

> components that are not properly isolated via IOMMU,

The Librem 5 doesn't need an IOMMU, because it uses separated components, and it uses serial buses (USB 2.0/3.0, SDIO, I2C and I2S) that don't allow direct memory access, so there is absolute no chance of the WiFi/BT, cellular modem, GNSS and USB controller being able to access the RAM or the SoC's cache. Unlike the Snapdragon processors in Pixels whose hardware is essentially a black box, we can independently verify by looking at the open source schematics that direct memory access is not possible in the Librem 5.

> but there are years and years of tons of important privacy/security work done in a systemic way across hardware/firmware/software which are missing there before worrying about stuff like that.

If you are talking about kernel hardening and running each app in its own sandbox with its own UID, then I would agree that Android/AOSP has more security features than Debian/PureOS, but the problem with your argument is that you are ignoring the fact that a mountain of spyware and malware has been created for the Android platform and users have to be very vigilant to not install any of it. According to AV-TEST, 3.38M pieces of malware and 3.18M potentially unwanted apps (mostly spyware) were created for the Android platform in 2021, whereas it is unlikely that any of that garbage will get into the Debian->PureOS repos to ever effect users of the Librem 5. Linux users rarely install anything from outside their distro's repo, whereas I often find myself installing apps whose code I can't verify when I use AOSP-derivatives because I can't find all the apps that I need in F-Droid.

Yes, Android/AOSP does have a lot more security built into its design than Debian->PureOS, but it is based on a model of letting all sorts of unverifiable and dangerous code run inside it. For more on the Librem 5's security, see: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...

> Marketing something as private/secure and spreading tons of misinformation and outright lies about the mainstream options

Care to provide any evidence to prove that Purism or its employees are "spreading tons of misinformation and outright lies about the mainstream options"?

I enjoy pretending that I would.

Yes, the initial projected release date was in 2019. It got delayed even before the pandemic for several reasons and in the end the final version was finished and started shipping late 2020 (with the first batches shipped to people who opted to receive them in late 2019), but at this point it turned out to be problematic to produce in enough quantity due to chip shortage, which is why the shipments are still ongoing.

… i.e. ‘There are even people who ordered in 2017 who still haven't got their phones’ is completely accurate.

The first phone from 2018 in that table was shipped 1 week ago. As another commenter pointed out the last post in the thread is by someone who ordered in 2017 whose phone still has not shipped yet.

While I do agree a maps app is very important indeed I find this statement completely bonkers:

> Being able to call and send SMS is secondary.

This is the basic definition of a mobile phone for me [1]. We can all have our opinions on what the "killer app" is. And some may rather want a pocket sized computer. The old grumpy man in me wants to shout "Get off my lawn" - please do not redefine what a "phone" is. How much we all may hate telcos they at least have ensured world wide communications. I accept the fact that many today are willing to trade that away to each their own favourite corporate garden be it Whatsapp, Telegram, Facetime et. al. However it does not a phone make. Sweet sweet E.164 [2].

It might be an unfair interpretation but as I read it calls should even be secondary to games!

So in my mind you argue the focus should be on a tablet [3].

You might be wishing for another device class which is fair. But this kind of redefinition I find troublesome.

[1] https://en.wikipedia.org/wiki/Mobile_phone

[2] https://en.wikipedia.org/wiki/E.164

[3] https://en.wikipedia.org/wiki/Tablet_computer

GNOME Maps definitely needs and has a pending redesign to make it fit better on a phone screen. Meanwhile, Pure Maps has worked really well for me that one time I needed navigation during the past year :) https://flathub.org/apps/details/io.github.rinigus.PureMaps

Here's another relevant saying: "those with glass ceilings shouldn't throw stones"

We do exchange "freedom" (whatever vague definition of it) for security and convenience a lot. Even without realizing it.