If they were "entirely" ethical (which is a silly concept but it's already been deployed on this thread so I'll run with it), they'd be more up-front about the features and limitations of their security model. So:<p>* Modern phones (and all the flagship phones) have had separation between their basebands and APs for years; a modern smartphone baseband is essentially a USB peripheral.<p>* The two largest smartphone vendors have large, world-class security teams that do things like audit their basebands. Has Purism?<p>* A modern flagship smartphone will have some kind of secure enclave. Apple's has dedicated silicon, and an encrypted memory bus linking it to the AP. How does Purism's hardware security model compare?<p>* I don't know how much Apple and Google spend annually on outside security research for their flagship phones, but it's a lot. Who has Purism engaged to evaluate their designs and spot flaws?<p>If you want to use a niche phone as a fashion or political statement, more power to you. But if you try to market that phone as "transparent code is the core of secure systems", I'll take issue with that; it's neither a necessary nor a sufficient condition for security.<p>This phone may very well be more "fair" or "ethical" than an iPhone. But if it's not as secure as an iPhone, it's unethical to claim otherwise.
> We went with Redpine Signal as their chipset does not require a firmware download at runtime like other vendors; having a downloadable firmware would violate the Free Software Foundation’s RYF requirements.<p>This really does not resonate with me. In most of these chips there is a functional or partially functional firmware in ROM, then the OS applies a RAM patch to provide full functionality or address functional or security issues. I'm not sure how I would be more free or secure if Broadcom or Intel placed the full firmware in the ROM and never updated it, than if the continued to supply updated firmware blobs.<p>The firmware for these devices historically is riddled with security issues, just recently this CVE affected most of the Intel AC WiFi cards [1]<p>Also Redpine supports firmware blob updates with some versions of their hardware, so I'm not sure if they are just playing word games here by saying it will WORK without extra blobs, but then expect everyone will really still use the blobs to stay up-to-date. [2]<p>[1] <a href="https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00128.html" rel="nofollow">https://www.intel.com/content/www/us/en/security-center/advi...</a>
[2] <a href="https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/rsi" rel="nofollow">https://git.kernel.org/pub/scm/linux/kernel/git/firmware/lin...</a>
A very laudable effort and hopefully it goes well. But to be clear, the first ethical smartphone is Fairphone. I don't see how exactly this one could get even close to trying to be ethical in the way Fairphone does, but it might just be me having a different understanding of 'fair'.
Other than the physical switches (which sounds not all that interesting, since if I'll be in control of the software/OS, I can trust the GPIOs controlling some MOSFETs switches pretty much the same), this phone can only really differentiate itself by being very friendly to the FOSS developers/enthusiasts crowd.<p>A phone where you could get creative and manipulate every aspect of it without the artificial [security/functionality/SDK] limitations imposed on apps you can write for Android or that other comapny's phone OS I don't like even more.<p>A phone that will not get planned obsolescence.<p>A phone with OS that can be managed just like any other linux distro, where you can write apps in any of the readily available languages, etc.<p>Failing this, it's just overpriced wannabe Android clone.
Not directly related, but sometimes I do wonder how free software can compete with the services of the behemoths (maps, assistants, etc).<p>So the other day I hit this article [1] on planet.kde.org about KDE Itinerary, an application that can store your boarding passes and offer some additional services, such as calendar integration or notifications in case your destination has a different socket type, they drive on the left side, etc. It seemed quite useful and some parts are novel. Maybe there is a future for phones with just free software.<p>[1] <a href="https://www.volkerkrause.eu/2018/08/25/kde-itinerary-overview.html" rel="nofollow">https://www.volkerkrause.eu/2018/08/25/kde-itinerary-overvie...</a>
This kind of moral preening makes me sick. I will probably become a customer, but phrases like "the world’s first ethical" really, really rub me the wrong way. tptacek has covered many of my issues below, but, simply put, it implies that the rest of us who work for telecoms or who choose not to buy the Purism are lesser.<p>"Don't do evil" hit me the same way. I assume Google is well-intentioned, but there are many, many areas in which Google and I have moral disagreement regarding the way they operate. That's fine. Principled people can differ.<p>The same is true with Microsoft and Kroger's and Costco and lots of other brands I deal with. I know for a fact these companies support causes I believe to be immoral. I suspect in turn they disagree with some of the causes I support. But they don't rub my nose in their superiority with smarmy phrases like "don't do evil" this or "first ethical" that.<p>In the case of Purism, a much quicker way to my heart and wallet is say it's completely open for the following reasons. That's enough for me. I don't need your fundamentalist preacher bloviating on top of everything else.
[random idea] Rather than worry endlessly about SOCs and radios not being open enough, why not build a protocol on top of blackbox components that eliminates, through some kind of encryption, the need for openness?<p>To push the argument to the extreme, even if you find a radio component that matches your requirement of free, it's still going to talk to a radio tower that you don't control, running a software stack that you don't approve. This problem never ends, unless you imagine some end-to-end channel that you control, and then you don't care about the lower layer's lack of openness.<p>Does that make any sense?
I wish they would do more practical engineering work on the only real product that they do have, which is the laptop. I visit their forum from time to time, and there are multiple long standing posts with multiple people facing problems due to battery drain, fan issues, suspend/resume, freezes etc. All this grandstanding is useless if the product fails basic usability criteria.
> The cellular modem is arguably the most complex part of a mobile phone.<p>Ok, so in the dev kit/final product will there be a physical switch to turn it off?<p>Or at least a CLI command? Possibly a GUI with a big toggle labeled "Turn off the insanely complex unauditable OS that I must run to live in the 21st century because patents"?
Additional details of launch at [0].<p>Details on hardware report at (as of today)[1].<p>[0] <a href="https://puri.sm/shop/librem-5/" rel="nofollow">https://puri.sm/shop/librem-5/</a><p>[1] <a href="https://puri.sm/posts/librem5-2018-09-hardware-report/" rel="nofollow">https://puri.sm/posts/librem5-2018-09-hardware-report/</a>
I am totally fine with PCs, which allow me to install any OS I prefer. And I am totally fine with smartphones, which allow me to flash any ROM I prefer. This way I get both, secure hardware and private software.
Looks good in principle. It meets a lot of my requirements.<p>I’m not sure what ethical means when a corporation says it. Purism at least state what they mean and how they apply it.<p>What I’m looking for in a mobile phone:
Good screen. iPhone X quality.
4gb ram.
16gb main storage.
Headphone jack nice but not required.
Linux OS. (Android is ok)
Ability to write my own apps for custom accessories.
Some kind of AppStore. (Debian apt repo is ok)
Secure Enclave.
Cellular is not directly on main system bus.
Accelerated graphics.
Decent sound.
Fast enough to play video with background tasks.
Removeable battery.
Repairable.
So, when it is said that it is ethical, does that extend to labor conditions in Purism's upstream supply chain? I would buy such a phone for its more robust privacy, but I wouldn't call it ethical if it was produced with conflict minerals and virtual slave labor.<p>Not that you can really escape those realities the way things currently are.
I don't see anything on their sites about accessibility features. An ethical FLOSS phone is an awesome idea, but I'm concerned that if they don't think about accessibility at all in making it then it will be hard or impossible to add those features in after the fact.
Every time I hear about the Librem 5, I get excited about the idea that I could run Debian, or Arch, or another open source OS on a phone. But I can find scant details about how this would be implemented.
This is very interesting. I couldn’t find any details regarding the hardware for the initial device, I assume this is because it still in production. Is there a ball park we can expect?<p>I love the idea of an open source phone which could be used as a phone & laptop replacement. Even if I’m still likely to carry an iPhone as well (but probably as a wifi only device if PureOS can a handle my phone needs).
Cheap Chinaphone: €300
DNS66 and Yalp store so that nobody gets payed: priceless<p>There are easier ways to frustrate the tech industry. Oh and if you live in the US mobile networks will still sell you out no matter what brand your phone is. They all have to connect to cell towers.
how is it ethical? surely if it was ethical it would be spelled out what its ethics are and how it guarentees those ethics are maintained across it's entire business practices including its supply chain? I'd also expect if it is shown that it is not ethical in some way, then the phone isn't ethical, and a full refund would be provided :)
Url changed from <a href="https://puri.sm/posts/2018-09-librem5-hardware-roadmap-announcement/" rel="nofollow">https://puri.sm/posts/2018-09-librem5-hardware-roadmap-annou...</a>, which points to this post, which has more details.
> we foresee a delay in production until April 2019.<p>This is the only bit I read, the rest was blah blah. The first entirely predictable delay of many, if I might add. They are on a long road to "Sorry we tried, here are some discount coupons for purism laptops". Well, it won't be that long really, unless a badly needed funding angel swoops in.<p>Their delusion is in some sense laudable, as any startup should believe it's own bullshit. But when you know better than they do about their chances, it's still hard to watch folks put themselves through this.