On 9/30/19, Punk <punks@tfwno.gf> wrote:
On Mon, 30 Sep 2019 11:39:45 -0700 "Kurt Buff - GSEC, GCIH" <kurt.buff@gmail.com> wrote:
https://medium.com/@thegrugq/secured-android-smartphone-32b28ae3fbd8
https://en.wikipedia.org/wiki/Pixel_3a https://en.wikipedia.org/wiki/GrapheneOS
https://twitter.com/thegrugq grugq@comae.com https://gru.gq/
" Hardware: Google Pixel 3a - Boot loader: Google’s boot loader. Locked."
what a pathetically stupid scam - then again 'secure' and 'android' are mutually exclusive terms. but wait, it gets better
"Actual cost to produce one unit: $900"
WHAHAHAHA - so a piece of shit google-nsa phone costs 50% more than a purism phone.
Correct. Expensive, closed HW chips all over inside, closed SW FW and blobs, closed Qualcomm Baseband SOC, closed garbage. Not even an attempt at being more #Open. These Gigacorp$ could switch #Open in a day, but they won't, because they're hiding somethings from you. A phone, your phone, all locked up and impenetrable to incompetents other than yourself... sounds like great idea... Until you realize that all the HW chips in the phone, all its firmware and OS blobs, its baseband HW, the entire baseband telephony network... all 100% completely closed source, rooted and fully under the production and top secret control of adversaries others than yourself... ie: Gov and Corp. That is Fail. Just look at the secret SMS exploit through the SIM SOC released this month. That's not even talking exotic decapping and analysis tech, just all the plain old backdoors and bugs in and left in just for you. Test vectors are not exhaustive truth tables, you simply cannot trust closed HW and SW, at all. Yes you can run your silly vectors... your Graphenes BSD GPL whatever SW... on it in fake news lockdown mode as in the medium linked above. But in the end (and at least as is somewhat more started towards by the iteratively applied philosophy of those more open HW movements linked in the OP subject thread, etc ie: purposefully starting more open, turning profit to more open)... You must start to redirect global cashflows around that closed source problem towards #OpenHW that you can see and own, top to bottom, from the moment the silicon is sliced into wafers till the day you recycle such of your retired devices in a vat of molten steel. #OpenFabs , #OpenHW , #OpenSW , #OpenBiz , #OpenAudits That is how you build a truly "secured device". Telling people to buy a Pixel / Intel / AMD / IBM / Etc and throw an opensource vector on it isn't really helping much, because the ultimate problem is the closed HW, not your open vector test. The above medium link does nothing but feed more money to the major $BB+ closed HW incumbents, that continues to put you in position on your knees begging before them to open up, which they may, and history typically shows they will not, do, ever, until you revolt. You are wasting your collective time and money begging the incumbents, including political ones. It is cheaper and faster to build your own, while at the same time infiltrating and disrupting slowing incumbents from that angle. At least Librem has assembled some smaller $MM chips that could be bought out by open profit later on. And is, among others, seriously dedicated to projecting #OpenHW.
"there is no ... market"
Self defeatist talk. Of course open trust and security are in themselves no market memes... you have to actually put and enable running of #OpenSW on top of them, then you have something you can sell. Distrust is known to be in back of mind of everyone now, globally. So open trust is something that all now quietly lust for and will be immensely profitable to the first movers, and will completely crack open and disrupt the closed markets. Proof is that now all the major phone and CPU makers are touting closed fake "trust" and profiting from it. What do you think will happen when you are first to deliver actual #OpenTrust ... those legacy old, obese, circlejerkers die.
"I would very much love to produce and sell a proper secured HW"
As before, get your nutty millionaires billionaires and cryptos and crowds together and build the truly #OpenFab under 24x7x365 all access open to the public #OpenAudit models. Then you can print off all the open source secure #OpenHW you want and at cost. Including printing dirt cheap #OpenHW phone radios and base stations that everyone on the planet can plugin to their existing WAN connection, or their newly printed P2P Guerrilla Fiber Wifi Meshnet connection, and completely fucking overlay and replace the Legacy Cellular Network Monopolies with your all new secure distributed uncensorable solar powered... etc... Are you starting to get the big picture? It's doable within 20 years. Start now.