Why phones are more secure than desktops
I hope that security applications that can improve it such as Bubblewrap and SELinux will become easier to use and even integrated into mainstream Desktop operating systems in the future.
https://www.youtube.com/watch?v=Wd4Pa03LvLk
Why phones are more secure than desktops
@DarkMahesvara >any problem a phone has is several times worse on a dekstop
>*shows windows 10*
He only talks about privacy of apps, not the OS itself, talks about permission requests, but whether you grant them or not they're constantly phoning a central server. The claim is never that they're listening to what you do or taking pictures of you (except where you give them permission to do exactly that, like google, siri), but that anything you do in the apps is datamined, which it is, and he doesn't talk about
Despite the fucking nonce showing just windows 10, this isn't normal on other OSs
>when no such privacy settings exist on pretty much any distro
First, that's wrong. You can disable the mic system wide or per app using the basic preinstalled audio settings manager like pavu, webcams can be turned off with modprobe, no program randomly uses it, and they all display when they're being used with a hardware light, for anything else *desktops do not have GPS, mobile networks, centralised contacts, phone numbers, accelerators, or anything else*. Most retarded point you can make
The thread model thing is okay because they're designed to be locked down and limited. Apps are not meant to work together, they're completely isolate, and they're all verified by a central authority. People root their phones because they're intentionally limited, you're *not allowed to control your own hardware*, and even then stuff makes it through
The encryption is a complete meme, because 99% of the time it comes down to 4 digit "keys" that can be cracked by anyone. This has been demonstrated multiple times on multiple phones from multiple manufacturers. Linux with LUKS can do this too but in practice people use actual passwords instead of 4 digit pin codes
>most desktops don't even offer it as an option, and those that do have none or limited against bruteforce or coldboot attacks
He's either wrong or completely lying. Linux installers offer it by default with a single button, windows has bitlocker, and apple has filevault. It would be harder to dump the memory from a phone but they have absolutely no better protection against bruteforcing. What the fuck is he on about
I'm only 3 minutes in and it's honestly one of the worst things I've ever seen. He's just spewing big words now. I give up
re: Why phones are more secure than desktops
"He only talks about privacy of apps, not the OS itself, talks about permission requests, but whether you grant them or not they're constantly phoning a central server."
He does. Also AOSP/Android has a Internet Permission toggle...
"Despite the fucking nonce showing just windows 10, this isn't normal on other OSs"
This is not a "Windows problem" but a desktop security model problem which is why he shows Linux *and* Windows you fucking nonce.
"First, that's wrong. You can disable the mic system wide or per app using the basic preinstalled audio settings manager like pavu, webcams can be turned off with modprobe, no program randomly uses it, and they all display when they're being used with a hardware light"
Nobody said you *can't* archive these things on Deskjtop but there is a huge difference between having that option out of the box for *everything* and trying to close holes with manual configuration and 3rd party tools.
"for anything else *desktops do not have GPS, mobile networks, centralised contacts, phone numbers, accelerators, or anything else*. Most retarded point you can make"
Neither have phones if you use the Permission toggles and profiles, retard.
"The encryption is a complete meme, because 99% of the time it comes down to 4 digit "keys" that can be cracked by anyone. This has been demonstrated multiple times on multiple phones from multiple manufacturers. Linux with LUKS can do this too but in practice people use actual passwords instead of 4 digit pin codes"
Weak user authentication practice is not an argument. Obviously biometrics or short pin authentication is weaker than a alphanumeric passphrase. You can have that on Desktop too. Also if you go with that argument than you should know that most people don't even have a password on there Desktop lol
"He's either wrong or completely lying. Linux installers offer it by default with a single button, windows has bitlocker, and apple has filevault."
Or you have no idea what you are talking about. Majority of people use Windows Home, Bitlocker is only available on Pro/Enterprise.
"I'm only 3 minutes in and it's honestly one of the worst things I've ever seen. He's just spewing big words now. I give up"
Not surprised with all the bs you spew lol
re: Why phones are more secure than desktops
@DarkMahesvara >AOSP/Android has a Internet Permission toggle...
Never in my life have I gotten a permission request for internet. It's given to every app by default, but there's software for that on every OS anyway
>which is why he shows Linux *and* Windows
No, he only showed a screenshot of an article about windows 10. He didn't even mention linux until later
>Nobody said you *can't* archive these things on Deskjtop
HE DID
>huge difference between having that option out of the box for *everything*
It is for *everything*, mic has permissions in pavu and webcam is never used and can be disabled with default tools, there is nothing else to disable. "3rd party" doesn't really even exist as a concept on linux, it's all 3rd party, different people make the kernel, userland, desktop environment, windowing system, this isn't applicable
Not including 3rd party software is also completely arbitrary. OSs are designed to have 3rd party software, that's their model
>Neither have phones if you use the Permission toggles
That's the point
>Weak user authentication practice is not an argument
Phones encourage you to have this weak security by locking often and letting you use something like 1234 for encryption
On my phone the "Secure startup" option only has an option for a pin-code, not an actual password
A distro installer will tell you explicitly to make the password good
>Bitlocker is only available on Pro/Enterprise
He said operating systems, not editions, we can go more basic then, see pic
re: Why phones are more secure than desktops
re: Why phones are more secure than desktops
>security model available by the OS out of the box
Nobody ever mentioned out of the box, and by default apps get full internet access
>Okay and?
He was talking about privacy and data mining of the base software, to distract from the fact that both ios and android datamine users he showed a screenshot of an article about windows 10 and then said "these problems apply much more to desktop", like he was actually making a point. He didn't mention linux because linux does not do this to any degree, he is wrong
Go to 0:39, "any issue you can criticise a modern phone for is several times worse on a desktop equivolent of it" *shows screenshot of an article about windows 10*
>Prove it, show the timestamp
I was already directly quoting him
>>when no such privacy settings exist on pretty much any distro
1:45
>Im not talking about 3rd party
Then why are you talking to me about it? I am because he's talking about OSs as they're actually supposed to be used. If you want to fixate on this arbitrarily, okay, but I'm not
>I can simply boot into the OS install malware and wait until someone unlocks it.
Something you can generally do with phones too, there are whole communities around rooting phones so they can actually access the hardware they payed for
>This is about the general security model not how bad it is if you don't care.
That is part of the security model. Phones don't even tend to do encryption by default, at least modern windows does that now
>Also file level encryption is a joke
I don't think it's using that
>This is not a video to hurt your ego, just fax
He's stated multiply things that are outright wrong in just a few minutes
re: Why phones are more secure than desktops
"Nobody ever mentioned out of the box, and by default apps get full internet access"
irrelevant. the option is there and that is only one of many different permission available. All Apps are sandboxed and all devices are encrypted by default which is not the case for either Windows or Linux.
"He was talking about privacy and data mining of the base software, to distract from the fact that both ios and android datamine users he showed a screenshot of an article about windows 10 and then said "these problems apply much more to desktop", like he was actually making a point. He didn't mention linux because linux does not do this to any degree, he is wrong"
you are actually retarded. Data mining is more of a problem on Desktop because there is no boundary or permission system by default. Any app can access all data the user has access to (best example is the /home/ directory). This is impossible on all modern mobile OS since ALL apps are sandboxed and isolated by default.
"Go to 0:39, "any issue you can criticise a modern phone for is several times worse on a desktop equivolent of it" *shows screenshot of an article about windows 10*"
As i have described to you above this is indeed correct. Malware on Desktop can do anything the user can do while on mobile it has only a very limited amount of permissions and access (this is why AV is useless on mobile).
">Prove it, show the timestamp
I was already directly quoting him
>>when no such privacy settings exist on pretty much any distro
1:45"
Show me the Distro that supports permission system, sandboxing and encryption by default like Android (no Whonix or Qubes aren't comparable since they only sandbox the OS not separate application within themselves)
">Im not talking about 3rd party
Then why are you talking to me about it? I am because he's talking about OSs as they're actually supposed to be used. If you want to fixate on this arbitrarily, okay, but I'm not"
Nice fake quote. Again the point is that the security model is completely different not that it is impossible to reach similar levels of security.
"Something you can generally do with phones too, there are whole communities around rooting phones so they can actually access the hardware they payed for"
wow breaking the security model with rooting breaks the security model
big surprise, much shock."That is part of the security model. Phones don't even tend to do encryption by default, at least modern windows does that now"
you are factually incorrect. Both Android (Android version 5.0) and iOS are encrypted by default. Again Windows only has encryption for Pro and above which means only a small portion of user can use it.
">Also file level encryption is a joke
I don't think it's using that"
It is talking about files and folders. Regardless not available for Home/most users anyway.
">This is not a video to hurt your ego, just fax
He's stated multiply things that are outright wrong in just a few minutes"
Yet you fail to point out a single one of them. Impressive
re: Why phones are more secure than desktops
"Never in my life have I gotten a permission request for internet. It's given to every app by default, but there's software for that on every OS anyway"
Yes there is but that's not relevant to the discussion about security model available by the OS out of the box.
"No, he only showed a screenshot of an article about windows 10. He didn't even mention linux until later"
Okay and? again this is not a Desktop OS specific problem but a systemic one. There are plenty of 3rd party Firewall and Sandbox application for Windows too.
">Nobody said you *can't* archive these things on Deskjtop
HE DID"
Prove it, show the timestamp or stop being retarded and realize this is a video about the *general* state of security model on desktop.
"It is for *everything*, mic has permissions in pavu and webcam is never used and can be disabled with default tools, there is nothing else to disable. "3rd party" doesn't really even exist as a concept on linux, it's all 3rd party, different people make the kernel, userland, desktop environment, windowing system, this isn't applicable"
Im not talking about 3rd party as in from a different person but 3rd party as in not from the OS. Obviously Linux isn't made by one person or team/group. Its about having all these options out of the box provided by the OS. AGAIN nobody is saying you can't reach similar levels of isolation using 3rd party application or other configuration but there is no all in one solution like on Mobile.
"Not including 3rd party software is also completely arbitrary. OSs are designed to have 3rd party software, that's their model"
If the feature is not provided by the OS the majority of user won't use it. Android isolation, encryption and permission system is not great because it exists only on Mobile (duh SELinux was originally made for Desktop) but because it is easy to use, available everywhere and active by default/out of the box.
"Phones encourage you to have this weak security by locking often and letting you use something like 1234 for encryption"
You can set the time out to whatever you want and this is again applicable to Desktop as well
"On my phone the "Secure startup" option only has an option for a pin-code, not an actual password"
Then you have an old device/OS
"A distro installer will tell you explicitly to make the password good"
Okay and? again people who don't care won't care big news. This is about the general security model not how bad it is if you don't care.
"He said operating systems, not editions"
its the default edition for Windows 7, 9, 10 and 11 lol Also file level encryption is a joke. I can simply boot into the OS install malware and wait until someone unlocks it.
This is not a video to hurt your ego about your personal machine security model but a factual comparison and how they compare out of the box