True Choice for Smartphone Privacy and Security
Randy Siegel
Latest posts by Randy Siegel (see all)
- True Choice for Smartphone Privacy and Security - October 8, 2024
- The Imperative of NIST-Approved Post-Quantum Resistant Algorithms for Securing Mobile Devices - September 30, 2024
- Purism’s Secure Supply Chain Reminder - September 22, 2024
No more need to accept egregious and one-sided user agreements
Since the mass-adoption of consumer smartphones in 2007, much has been written about the tradeoffs consumers and business users alike have been forced to accept when it comes to mobile computing.
The duopoly that exists worldwide (Apple’s IOS and Google’s Android) makes it exceedingly difficult to find a mobile device that does not knowingly share one’s personal information. Forsaking privacy to tech titans and large OEMS (Original Equipment Providers) has been the norm.
Beyond this practice of decreasing privacy which is typically presented to users in a one-sided End User Licensing Agreements (EULAs), researchers and other commentators (including Purism) have pointed out how much personal information is inadvertently given away to other third-parties. Indeed, the typical smartphone is very “leaky” with ad agencies, data brokers, social media platforms, ISVs (Independent Software Vendor) and others all collecting one’s Personally Identifiable Information (PII).
This paper explores the security and privacy advantages of using a free software OS (Purism’s PureOS platform) over proprietary operating systems from Apple and Google.
Transparency and Trust
Purism’s operating system, PureOS, is a fully open-source, GNU/Linux-based OS. This ensures that all the software running on Purism devices can be audited and verified by the community, providing an additional layer of security.
One of the most significant advantages of PureOS, our open-source operating system, is its transparency. Unlike proprietary systems or even other Linux-based mobile operating systems like Android, PureOS is fully open and libre. The source code is available for anyone to inspect, audit, and improve. This openness fosters a community of developers and security experts who continuously scrutinize the code for vulnerabilities and potential backdoors. Our Linux kernels are fully buildable and require few modifications, if any, to run from mainline. For the Librem 5, our mobile device, only minimal changes were needed to adapt the mainline Linux kernel. On our x86 platforms, we use stock Linux kernels without modification. This approach stands in contrast to heavily modified Android kernels or the closed nature of Apple’s iOS, where users must trust these companies to secure their data without the possibility of independent verification. Additionally, while many Android devices suffer from stagnating kernel upgrades, we consistently run the latest kernels on all our hardware, ensuring up-to-date security and performance improvements.
User Control and Customization
PureOS, Purism’s freedom-respecting operating system, offers unparalleled control and customization options. Unlike iOS or Android, where users are restricted by manufacturers’ design choices and policies, PureOS empowers users to tailor their system to meet specific security and privacy needs.
The key to this flexibility is PureOS’s fully reproducible builds. This allows for easy editing and auditing of the entire operating system, from choosing which services to run to configuring security settings at a granular level. Users can verify the integrity of their system and make informed decisions about their digital environment.
This level of transparency and control is a cornerstone of Purism’s commitment to user freedom, enabling a degree of customization and security that proprietary systems simply cannot match.
Reduced Attack Surface
By integrating Flatpak for app isolation, maintaining regular Linux kernel updates, and including only minimal pre-installed software, PureOS significantly reduces potential attack vectors. This approach, combined with hardware kill switches on devices, creates a robust defense system that outperforms conventional mobile operating systems in terms of security.
No Corporate Surveillance
A critical privacy advantage of using PureOS, Purism’s freedom-respecting operating system, is the absence of corporate surveillance. Unlike companies like Apple and Google, whose business models rely heavily on data collection and user profiling, Purism’s approach is fundamentally different.
Purism’s business model does not depend on harvesting user data for advertising or other purposes. This commitment to privacy is deeply embedded in PureOS, which is both open source and fully reproducible. Users can verify that their data remains private and is not being collected or monetized.
Even when privacy settings are enabled on proprietary systems, risks of data harvesting persist. In contrast, PureOS is developed with an unwavering commitment to user privacy. As a freedom-respecting operating system, it provides users with genuine control over their data, free from the incentives to collect or monetize personal information that plague many other platforms.
Privacy Baked into Hardware
Purism devices, such as the Liberty Phone and the Librem 5 smartphones, include hardware kill switches for the microphone, camera, Wi-Fi/Bluetooth, and cellular baseband. These switches allow users to physically disconnect these components, ensuring they are not being used to spy on them. It should be pointed out that in our manufacturing process, the cellular radio and the CPU are physically separated on the electronic circuit board (ECB). Purism also provides for the disablement of various functions of our devices in software.
Quantum-Resistant Security
Purism is committed to future-proofing our devices against emerging quantum computing threats. We’ve adopted NIST-approved post-quantum cryptographic algorithms, specifically the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM).
ML-KEM provides robust security against both classical and quantum attacks, based on the difficulty of solving the Learning with Errors (LWE) problem over module lattices. This ensures the protection of data in transit and at rest (DAR/DIT) without compromising device performance.
By implementing these advanced cryptographic solutions, Purism ensures that user data remains secure even as quantum computing technology advances, while maintaining efficient performance on our mobile devices.
Commitment to Privacy
At Purism, our commitment to privacy goes beyond just adopting advanced cryptographic algorithms. We design our devices with user control and transparency in mind, ensuring that our users have the tools they need to protect their privacy in an increasingly connected world.
For more information and a demonstration of our PQC implementations, see our blog post here: Quantum Safe Communication with Purism – Purism
Purism Products and Availability Chart
| Model | Status | Lead Time | ||
|---|---|---|---|---|
 | Librem Key (Made in USA) | In Stock ($59+) | 10 business days | |
 | Librem 5 | In Stock ($699+) 3GB/32GB | 10 business days | |
| Librem 5 COMSEC Bundle | In Stock ($1299+) Qty 2; 3GB/32GB | 10 business days | |
| Liberty Phone (Made in USA Electronics) | Backorder ($1,999+) 4GB/128GB | Estimated fulfillment early November | |
| Librem 5 + SIMple (3 GB Data) | In Stock ($99/mo) | 10 business days | |
| Librem 5 + SIMple Plus (5 GB Data) | In Stock ($129/mo) | 10 business days | |
| Librem 5 + AweSIM (Unlimited Data) | In Stock ($169/mo) | 10 business days | |
 | Librem 11 | Backorder ($999+) 8GB/1TB | Estimated fulfillment mid-October | |
 | Librem 14 | In Stock ($1,370+) | 10 business days | |
 | Librem Mini | Backorder ($799+) | Estimated delivery November | |
 | Librem Server | In Stock ($2,999+) | 45 business days |
Recent Posts
Related Content
- True Choice for Smartphone Privacy and Security
- Quantum Safe Communication with Purism
- Purism Releases STEP File for Librem 5
- Purism’s Secure Supply Chain Reminder
- FTC Highlights “Vast Surveillance” by Big Tech in Latest Report
