Current Privacy / Security status
asked 2018-08-29 16:59:47 +0300
Hi, not a Sailfish user yet but in the middle of getting my Xperia sorted to join the fun. I had a query that didn't seem to be clearly answered or are old questions from a few years ago, so, what is the current privacy + security state of the latest SailfishOS?
This question can also be extended to include:
Is it wise to add Android apps if permissions can't be locked down (eg stopping Signal from accessing contacts if desired), and if some options are available are they all global or app based. Are there any other considerations like microphone recording running in the background? See: https://together.jolla.com/question/104071/app-permissions-sailfish-android/ (2015, starting blocking Android apps from accessing things globally, nothing for native apps.) and https://together.jolla.com/question/174718/sailfish-x-a-newbies-security-concerns-and-questions/ (Good thread but as of Nov 2017 the only thing protectable was the Contacts and not Camera, GPS etc. Also mentions wifi passwords are stored in plaintext, is this still the case?)
Are there any current encryption options? I know that Sailfish3 is likely to have encryption options in place and I have seen a post about encrypting partitions but it sounds a bit risky / tricky for someone not completely comfortable in Linux. See: https://together.jolla.com/question/2158/optional-encryption-of-the-device/ (Latest from 2015 about an update / asking for this and always used as the 'duplicate' link for newer questions).
Where / how is the fingerprint info stored when using on the Xperia X and has Jolla confirmed to users about the security of this. See: https://together.jolla.com/question/187865/fingerprint-data-lost-error-when-adding-fingerprint/ (Data stored in a fingerprint database, is this encrypted at least?)
Does anyone know how thoroughly the Sailfish team review any apps added to the Harbour? I imagine there's probably no problems at all with those as there probably isn't loads of them and they are also not huge in code size but still takes time if someone has to review things and that sounds like the thing that the Sailfish team understandably struggle with - time. Lost of the Harbour questions are from 2014 / 15
I have found out about the device lock which eases my mind a little (https://jolla.zendesk.com/hc/en-us/articles/201440487-What-are-the-Device-Lock-and-Security-code-), key to keep everything on the internal device for now.
Thanks for any updates, I know some of this has been covered in some of the linked tickets above but most of that is over 2-3 years ago and there sounds like plenty of Sailfish updates since then.
If security is a primary concern for you, I wouldn't recommend Sailfish OS. That's not to say that I find it incredibly unsecure or that Jolla pays no attention to security. However, I'm 100% certain that a person/agency with enough determination/resources/skills could crack it like an egg in very short order.
Passcode lock/fingerprint reader is secure enough for my needs. It won't stop a determined attack, but it'll keep my wife and kid out. Fingerprint and/or facial recognition are fairly easy to beat. It's like putting a padlock on a door...a rock or a cheap hammer will win every time, BUT it'll generally keep most people out. I am a lot more worried about Google harvesting my data/invading my privacy than I am about someone physically taking my phone, opening it, and finding some kind of critical/criminal/top-secret information they could use to hurt me.
andersenep ( 2018-08-29 18:58:42 +0300 )editIt's not a primary concern as Android and iOS on that front are both very good so I'd easily opt for those if that was the case, but like you I'm just as interested in not having my privacy completely harvested by Google and Apple (plus dont want to spend £1000 on a phone) - which is why I'm very keen to give Sailfish a go despite the hurdles to get there.
And just to add, it's not an agency or very determined individual I would prefer to protect against, it's more like protecting my phone if I lose it or have it stolen that it can't easily be plugged in and have everything on there so easily removed. I'm not into keeping private info (eg Passport scans etc) on a phone as I know that's not the cleverest thing to do but still, it would be nice not to have my entire message history, wifi passwords and contacts so easily grabbable.
And also protecting my phone from pernicious apps that would appear friendly or innocent enough. As Sailfish is often sold as the privacy choice I was hoping for a bit more clarification on it but I understand if that privacy choice is almost entirely down to the lack of data harvesting from a massive ad-driven multinational.
mr_xperia ( 2018-08-29 19:26:21 +0300 )editI think if a random person gets a hold of your phone, you'd be to some extent protected by 'security through obscurity'. The average person has no clue that Sailfish OS even exists. However, once you start installing binary blobs on any OS...You're putting yourself at risk. Openrepos is a terrific resource, and I have no reason to mistrust any of the developers there (or on the Jolla store), but they certainly have the potential to backdoor/steal data from me. Unless you want to audit source code and compile everything yourself, I don't see any way around relying on some level of trust. You certainly could do that with most native Sailfish apps. They are almost all open source. But who knows what bugs/flaws are in Alien Dalvik??? Also, it's not like malicious apps don't make their way into the Play Store/App Store from time to time, despite genuine efforts by both Google and Apple to prevent/eliminate such apps.
In terms of privacy, I think Sailfish is probably light years better than running Android and Google Play Services. I do use some Android apps. A good example is WhatsApp....It's owned by Facebook of all people, and they are arguably worse than Google at respecting user privacy. Who knows what data they are collecting??? Once you start running Android apps or 3rd party binaries, all bets about privacy/security are off. It's just the nature of information security. There's always a risk. I generally trust the open-source community, but that's an entirely subjective and personal judgment call.
The one thing that I know for certain, is that Android is paid for by harvesting my personal information and selling it. I'd spend a lot more than €50 to have a smartphone OS that doesn't do that. I don't really have a problem with Apple in regards to privacy/security, but their ecosystem is a walled garden (and expensive). I doubt random people that find/steal phones care about your text messages or contacts. They want CC numbers/to sell it.
andersenep ( 2018-08-29 20:58:54 +0300 )editAnd I think the privacy choice is very much a personal choice. No one is forcing you to run Android apps or use the fingerprint scanner. As far as I'm concerned the €50 goes to licensing fees (Alien Dalvik), and supporting a competitor to Apple/Google. Jolla isn't a privacy/security consultant. They are targeting BRICS markets to make a living. The Russian/Chinese governments don't have a great record of allowing secure and private communication. Quite the opposite.
Most of Sailfish OS is open source. You can do whatever you like with the source code and build it to your own specs, provided you have the technical knowledge and time to do so. But personal power/freedom comes with personal responsibility. No one (Jolla or otherwise) can guarantee you some level of privacy/security assurance if you are mucking around with the OS source, developer tools, 3rd party binaries (especially of the Android sort), disk encryption, etc.
andersenep ( 2018-08-30 00:35:09 +0300 )editThanks for your comments, unfortunately I don't have the technical know how to go that for to make Sailfish more secure - I'm sure if it was easy enough for someone with zero Qt skills then it'd be done already.
Completely agree about the Russian and Chinese government comment though, pretty discouraging on that front knowing that both would love to track all their citizens in entirety, I'll see how Sailfish 3 goes and what that offers.
I am well aware it's a personal choice and no one is forcing me ;) If you re-read the questions you'll realise I was just asking for some confirmations to help me to make my personal choice.
mr_xperia ( 2018-08-30 01:17:31 +0300 )edit