Shopping advices
Security for the sake of others
: NSA and processor-based randomness
Lack of security
: phones where modem can read system memory
Weak design
: bluetooth keyboard
: Speculation in recent CPUs
: non-replaceable battery
Easy
Concrete options with the least hassle.
Phone
: Weak: A "feature-phone" (i.e. non-smart phone), e.g. from Nokia
: Medium: A smart phone w/ /e/ OS preinstalled
: Strong: Purism Librem 5
Better
Concrete options with better qualities,
which requires technical help or patience.
Phone
: Weak [tricky]: Refurbished Nokia N900
: Medium [tricky start]: Refurbished Samsung Galaxy S3 (i9300) w/ /e/ OS
: Medium [tricky start]: Refurbished Samsung Galaxy S5 Neo (s5neolte) w/ /e/ OS
: Medium: Pine64 PinePhone w/ Mobian
: Medium [soon]: Pine64 PinePhone Pro w/ Mobian
: Medium [soon]: Teracube 2e w/ /e/ OS
: Strong: Purism Librem 5 w/ Mobian
Discouraged
Phone
: Fairphone: eco- and repair-friendly, but relatively expensive
: SHIFT5me or SHIFT6mq: eco- and repair-friendly, but relatively expensive
: Pixel phone w/ CalyxOS or GrapheneOS: Strong phones and strongly security focused OS, but hardware is Google-centric, relatively expensive, and closed
Money better spent on a phone running mainline Linux by design
(PinePhone, PinePhone Pro or Librem 5).
Shops
/e/ shop sells new and refurbished smart phones w/ /e/ OS preinstalled.
DivestOS Garagesale sells refurbished smart phones w/ DivestOS preinstalled.
bluecity sells refurbished smart phones in Denmark and Sweden.
Trust paths
- Debian secured by PGP Web-of-Trust
- Debian operates transparently - "Security through mockery"
- Free software - "Given enough eyeballs, all bugs are shallow"
- Open Source Hardware helps ensure longevity