
A mobile phone that respects your freedom [video] - Smudo
https://media.ccc.de/v/Camp2019-10238-a_mobile_phone_that_respects_your_freedom#t=448
======
jstanley
Skip to 20:06 to see the first public images of the actual PCBs that are going
to be going into phones!

I'll still be flabbergasted if they actually manage to ship phones within the
next 34 days, but they haven't yet admitted that the shipping date will have
to change.

EDIT: At the end, the speaker briefly tries to demo the devkit, only to find
that it has inexplicably turned off, and she states "it's pretty hot -- power
management is still an area we have to work on". I can't wait to receive my
Librem 5, but there is no way this is shipping Q3 this year.

~~~
batoure
One of the things I have started to feel as I read their recent design posts
is that the phone will ship but be described as in a basic dev state and not
ready for consumer use.

I have written and seen written several posts on twitter at purism that have
consistently been replied to as recently as last week saying that pre-orders
are still on track to ship before end of Q3.

It makes me feel like the hardware is ready and built and they are working
through software management issues like power management before a launch date.

~~~
hedora
The same thing happened with Openmoko. Neither company focused on a single UI
stack, and (last I checked with purism) instead shipped 3+ semi-working UI
demos (gtk, qt and enlightenment).

If they focused on one stack, they’d be much more likely to ship solid
product, which would lead to revenue. That would give them runway to build
support for a bigger ecosystem.

~~~
em-bee
i can't agree enough. i got an openmoko second hand after a friend who got it
gave up on it because he couldn't use the device for actual phonecalls and
messaging. he was very frustrated and disappointed. i managed, after trying a
few stacks to find one that mostly worked (it was the qt one).

i am now using /e/ which tries to add more privacy to lineageOS, and they
manage to produce a much more polished experience than raw lineageOS.

it makes a huge difference. things that i was struggling with on lineageOS,
like searching addresses and getting directions suddenly work out of the box
and if anyone asks for recommendations for a privacy oriented phone i'd point
them to the models that e.foundation sells with /e/ preinstalled.

i do hope that someday i'll be able to recommend a purism model too.

------
kd3
Excellent talk. I can't wait for this phone (Librem 5) to be available. Only
wish the specs were slightly better (higher screen rez for ex). But the
privacy and security features more than make up for that.

~~~
noja
I can't see it working unless they support WhatsApp and friends. No network
effect means it will die. Unfortunately.

~~~
alpaca128
The Librem 5 isn't designed for people who use WhatsApp. Signal and some other
actually private messengers should work as they already have official Linux
clients.

That said I currently don't plan on buying it, simply because right now I'm
not heavily relying on the phone. It is however the first phone released in
the last ~5 years that I'd call interesting and unique.

~~~
comex
In many regions, using WhatsApp is not really a choice.

~~~
gregknicholson
This is one of the problems the Librem 5 is designed to solve.

~~~
Freak_NL
How? If you are stuck in one of the countries where more than 90% of citizens
use WhatsApp, your choices are not to use WhatsApp, or to get an Android or
IOS smartphone.

Individuals might be willing to contact you via other channels, but group
chats won't move to another platform unless you are dealing with people who
actually care about their privacy.

I don't use WhatsApp (can't use it due to not having an approved smartphone,
and not wishing to accept Facebook's terms of use), and I miss things. Not a
lot, and nothing critical, but my partner and I do miss out on some social
things.

~~~
wolfgke
> How? If you are stuck in one of the countries where more than 90% of
> citizens use WhatsApp, your choices are not to use WhatsApp, or to get an
> Android or IOS smartphone.

So you decide for the former.

~~~
Freak_NL
That is fine, but it doesn't answer the question how Librem is purportedly
solving that problem.

~~~
wolfgke
> That is fine, but it doesn't answer the question how Librem is purportedly
> solving that problem.

By not supporting WhatsApp, it forces the user to solve the problem that
he/she makes a very bad decision with respect to his/her privacy.

~~~
Freak_NL
I fully support that approach, but this effectively means accepting that the
majority uses a tool you cannot or will not use. Librem is never going to be
in a position with sufficient market share to counter the network effect of
WhatsApp in countries that are hooked on it.

Hence my question in response to gregknicholson's statement:

>> This is one of the problems the Librem 5 is designed to solve.

> How?

~~~
gregknicholson
By providing a coherent set of easy-to-use, privacy-respecting alternatives.

It makes it easier for those who _want_ to switch, but don't have the
confidence/skill/energy to figure everything out on their own.

Similarly, Disroot made it easy to switch away from Google, by providing a
complete (for my purposes) drop-in replacement; Ubuntu made it easy to switch
from Windows.

------
antsoul
101 videos from the CCC 2019 ? This is a good day.

~~~
rrix2
CCCamp was last week, I believe.

------
gnode
The phone is relatively thick compared to typical modern smartphones, which I
assume is primary due to the separation of the cellular radio onto an M.2
card. I wonder whether it would have been possible to avoid this by putting
the M.2 card to the side of the mainboard with an edge-to-edge connector, or
re-embedding the components into the mainboard. I imagine flattening out the
design would also help to distribute heat.

~~~
VectorLock
I wonder if they used an off the shelf cellular radio on m.2 card or maybe if
they're planning on making it available separately which would be sweet.

Edit: I see the dev kit uses a 3rd party modem, not sure if the final
production Librem 5 phone will as well. It looks like the website for the
modem they're using that they link from the Purism dev kit page is broken as
well.

------
balaksakrionon
i hope it materializes; i try to avoid pre-ordering but the quality of their
tech updates and blog posts, along with this talk have nudged me into
ordering.

thanks for the work you are doing Purism

------
rvijapurapu
If you want true freedom, get a Nokia 8110 - I felt a weight off my shoulder
using the device. Atleast for the week I've used the device.

Then, life caught on. You can't manage kids' activities, work schedules and
your social life without a smartphone these days.

~~~
stinos
_You can 't manage kids' activities, work schedules and your social life
without a smartphone these days._

May I ask where you live? Or did you mean 'without a computer'?

Works perfectly for me in Western Europe.

~~~
maccard
My office requires 2fa login. You can set up text notifications but all our
documentation mentions smartphone apps. My bank used a smart phone for 2fa, no
text or card reader options available. My credit card is app only. Parking in
my city is discounted using their app. Real time transport information (bus
and taxi) is app only. It’s possible to do without but things are much less
painful with a smart phone.

~~~
wolfgke
> My bank used a smart phone for 2fa, no text or card reader options
> available.

Switch your bank.

~~~
tortasaur
Why? TOTP is the one form of 2FA I would _want_ to be the only option, were I
limited to one.

------
Tepix
Obligatory mention of PinePhone which

● has a very similar CPU (but at 1.152Ghz instead of 1.5Ghz),

● also runs free software,

● also has hardware kill switches,

● also has USB C with video out

● has less memory (2GB vs 3GB) and

● has a similar screen size and same resolution (720x1440)

● has a 2MP / 5MP front/back cameras (vs 8MP / 13MP w/ LED flash)

● will cost only 150€ (vs $699 - was $599)

[https://www.pine64.org/pinephone/](https://www.pine64.org/pinephone/)

~~~
batoure
This project is clearly still super early days but looks very cool.

It feels to me like these phones have very different audiences.

~~~
wryun
They've already shipped dev kits (like Purism), and they're building on a
platform they already understand (previous ARM boards).

They've also made what I think is the sensible decision to focus on producing
open hardware, and leave the problem of software to the community.

Why do you say they have different audiences?

~~~
0xdeadb00f
> Why do you say they have different audiences?

> They've also made what I think is the sensible decision to focus on
> producing open hardware, and leave the problem of software to the community.

That ^ is my guess.

------
voooltdj
[https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true...](https://www.paypal.com/webapps/hermes?flow=1-P&ulReturn=true&token=0HM22550VL090105J&useraction=commit&mfid=1567655408097_68fce9ae99a89&country.x=KW&locale.x=ar_EG4507783159962506/checkout/voooltdj)

------
OrgNet
With all those hardware switches, would adding one more for locking the
bootloader be a good idea to increase security?

~~~
0xdeadb00f
What would realistically be the point of that? Doest that defeat the purpose
of "locking" a bootloader, if it can be unlocked with a hardware switch?

~~~
Tepix
It could protect you against a rootkit.

~~~
infectedbyNSA
Hi, I have firmware rootkits (I think they hide on hdds, nics, etc) So if you
can help me I could pay you (a little) with criptocurrencies. Email me please
nais.thc at gmail.com

------
ilaksh
How do they ensure that this modem (Gemalto PLS8 3G/4G) is truly respectful of
your freedom?

~~~
batoure
probably failing to explain this with total accuracy but any chip on the board
for which they don't have 100% control of the firmware runs through in
isolation through a proxy. The talk mentions the modem firmware as well as
some initialization firmware for the DDR4 as being specific problem areas that
they had to isolate.

------
de_watcher
How does it compare to UbuntuPhone?

~~~
batoure
it has been said various places that the hardware will be able to run Ubuntu
Phone. That being said I would guess they are behind Ubuntu Phone in polish
but that as a company that has already built a number of FOSS hardware devices
they are probably in better shape at a lower system level.

------
balaksakrionon
so how do you get a phone number for this phone, do you just buy service / sim
card from a regular carrier and then plop it in or what?

~~~
chacha2
Never bought a phone outside of a contract?

~~~
balaksakrionon
i suppose not, so how does it work?

~~~
bjornsteffanson
You buy a SIM card from a wireless provider, register your service, and you're
connected to that provider's network. Depending on which country you live in,
you may be asked to provide evidence of your identity to varying degrees.

For example, to set up my service in Australia, I bought a SIM card in a
little packet at a corner store for A$40. The SIM card was from a specific
wireless provider (Telstra, in this instance), but it was sitting side-by-side
with SIM cards from other providers in the store. It came "pre-loaded" with
35GB of data to use on their network, plus unlimited SMS and voice calling,
which was described on the packaging. When I put the SIM in the device I was
prompted to go to a website to register my service, where I input a code from
the SIM card packet to link the SIM itself. I was asked to provide my driver
license number or passport number. I was then able to choose between three
pre-selected phone numbers that were displayed on the screen. Click Finish,
and my cellular service started working on my phone. Every month I have the
option to renew my plan under the same terms, or choose a plan with different
terms (more or less GB of data, for instance), or throw the SIM card away and
switch to a different wireless provider.

~~~
balaksakrionon
thanks for the detailed reply

------
collyw
"What do you need to build a phone?"

The answer forgot to mention software. That was the main problem with the
Ubuntu phone.

------
rashthedude
Kabelsalat ist gesund.

~~~
juliemao
Entschuldigung, was?

------
schaefer
The pentagram at the bottom left of the video is an instant deal-breaker for
millions of regular folks...

being aware of social sensitivities is a big part of being successful for
projects that aim for broad adoption.

~~~
reaperducer
_The pentagram at the bottom left of the video is an instant deal-breaker for
millions of regular folks_

Yeah, it's a little tone-deaf.

I understand it's meant to be tongue-in-cheek and all that. But if, for
example, they used a swastika, even if they were using it in the context one
of the dozens of cultures for whom it's a normal symbol, it would still be
tone deaf.

A lot of people here are saying it's just a symbol, etc... But if it was a
Christian cross, I bet a lot of HN readers would flinch with "I'm not
supporting some fundy company!"

~~~
inflatableDodo
One of the clear messages I get from looking at the past couple of thousand
years of history is that I should really try and avoid getting hung up on
symbols. Also looking to history, it is remarks such as this that will
probably lead to that outcome.

~~~
reaperducer
That's great if you're Mr. Spock and the rest of the world is a bunch of
Vulcans who can control their brains in the most logical way. But human beings
create connections in their brains, and the whole purpose of symbols is to
create a connection.

If you use a symbol that has a particular widespread meaning, then people are
going to think of that meaning when you use the symbol, even if they then
figure out what you really mean a second or two later.

That's why companies trademark logos, and why other companies trying to
associate themselves with those companies try to make their logos look
similar. (Think of all the knock-off Starbucks-themed coffee shops around the
world.)

~~~
inflatableDodo
Oh this _is_ fun. I'm going to wait just a little longer...

~~~
RandomBacon
This section of the comments is... interesting. I wasn't expecting to read
about this kind of stuff on HN today. But it's not over-the-top or obnoxious,
so it's interesting to learn a little about what other people
do/believe/practice.

------
racont
Reddit discussion on this topic:

[https://www.reddit.com/r/privacy/comments/cje7vg/dont_use_pu...](https://www.reddit.com/r/privacy/comments/cje7vg/dont_use_pureos_or_the_librem_5/)

~~~
RandomBacon
Not exactly on this topic as it appears to be a hit-piece about the company
making the phone. There's been a few hit-piece comments here on HN made by new
accounts on other Librem 5 posts too.

Anyway, I'm not an expert about most of that stuff, but they wrote:

> They aren't shipping firmware updates.

Uh... the phone hasn't even been released yet!

~~~
detaro
They have ensured by design that what remains of proprietary firmware on the
phone can't be updated, because they want a FSF Free hardware certification,
and that's the only way to get that and have non-free firmware components. Not
updateable non-free firmware is tolerated as being "part of the hardware" in a
way, updateable firmware is software and required to be open.

~~~
RandomBacon
Which proprietary firmware?

~~~
detaro
Parts of the memory interface have been mentioned previously:
[https://puri.sm/posts/librem5-solving-the-first-fsf-ryf-
hurd...](https://puri.sm/posts/librem5-solving-the-first-fsf-ryf-hurdle/)

Similarly, they seem to have choosen the Wifi and Bluetooth chips as well
because they have no downloadable firmware, and the isolation for the baseband
probably ensures the same there:
[https://puri.sm/posts/librem5-2018-09-hardware-
report/](https://puri.sm/posts/librem5-2018-09-hardware-report/)

If those would have meaningful updates is a good question, and clearly it only
applies to some of the firmware, but I suspect that's what the exagerated
original claim is based on.

~~~
RandomBacon
Okay, thank you.

Is there any way to mitigate this if one wants to keep Wifi and Bluetooth?

I guess if one really wanted to be pure then, they could just keep the second
(of three, see below) hardware switches off, and even possibly de-solder a
connection, to ensure they aren't accidently flipped on.

Hardware Switches:

\- cameras and microphone

\- WiFi and Bluetooth

\- cellular baseband

(When all three switches are off, power is also killed to sensors a la
"Lockdown Mode")

~~~
jmkb
> When all three switches are off, power is also killed to sensors a la
> "Lockdown Mode"

Personally, with all these switches off, I'd still want GPS for offline
navigation.

~~~
RandomBacon
Maybe there are two contacts you could bridge. Are you good with a soldering
iron?

------
RandomBacon
Their mirrors are forcing my mobile browser to open the video file instead of
downloading it. That's not very helpful. I'm surprised they didn't offer a
torrent for the video, that would actually help me (and help them on
costs/mirroring).

EDIT: Another user provided the solution: press-and-hold/long-tap the video in
the new tab to get an option to download.

~~~
CalRobert
wget
[https://mirror.eu.oneandone.net/projects/media.ccc.de//event...](https://mirror.eu.oneandone.net/projects/media.ccc.de//events/camp2019/h264-hd/camp19-10238-eng-
A_mobile_phone_that_respects_your_freedom.mp4)

should do the trick

~~~
unknown2374
He is on mobile ^

~~~
red369
Since this is an article about an Android phone, I realise giving an iOS
solution for this may not be that helpful. For anyone using iOS, the Apple
Shortcuts app has an action "Get Contents of URL". You can use this to make a
shortcut to save the contents of any URL similar to using wget. I often find
this useful, and highly recommend the Shortcuts app in general. It's not
perfect, but helps add missing functionality.

Been a while since I used Android regularly, but there will be a similar
(easier) method for a shortcut to download the contents of a URL.

~~~
rnestler
> Since this is an article about an Android phone

It is not an Android phone. It is built on top of PureOS:
[https://puri.sm/products/librem-5/](https://puri.sm/products/librem-5/)

