Planet F-Droid

May 10, 2021

Purism

Librem 14 Runtime and Charging

The Librem 14 has a powerful 66.8Wh battery; let’s dig into what that means for runtime and charging.

The Librem 14 gets around 9 hours and 48 minutes with the screen on max brightness and all sensors enabled. This is the uptime you can expect with light use, like reading a text document or other simple low CPU programs.

With the screen at 1/2 brightness, you get about 47 min more uptime.

(Timelapse of 1/2 bright discharge test)

With Wifi powered off and the screen brightness turned down, you can expect around 16 hours and 17 minutes.

Playing HD 60FPS video lasted 4 hours and 8 minutes from a full charge to auto shutdown.

The Librem 14 packs a lot of computing power in a 14″ frame. While you won’t likely need to use all 12 threads at their max, it can come in handy when building projects from source. With all 12 threads maxed out, the battery lasted 2 hours and 24 minutes.

When it comes to charging, the Librem 14 takes about 4 hours and 40 min to get to around 90% powered on. The last 10% taking the longest to complete. 

With the Librem 14 powered down, you can charge it from dead to around 42% in 2 hours.

For extra convenience, the Librem 14 can be charged with any compatible USB-C charger. This gives Librem 14 owners another way to keep their battery topped off while away from the main charger.

Knowing how long you’ll be away from a power source and using these expected runtimes, you’ll be able to judge if you can use the full power and display brightness or to keep things at a minimum while away all day.

Discover the Librem 14

Order now

The post Librem 14 Runtime and Charging appeared first on Purism.

by David Hamner at May 10, 2021 20:02

May 09, 2021

AntennaPod

2.2.0 release

Published by ByteHamster

We are happy to announce version 2.2.0 of AntennaPod.

  • Optional notifications for new episodes (@connectety)
  • Use PodcastIndex for main search (@tonytamsf)
  • Sleep timer extend buttons (@max-wittig)
  • Optional rewind, forward & skip buttons on widget (@tonytamsf)
  • ‘When not favorited’ as Episode Cleanup (@spacecowboy)
  • More actions for hardware buttons (@timakro)
  • Android Auto & chapter support (@tonytamsf, @ByteHamster)
  • Fixed stuck notification (@a1291762)
  • Player screen usability for visually impaired (@ByteHamster)

AntennaPod is developed by volunteers in our free-time. If you like AntennaPod and want to give something back to the community, consider contributing by helping other users in the forum, translating or by writing code.

May 09, 2021 11:00

May 07, 2021

Purism

Audacity Telemetry and Why Free Software Means Better Privacy

Many people accept that free software tends to protect your privacy better than proprietary alternatives, but they may not understand why that is. This week’s news about the Audacity project adding telemetry and the public outcry is a perfect test case to explore why free software means better privacy. If you haven’t been following the story, this piece in The Register provides a good summary. In short, Audacity (audio editing software) published a pull request to add telemetry about their users as an opt-in feature to a future release. The free software community largely balked at this change and started a debate over the change inside the pull request.

To better understand why free software protects your privacy more than proprietary software, let’s contrast a few key points in this story with how it would play out with a proprietary counterpart.

 

The Change Was Caught Before It Was Merged

One of the first things to notice is that because free software development is done out in the open, this telemetry feature wasn’t discovered after users updated their software, but instead was discovered before it was merged. Not only could users see that telemetry was being added, they could see exactly what data was going to be shared. This immediately opened up the change to discussion in the community where they started explaining why they didn’t want the change. The developers then had to justify and explain the change because there isn’t just the threat that a user will switch to a competing product, there’s also the threat that they will create a fork of your product without the objectionable change.

If this were a proprietary product, they could have simply added telemetry in secret. Once users got the update, there’s a good chance no one would have even noticed the change for awhile, unless they monitored the software’s network traffic. Even then, if the traffic were encrypted you not only couldn’t prove it was telemetry, you wouldn’t know what data was being shared.

Telemetry Is Opt In

Another crucial part of this story is that when the Audacity developers were explaining the change, they also pointed out that collecting telemetry is opt in. Defaults are powerful and an application that automatically collects your data without your permission is much different than an application that only does it if you explicitly tell it to do so. The fact that they designed this feature to be opt in further underscores the fact that because this was free software, they had a different obligation to their users. They understood their users would dislike the change and would outright reject it if it were opt out.

Proprietary apps almost universally default to opt out for tracking (if they give an option at all). This is because companies understand the power of defaults. If their users had to consent before being tracked, many if not most of them would say no. Since so many of these apps are funded by capturing and selling user data, that’s too big a risk to take.

The Community Can Audit Claims

Something else to underscore is that while Audacity developers explained what the change would do, that it was opt in, and which data was being shared with them, the users didn’t have to accept those claims at face value. Because this is free software, you can compare the claims software developers make against the code itself and see if it does what they say it does. If they ended up merging a change that did something different from what they claimed, it would be caught quickly.

With proprietary software you are required to trust the claims from the software developer. While you might be able to audit whether there is an opt out button somewhere, you can’t necessarily know for sure that using that button does anything–in fact in some cases companies have continued to track people even after they have opted out! Since software sometimes talks to cloud services over an encrypted network, you may not be able to confirm which data the software is sharing about you. You either have to trust the company at their word or assume they are collecting anything they can get their hands on.

Free Software Users Can Protect Their Privacy

The ultimate reason that free software means better privacy is the fact that users can remove any code that violates their privacy and use the rest. This is the threat looming over the Audacity project that ensures they need to listen to their users’ concerns, default to opt in for telemetry features, and limit the amount of data they collect to the absolute minimum. Even then, there is a possibility that if enough users aren’t satisfied with the privacy protections in the software, they may still release a competing version with the controversial bits removed.

Free software users, on the whole, are much more protective over their privacy than the average person. It may be tempting to conclude that people who use proprietary software don’t care about privacy, but I think that conclusion is too simplistic. Both groups care about their privacy, but the difference is that free software users are empowered to protect their privacy. Not only can free software users audit the software they use to see if it violates their privacy, if they discover it does, they can remove those objectionable bits and keep using the software. Even if they can’t audit or modify the software themselves, someone else in the community can, and they can benefit from that work.

In the proprietary world, your privacy is left up to the whims and business models of the company developing the software. In particular in phone apps there is an assumption that if an app is free you are paying for it with your data (and even if an app isn’t free it still may be capturing your data). If you discover a company’s software is violating your privacy you generally have two options: complain but use the software anyway, or stop using the software entirely. The threat of moving to a competitor is essentially the only leverage a proprietary software user has, and given so many competing products also violate user privacy, it’s not that strong of a threat.

Conclusion

It’s still too early to see how the story of Audacity’s telemetry change will play out, but regardless of whether this change doesn’t get merged, gets merged and accepted by the community, or gets merged and the project is forked, free software and user privacy wins. We live in a world full of sensors and data collection with so many companies not only collecting private user data, but gaining more power (and more profits) the more data they collect. Free software is one of the few remaining checks against this kind of power, as it’s one of the few places left where everything is done out in the open and the power to protect privacy is still in the user’s hands. When it comes to privacy, proprietary software simply can’t compete.

The post Audacity Telemetry and Why Free Software Means Better Privacy appeared first on Purism.

by Kyle Rankin at May 07, 2021 19:47

Tutanota

Face recognition: How it works and how to stop it.

Face recognition systems use your online pictures for training purposes. These AI systems are much more potent than what surveillance-dystopians like Orwell might have imagined in their worst nightmares. Fortunately, new tools help you to stop facial recognition.

May 07, 2021 00:00

May 06, 2021

Pine 64

Let’s make MiRAKles happen

Many of you are already aware that we are very interested in LoRa®. We hope to use the technology for both traditional IoT applications as well as in less orthodox ways, such as peer-to-peer text communication and even group text-messaging. This novel application potential is of particular interest to us, and in the coming months we will encourage developers to explore LoRa’s® viability as a text...

Source

by Lukasz Erecinski at May 06, 2021 12:57

May 05, 2021

Replicant

Presenting Replicant’s Community Manager

The Replicant Steering Committee has concluded the second round of evaluations of the applications for the community manager role.

We would like to thank all the candidates that have applied for the role. It has been a greatly encouraging experience to receive so many valuable proposals and to observe such a responsiveness to our call.

Selecting one candidate among all participants has been no easy task, given the interesting variety of valuable profiles we had the pleasure to evaluate.

The key aspects that have been considered are, in no particular order:

  • the candidate having been actively participating in the community’s activities and discussions, in the forum, the wiki, the mailing list and the official IRC channel, as well as in-person meetings
  • the candidate’s experience in installing Replicant and in solving problems related to this activity
  • the candidate’s overall confidence with the practical aspects of using Replicant and helping users with related issues, doubts and information requests
  • the candidate’s involvement with other free-software projects similar to Replicant and/or with interesting points of contact with the work being done in Replicant
  • the candidate’s ability to write useful and comprehensible periodical reports to keep the community informed about the project’s activities
  • the candidate’s ability to contribute to Replicant’s technical documentation
  • the differences with typical free software backgrounds (to be able to bring more diverse perspectives to the project)

All these aspects considered, Kurtis Hanna emerged as the most suitable candidate for the role.

Kurtis has been a very active community member since at least 2016, successfully helping users in various occasions with different issues and enquiries.
He is well informed about various free-software projects and has often acted as a link between some of those projects and Replicant.
He participated in and/or helped organise many of the gatherings that have been held by Replicant members throughout the last 4 years, either in person or remotely, contributing his thoughts, impressions and valuable proposals.

In the next few weeks, we will be coordinating with Kurtis and the FSF to work out the applicable funding conditions and to define the contract that will regulate the Community Manager’s duties.

Once again, we thank all applicants and the whole community in general.

Cordially,

The Replicant Steering Committee

by Fil at May 05, 2021 20:39

Purism

Librem 5 News Summary: April 2021

Software Meets Hardware

The month of April saw more advances on the software side, in particular where software integrates with the Librem 5 hardware.

You Ought To Be In Pictures

Last month we announced progress with Librem 5 camera support, but at the time pictures were still being taken using command line commands. Now that the hardware is supported in the kernel, the next area of focus has been in post-processing the raw images from the camera sensors as well as providing support in user-facing GUI applications.

This month we added Librem 5 camera support to the megapixels app so now you can take pictures from a GUI application. Now that the camera is supported in the app, focus can shift (pun intended) to tuning color and white balancing and other post-processing in the live viewfinder (you can see in these example pictures that the live viewfinder image isn’t yet color corrected or white balanced while the picture the Librem 5 took is) as well as further refinements on image post-processing.

The megapixels app taking a picture with the Librem 5 camera.The megapixels app taking a picture with the Librem 5 camera.
A picture taken on the Librem 5 using the megapixels app after postprocessing was applied.A picture taken on the Librem 5 using the megapixels app after postprocessing was applied.

Getting a Geoclue

We have also made progress in location services support on the Librem 5, including integration of the geoclue location service libraries with PureOS and within Gnome Control Center. This means you can control not only whether location services are enabled, but also control which applications have access to them. Unlike in some other phones, when you disable location services on a Librem 5, you can trust (and audit) that the phone is honoring your request. For ultimate privacy you can even go into full lockdown mode to disable all radios, GPS, cameras, mics and other sensors.

Location Services managed in Gnome Control CenterLocation Services managed in Gnome Control Center

As a result of this added support, Gnome Maps now can use location services to show your location within the app:

Gnome Maps showing location on the Librem 5Gnome Maps showing location on the Librem 5

VoLTE Support

Many cellular carriers are in the process of moving their networks over to Voice over LTE (VoLTE) where voice calls traverse the 4G network much like regular internet traffic instead of falling back to traditional 2G or 3G networks. While we currently disable VoLTE support in the BM818 modem that ships in the Librem 5, the modem does support VoLTE and we have been testing this support across a number of cellular providers throughout the world with quite a bit of success. For some providers, enabling VoLTE support in the modem “just works” while for others we have needed to work with the provider to add the BM818 modem to their list of modems with VoLTE support so that both incoming and outgoing VoLTE calls work. While we aren’t yet ready to enable VoLTE support by default, we hope with some further testing and work with upstream cellular providers we will be able to do this soon.

PureOS Byzantium

PureOS 10 (code name Byzantium) is the current release we ship on our Librem 14 and Librem Mini computers and as we mentioned in our sneak preview post, we are working to make it the release we ship on Librem 5 phones as well. Unlike with PureOS 9 (code name Amber), there are no phone-specific software repositories in PureOS 10, so a lot of work has gone into integrating phone-specific patches into upstream software releases so that they work well both on laptop and desktop form factors.

Calls and Chatty

Last month we mentioned that SIP support was being worked on in the Calls application and now we have released the first official release with preliminary SIP support. While we continue to improve support for SIP calls we are also working on updating the Calls UI so making SIP calls and adding SIP accounts is easy.

We are also making continual improvements in support for the Matrix chat protocol in Chatty and it already works well for unencrypted rooms. Supporting encryption in Matrix is a priority for us and we currently have initial support for it in Chatty as well.

Hardware: The Ball and the Supply Chain

The electronics supply chain has seen unprecedented disruptions over the past year that have not only made electronics supply unstable, it has also led to dramatic price increases in some cases for the electronics components that are still in supply. Back in January we warned of the potential for disruption in the CPU supply chain for the Librem 5 and that potential has now become a reality. Our CEO Todd Weaver just published a post titled The Ball and the Supply Chain that explains the effect of the global electronics supply chain disruptions from the perspective of Purism, and how we intend to manage through those disruptions in the coming year.

Librem 5 Pause and Price Increase

The Ball and Supply Chain post also contains a table of all Purism products and how supply chain issues might affect each of them. Of particular note for the Librem 5 is that due to large lead times for new CPU supply and other components we are pausing Librem 5 production until October, when we will be able to acquire enough CPUs to resume production. Due to the pause we are projecting we will hit shipping parity in early 2022. Also due to increases in electronics component pricing, the Librem 5 is going to see a $100 price increase on June 30th, with another price increase possible in Q3 of 2021, depending on whether the current trend of increasing electronics component costs continues.

Librem 5 USA Full Steam Ahead

While the Librem 5 is paused for the moment, the Librem 5 USA is full steam ahead with production starting in a few days. While we’ve certainly had challenges in sourcing parts for the Librem 5 USA, because the Librem 5 USA uses a different supply chain than the mass-produced Librem 5, we have been able to secure ample supply so that the Librem 5 USA will not only hit shipping parity (the point where we have satisfied all backorders and new orders are fulfilled within our 10-business-day window) in Q2 2021, but also we are projecting we should be able to keep it in stock from that point on.

What’s Next

May promises to see further advancements in camera support in particular, as well as overall improvements in PureOS 10 so that it can become the default OS on the Librem 5. Stay tuned for pictures and news on Librem 5 USA production throughout the month.

The post Librem 5 News Summary: April 2021 appeared first on Purism.

by Purism at May 05, 2021 16:34

May 03, 2021

Fairphone

Fair Materials 101 – Understanding the Fair Sourcing game

Maybe I’ve spent too much time playing board games in lockdown, but I’m starting to see similarities between my favorite games and my daily work at Fairphone. I’m focused on creating positive impact throughout our smartphones’ supply chain. But just like Snakes and Ladders or Ganzenbord, taking a step forward can sometimes lead backwards! Other times, it’s just like Monopoly: you’re progressing around the board and feel like you’re doing so well, when suddenly you land on your “friend’s” Park Place with four hotels and your whole game changes.

After introducing you to all you need to know about Fair materials, it’s about time we explain the game. Fair material sourcing isn’t just a one-off procurement-policy decision; like The Game of Life it’s an entire journey, an iterative (and often incremental) process where one step forward can end up leading two steps back. Creating a fair material chain can sometimes feel more like sliding along an icy path than a simple summer stroll. But step by step, we have moved forwards, deepening our understanding of our phones’ supply chain and developing fairer sources as we go. With our goal to sustainably source 14 focus materials; this is how we will go about tackling this. Inspired by this series and want to nerd out more? Read our material roadmap on how we selected these 14 materials.

Our experience has taught us that in every journey towards a responsible supply, there are certain steps worth following:

 

1. Research

Once upon a time, when you opened a new board game, the only way to learn how to play were the printed instructions. These days, you can find entire YouTube channels dedicated to the finer points of rules and strategy, and message boards where you can chat to people with deep, specific knowledge. You just need to know where to look, and what to look for.

The first step in any endeavor for fair supply chains is deep research. This is gathered by our internal experts, but also via external parties who can provide incredibly detailed information and insights. By looking from many angles, we can better understand the social and environmental issues present in the supply chain, along with the opportunities to drive positive impact. This is the step we’ve been taking recently, identifying and assessing which materials to focus on from a very long list.

Having gained a general understanding, research can become more specific, revealing the most promising impact possibilities or urgent issues requiring interventions. This could include assessing challenges for a specific material in the supply chain, in certain regions, or for particular supply chain partners. Like this one we did to reduce the social and environmental damage of rare earth mining, or to improve tin miners wages in the Democratic Republic of Congo.

2. Supply chain mapping

Every component in a smartphone has its own supply chain and stakeholders. If you ever had a friend who was truly obsessive about designing maps for Dungeons and Dragons, with trapdoors and moving stairways, secret hallways and rooms that you couldn’t unlock, you have some idea of what a supply chain map can look like.

Wanting to drive positive impact through our sourcing strategy, we map our supply chain to identify whom to engage. We conduct this step with our final assembly partner, our sub-suppliers, and our component suppliers.

This is a complex and difficult process. We depend on the supplier to disclose who they source from – which not everyone wants to do. We have no means to force such disclosures – we’re 7th level wizards, but sometimes the information we need is behind an Arcane Lock spell, or a supplier fears opening the door will attract a dangerous wolf pack of competitors.

Sometimes, this step is where one possible route towards fair sourcing ends, and a path we’ve been following for ages turns out to be a closed maze. Supply chain mapping can take considerable time, and requires trust from all parties involved.

3. Supplier and partner engagement

With research and supply chain mapping completed, we now know who to engage with to establish a fair material supply chain. Like Beth Harmon in “Queen’s Gambit” sitting down for the first time to play a game of chess with Mr. Shaibel, the rules aren’t clear, nobody knows quite what to expect, and our game could lead to a quick disaster or a lifelong friendship.

Our favorite players in this game are the strategic suppliers who are willing to engage and cooperate to improve the supply chain. At this stage, in addition to suppliers, we also engage stakeholders who will be key to the success of the next steps of our journey, along with Non-Governmental Organizations and local, on-the-ground partners who all bring unique perspectives and additional opportunities for change.

4. Program design

Once the key partners engaged in the previous steps are on board, we work together to co-develop a continuous improvement program. This part is more like the board game “Pandemic” — one that nobody is having fun playing these days — in that the players cooperate rather than compete. We’re both after the same outcome. An example would be the <link> Fair Cobalt Alliance.

Keeping our fair sourcing principles in mind, we also examine cost-sharing arrangements and, if applicable, fundraising potentials for larger programs with more stakeholders.

5. Program implementation

Having drafted the improvement program and ensuring the necessary investment, this is the step where the program takes off, with each partner fulfilling their specified role in the program to ensure its success. At this point, we’re building a Jenga tower, and everybody has to pay strict attention and make the right moves or the whole thing collapses.

6. Continuous monitoring of impact

Improving complex social and environmental situations doesn’t happen overnight. It is vital to maintain collaborative partnerships and continuous monitoring to achieve the defined impact goals. This is why Fairphone places such importance on monitoring, evaluating and transparently reporting on program impacts. You can’t walk away from the game — there are unexpected moves and situations that flip, making the whole effort sometimes feel like playing a game of Go on a roller coaster.

But having thought about all the games our Fairphone Fair Material Board Game might look like, it’s clear none are a perfect match. That’s probably because the game we’re playing here is one we’re inventing. It doesn’t really look like any of my old favorites. And unlike most games, this is one where the objective is for ALL the players to win. So off we go, continuing on the journey to create fair material supply chains for an even larger number of materials. Game on!

The post Fair Materials 101 – Understanding the Fair Sourcing game appeared first on Fairphone.

by Tirza Voss at May 03, 2021 16:00

Tux Phones

postmarketOS is finally coming to wearables

postmarketOS is finally coming to wearables

Almost four years after its first release, postmarketOS has just started targeting the valuable niche of smartwatches. As the upper end of these devices tends to offer near-identical hardware configurations to ARM phones, many models come either with Google's own Wear OS, or with proprietary themed and minified Android or Linux flavours, such in the case of Samsung Tizen, Amazfit or Huawei's "GT" series.

Although some wearables were already shown as "booting" by the project since last year, it was not until last week that the first entirely watch-oriented user interface, Asteroid UI, was merged into the postmarketOS repository. This is the result of a collaboration between the Asteroid team and postmarketOS developer Bart Ribbers (PureTryOut), which led to full integration of the UI.

A further step in this direction comes from developer Luca Weiss (z3ntu), who is allegedly working on a mainline Linux port to the LG G Watch R (codename "lenok"), which could then become the first "true" Linux smartwatch ever heard of.

postmarketOS is finally coming to wearablesThe LG G Watch was the first mainstream Android Wear device to be released in 2014 (source)

As confirmed by inner sources, this denotes serious interest from the core team in bringing the popular mobile Linux distribution to another category of devices that, alongside smartphones, tend to be considered ephemeral and far from sustainable due to relatively short-term software support. Unlike their mechanical and usually near-eternal counterparts, several early Android Wear devices are nowadays kept alive by a community of developers such as XDA rather than their manufacturers.

Needless to say, the Asteroid OS project has been serious about support throughout its six years of life. With 14 supported platforms, at varying degrees of stability, and "companion" apps for Linux, iOS, Windows 10 and Android among others, the team has put much effort to deliver a consistent experience outside the Google realms. The OS is overall modular, and the official documentation covers processes like the development of custom apps and watchfaces in detail.

Having said that, whether your watch is already one of the lucky ones to be supported by either platform (or both) is a question that our search engine for Linux-supported mobile devices or the extensive postmarketOS wiki might be able to answer.

Source: @bart / @AsteroidOS (Mastodon). Cover picture: @asteroidos (Twitter)

by Raffaele T. at May 03, 2021 14:22

April 30, 2021

Purism

The Ball and Supply Chain

Every manufacturer has a supply chain, down to the raw materials suppliers whose supply chain is the earth itself. Links within the supply chain can (with difficulty) be swapped out for similar suppliers but each link in the chain and who controls that link is important. Over the course of the last twenty years the method of holding swaths of inventory (which is equivalent to cash value sitting on shelves) began dwindling in favor of just-in-time manufacturing, and the more reliable the suppliers in a supply chain on delivering just-in-time the less desire to hold inventory (also called safety stock).

Manufacturing in the technology sector has some additional churn to dissuade holding parts stock in high quantities, parts like an I.MX8M Quad rev AA, are devalued when they’re deprecated in favor of the improvements created by rev AB. This high-churn in technology reinforces the just-in-time nature of manufacturing and acts like a heavy, metal ball on that chain that restricts your movement.

The Ball

Just-in-time works really well when it works really well. But the ripple effect of a global pandemic upon every sector of the globe, coupled with more demand for devices that are full computers in IOT and Automotive, causes a lot of companies to feel the immobilizing weight of the ball attached to the supply chain.

The Chain

Another trend over the past twenty or so years is the reliance upon outsourcing. Similar to the materials supply chain, more and more companies have shifted entirely to sales, marketing, and finance as their primary labor, and most in the tech sector also add development, usually in the form of software development (with mostly digital goods produced, no tangible goods). This trend adds more links in the chain, and the more links, the less control of those links when there is a problem.

The Problem

Parts, price, and lead-time. Parts are getting harder and harder to find, and using alternatives require engineering talent that most companies don’t have (we do), so these parts shortages mean procurement scrambling, similar to the toilet paper frenzy early in 2020 as the pandemic reached regional shelter-in-place levels. But unlike that TP shortage that was short lived, this frenzy repeats weekly. Parts get snatched up, and some may even return again at a higher price.

Price is one of the biggest factors in supply and demand. Parts brokers are able to seize on this opportunity for some parts and therefore charge $35 for a part that has consistently cost $5 for a decade. Even at the resistor level parts can be unavailable requiring procurement of tighter tolerance resistors at a higher price.

Lead-time is another big problem. Parts like more complicated integrated-circuits (ICs) are sometimes irreplaceable for a product. The lead-time from the parts maker needs to be factored in, these lead-times are increasing every week, with the theoretical end of increasing lead-times being sometime in 2022, when just-in-time will probably work really well again. Some parts will be available within months, while others may not see full restoration to pre-pandemic levels of availability until after 2022.

The Solution

Pay, price, and persevere. It will be challenging to be able to produce product in the coming quarters, and paying the premium to have parts is one part of the solution.

Prices will increase as consumer goods (the end product) become more scarce and the bill-of-materials (BOM) are bought for higher and higher prices. This passing on of the price increases allows for the market to determine what products are worth the higher prices, and commodity priced products are likely to suffer the most. We will be increasing prices in stages over the next year as BOM prices change and as we deliver greater quantities of product.

Perseverance is the best solution for longevity. Having a dedicated team who address problems by finding answers rather than giving up ensures that product will be delivered, sometimes at a higher price, and sometimes a bit later than hoped, but delivered nonetheless.

Products and Availability

At Purism we have a growing list of products, Librem Servers with PureBoot, Librem Key USB security token, Librem 14 laptop, Librem Mini, and two separate supply chains for Librem 5 phone and our Librem 5 USA with Made in USA Electronics.

The below chart will help share the top-level supply, availability, and impact.

 Product StatusParts BlockerShipping StatusShipping ParityPrice Increasing
Librem ServersHolding stockFuture CPUs, future RAMShippingAt Parity, likely to stay in stock.Possibly in Q3 2021
Librem 14Holding stockFuture CPUs, future RAMShippingParity in June, probable to stay in stock.Yes, May 31st 2021, +$100; Possibly again in Q3 2021
Librem KeyHolding stockICs unavailable for 52+ weeksShippingAt Parity, will run out before parts are available.Possibly in Q3 2021
Librem MiniHolding stockFuture CPUs, future RAM.ShippingAt Parity, likely to stay in stock.Yes, May 31st 2021, +$100; Possibly again in Q3 2021
Librem 5Rolling ManufacturingCurrent CPUs (unavailable until October), RAM, ICsShipping, with a break in product shipping from May to around OctoberParity after October 2021, possibly into 2022 as demand continues to increase.Yes, June 30th 2021, +$100; Possibly again in Q3 2021
Librem 5 USAFirst Production May 2021Future CPUs, future RAM, ICsBeginning to Ship in May 2021Parity planned within Q2 2021Possibly in Q3 2021

The Future

One of the exciting things about building a company that has tighter control of the supply chain with engineering expertise to handle issues, and even doing US manufacturing for our Librem 5 USA with a US-based secure supply chain, is that it allows for us to address the complexity of producing product in 2021 and into 2022. It reinforces the business model of selling on features (not price) while owning, controlling, and doing more manufacturing lightens the load of the heavy ball that typically comes with that complex outsourced supply chain.

The post The Ball and Supply Chain appeared first on Purism.

by Todd Weaver at April 30, 2021 18:32

Fairphone

Help us, help you

Let’s just rip the bandaid off. We need to prepare you for something, but trust us, it helps you as much as it helps us! Ok, here it goes: you might receive a survey once you update your Fairphone. Now that it’s out there, here is a short read about why we are asking these questions.

Here’s to a longer living phone

At one point or another during your lifetime, you have completed a survey. Maybe it was to provide feedback after a customer service call, how your time at a restaurant was or how clean the bathroom was in the airport. Surveys are necessary as it helps companies improve their products, services and fine tune details that we, as consumers, aren’t even aware of. Afterall, products are made for us, consumers, so shouldn’t we be a part of their improvement?

While the main purpose of most other surveys are the above mentioned, our main reason is to understand from you: if there is no expiration date on your phone, how long would you like to keep using your Fairphone? What could be reasons you are ready to swap out your current phone for a new one? This will help us reach our goal and keep our promise of extending the lifespan of Fairphones well beyond the average 2.7 year use – as well as continue to make amazing products and provide quality support .

That’s why we also want to hear more from you regarding your experience with certain features on the phone; would you recommend Fairphone to a friend or colleague; and, have you found the “make coffee now” function? That last one isn’t real, but wouldn’t that be cool?

We do this for you

Your input will help us make those 5 years (and perhaps beyond) with your phone an all-around positive experience. You will directly be involved (via the survey) in making sure we are on track to keeping our promise of supporting your phone past the average lifespan of smartphones.

Even if there are features you don’t enjoy, we’d rather know so we can keep making adjustments, all the while continuing to strive for quality and excellence. This is why this survey is so special. It’s not just to gain insights for the next generation of phones, it is to put you, the user, at the center so we can help you keep your phone for longer. We want our smartphone to be more sustainable and as most of the environmental impact is caused in the production phase, extending the lifespan to as long as possible is the most effective means to achieve this goal.

That is why your voice is so important. Your experience with your phone will actively help us achieve what we have set out to do: create a more fair and sustainable smartphone.

You can opt out

You can opt out anytime through the My Fairphone app, but we would be honored for you to share your voice as it helps us in our quest to make the best products for you and to continue providing quality support. If you choose not to provide your valuable insight, don’t worry, we will still support you.

We can’t do this telepathically or make a guess, because that won’t help you guys. So as Jerry Maguire so eloquently puts it “help me, help you!”

The post Help us, help you appeared first on Fairphone.

by Lora at April 30, 2021 15:21

Tutanota

10 best free email accounts

Free email accounts seem to be available by the hundreds, but there are quite some differences when it comes to email. This guide on email providers will help you choose the best free email account.

April 30, 2021 00:00

April 28, 2021

/e/ foundation

Leaving Apple & Google: 2021 roadmap, facts about Google data collection and celebrating partnership with Fairphone

Leaving Apple & Google:

  • Our 2021 roadmap
  • Facts about Google data collection on Android
  • 1st anniversary of our partnership with Fairphone

Our 2021 roadmap

2021-01

We thought you would be interested in learning more about our roadmap this year, so we created a post listing our focus areas for the remainder of 2021.

Better App support, more apps in /e/, better user experience, better camera, more privacy, etc…

Everything is listed in more detail in this article available on Medium or on our Community Forum.

Enjoy and don’t hesitate to comment!

Facts about Google data collection on Android

photo_2021-04-28 13.58.13

We are often asked to share details about how Google collects user information within Google Android. So we have created a blog post on Medium and on our Community Forum that lists everything we have found so far, based on our own work and external studies.

The list is long and scary to be honest and should validate your choice if you have already switched to /e/OS on your phone.

If not, what are you waiting for?

Check our list of supported devices or our pre-installed phones ready to buy

1st anniversary of our partnership with Fairphone

One year ago, we announced our partnership with Fairphone to introduce the first privacy conscious and sustainable smartphone.

Since the launch of /e/OS, we realized that many of you were not only concerned about your data privacy and limiting unnecessary data streams, but you also wanted hardware that would last longer and be repairable. It was therefore obvious to us that Fairphone would be a great platform for all of you, providing a phone that ticks the boxes of easy repairs, durability, and ethical sourcing.

In 2020 and 2021, we have launched /e/OS on Fairphone 3, Fairphone 3+ and are looking to improve also our support of the Fairphone 2. We have been amazed by the reception of /e/OS on Fairphone models.

Working with Fairphone and the people there has been a great experience, it’s really nice to have a partner that is enthusiastic about our project and to collaborate with the Fairphone community.

We are super excited about what we have achieved together so far and looking forward to making it even better in the future.

Support the project!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community

Donate

by admin at April 28, 2021 11:53

Tutanota

Introducing Tutanota templates.

The Tutanota template functionality increases your productivity immensely: Prepare email templates for standard requests and share the templates with your team. Our new templates let you answer lots of email request with a few clicks only.

April 28, 2021 00:00

April 27, 2021

Purism

Librem 14 in Video

Security is one of the core pillars we build upon. The Librem 14 offers the most advanced security feature set so far.

User feedback

We had reports of users flipping switches on accident when placing older models in laptop bags. It’s also hard to know which switches are flipped at a glance. The Librem 14 places the switches front and center with additional LED indicator lights. Now you’ll know what’s running and what’s off just by looking below the screen.

Improvements

You can turn off all microphones with the flip of a switch. Like all our laptops, the microphone switch turns off the built-in microphone, but now the switch will also disable the headphone jack’s microphone if one is attached.

Whether you’re a system admin looking to configure a switch, or if you want faster and more secure networking, the built-in full-sized Ethernet port is here for you.

While attached to your network directly over Ethernet, you can flip off your WiFi switch and enjoy the extra security that comes from the reduced attack surface.

While still under development, you’ll soon be able to write-protect the BIOS and EC firmware. Once done, you’ll be able to trigger this protection with the new set of switches on the motherboard.

Main PCB, top side, BIOS and EC flash + write protect DIP switch circled in red

BIOS/Firmware Security

The Librem 14 will ship with the Intel Management Engine (ME) disabled. With further firmware updates, the goal is to remove as much of the disabled ME code as possible. Once removed, the attack surface on the L14 will be even smaller.

Have you ever wondered what a user-controlled secure boot would look like? PureBoot is our out-of-the-box solution for verifying your computer is as you left it.

The Librem 14 will also ship with a liberated Embedded Controller (EC). With this EC, Librem 14 owners have source-level control over their hardware. This also makes security audits straightforward.

Operating System

By default, the Librem 14 will ship with our latest and greatest release of PureOS. For those that want even more security but at the expense of some convenience, we also offer Qubes on an optional USB thumb drive you can add to your order and install once you get your Librem 14. The core idea of Qubes is to put everything in its own virtual machine. Having so many virtual machines running does have a cost but makes the software much harder to exploit.

Anti-interdiction Shipping

We also offer an anti-interdiction service to help ensure nothing is tampered with in shipping. This is an optional add-on service where we use encrypted email to custom-tailor security measures to protect the laptop during shipment, including protecting the hardware itself with tamper-evident seals.

Regardless of your security needs, the Librem 14 can accommodate you and is yours to use, audit, or modify.

Discover the Librem 14

Order now

The post Librem 14 in Video appeared first on Purism.

by David Hamner at April 27, 2021 21:58

April 26, 2021

NewPipe

NewPipe 0.21.2 released: Metadata, crashes, and bug fixes galore - SoundCloud works again too

Here’s another point release for our lovely users. This release refines Bandcamp support, lays the groundwork for an upcoming feature, and adds many little quality-of-life improvements and fixes that we think quite a few users will have reason to be happy about. Also, if you want to use SoundCloud, you need to update to this release.

New

  • @B0pol added the ability to extract video metadata from YouTube, SoundCloud, and media.ccc.de. This was already being done for PeerTube, mainly because it is a really cool and modern and amazing new platform which is 100% user oriented and easy to code for. Hmmm. Where were we? Ah, yes. Metadata. This means things like video tags, license, category, language, etc. are now provided by the extractor. This doesn’t mean that you can see them yet. That will come in a future version.

  • @TobiGr added the ability to view individual songs and their artists as timestamps (similar to Chapters in YouTube) when playing a Bandcamp Radio stream.

  • @fynngodau modified the extractor so that the app now shows related playlists on Bandcamp when playing tracks. To maintain consistency, all references to “related streams” are now changed to the more generic “related items”, because they can now be playlists too.

  • @mhmdanas added the option to directly open a channel page by long-pressing on a list item. Now that short but somewhat annoying period, where you have to wait for the video details to load before being able to open the channel page, is gone. Note: this doesn’t work for feeds yet.

  • @PulkitGarg67 added the nifty little ability to rename a playlist from the Playlist page. Earlier, you could only rename one by long pressing on a playlist item in a list.

  • @Douile added a helpful little timer at the top of the stream queue, telling you its total duration (the combined length of all the streams you queued up), and how far you are into the queue.

Improved

  • @fynngodau, the Bandcamp maestro, improved the Featured page so that it shows more than 10 items.

  • You are experiencing slow internet. You open a video. You end up having to wait an excruciating 10 seconds for the video to buffer, before being able to pause it, and let it load in peace while you do something else. Or, you just skipped ahead in the video, and now have to wait for it to buffer before pausing. GONE! That pain is gone! @Douile added the incredibly useful ability to pause while the video is still buffering! No more pointless waiting around while your dumb internet connection hauls packets like they’re being delivered by messenger birds or something.

  • @krlvm brought about a major overhaul in the theming code of the app. NewPipe looks good both in black theme and white, so it will now switch to whatever your system is using by default. @XiangRongLin and @TobiGr fixed a couple of small regressions caused by that PR, which were noticeable enough to be mentioned here: a rogue black volume icon was made white again. So your volume icon won’t suddenly get an instant tan if you turn the volume up too loud, or turn it down entirely.

  • If you’ve ever encountered cut off channel names (because they were too long), you should know that @krlvm wasn’t able to magically fit the whole name on your screen, but now there is an ellipsis indicator letting you know that it was cut off. Which is something. Right?

Fixed

  • @TobiGr fixed a SoundCloud related part of the extractor. SoundCloud updated how their site works, so TobiGr updated the code. Now it works again.

  • @fynngodau fixed some broken thumbnails on the Featured page in Bandcamp.

  • @TotalCaesar659 updated some HTTP URLs in the NewPipe and Extractor READMEs to HTTPS. Having HTTP URLs lying around in 2021 and not noticing them is pretty embarrassing for us, so we’re looking for a time machine to go back and surreptitiously change them, leaving everyone none the wiser. Please let us know in the comments if you happen to know where we can obtain (or rent) a reliable but affordable one.

  • @wangear fixed the problem of the text of list items overlapping if the font size was large enough.

  • @wangear also fixed a NullPointerException (a crash) that occurred in three different ways: playing the next video and tapping anywhere on it, enqueuing a video by long pressing on the Popup button and then tapping anywhere on the current video, going to Downloads via long-press on the Download button, then returning and tapping on the video yet again.

  • @Stypox fixed a NullPointerException caused by quickly tapping on the search button after launching NewPipe, and also by simultaneously opening two Settings menus at the same time repeatedly. If you do not want to run into any sort of crash whatsoever, we recommend not tapping anywhere in the app and just staring at the home screen. That should help.

  • @sauravrao637 fixed a crash when the user interacted with the top bar on the History page with no videos.

  • Did you know there were supposed to be icons to the left of the selectable notification actions in the notification settings menu? Neither did we, but @Stypox fixed it and now they’re visible.

  • Certain devices which use Huawei’s Hisilicon chipset Hi3798MV200 (we know of the Formuler Z8 Pro, Z8, CC, Z Alpha, and Z+ Neo) showed a black screen when playing videos, due to broken media tunnelling (we have no idea what that means, either). But @Redirion has now fixed this by disabling media tunnelling on this specific chipset, so all’s good now.

  • @sauravrao637 fixed a crash that sometimes occurred if the user rotated the screen while exiting the player.

  • @wangear fixed yet another NPE caused by the app attempting to get the length of a null array (hint: it’s null; there is no array there, NewPipe) in the Main Activity.

  • @sauravrao637 fixed the channel page so that you don’t just get a blank screen when there are no videos. Now you can see the channel header and even subscribe to it, if you feel like it.

  • @TobiGr made the buffering indicator visible again when seeking. At some point in the past, it was accidentally made to vanish, so when a video was skipped forward or backward, it was not clear that the video was loading, and the video playback just seemed to be stuck, causing needless frustration.

Nerd Talk

  • @TobiGr made some code improvements suggested by SonarLint (Wow! We just added the plugin and it is already paying off!) which fixed a couple of potential bugs and also eked out some performance. He also eliminated some type conversions just by introducing a variable. Less work for the app, which means better performance.

  • @fynngodau changed a function’s name and return type to simplify the code. That’s always a win.

  • @XiangRongLin fixed yet more breaking tests in the extractor, and is quite exasperated about it by now. (“This is like playing whac-a-mole!”) Whac-a-mole, indeed. If only there was a way to automatically update tests along with the changed code or something.

  • @XiangRongLin also added a new field to a class to simplify some code.

  • @TacoTheDank replaced FrameLayout, an XML container layout, with the newer FragmentContainerView, as suggested by Google’s Android team, fixing some potential bugs along the way.

  • @TacoTheDank also cleaned up some unnecessary code in the Settings menus.

  • @TacoTheDank updated the Gradle wrapper.

  • @TacoTheDank revamped the About menu and all related code, and also converted it to Kotlin. Yay for modernisation!

  • The ExoPlayer library was updated from version 2.12.3 to 2.13.2 by @Redirion, along with related changes in the app code. (Anyone else get the feeling of déja vu?)

  • @TacoTheDank rearranged the library dependencies in the build gradle file into meaningful sections, and added comments so that neophyte developers can understand their purpose. MAJOR props for fixing one of the biggest pain points for newbie developers!

  • @TacoTheDank migrated all the AlertDialogs in the app to their AppCompat equivalents, which allows them to be used just as they are on earlier Android versions. Gotta keep that sweet, sweet backwards compatibility for as long as we can, after all!

Where to get this brand-new version

NewPipe notifies you about new versions. You can download them when you press the notification, which will take you to the GitHub Releases page.

If you use the F-Droid app, it, too, notifies you about updates for NewPipe. Please keep in mind that it can take F-Droid a while to update their repository. If you have problems installing you may need to uninstall NewPipe and then install it afresh. (Make sure to backup data by exporting your database from the Content settings menu.)

If you already installed NewPipe from F-Droid’s repository, to get this version of NewPipe you can do one of the following:

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version. Make sure you back up your data as mentioned in the warning at the top of the FAQ page!

Now that you’ve (hopefully) updated, please let us know what your experience of the latest release is, especially bugs in need of fixing. As usual, you can reach out to us via IRC (#newpipe on freenode), open issues on GitHub or, ideally, use our built-in crash reporter to send us machine-readable issue reports. You can even send in fixes yourself.

If you have any other questions feel free to post them in the comments here and someone will reply to you.

April 26, 2021 21:00

Tutanota

How you pay for Google and Facebook to be free.

Google and Facebook have become two of the most successful web companies because they have managed to convince everyone that their products do not come at any cost. Yet, this is not true. The ad-based business model harms people and societies on so many levels, it must end now - and you can help end it.

April 26, 2021 00:00

April 23, 2021

Purism

Best Qubes Laptop is the Secure Librem 14

Update 2021-04-26: We’ve gotten some questions in response to this post about Qubes support on our laptops. To clarify, while we offer Qubes as an OS option, we do not yet pre-install it. This is simply because Qubes does not yet offer an “OEM install” method like with PureOS where we could set up disk encryption securely and allow the customer to change their encryption key at first boot. Instead, when you select QubesOS as your OS, we include Qubes install media so you can install it yourself and set your disk encryption passphrase. While there are some OEM install methods available that are tied into the Heads boot firmware, many of our customers choose the Qubes and coreboot combination so we are waiting for an OEM install solution that is built into Qubes itself before we will pre-install it.

Librem 14

Librem 14 – Full Qubes Support

Qubes is a high-security operating system that makes it easy to isolate workflows into different virtual machines (VMs) or “Qubes” that you can label, colorize, and firewall off based on trust level. One of the challenges finding the best Qubes laptop has always been hardware compatibility–Qubes uses advanced Xen features and relies on hardware virtualization extensions like IOMMU to power all of its virtual machine features and the Linux kernel in Qubes often doesn’t support all of these features on all hardware.

While Qubes maintains a community-built hardware compatibility list, it’s not always up to date and typically reflects Qubes support on a particular piece of hardware in a point in time. Since few vendors apart from Purism test Qubes on their hardware, much less support it, if you want to run Qubes on your own laptop, you are often on your own.

Qubes’s heavy reliance on virtualization also means that machines running Qubes typically need more resources–in particular RAM and fast storage–than a regular operating system. It’s not uncommon to have five to ten virtual machines running at a single time with many of them running their own independent web browsers. While Qubes lists 4GB of RAM as the minimum, to get the most use out of Qubes you really need a minimum of 8GB of RAM, with 16 or 32GB RAM recommended if you intend to create and run many VMs simultaneously.

Qubes Logo

Purism’s Long History of Qubes Support

Purism’s Librem 13v1 laptop was the first laptop to be certified as officially supported by Qubes in 2015. Since then we treat Qubes as a first class citizen, like PureOS, and have provided Qubes as an alternative to PureOS on all of our laptops. Each Librem 13 and Librem 15 hardware update has been tested not only for PureOS compatibility but also for Qubes compatibility to ensure our hardware fully supports Qubes’s virtualization needs. We provide technical support for Qubes on our hardware just like PureOS.

The Best Qubes Laptop: Librem 14

Librem 14

Qubes demands hardware with lots of resources and we designed the Librem 14 to be our dream laptop with many advanced security features as well as significantly more resources than past models. The Librem 14 features a 6-core tenth-generation 4.70Ghz Intel i7 CPU with two SO-DIMM slots to provide up to 64GB of RAM and two M.2 slots to support up to two fast NVMe hard drives.

Like with past laptops we have tested and validated Qubes on this hardware and offer Qubes as an OS alternative to PureOS when you place your order. The combination of the high security features of the Librem 14, our PureBoot firmware, free and auditable Embedded Controller Firmware, and Qubes makes the Librem 14 the most secure laptop you can buy.


Order Your Librem 14

Ultra-portable workstation laptop that was designed chip-by-chip, line-by-line, to respect your rights to privacy, security, and freedom.

The post Best Qubes Laptop is the Secure Librem 14 appeared first on Purism.

by Kyle Rankin at April 23, 2021 19:47

April 22, 2021

Purism

Purism and Linux 5.12

Following up on our report for Linux 5.11 this summarizes the progress on mainline support for the Librem 5 phone and its development kit during the 5.12 development cycle.

Librem 5 and Devkit updates

In order to maintain support for the devkit and the phone, we continuously update the mainline hardware description and default configuration. This category even forms the bulk of our contributions during the latest development cycle. The following changes also finally make it possible to run the mainline arm64 default kernel on the devkit with the display working. Running an unmodified upstream kernel is not only incredibly powerful for kernel development as it removes various uncertainties and reviews overhead. It’s also a big step towards ensuring long-term support of the hardware. Working on our changes together with the community is far more pleasant than being on our own. We keep working on reaching the same point for the Librem 5 phone:

Librem 5 LCD panel

The display panel drivers got updates, especially adding the Evergreen batchs’ panel:

Other additions and fixes

The following are just an error log cleanup and a preparational patch we did during working on supporting the cameras:

Code review

During this round, we contributed only 1 Reviewed-by: or Tested-by: tag to patches by other authors. This is partly due to the focus on patches to our own hardware descriptions. We want to thank everybody who reviewed our patches and helped us support the hardware in mainline Linux – especially Shawn and Krzysztof from the arm64 dts area.

Sources

Have a look at our Linux tree to see what is currently being worked on and tested (or help if you feel like joining the fun).

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post Purism and Linux 5.12 appeared first on Purism.

by Martin Kepplinger at April 22, 2021 13:47

Pine 64

It’s Time: InfiniTime 1.0

When we announced the PineTime in late 2019 we couldn’t have imagined how popular of a project it would end up becoming. From the very start, it was evident that this will be a project like no other in our lineup. Following 18 months of intense development, the InfiniTime has now reached a release version, and the development community has made a decision; the Pinetime will be introduced to the...

Source

by JF at April 22, 2021 08:17

April 21, 2021

Purism

Librem 14 First Boot

Whether you’re still thinking about ordering or if your Librem 14 is just about to arrive, this is what you can expect on first boot:

Make sure you find the included charger and any accessories you might have ordered in the box.

The Librem 14 supports our Pureboot bundle. This includes software based on Heads and Coreboot and a hardware security device called a Librem key. It’s a compelling way to verify your OS has not been tampered with.

While most GNU/Linux distros can be installed on the Librem 14, the two supported OSs are PureOS 10 and QubesOS. PureOS 10 code name Byzantium is our flagship OS with security and convenience at its core. QubesOS is a bit less convenient but adds extra software security for those that need it.

When you first boot into PureOS, you’ll be asked to set up your new users and local encryption.

After the initial setup, it’s a good idea to run updates from the PureOS store. It’s essential to run this often as security patches, and new features are added constantly.

The Librem 14 is where convenience and user freedoms come together in a 14-inch laptop frame.

Discover the Librem 14

Order now

The post Librem 14 First Boot appeared first on Purism.

by David Hamner at April 21, 2021 17:01

Tutanota

Tutanota keeps growing: Welcome Brandon and Thomas!

In 2021, Tutanota continues its growth and so does our team. Please welcome Brandon and Thomas with us! We expect that many more people will join our team here in Hanover so if you are passionate not only about privacy, but also about programming, be sure to apply with us.

April 21, 2021 00:00

April 19, 2021

Purism

Librem 14 in Pictures

We are excited that the Librem 14 is shipping, and we are so pleased with the production model that we wanted to share some brand new pictures of it inside and out:

Purism Librem 14 Motherboard LogoPurism Librem 14 Motherboard Logo

Purism Librem 14 Motherboard LogoPurism Librem 14 Motherboard Logo

Purism Librem 14 Dropdown RJ45 Ethernet Port and MotherboardPurism Librem 14 Dropdown RJ45 Ethernet Port and Motherboard

Purism Librem 14 Dual RAM Slots on MotherboardPurism Librem 14 Dual RAM Slots on Motherboard

Purism Librem 14 Ports and MotherboardPurism Librem 14 Ports and Motherboard

Purism Librem 14 Hinge and MotherboardPurism Librem 14 Hinge and Motherboard

Purism Librem 14 Dual RAM Slots, Cooling, and MotherboardPurism Librem 14 Dual RAM Slots, Cooling, and Motherboard

Purism Librem 14 Ports and MotherboardPurism Librem 14 Ports and Motherboard

Purism Librem 14 M.2 Drive and MotherboardPurism Librem 14 M.2 Drive and Motherboard

Purism Librem 14 Bottom LogoPurism Librem 14 Bottom Logo

Purism Librem 14 Bottom Logo and Fan GrillPurism Librem 14 Bottom Logo and Fan Grill

Purism Librem 14 Bottom Certs and Speaker GrillPurism Librem 14 Bottom Certs and Speaker Grill

Purism Librem 14 Bottom Rubber Foot, Regular Screw Access, and tight tolerance.Purism Librem 14 Bottom Rubber Foot, Regular Screw Access, and tight tolerance.

Purism Librem 14 Top ViewPurism Librem 14 Top View

Purism Librem 14 Closed CornerPurism Librem 14 Closed Corner

Purism Librem 14 Closed Corner and PortsPurism Librem 14 Closed Corner and Ports

Purism Librem 14 Closed with PortsPurism Librem 14 Closed with Ports

Purism Librem 14 Closed with PortsPurism Librem 14 Closed with Ports

Purism Librem 14 ScreenPurism Librem 14 Screen

Purism Librem 14 with Librem 5Purism Librem 14 with Librem 5

Purism Librem 14 Top Wide AnglePurism Librem 14 Top Wide Angle

Purism Librem 14 Top OpenPurism Librem 14 Top Open

Purism Librem 14 Purism KeyPurism Librem 14 Purism Key

Purism Librem 14 KeyboardPurism Librem 14 Keyboard

Purism Librem 14 Hardware Kill Switches and Indicator LightsPurism Librem 14 Hardware Kill Switches and Indicator Lights

Purism Librem 14 Hardware Kill Switches and Indicator LightsPurism Librem 14 Hardware Kill Switches and Indicator Lights

Purism Librem 14 Space and KeyboardPurism Librem 14 Space and Keyboard

Purism Librem 14 Multi-Language Enter and KeyboardPurism Librem 14 Multi-Language Enter and Keyboard

Purism Librem 14 TrackpadPurism Librem 14 Trackpad

Purism Librem 14 OpeningPurism Librem 14 Opening

Purism Librem 14 Camera and Dual MicrophonePurism Librem 14 Camera and Dual Microphone

Purism Librem 14 Left Front AnglePurism Librem 14 Left Front Angle

If you like what you see but you haven’t yet ordered your own Librem 14, now’s the best time to reserve your place in line!

The post Librem 14 in Pictures appeared first on Purism.

by Purism at April 19, 2021 23:09

April 16, 2021

Purism

Librem 14 Begins Shipping

We set out on a multi-year journey to build our dream laptop—the Librem 14—and today that dream is reality and is shipping.

The most secure laptop, the Librem 14 by Purism

As expected, there is a lot of demand for the Librem 14 and now that we are shipping we expect that demand to grow. We plan to reach shipping parity (the point where we have shipped all existing orders so that new orders ship within our normal 10-business-day window) as soon as possible and with the help of some overtime we have an internal goal to ship through all existing orders in May, any newly placed orders get into the ever growing queue for fulfillment in a first-in-first-out process. If you are already in the queue with a pre-order, we will confirm shipping details prior to your order being delivered.

The most secure laptop, the Librem 14 by Purism

Thank you to everyone for supporting the Librem 14, the most advanced, secure, and powerful laptop we’ve made so far.

The most secure laptop, the Librem 14 by Purism

The post Librem 14 Begins Shipping appeared first on Purism.

by Purism at April 16, 2021 15:19

April 15, 2021

Pine 64

April Update: New Developments

Before we start, I’d like to acknowledge that this community update was written collaboratively, with contributions from 7 developers. I hope that moving forward we maintain this dynamic and more developers, as well as community members, partake in the write-up process. If you’d like to participate in the next update then please make sure to reach out. Now, let’s get to this month’s news.

Source

by Lukasz Erecinski at April 15, 2021 10:55

Tutanota

Strategic autonomy in danger: European Tech companies warn of lowering data protection levels in the EU.

Today we are sending an open letter to the European Commission together with Boxcryptor, Cryptomator, Mailbox.org, mail.de, Mailfence, Praxonomy, and Tresorit to draw attention to the dangers of undermining encryption and people's privacy. Mass surveillance will not stop terrorism or child sexual abuse.

April 15, 2021 00:00

April 14, 2021

/e/ foundation

Leaving Apple & Google: 0.16 release, new study about Apple and Google data collection, new ecloud plans and pricing

Leaving Apple & Google:

  • 0.16 release
  • New research about Apple and Google data collection
  • New plans and pricing at eCloud

0.16 release

/e/OS 0.16 is a few days away from being released.

On top of the security patches from March 2021, we have included several improvements: updated Browser and Maps, improved visual components in Gallery, File Manager, Calendar, Contact, Message, Apps and Dialer to complete our interface improvements.

You can update your phone conveniently, locating ‘System updates’ in your phone settings.

As always, make sure you have the latest update running on your phone! 😉

New research from Irish university about Apple and Google data collection

A new study, published by Professor Doug Leith at School of Computer Science and Statistics at Trinity College Dublin, has put again in the spotlight the massive data collection in Apple and Google devices. Location tracking even when location services are disabled, collecting data about other phones nearby, logging events such as insertion of a SIM, phone number, IMEI, Wifi MAC address despite opting out.

The study confirmed that “even when minimally configured and the handset is idle, both iOS and Google Android share data with Apple/Google on average every 4.5 mins”. And that “when a SIM is inserted both iOS and Google Android send details to Apple/Google. Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing”.

Finally, we were pleased to be mentioned as a good option for people looking for alternatives: “With regard to mitigations, of course users also have the option of choosing to use handsets running mobile OSs other than iOS and Google Android, e.g. /e/OS Android”.

The full study is available at https://www.scss.tcd.ie/doug.leith/apple_google.pdf

Most of you reading this newsletter are already aware of these issues but most likely your friends and family not. Do your friends and relatives a favor and share, so they can see for themselves how their personal data is compromised!

New plans and pricing at eCloud

eCloud keeps on getting better with new options and better service. We have added a new 1TB storage plan for heavy users who need a large personal space for their data.

Our plans now start at 1.99€ per month for 20GB.

We protect your files using server side encryption. This data is encrypted as it gets stored on our servers and decrypted as you access it. While not a definitive solution, this is a great step forward for the privacy and security of your data in the cloud.

We have great new features coming up for eCloud in 2021, stay tuned!


SIGN UP FOR AN ACCOUNT NOW


LOG IN TO YOUR AN ACCOUNT

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!


Contribute, test & report bugs in /e/OS


Share on social media


Join the Community


Donate

by Alexis Noetinger at April 14, 2021 15:27

April 12, 2021

Purism

App Showcase: Drawing

Drawing is a simple app in the PureOS store to doodle on a digital canvas.

Image by: Michael Frankenstein

With Drawing, you can import and clip images or start from scratch and make unique artwork.

Drawing has you covered from the essential pencil tool that adds color to the more advanced filters that affect the entire picture.

Whether you need to edit an image or create one from scratch, Drawing is a handy tool for any screen size.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post App Showcase: Drawing appeared first on Purism.

by David Hamner at April 12, 2021 15:59

Tux Phones

The RUHAcam is an open-source, 3D-printed Linux camera based on Raspberry Pi

The RUHAcam is an open-source, 3D-printed Linux camera based on Raspberry Pi

In spite of its very different appearence, this project actually shares a lot with our usually covered mobile Linux devices. Firstly, because it is a fully open-source (and open hardware-ish) portable ARM device, running on the well-renowed "Raspberry Pi HQ Camera" module, based on the Sony IMX477 sensor (12.3MP, Type 1/2.3) and featuring a mainline Linux driver and a big community for optics, mods and applications. Not least because its author, Penk Chen, is a known figure in the mobile Linux ecosystem, firstly inventing the now-popular CutiePi tablet, based on the same Raspberry Pi Zero board as this project, and its Qt-based mobile friendly shell which is now being explored as viable interface for Linux tablets.

The RUHAcam is an open-source, 3D-printed Linux camera based on Raspberry PiTest shot from RUHAcam, by Penk Chen (GitHub)

Cameras have been a very reluctant element to get working in the mobile Linux ecosystem, with most sensors featuring zero or very basic support in the Linux kernel. Support for the Librem 5 Samsung sensor has taken over a year to land, and the PinePhone OV5640 sensor was not much more useful until some months ago, after the long and thoroughly documented process of getting some good quality results out of it by some volunteers.

The results obtained through RUHAcam have been posted on Twitter and GitHub, the latter at full resolution, showing - at least from a first glance - really impressive quality for a camera at such an early stage. Our hopes are that the likely success of this project will lead to better awareness and work on open-sourcing camera sensors (Sony ones alone would cover the majority of phones on the market) in the Linux kernel and providing good interfaces for professional (or, better, "prosumer")-grade mobile photography. We will leave a link to the website for an opportunity to build your own RUHAcam from scratch, or at least contemplate the city of Tokyo in full blossom in its first shots.

RUHAcam
3D Printable Retro-style Raspberry Pi HQ Camera
The RUHAcam is an open-source, 3D-printed Linux camera based on Raspberry Pi

You can follow TuxPhones on Twitter and Mastodon, or join our semi-official subreddit to have the latest news about Linux smartphones and mobile devices.

Cover picture: An exploded view of the RUHAcam

by Raffaele T. at April 12, 2021 13:25

Tutanota

How to leave Google behind: Quick guide to take back your privacy online.

For many the Internet is Google: Search, email, videos - Google is the major player in all these fields. But Google uses all data it gathers across its services to post targeted ads, and to massively profit from the data many share so freely with the Internet giant. The time has come to stop this unlimited data mining and to take back our right to privacy! Here's a quick guide how you can leave Google and Facebook by switching to secure alternatives.

April 12, 2021 00:00

April 10, 2021

Privacy Browser

Standardizing International Pricing

Privacy Browser costs $1.00 USD on the Amazon AppStore and the Galaxy App Store. In countries that use different currencies, the amount is automatically converted using the current exchange rate. Up until this point, on Google Play I had set the amounts in local currencies to be whatever was the lowest round amount allowed in that currency. But that has become complicated to maintain as the value of local currencies change over time. Additionally, it made revenue from some parts of the world significantly less than others. For example, it made a purchase of Privacy Browser in India worth about $0.10 USD.

As such, I have decided to change the pricing policy on Google Play to set the default price to $1.00 USD and allow the system to automatically convert that into an equivalent amount in local currencies. This will have the effect of raising the price in some countries and lowering the price in others (like the United Kingdom).

As an interesting side note, Google has a strong preference for prices that end in .99, while I like prices that end in .00. When Google’s automatic system converts the price for other countries that also use USD, it converts $1.00 USD into $0.99 USD.

Notice the large variation of included taxes that countries impose.

Privacy Browser will continue to be available on F-Droid and directly from stoutner.com. As an open-source program licensed under the GPLv3+, that is something that will never change.

by Soren Stoutner at April 10, 2021 21:16

NewPipe

NewPipe 0.21.1 released: EU Consent Cookie Hotfix

This is a hotfix release to bypass the new YouTube consent page shown to users in the European Union. The workaround used for this is not guaranteed to work forever, though. It may be deprecated soon.

The team is working to find a proper long-term solution to the problem.

For the non-EU users: Carry on! Nothing to see here.

Where to get this brand-new version

NewPipe notifies you about new versions. You can download them when you press the notification, which will take you to the GitHub Releases page.

If you use the F-Droid app, it, too, notifies you about updates for NewPipe. Please keep in mind that it can take F-Droid a while to update their repository. If you have problems installing you may need to uninstall NewPipe and then install it afresh. (Make sure to backup data by exporting your database from the Content settings menu.)

If you already installed NewPipe from F-Droid’s repository, to get this version of NewPipe you can do one of the following:

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version. Make sure you back up your data as mentioned in the warning at the top of the FAQ page!

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version.

Now that you’ve (hopefully) updated, please let us know what your experience of the latest release is, especially bugs in need of fixing. As usual, you can reach out to us via IRC (#newpipe on freenode), open issues on GitHub or, ideally, use our built-in crash reporter to send us machine-readable issue reports. You can even send in fixes yourself.

If you have any other questions feel free to post them in the comments here and someone will reply to you.

April 10, 2021 13:00

April 09, 2021

Purism

The Simplicity of Making Librem 5 Apps

Getting started with developing applications for a mobile platform can be a challenging task, especially when it comes to building and testing the application on the mobile device itself.

The Librem 5 makes its application development workflow extremely simple.

  • You don’t need to worry about registering a developer account with some parent company.
  • You don’t need to register your testing devices and ask the permission to a parent company just to be able to build and run your applications on those devices.
  • You don’t need to “Jailbreak” your devices in order to access some restricted software or hardware features.
  • And the best part is that you don’t need to worry about cross platform compiling because you can use the development tools directly on the phone.

The “quick start” video below that I made for the Librem 5 developers documentation demonstrates how quickly you can get up and running with making your own GTK applications on a Librem 5.

In this video, I have attached a Librem 5 to an external keyboard, mouse and monitor through a USB-C hub, and I use GNOME Builder to quickly create a new GTK application project, build it and run it on both the big desktop monitor and the small mobile screen with just a drag and drop across the screens.

Yes, I do all that with the computing power of the Librem 5 only! There are no special effects nor a hidden desktop computer. I even did the screencast recording with an external device so it shows the real speed of the Librem 5 when driving a 32″ Full HD monitor.

The post The Simplicity of Making Librem 5 Apps appeared first on Purism.

by François Téchené at April 09, 2021 16:46

April 08, 2021

Purism

Librem 14 Rave

Now that shipping of the Librem 14 to customers is imminent we should talk about some more details and enhancements we made.

Like we mentioned before the outside dimensions are almost the same as the Librem 13 was, so the Librem 14 measures: 322mm x 222mm x 17mm.
The total weight including the 4 cell battery, two SODIMMs and one M.2 SSD is about 1490gr (I am living in Germany, you have to get along with metric units 🙂 ).

A Walk Around

Let’s have a walk around.

From left to right: “Kensington lock”, HDMI, type-A USB, microSD card reader, type-C USB

On the left hand side there are four connectors: HDMI, type-A USB3.1, microSD card reader (via USB3) and one type-C USB3.1. Also on the left side is a so-called “Kensington lock” hole for one of those laptop anti-theft locks.

From left to right: 3.55mm headphone jack, type-C USB with PD and DP, type-A USB, RJ45 Ethernet, DC in, power LED

On the right hand side we have a 4mm barrel connector for 19V DC input (rated up to 120W), a gigabit Ethernet RJ45 jack with a neat flip down cover, another type-A USB3.1, a 3.5mm headphone jack and finally a full function type-C port.

Supporting Extra Screens

The full function type-C port is something new and that we are super happy about! This not only supports USB 3.1 data but also power delivery to charge the laptop and can also support the so-called type-C Display Port alt mode to attach to an external screen! So together with the HDMI 2.0 port we can now support three screens in total, the internal 14″ LCD, HDMI and type-C, all at the same time.

Three screens in GNOME display settings

Another new feature of the Librem 14 is a power state LED next to the DC input barrel connector. We implemented this so that you can see the laptop’s power state even when the LCD lid is closed, e.g. when you put it in your backpack. This LED on the outside reflects the same states as the power LED on the inside next to the hardware kill switches (HKS). But before looking at these let’s first have a look inside.

A Look Inside

The bottom case plate can be removed after removing 9 screws holding it. The bottom plate (also called D-shell) is additionally held in place by a number of plastic frame snaps. These are actually an enhancement compared to the former Librem 13 and 15 since these help to hold the bottom plate in place and shape at all times. So after carefully clicking these out you get access to the guts.

Main PCB, CPU heat pipe, fans, battery, speakers

Towards the bottom sits the pretty large 4 cell battery with the speakers to the left and right. This covers pretty much the whole space underneath the hand rest. Above that sits the brand new Purism Librem 14 main board. Center piece is the Core i7 10710U CPU covered by the copper heat pipe leading to the two fans left and right. Between CPU and the battery are the two SODIMM slots – two for faster dual channel RAM access and up to 64GB memory! To the bottom right corner of the PCB you can see the two M.2 SSD slots — and here is the problem with the 4-cell battery, the second SSD slot is blocked by it, only one is usable. Once we get 3-cell batteries we can offer a choice, either 4-cell and one M.2 SSD or 3-cell and two M.2 SSDs. But right now there is only one M.2 SSD possible. And finally to the bottom left corner of the PCB there is the M.2 WiFi/BT card.

New M.2 Slot Features

The M.2 slot for WiFi/BT also has some new features–you will probably not need them but well, for the tinkerers and future compatibility we added them anyway! So, what’s new is that we have a couple of new interfaces connected on the M.2 socket. An UART from the chipset (PCH) is conected so you can use an M.2 card with serial UART interface. The PCM audio interface is connected to the I2S interface of the chipset, some Bluetooth cards use this for Bluetooth audio (SCO). And we have SDIO connected to the chipset so that you can use M.2 cards with an SDIO interface. So to summarize all interfaces that are now supported on the WiFi/BT M.2 socket: PCIe, USB, UART, SDIO, I2S/PCM [4].

BIOS and EC Chips

For those interested, the BIOS flash chip containing Coreboot/PureBoot is the small SOIC-8 chip located right of the left fan, the flash chip containing the Librem EC firmware is located beneath the M.2 WiFi/BT card. Right next to the BIOS chip you can also see two small DIP switches (circled in red):

Main PCB, top side, BIOS and EC flash + write protect DIP switch circled in red

These are connected to the write protect pins of the BIOS and EC flash chips! With these you will be able to write protect the chips so that software can not write to them anymore. We still need to add software support for write protect so this is still work in progress. But the hardware is there! And for completeness, here is also the quite boring bottom side of the PCB:

Main PCB bottom side (the larger black chip to the bottom right is the embedded controller)

Opening the Lid

Now let’s open up the LCD lid:

Let’s go from bottom to top. First of all there is the large multi-touch touchpad, perfect for all kinds of tasks. Above that is the custom Purism keyboard with Purism key and a customized key layout, especially as it relates to special keys. Instead of cramming in tiny keys for page-up/-down, home and end we went for an approach using the Fn key, so Fn-Up serves as page-up etc. In the top row are the usual multi media keys (F7 rev, F8 play/pause, F9 fwd, F10 mute, F11 vol-, F12 vol+) along with the LCD brightness F6 down and F7 up. The keyboard backlight can be toggled with Fn-F4. And here we have a novelty for the Purism laptops, this can not just be toggle on or off! We now can support multiple brightness levels, right now we have implemented four so that you can tune it to your liking and / or ambient condition.

Hardware Kill Switches

Towards the top we have the Purism signature hardware kill switches, now with a nice silver chamfer around them. We placed the HKS on the keyboard side (instead of the side as in Librem 13 / Librem 15) to better protect the switch levers. Next to the HKS we now have two LEDs to also visually signal the state of the devices. And here I need to elaborate a bit more, because there is more to it than meets the eye.

So first of all the working of the kill switches changed a bit. The camera / microphone kill switch still severs power to the integrated web cam. But since we now have integrated digital microphones which provide much better audio quality the kill switch now also severs the power supply to the digital microphones. The 3.5mm headphone jack also supports headsets with microphones[1] and the kill switch will also cut off this.

The more interesting change is for the WiFi/BT kill switch. With the L13/L15 we used the DISABLE signals on the M.2 slot to hardware disable the WiFi/BT M.2 For this to work you have to rely on the card inserted to honor these signals. With the Atheros card we ship we are sure this is happening, but we can not guarantee this for other cards. So we changed that approach and we now cut power to the M.2 slot altogether! This will result in the USB BT device being “unplugged” and the PCIe WiFi device dropping from the PCIe bus, only to get hot plug added back again when being re-enabled again. So the big change here is that we do not rely on the M.2 module honoring the DISABLE signal but we cut power to it, so there is no way that it can get re-enabled by anything, except by your finger flipping the switch!

Controlling the WiFi LED

Next to the HKS we now have LEDs signaling their state. The LED next to the camera / microphone HKS will be on when camera and microphone are enabled and off otherwise. It is pretty much hardwired to the power supply of the camera and microphones. The LED next to the WiFi/BT LED is a bit different. This one is not only hardwired to the switch state but when the switch is on it can also be controlled by the EC. In default mode it will be on when WiFi/BT is enabled (powered) and off otherwise. With the ACPI driver [2] that we adapted for the EC [3] this LED can now also be controlled by software! It becomes a regular Linux LED:

/sys/class/leds/librem_ec\:airplane

Note: Before you start to freak about the following commandline shell examples, there will be reasonable defaults, you do not have to do anything unless you want to take over control and customize your hardware’s behavior to your wishes.

Like all Linux LEDs the LED can be assigned to a so called trigger, i.e. a Linux kernel driver that can automatically change the state of the LED based on certain events. By default the Librem EC ACPI driver will assign the “rfkill” trigger to the LED, which means that if the radio is switched off from Linux using the rfkill framework (e.g. by disabling it from the graphical user interface) the LED will also turn off! But there are more cool things you can do here, there are more triggers.

One trigger I personally like a lot is the ‘netdev’ trigger. With this trigger you can configure a network interface to monitor and if the RX or TX (or both) queue are triggering a ‘blink’ of the LED. A simple script like this:

modprobe ledtrig-netdev
echo netdev > /sys/class/leds/librem_ec\:airplane/trigger 
echo wls6 > /sys/class/leds/librem_ec\:airplane/device_name
echo 1 > /sys/class/leds/librem_ec\:airplane/rx 
echo 1 > /sys/class/leds/librem_ec\:airplane/tx

will let your WiFi/BT LED next to the WiFi/BT HKS blink whenever there is traffic on the WiFi interface. I like this a lot since it gives me an idea if I am still connected, data is still flowing and it also gives an idea about how much data. Cool, isn’t it? But you can also use it for all the other triggers that the kernel offers or control it by your very own program or script, just by writing 0 or 1 to:

/sys/class/leds/librem_ec\:airplane/brightness

Controlling the Notification LED

If you think this is fun and cool, wait for what we have next, the notification LED! It is located literally right next to the WiFi/BT LED. I talked about it a bit in our post about the EC firmware development, now it is real and working. The notification LED is in fact a triple LED with red, green and blue (RGB). Each color can be controlled individually in 255 brightness steps – not just 0 or 1. So theoretically you have 255*255*255 colors to choose from! In practice there are fewer colors since not all LEDs have a visible brightness at low levels. In particular blue is comparably dark so the color yield is a bit less. But this is pretty normal for RGB LEDs and is also rooted in the perceived brightness through the human eye, among other things. To give you an idea: to get something pretty close to a neutral white you need to set red:90, blue:200 and green:255. The three colors can be accessed through the LED interface in the sys filesystem:

/sys/class/leds/red\:status
/sys/class/leds/green\:status
/sys/class/leds/blue\:status

and brightness can vary from 0 to 255, so

echo 255 > /sys/class/leds/red\:status/brightness

will turn on the red LED to full brightness. The idea behind the notification LED is the same as what mobile phones, like the Librem 5, have: an LED to signal something while the display is off or something else is occupying the display, so that the user can see that something tries to get her or his attention. We have implemented this for the Librem 5 already and this will then also work on the Librem 14! Or you can choose to use the LEDs in other creative ways! Since access is super easy by shell script or simple program, I am sure we will see a lot of creative uses for them.

Also the notification LED colors can of course be used with triggers, with all the triggers the kernel offers, e.g. what about a nice red heartbeat, getting faster with CPU load:

modprobe ledtrig-heartbeat
echo heartbeat > /sys/class/leds/red\:status/trigger

Or the green LED in such a cool glow dimming pattern:

modprobe ledtrig-pattern
echo pattern > /sys/class/leds/green\:status/trigger
echo 0 1000 255 1000 > /sys/class/leds/green\:status/pattern

So cool!

Controlling the Keyboard Backlight

And there are more things you can control from user space the very same way, like the keyboard backlight:

/sys/class/leds/librem_ec\:kbd_backlight/brightness

You can write the actual brightness into that virtual file and the keyboard backlight will change. Since this interface is a common interface in Linux, user interfaces like GNOME pick them up, i.e. you get feedback on the screen when the keyboard backlight is toggled by the hotkey (Fn+F4) and the keyboard backlight will get switched off when the screen saver kicks in and switches off the LCD! Very nice. And GNOME remembers the backlight brightness between reboots too.

Controlling the Battery

In our last blog post we also talked about the battery charge controller and that we can set some threshold from user space. Here you go:

/sys/class/power_supply/BAT0/charge_control_start_threshold
/sys/class/power_supply/BAT0/charge_control_end_threshold

If the battery percentage falls below the start threshold and then a new charge is started, charging will stop when the battery reaches the end threshold percentage. On my Librem 14 I currently use a script and set this to:

# set default battery thresholds
echo 40 > /sys/class/power_supply/BAT0/charge_control_start_threshold
echo 95 > /sys/class/power_supply/BAT0/charge_control_end_threshold

The system fans can not be controlled from user space yet, right now, but they can at least be monitored a bit:

/sys/class/hwmon/hwmon4

We will work further on it.

The ACPI driver is on its way into PureOS as a DKMS package and we will do our best to get this into upstream Linux kernel so the DKMS will not be necessary mid-term.

Battery Life

Now with the final product in hand we can also answer another FAQ: What is the battery life? Well, of course this always depends on a lot of factors, like display brightness, if programs keep the CPU or GPU busy etc. etc. So it is pretty hard to give definitive answer to that question. But I think I can provide you with at least two data points that should give you a good idea.

With about 60% LCD brightness, WiFi connected and otherwise pretty much idle I get an estimated (!) battery life of more than 10 hours! Does this sound vague? Just an estimate? Well, yes, it always will be, your mileage will vary a lot actually depending on your use case. But I can add a second data point. I usually switch off the power strip on my desk when I leave my office–just to be sure, no rogue electronics, no unexpected “surprises” in the morning, an engineer’s desk can be a mess (and mine for sure is) so better be safe than sorry. So one night I did just that, but totally forgot that my development Librem 14 was booted up sitting there, LCD off, Ethernet connected and mostly idle. I recognized my negligence the next morning when I returned and to my surprise it was still alive! It sat there patiently all night for over 15 hours and still had 20% juice! So these approximate 10h battery time with LCD and light load seem pretty realistic to me and I am super happy about that!

Closing…

Bringing the Librem 14 to life and into your hands has been quite an adventure! And a long one too… much longer than we planned for and wanted. First Covid crushed all plans, then a CPU shortage which delayed the main board verification, general silicon shortage making sourcing parts a pain and finally issues in sourcing decent LCDs. And to top it all off this is the most customized laptop we ever built with a lot of Purism special features. Doing something the first time always has a certain risk to it, will it work out as expected?

After all these months of hard work it is with incredible joy to see all these tiles falling into place, the product taking shape and all we have planned and dreamed of becoming a reality!

And let me add in closing a brief personal anecdote. My first contact with Purism was in 2016. I was taking part at GUADEC, held in Germany that year. At that time I was, yet again, hacking on some laptop I bought some weeks before and trying to make it work as well as possible with Linux. It was so annoying having to work around tiny paper cuts in the proprietary BIOS and embedded controller which prevented some really basic things, like proper battery readings. This was not the first time I went through that pain, it was a usual thing for me every time I had to get myself a new laptop. They usually, mostly worked well but every time there were these paper cuts here and there. It was super frustrating because usually these things are trivial fixes, if you would just have access to the BIOS source code, or the EC or … you name it. I was fed up with this proprietary stuff.

And there came Purism, fighting for opening up that stuff and creating consumer devices as open and as free as they possibly can be. I had to get in touch with them!

So here we are, about five years later and I am so proud to be part of this Purism team, just having finished yet another product that heals many of these paper cut wounds. The Librem 14 offers pretty much everything that I wanted back then and I can not really describe the feeling I have right now. All these things I ever wanted to have in such a machine but never could. Now we are here. So awesome!

I very much hope you will like it as much as I do!

 

[1] Headset microphone and headset plug-in detection is not yet working. The wiring is there but there is still work that needs to be done on the software side with the codec.

[2] https://source.puri.sm/nicole.faerber/librem-ec-acpi-dkms

[3] https://source.puri.sm/coreboot/librem-ec

[4] Some of these may need additional software to work.

The post Librem 14 Rave appeared first on Purism.

by Nicole Faerber at April 08, 2021 17:14

April 06, 2021

FreeYourGadget

Gadgetbridge 0.56.1: Many improvements in support for Amazfit Neo and an official Mastodon account

This release is mainly containing culmination of work done on support for the Amazfit Neo. That includes support for firmware updating, notifications and also settings. Do note, that after updating the device to 1.1.2.52 with Gadgetbridge, there might be a strange connection issue. What you can do is: keep the watch in Gadgetbridge but remove it from paired devices in Android, then re-add again in Gadgetbridge (although it was still there).

We have enabled ongoing notifications for two popular FLOSS sports tracking apps, OpenTracks and FitoTrack. This allows you to observe notifications of an ongoing activity tracked by these apps right on your wrist. Normally, we block ongoing notifications because these could be emitted many times per second and thus cause fast battery drain and also other possible issues. It is therefore recommended to set the SettingsMinimum time between notifications to a few seconds. You can of course always block notifications of these apps completely via the regular Notification blacklist.

We have created an official mastodon account for Gadgetbridge, you can check it out and follow on https://social.anoxinon.de/@gadgetbridge.

For all user-facing changes since the previous blog post, check the following list:

0.56.1

  • Fossil Hybrid HR: Fix compatibility for older firmware revisions
  • Amazfit Neo: Implement firmware update
  • Amazfit Neo: Support setting all menu items and fix menu cycling bug
  • Amazfit Neo: Fix notifications
  • Amazfit Neo: Support sound settings
  • Allow OpenTracks and FitoTrack to send ongoing notifications
  • Make transliteration a per-device setting

by Petr Vaněk at April 06, 2021 22:00

Purism

Librem 5 News Summary: March 2021

Progress on Many Fronts

We continued to ship Librem 5s throughout March all according to plan and also continue to hunt down CPUs. As we get more hardware confirmed we will contact the next group of Librem 5 backers with their shipping estimate and at the moment our pipeline is full well into May.

Camera and Hardware-accelerated Video Support

We made a lot of progress in March on the software front. Probably the most exciting news is that after a lot of work from the team to write kernel drivers, we have gotten both the front (“selfie”) and back cameras working! With the drivers functional we can now get raw images from the camera sensors. The focus now shifts outside of the kernel and into “userspace” software to post-process those raw images, correct colors and brightness, and provide a default camera app.

What better way to announce to the Internet that the Librem 5 camera is working than with a cat picture?

A classic cat picture, taken from a Librem 5A classic cat picture, taken with a Librem 5

We have also added support for hardware-accelerated video playback using the iMX8mq’s Hantro VPU. By using the VPU instead of the CPU we save power and free up the main CPU for other tasks.

Userspace Software Improvements

Phosh (the desktop shell for the Librem 5) got additional features in March including a volume overlay, swipeable dialogs, geoclue support (adding location services), and shutdown dialogs. Phoc also released version 0.7.0 with massive stability improvements and snap-to-edge support for windows when the Librem 5 is docked.

We have also been working on SIP support to our Calls application so you can use a SIP provider instead of a cellular provider to place calls over the Internet. While the work isn’t yet complete we have made great progress toward supporting SIP, and are now working on adding this support into the user interface to make it convenient.

March also saw Nautilus, the default file manager used by GNOME, add adaptive features so it functions well on the Librem 5. You can see this in action in our sneak peek for the next version of PureOS on the Librem 5.

Blog Posts

We also published a number of blog posts and videos about the Librem 5 throughout the month of March:

What’s Next

We have completed the process of rounding up components for Librem 5 USA and once everything has arrived we hope to start production of the Librem 5 USA PCBA in April. We will also continue to ship through our Librem 5 backlog in April and hope to provide an update on the next round of Librem 5 shipments.

The post Librem 5 News Summary: March 2021 appeared first on Purism.

by Purism at April 06, 2021 17:33

April 03, 2021

Pine 64

Help us help others

During a community meetup in 2019, before the entire world got turned upside down by the COVID19 pandemic, we announced our commitment to financially support Linux and open source development as well as to promote open source software whilst contributing to closing the digital gap. I believe we’ve done good on the first portion of this commitment – over the past 12 months we made donations to 5...

Source

by Lukasz Erecinski at April 03, 2021 00:02

April 01, 2021

NewPipe

Results of European Commission and Team NewPipe's Healthcare Hackathon

The European Commission (EC), represented by Margrethe Vestager, Executive Vice President of the European Commission for A Europe Fit for the Digital Age, and Team NewPipe jointly organized a hackathon to develop new healthcare solutions, as announced on our social media accounts. Driven by the slow pace at which the vaccinations are conducted for the current worldwide pandemic, the EC asked EU’s most respected open-source app developer group, Team NewPipe, to help out with digital, privacy-respecting and open-source solutions to fix the analog world problems. Of course, Team NewPipe could not say no. Therefore, we organized a hackathon in February and March to develop new ideas to improve Europe’s healthcare.

Today, after the jury, consisting of Mrs Vestager, Christian Schabesberger, @TobiGr, and presided over by @TheAssassin evaluated the submitted projects, we proudly announce the top three projects which are going to receive a six-month funding of 100,000 EUR each.

Please beware that the following text was part of this year’s April’s fools joke. Please see @TheAssassin’s reply in the comments for more details on the context of this joke.

Winning Project: PipeTrace

How about integrating exposure notifications and contact tracing into popular open-source apps? PipeTrace got you covered! Popular open-source apps, most importantly NewPipe, shall fix what the EU failed so far: provide reliable, fully open-source infrastructure that provide those functionalities. The project team wants to implement and host a backend for the entire EU on behalf of the EC. Clients for this shall be popular apps. One of the first ones to see integration is going to be NewPipe, since we can assist with this.

This project was submitted by a team around Finnish developer Sinus Torlavds. We congratulate you and are looking to the final product!

Second place: Digital Vaccine Passport (a.k.a. “smart vaccination certificate”)

The EU recently unveiled plans to introduce so-called “smart vaccination certificates”, commonly also known as “vaccine passports”. Given the term “smart”, they shall be digital documents rather than paper. The purpose is to make travelling easier by removing requirements for vaccinated or otherwise immune people to quarantine when they return, etc. They are going to be introduced due to massive lobbying in Brussels, and despite all their disadvantages promise a slightly better future until EU’s slow vaccination campaign reaches its goal.

A submission therefore caught our attention: building an open-source vaccination certificate infrastructure, using military-grade top-notch cryptography and cloud computing to roll these out as quickly as possible, ideally before summer vacation.

Congratulations to the team around Detlef Granzow. We can’t wait to see your solution!

Third place: Applause App for Healthcare Workers

Are you a healthcare worker? Do you feel like your work was respected significantly less than it should? Last year, in the spotlight brought up by the pandemic, this was recognized by the world, and healthcare workers got what they always had deserved: a few words of thanks, followed by a round of applause of people around the world on their balconies and in the streets. Seeing how much your work means is apparently a lot better than receiving appropriate wages, or hiring more people to distribute the work in a fair way, and a lot more motivating as well.

As shifts in healthcare can be pretty hard, it would be really nice to recreate the feeling of foreign people clapping just for you on demand with something you carry around anyway, right? Therefore, the second place goes to a little team around Italian developer Giovanni Aiello. They are going to develop an open-source app which is basically one big button that plays applause for you. The majority of the budget will be used to record the applause of leaders of the world, most importantly health ministers and similar people, in studios. Then, a neural network will be fed with the data. This way, every user of the app will be rewarded their own, unique, personal applause.

Congratulations to the project team. The entire healthcare industry is looking forward to solving their unfair payment problem!

April 01, 2021 21:00

LineageOS

March 31, 2021

Purism

Snitching on Phones That Snitch On You

Our phones are our most personal computers, and the most vulnerable to privacy abuses. They carry personal files and photos, our contact list, and our email and private chat messages. They also are typically always left on and always connected to the Internet either over a WiFi or cellular network. Phones also contain more sensors and cameras than your average computer so they can not only collect and share your location, but the GPS along with the other sensors such as the gyroscope, light sensor, compass and accelerometer can reveal a lot more information about a person than you might suspect (which is why we designed the Librem 5 with a “lockdown mode” so you can turn all of that off).

One of the problems with the security measures implemented in Android and iOS is that they restrict the user as much, if not more, than they restrict an attacker. Ultimately Google and Apple control what your phone can and can’t do, not you. While these security measures are marketed as making your phone a strong castle you live inside, that’s only true if you hold the keys. As I mentioned in my article Your Phone is Your Castle:

If you live inside a strong, secure fortification where someone else writes the rules, decides who can enter, can force anyone to leave, decides what things you’re allowed to have, and can take things away if they decide it’s contraband, are you living in a castle or a prison? There is a reason that bypassing phone security so you can install your own software is called jailbreaking.

You not only don’t have much say over what Google or Apple do on your phone, but also these security measures mean you can’t see what the phone is doing behind the scenes. While you might suspect your phone is snitching on you to Google or Apple, without breaking out of that jail it’s hard to know for sure.

Your Phone Snitches On You

It turns out if you did break out of jail and monitored your phone, you’d discover your phone is snitching on you, constantly. A research paper just published by Douglas J. Leith at Trinity College in Dublin Ireland says it all in the abstract (emphasis mine):

We investigate what data iOS on an iPhone shares with Apple and what data Google Android on a Pixel phone shares with Google. We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins. The phone IMEI, hardware serial number, SIM serial number and IMSI, handset phone number etc. are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this. When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing.

I should note that both Google and Apple dispute some of the findings and methodology in this paper which you can read in reporting by Ars Technica. Yet I should note they don’t seem to dispute that they do this (because they claim it’s essential for the OS to function), they only quibble over how much they do it, how much bandwidth is used, and how much the user can opt out of this telemetry. Even more telling is Google’s defense in the article, which perfectly summarizes how they view the world:

The company [Google] also contended that data collection is a core function of any Internet-connected device.

Just to underscore the point, we aren’t talking about the massive privacy issues with apps on your phone that snitch on you to app vendors, instead this study focused just on what the OS itself does, often in the background while idle, or while doing simple things like inserting a SIM card or looking at settings. Also, the data that is being shared uniquely identifies you (including your IMSI and phone number, IP and location) and your hardware (IMEI, hardware serial number, SIM serial number).

How to Snitch On Your Phone

The Librem 5 runs PureOS and not Android nor iOS, and Purism is a Social Purpose Company that puts protecting customer privacy in our corporate charter. We treat data like uranium, not gold, and don’t collect any telemetry by default on the Librem 5 phone just like we don’t on our other computers. The only connection a Librem 5 makes to Purism servers is to check for software updates and you can change that by pointing to one of our mirrors or you can disable the automatic checks entirely. In that communication all we get is a web log of an IP address and any software you may have downloaded, the same information you share when you visit any other website. We do not capture unique identifying data (like IMEI or other hardware serial numbers) that links that traffic to you and your phone.

In general the Librem 5 only talks to the Internet when you start an application that needs it. All of the applications we install by default respect your privacy and applications within PureOS do as well. Because everything in PureOS is free software, if an application wanted to violate your privacy they’d have to do it out in the open in the source code, and if someone didn’t like it, they could fork the code and publish a version without that telemetry.

That said, there are some applications you can install like Firefox that do collect telemetry by default. While you could audit the source code to look for anything sketchy, it would be even better if you could just monitor all of the outgoing network connections your applications make and block any you don’t like. While we think you should trust us when we say Purism doesn’t spy on you, we also think you should be able to verify our claims and protect yourself. This is where a tool like OpenSnitch comes in.

OpenSnitch

OpenSnitch is inspired by a similar program on MacOS called Little Snitch and it acts as a firewall for a desktop user. Unlike traditional firewall tools that were designed for servers and mostly concerned with incoming connections, OpenSnitch works on the principle that the larger threat on desktops isn’t incoming connections (since desktops rarely have open ports anyway) but outgoing connections. On a desktop an attacker trying to connect to a vulnerable network service is a relatively low threat. A much larger threat is an application that gets compromised (or added sketchy features that haven’t been caught in a code audit) that starts making unauthorized connections out to the attacker’s servers.

While OpenSnitch isn’t yet packaged for PureOS, I’ve been evaluating it on my Librem 5 for a few weeks now. Even though I’m running the regular desktop version of OpenSnitch, it works surprisingly well on the Librem 5 and while the interface is complicated with lots of tabs and tables, it actually fits well on the screen already.

Main OpenSnitch window, displaying outgoing traffic

OpenSnitch monitors all new outgoing network connections and alerts you when something new shows up it doesn’t already have a rule for. The alert shows which application is making the connection, where it is connecting, and on which port. You can then choose to allow or deny the connection, and whether to apply this rule forever, until the next reboot, or for a number of minutes. There is also a 15 second countdown timer that will deny the connection after it times out. The idea here is to protect your computer from unauthorized outbound connections when the computer is unattended.

OpenSnitch warning about Firefox connecting on localhost port 8080

You can also click the + button and fine-tune the rule. This can be handy if you want to allow a program to access DNS regardless of what it’s looking up, so you can just select port 53. You can even restrict a rule so it only applies to a particular user on the system.

OpenSnitch is a really powerful tool but software like this requires a lot of time spent training the firewall, and can sometimes cause odd app errors until you realize the firewall is just doing it’s job. It would definitely benefit from a set of “known good” baseline rules you could apply so you only get prompted for the real outliers. Because of this I don’t know that it’s something the average user would want to install by default, but it’s definitely something useful for people facing more extreme threats.

This would also be a great tool for an IT organization to deploy throughout a fleet of computers along with custom rules that factor in their known good services. It would add an additional layer of protection that would be relatively seamless for their employees.

A Phone That’s On Your Side

A phone that snitches on you and sends a trove of personally-identifying data back to the vendor every few minutes, even if it’s idle, is not on your side. A phone that’s on your side helps you snitch on them. A phone that’s on your side honors your opt-out requests and ideally requires you to opt-in to anything that risks your privacy. A phone that’s on your side doesn’t collect your data, it protects it.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post Snitching on Phones That Snitch On You appeared first on Purism.

by Kyle Rankin at March 31, 2021 21:01

March 30, 2021

Fairphone

The world’s first carbon-negative phone network? Meet Honest Mobile.

At Fairphone, we don’t just want to make a fairer phone: we want to make a fairer electronics industry. This isn’t something we can do alone; as Louisa May Alcott wrote, “it takes two flints to make a fire”. Today, we are thrilled to announce our latest partnership that’s fanning the flames of positive change: we’re joining forces with Honest Mobile, the world’s first carbon-negative phone network!

What makes Honest Mobile different?

On average, we pick up our phones 58 times a day – just to send a quick email, chat to a friend or watch a new video. Every time we use the internet, we need to use energy to run the data centers and servers that carry our information around the world. All of this adds up and current reports estimate that the use of electronics, including the systems that support them, are responsible for around 3.7% of greenhouse gases released. That’s about the same amount as the airline industry, one of the worst contributors to the climate crisis!

That’s why Honest Mobile decided to try doing things differently – they offset DOUBLE the amount of CO2 emissions generated by their customers’ phone use, manufacturing and daily charging as well as the running of Honest Mobile HQ. They calculate their emissions each month and then offset double the CO2 by planting trees- lots and lots of trees!- with On A Mission and TreeSisters – and will soon add Direct Air Capture and Biochar to their offsetting portfolio. On top of their carbon offsetting, they are also working with TreeSisters to plant one million trees. Honest Mobile users can even track how many trees they have planted in the Honest Mobile app.

 

This is a game-changing approach for a mobile network. By taking responsibility for potential negative impacts, Honest Mobile is showing how business can be a force for good in our industry!

What about Fairphone’s carbon footprint?

Reducing the carbon footprint of mobile networks is only one part of the problem. By 2040, communication technology will account for 14% of the global environmental footprint. A phone’s biggest environmental impact comes from the manufacturing process, which produces 50kg or more of CO2 equivalent per device. In other words, the longer you keep your phone, the more sustainable it becomes. Extending the lifespan of smartphones from the standard 2-3 years to at least 5 years is the best strategy for reducing their related CO2 emissions and impact on the entire planet.

By focusing on simple DIY repairs, replaceable parts, modular upgrades and extended software support, we’re helping our customers to use – and enjoy – their Fairphones for as long as possible, all while reducing CO2 emissions. Combining our approach with Honest Mobile’s carbon negative network is the perfect match!

Business as a force for good

By happy coincidence, we’re announcing this new partnership during B Corp Month – a time to recognize and celebrate companies that use business to create positive social and environmental impacts. Both Fairphone and Honest Mobile are proud B Corps – in fact, Fairphone was the first B Corp certified company in the Netherlands.

Systemic change can feel like an uphill battle, and making the world of electronics and smartphones fairer needs teamwork and collaboration. Being part of the B Corp community, with other motivated and like-minded businesses, makes it easier to take on such big challenges. After all, “alone we can do so little; together we can do so much” (Helen Keller).

The post The world’s first carbon-negative phone network? Meet Honest Mobile. appeared first on Fairphone.

by Luke at March 30, 2021 14:19

Tux Phones

Tens of Nvidia Tegra devices now run mainline Linux thanks to the "grate" project

Tens of Nvidia Tegra devices now run mainline Linux thanks to the

Nvidia chips and the Linux community have not always been known for a friendly attitude between each other. In a famous talk by Linus Torvalds, which may appear slightly too offensive to be reported directly, the Linux creator defined it "the single worst company [they had] ever dealt with". While the situation has become increasingly better in the last years, so that (proprietary) drivers are shipped for most new Nvidia cards, the stigma of Nvidia as being an incompatible company with the open source philosophy still burdens the company.

What concerns this post, however, is rather a coincidence than anything related to Nvidia supporting Linux or not. Before the age of Snapdragons, more or less between 2011 and 2013, Nvidia Tegra chips were the leading "high-end" series for phones and tablets, satisfying both mobile gamers and casual users. This brought to this class of relatively fast and efficient processors (usually grouped as Tegra 1, 2, 3 and 4) being adopted by many devices, especially Android tablets, including the famous ASUS "Transformer" series of laptop-aspiring, keyboard-equipped machines, as well as most Acer tablets and phones, higher-end Samsung tablets and many others. The big news is that support has finally landed, thanks to very hard work by the #tegra IRC members, with developers such as David "okias" Heidelberg, Dmitry "digetx" Osipenko and many others working regularly to port first the main Tegra SoCs to mainline Linux, then many of the internal peripheral or devices, up to a point of near-complete support.

As I have been told by a developer of the popular ASUS Transformer fork, it was not one year ago that the Nvidia Tegra 2/3 series was not bootable at all in the project. As of today, at least 9 devices powered by this chip are already ported to postmarketOS with full mainline support - meaning the number of Linux-running devices outside of the main repository is likely to be higher:

  • Acer A500 Iconia Tab
  • ASUS TF201 Transformer Prime
  • ASUS TF300 Transformer Pad
  • ASUS TF700 Transformer Pad Infinity
  • Google Nexus 7 2012
  • Medion S9714 Lifetab
  • Pegatron Chagall
  • Samsung Captivate Glide
  • Samsung Galaxy Tab 10.1

Furthermore, many other potentially supported devices could bring this number much higher once board trees are written:

  • Google Nexus 9 (Tegra K1)
  • HP Slate 21 (Tegra 4)
  • Nvidia Tegra Note 7 / HP Slate 7 Extreme (Tegra 4)
  • Asus TF701 Transformer Pad (Tegra 4)
  • ...and many others

The "chain" of Linux-enabled devices has accelerated quite fast, since the extremely friendly and skilled community (which assisted me personally in porting my tablet from zero to full support) and very thorough analysis to recognize similarities between the hardware configurations of the device boards brought, for example, to as much as four new tablets (ASUS TF201, TF300, Pegatron Chagall/Fujitsu M532 and Samsung Galaxy Tab) being accepted in the last month in the official postmarketOS repository, with such "invasion" of Tegra devices bringing them to constitute a relevant share of the postmarketOS "mainlined" (read: properly supported) devices.

Tens of Nvidia Tegra devices now run mainline Linux thanks to the The popular Asus Transformer TF201 running mainline Linux

The project, informally named grate (in which the mainline kernel tree is found) started with the intent of open-sourcing Tegra chip internals, including their GPU. While graphics (OpenGL, etc.) are still lacking, the latest progress includes initial work on 2D hardware acceleration (so far Xorg-only, so no super-smooth Phosh or Plasma Mobile) for the internal GeForce ULP GPU, which would lead to smooth hardware acceleration, since the capabilities of this card still exceed that of some Mali chips of later phones. Which would be a rare case, considering how even traditional "mainlined" devices cannot usually boast open drivers for the built-in GPUs.

The relatively clean design of Tegra boards means that support can be considered generally higher to that of concurrent silicon makers such as Huawei (Kirin) and Samsung (Exynos), perhaps even a little above the fragmented realms of Qualcomm chips, some of which are over-engineered to the point that no mainline kernel exists in spite of the larger community behind them.

In other words, if you have a Tegra2/3/4 device in your drawer, you are probably the owner of a mainline Linux phone or tablet, although the hardware may seem a bit old. Regarding this matter, asking yourself how usable the system actually is is totally justifiable. The answer, from our tests, is: it depends. 1GB of RAM of the older Tegra devices is quite a bottleneck for many user interfaces, and apps such as 400+MB-heavy Telegram Desktop tend not to go that well alongside equally heavy desktops such as GNOME. However, for basic tasks the feel is still surprisingly smooth on lighter desktops such as MATE, and even LibreOffice is quite usable for normal documents.

On the other hand, web browsing feels painful on modern browsers such as Firefox (which tends to crash due to low RAM) or Epiphany (which technically works, but gets easily laggy on heavier pages). So either you own a higher-specced tab, like those later models with 2GB RAM, or you may have a hard time using these devices beyond basic tasks like text processing, media playing, low-power web servers and basic games. Which, we would argue, is still a lot.

Cover picture: My Fujitsu M532 running postmarketOS in December 2020

by Raffaele T. at March 30, 2021 07:00

March 29, 2021

Privacy Browser

Discontinuing Privacy Browser ROM Integration

Several years ago I was approached by the the developer of the a custom ROM for the Sony Xperia Z1c about creating a ROM integration file to make it easier to integrate Privacy Browser as the default browser on custom ROMs. I was happy to oblige, and have maintained the Privacy Browser ROM Integration repository since that time. At the end of 2020 that ROM was discontinued. As I am not aware of anyone else using this integration file, I am going to discontinue it as well. If someone is using it, please contact me and I will be happy to continue maintaining the repository.

by Soren Stoutner at March 29, 2021 19:25

Privacy Browser 3.7

Privacy Browser 3.7 has been released. It includes a major refactor of how Privacy Browser interacts with the Android file system. Beginning with Android 11 (API 30), Android is enforcing new storage restrictions called scoped storage. Under scoped storage, the Storage Access Framework allows apps to access files without requiring the READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions. It does this by requiring that every interaction with a file requires the user to directly interact with a system UI to grant access for that action. This means that the user needs to press the Browse button for every download or other file action. It also means that the default download location was removed from the settings as it now no longer has any function.

The URIs returned by the system browser start with content:// instead of being direct file paths.

Not very descriptive of the actual location.

With the change to using the Storage Access Framework, Privacy Browser can bump the target API to 30 and remove the READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE permissions. This has been an important goal for a while, and I am quite pleased to finally accomplish it. If a webpage were to exploit a weakness in Privacy Browser and run arbitrary code (in almost all cases, this would be because of a flaw in the JavaScript engine—don’t run JavaScript on untrusted websites), then previously it could read and write any public file on the phone. Now it would be limited to the information the exists in the Privacy Browser app unless it were also able to exploit a separate bug in the Android OS to gain system level permissions. Defense in depth.

Unfortunately, WebView’s save web archive functionality does not currently support the Storage Access Framework. As such, that feature has been temporarily removed from Privacy Browser. I have submitted a couple of bug reports to Google. Hopefully it is something they choose to address.

About > Permissions has been updated to reflect the change in permissions, as well as to update the list of permissions automatically added by AdMob for the free flavor. Quoting from the updated text:

Run at startup
android.permission.RECEIVE_BOOT_COMPLETED

Lets AdMob start when the phone boots even if you don’t open Privacy Browser Free. This is a concerning permission because it can allow Google to spy on you. I would either like to find a different ad provider or drop the free flavor of Privacy Browser entirely.

When downloading files, the snackbar used to display the download percentage and the file path. With the change to the Storage Access Framework, the file path is now nearly useless. Hence, the snackbar has been updated to display the download percentage, the downloaded and total bytes, and the URL being downloaded.

When downloading files with an unknown file size, only the downloaded bytes and the URL are displayed.

Metager has been added to the list of search engines. There is also a feature request to consider making it the default homepage and search engine, but it does not yet rise to that level, as described in the feature request itself. Those interested in this decision process will also be interested in reading the requirements for being included in the list of search engines.

Options are good.

A bug was fixed that caused Privacy Browser to use the installation status of Orbot to determine whether to display the warning about I2P not being installed. Hence, if a user had installed I2P but not Orbot, they would still see this error message when attempting to proxy via I2P.

Incorrect!

Previously, in dialogs with radio groups, the icons and the radio buttons were misaligned if the descriptive text wrapped to multiple lines. That has been fixed.

The URL bar is now updated when switching tabs even if it is currently being edited. This used to cause problems if the URL was being edited, then Privacy Browser was placed in the background and a URL was loaded from another app that created a new tab in Privacy Browser.

The password can now be displayed in the HTTP authentication dialog.

Tapping the eye icon toggles password visibility.

A number of rare crashes were fixed. Also, a bug was fixed that caused the navigation menu hamburger menu to turn into an arrow if the drawer was opened when the app was restarted.

One of these things is not like the others.

The main options menu code was optimized so it can open more quickly.

The Brazilian Portuguese translation was updated by Thiago Nazareno Conceição Silva de Jesus, the French translation was updated by Kévin L. The German translation was updated by Bernhard G. Keller. The Italian translation was updated by Francesco Buratti. The Spanish translation was updated by Jose A. León. The Russian translation was also updated.

The next release of Privacy Browser will (as long as I can make it work well) include the option to move the app bar to the bottom of the screen.

by Soren Stoutner at March 29, 2021 17:48

March 26, 2021

Purism

Librem 5 and Librem 5 USA: What are the Differences?

We sometimes get questions from customers who are trying to decide between the Librem 5 and Librem 5 USA, such as whether someone living in the USA must buy a Librem 5 USA (Answer: both Librem 5 and Librem 5 USA work in the US) or whether the Librem 5 is $1999 (Answer: the Librem 5 is $799, the Librem 5 USA is $1999). If you are trying to decide between the two phones and want to understand what makes the Librem 5 USA a premium product, in this post we’ll highlight the differences between the two.

What’s the Same

Librem 5 and Librem 5 USA have the same Purism authored schematics, Industrial Design (ID), and Mechanical Design (MD), they both run the same firmware, kernel (Linux), operating system (PureOS), and applications from the PureOS Store. Both products are from Purism, a US-based Social Purpose Company. Both phones work in all the regions of the world by using a removable region-specific modem module included and installed in the phone.

Trust & Verify

Both the Librem 5 and Librem 5 USA have public schematics (they’re the same schematics, since they’re our schematics) for public verification. They both have X-rays released after manufacturing of the PCBAs to verify hardware chips and placement. Both phones are fully Purism designs top-to-bottom. Both phones have all source code released for reproducible verification of no tampering and public verification.

What’s Different

The core differences between the products are based on the Librem 5 being contract manufactured in China while the Librem 5 USA is manufactured at our facility in Carlsbad, California.

Librem 5

The Librem 5 PCBAs (the two boards inside the chassis) are manufactured in China. The PCBAs are then assembled into the Librem 5 Chassis, and imported to our facility in the USA for final assembly, flashing, testing, and fulfillment.

Librem 5 USA

The Librem 5 USA PCBAs are manufactured in our facility in Carlsbad, California—therefore are Made in the USA Electronics—for a secure hardware supply chain in the USA. The PCBAs are then assembled into the Librem 5 Chassis (engraved with ‘USA’ on its side), and have final assembly, flashing, testing, and fulfillment all done at our Purism facility.

The immediate benefits of the Librem 5 USA are to support US labor laws, Made in USA Electronics, secure hardware supply chain, and US manufacturing.

Price

The Librem 5 is $799 while the Librem 5 USA is $1999

Both are Great

Regardless of which product you choose, you will end up with a phone that’s on your side, designed from the bottom up to respect your freedom and protect your privacy and security.

The post Librem 5 and Librem 5 USA: What are the Differences? appeared first on Purism.

by Purism at March 26, 2021 16:37

NewPipe

NewPipe 0.21.0 released: What? NewPipe is evolving!

Make way for the MVP!

Welcome to a brand new release of NewPipe! We fed NewPipe lots of Rare Candies, and after quite a long while, NewPipe learned an awesome new attack: Bandcamp! This was added by @fynngodau, who patiently waited for a year and some months it took us to review, test, forget, double-review, double-test and merge his changes. Please check it out and tell us if you encounter any bugs!

Note: Not everything is working yet (such as fan pages and comments), but the essentials are more or less there. Please open issues on Github for bugs or feature requests, and make sure to follow the template!

Most importantly: enjoy using Bandcamp!

New

Bandcamp

We’ve been quite excited to present this to you. Apart from being a service that provides you high quality music albums (and by high quality we mean lossless!), Bandcamp also has the distinction of keeping all its music DRM-free! This means that you can freely download albums and tracks you buy, and transfer your music wherever you want. You truly own what you buy. This is unlike services like iTunes, which only let you play the music on specific devices using specific players which are approved by a company.

Improved

  • @B0pol added a setting for the app to follow the device theme. You can also specify if you want your dark theme to be just dark or pitch black.

  • @Stypox (da BAWSE) implemented a SERIOUSLY improved error panel in the app, which is now treated like a new page in your navigation history. This means NO MORE LOSING YOUR ENTIRE BROWSING HISTORY IF YOU ENCOUNTER AN ERROR! Woohoo! So if you are on your 15th video in a series of procrastination impulse watches, and opening the 16th video leads to an error, you can simply… tap back, and you’ll go right back to the 15th video. The error report screen you normally encounter immediately upon getting an error is now hidden behind a Report button, which is again treated like just another page in the navigation history. Oh, and there’s also a shiny new Retry button. You know, in case whatever you were trying works in the second go. Or 3rd. Or 50th. There’s really no upper limit to this. Go crazy.

  • Tired of seeing that stupid “Video not available” message that so many videos are prey to, and having no idea why they don’t work? Fear not, for @TiA4f8R is here to save the day! The app now lets you know if the video/audio you’re unable to open is georestricted, age-restricted, private, paid, or only available to premium users. This only applies to YouTube and SoundCloud for now, because the other services don’t have such restrictions.

  • @mbarashkov added the ability to toggle between play/pause with a hardware space button (such as when using scrcpy or a Bluetooth keyboard) if the player is in full screen.

  • @WoodyMats added a toast to inform the user that a download has started.

  • @FireMasterK changed NewPipe’s User Agent to match Tor Browser’s. This will help prevent tracking by services.

  • @TiA4f8R added a workaround to enable NewPipe to play HLS tracks on SoundCloud! This essentially means that in addition to the usual 128kbps MP3 stream, you can also choose to play a 64kbps Opus stream! Data-savings-without-any-loss-in-music-quality for the win!

Fixed

  • @TobiGr fixed the too-small-thumbnails problem that sometimes cropped up (hehe, geddit? “cropped up”) in the video details screen.

  • @TobiGr also fixed the wrong/empty title being shown in the mini player when a series of streams was started in the background player.

  • @TobiGr (clearly the fixer-upper of this version) also fixed the aspect ratio not being stored correctly (Fit/Fill/Zoom). Now this works as users expect it to.

  • @TobiGr (what did we tell you?) fixed the same error as above, but for Youtube Mix playlists.

  • @Stypox fixed the error/infinite loading on the Trending kiosk.

  • @TobiGr also fixed playlist extraction on PeerTube.

Nerd Talk

  • @Isira-Seneviratne updated the PrettyTime library and adjusted the app code accordingly, also eliminating the need for a workaround in the process.

  • The ExoPlayer library was updated from version 2.11.8 to 2.12.3 by @Redirion, along with related app code.

  • @XiangRongLin added the Sonar plugin to the project, which automatically finds and reports mistakes in the code. This will be quite helpful when reviewing PRs, as it will take some burden to check the code for correctness off the developers. You can read more about Sonar here.

  • @XiangRongLin fixed some more extractor tests for YouTube, SoundCloud and PeerTube.

  • @XiangRongLin also made some tests skippable in certain scenarios where they were not needed to be run.

  • @TobiGr temporarily disabled some tests for media.ccc.de that weren’t working.

Where to get this brand-new version

NewPipe notifies you about new versions. You can download them when you press the notification, which will take you to the GitHub Releases page.

If you use the F-Droid app, it, too, notifies you about updates for NewPipe. Please keep in mind that it can take F-Droid a while to update their repository. If you have problems installing you may need to uninstall NewPipe and then install it afresh. (Make sure to backup data by exporting your database from the Content settings menu.)

If you already installed NewPipe from F-Droid’s repository, to get this version of NewPipe you can do one of the following:

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version. Make sure you back up your data as mentioned in the warning at the top of the FAQ page!

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version.

Now that you’ve (hopefully) updated, please let us know what your experience of the latest release is, especially bugs in need of fixing. As usual, you can reach out to us via IRC (#newpipe on freenode), open issues on GitHub or, ideally, use our built-in crash reporter to send us machine-readable issue reports. You can even send in fixes yourself.

If you have any other questions feel free to post them in the comments here and someone will reply to you.

March 26, 2021 16:00

March 25, 2021

Fairphone

Redefining longevity: Android 9 now available for Fairphone 2

It all started with a spark of inspired optimism: We can change the electronics industry for the better, by becoming a part of it. Setting new standards and reshaping an entire industry was going to take serious, long-term commitment.

This year is a milestone for us, and you, as it marks 5 years of continuous support of the Fairphone 2. It is also one of the few Android smartphones sold in that year (2015), to still receive continued software support. It might not seem like a big deal, but trust us, it is. This is the only smartphone to receive an upgrade to Android 9 and we had to build the operating system without any support from chip-maker Qualcomm.

Out with the old, in with the new?

According to market research firm Kantar Worldpanel users in Europe kept their phones for an average of 2-3 years in 2018. Our ambition is to provide you phones that last a minimum of 5 years. The reason is simple: the longer you keep your phone, the lower its environmental footprint. This constant push for the latest device means that over one billion mobile phones are sold worldwide every year. That also means more discarded phones. While only 20% of these discarded phones are recycled, it’s no surprise that electronic waste (e-waste) has become the world’s fastest-growing waste stream.

 

We started Fairphone with a mission: to encourage smartphone longevity by disrupting the electronics industry from the inside. We know that fairness is possible, but it will take the broader industry jumping on the bandwagon, taking responsibility and driving as well as demanding change. At Fairphone, we strive to make the most of the materials used in our products. We’re moving closer to a circular economy by using materials from more responsible sources, emphasizing reuse and recycling, and designing our phones to last as long as possible. This birthday signifies our commitment to you and to our supply chain.

Why the Fairphone 2 just works

The FP2 was the first modular phone. It was a revolutionary concept for the electronics sector that hadn’t been done before. However, producing the first modular phone presented new challenges in the supply chain. While the modular design enables users to easily repair their phones with spare parts, thus extending its lifespan, the availability of those parts becomes crucial. In fact, recently we ran out of stock of the bottom modules due to this very issue. Understanding this aspect was key and we had to continuously tweak our process, jumping over hurdles to make sure we had enough spare parts available, even once production of the phone ended.

 

Aside from spare part challenges, we bumped up against the goliath: software updates. In the past, we had to keep working with chipsets that no longer support the latest software. But against all odds — with the help of so many dedicated community members — we persisted, overcame these challenges and were able to provide FP2 users with software updates. We effectively use a DIY style to keep the FP2 going strong, enabling people to increase their phone’s longevity.

Who’s counting?

To get to where we are today, we had to go through approximately 477,000 Google tests and pass them all in order to get the certification. That’s a huge achievement for us. Not that we were counting. Ok, we were. Wouldn’t you?

So in proper fashion, we are celebrating the 5th birthday of the Fairphone 2 by baking a cake, eating it, and then getting back to work ensuring fairness is present across the electronic, mining, and recycling industries. Not to mention the continued software support for our phones. It’s a big job but somebody has to do it, and we don’t mind being front-runners. As long as the rest of the electronic industry follows along.


The Android 9 roll-out starts today, March 25th, and will continue until April 18th. Since this is such a significant step for us, we want to ensure the update goes smoothly. This staged roll-out helps us monitor the release deployment and react more efficiently, in case of any hiccups.

The post Redefining longevity: Android 9 now available for Fairphone 2 appeared first on Fairphone.

by Agnes at March 25, 2021 11:25

Tutanota

Fixed vulnerability in Tutanota

On February 25 we identified a possible Cross-Site Scripting (XSS) vulnerability on one of our webpages separate to our webmail client, desktop and mobile apps, which deals with processing payment information from our payment provider Braintree. We immediately published a server-side fix to remove the vulnerability and updated clients with the next release.

March 25, 2021 00:00

March 24, 2021

Purism

Sneak Peek of the Next PureOS Release on the Librem 5

With the next release of PureOS, code-named Byzantium, just around the corner, let’s give you a sneak peek of what you can look forward to.

Encryption

Disk encryption will allow for the root disk to be password protected. With this setup, you’ll be asked to decrypt your device before it continues to the phone shell.

Byzantium OS Intro

The default lineup of preinstalled apps is not finalized but is growing. For now, this is what it looks like.

Everything is newer; This release uses the more recent base of Debian Bullseye. On top of that, the codebase between phone, laptop, desktop, and the server will be shared. There was a special repository for the phone that contained additional adaptive applications in the previous release. From this release on, the desktop and phone will use the same adaptive apps and packages.

Files

Also new in this release is the adaptive file manager. Now you’ll be able to manage your home directory with ease.

Other New Apps and App Features

Video decoding using the onboard Video Processing Unit is planned to land in Gnome Web soon. Once added, the Librem 5 will play videos for longer and stay cooler while streaming from the browser.

GPS and Gnome Maps are planned to be supported.

In this release, you can uninstall even the default apps giving you full control of what software runs on your device.

Flipping the camera/microphone hardware killswitch will come with UI feedback.

KDE applications work much better out of the box. This gives users, and developers access to QT tools on top of the default GTK UI toolkit.

Settings

The device settings has many more options and we are working with the community to finish up making these additional settings adaptive.

For those familiar with other platforms, Applications should be very familiar. You can search through your installed apps and manage any Integration settings they might have.

Users with impaired eyesight can look forward to a high contrast mode. We are putting the finishing touches on support in Phosh, but most apps respond well to the high contrast mode.In this release, it’s also possible to test a Screen Reader, giving users audio feedback as they navigate the UI and applications.

Other desktop environments

Desktop-only software isn’t desktop-only anymore. With a few commands, you can install and startup a plasma session on its own screen.

#install 
sudo tasksel install desktop kde-desktop
sudo apt install plasma-wayland-protocols plasma-workspace-wayland kwin-wayland-backend-fbdev kde-standard

#run
sudo systemctl stop phosh
export WAYLAND_DISPLAY=wayland-0
startplasma-wayland --framebuffer --fb-device /dev/fb0 &#or fb1 to select the screen you want it on
plasmashell

Or start KDE like an app from within Phosh.

#login to Phosh and run
plasmashell

If you’re looking for a classic interface, you can start Mate on the onboard screen.

#mate on PureOS 10
sudo apt install xinit xorg xterm x2x mate

#run X11
sudo systemctl stop phosh
sudo xinit -- -masterfd 9 9<>/dev/dri/card1 &
export DISPLAY=:0
mate-session

While there are too many interfaces to go over here, you can spend hours exploring what each one feels like on the go.

#Other desktops that could be fun:
tasksel# Gnome Xfce Cinnamon Mate LXDE LXQT

This new release of PureOS is already used on the Librem Mini v2 and our Librem 14, and will be made available for your Librem 5 soon.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Order now

The post Sneak Peek of the Next PureOS Release on the Librem 5 appeared first on Purism.

by David Hamner at March 24, 2021 16:53

/e/ foundation

Leaving Apple & Google: Ask Me Anything session with Gael Duval, /e/ 2021 Roadmap part I, ecloud is getting new apps

Leaving Apple & Google:

  • Ask Me Anything session with Gaël Duval
  • /e/ 2021 Roadmap part I
  • Ecloud is getting new apps

Ask Me Anything session with Gaël Duval on Reddit

Tune in to Gaël Duval, project founder, on Reddit for a 3 day Ask me Anything discussion as he exchanges with the r/Privacy Community, a group focused on the intersection of technology, privacy, and freedom in a digital world.

It’s a great way to connect and ask your burning questions about his work, the /e/ project and more.

He will be hosting this event from Friday, March 26th at 9AM to Sunday 28th.

Make sure you follow him on Twitter and Mastodon, so you don’t miss the kickoff!

/e/ 2021 Roadmap part I

In case you missed it, read about where we’re at and where we’re going at /e/ in 2021!

Gaël Duval talks about the part /e/ wants to play in creating a better digital world and what you can do to help.

Ecloud is getting new apps

Did you know you can control which applications are available on your ecloud.global account? Read our How-To guide to find out how to disable apps that you don’t need and make sure the ones you want are front and center!

Use Carnet to stay on top of things, take notes and make lists, sync them between your devices and keep them organized!

You can now integrate a News app, an RSS/Atom feed reader for Nextcloud which can be synced with your mobile device.

With the Bookmarks web interface, collect, organize and share bookmarks to the sites you want to keep on hand.

Use Deck to add your tasks to cards and organize them for better personal planning and project organization for teams. Assign tasks, add labels and due dates and share!

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community

Donate

by admin at March 24, 2021 16:09

Tutanota

Encrypted email since 2014: Enabling people around the world to communicate in private.

Seven years ago, we have published the first beta version of Tutanota, the privacy-friendly email alternative with a strong focus on security and open source. Our mission is to stop state and corporate surveillance by providing a mailbox that encrypts everything by default. By staying true to this mission we have enabled millions of people to leave AdTech and make a fresh start with a secure and ad-free mailbox.

March 24, 2021 00:00

March 22, 2021

Purism

Librem 14 Security Features

The Librem 14 was designed based on a long wishlist we made to build our dream laptop. When we first announced the Librem 14 we stuck to the features we knew for sure would be part of the first revision. Over the next few months as we worked through prototypes we were able to announce new features such as dual RAM slots and a number of exciting security features. While these features are mentioned on the Librem 14 product page, I thought it would be useful to collect all of the security features of the Librem 14 into a single place.

Hardware

Our previous Librem laptop lines touted a number of unique hardware security features and we have learned many lessons over the years as we use the hardware ourselves and get feedback from security-minded customers. With the Librem 14 we have been able to improve hardware security across the board.

Hardware Kill Switches

Our most famous hardware security feature is our hardware kill switches (HKS), a set of physical switches that disables the webcam and microphone, or WiFi, in hardware. Placing a sticker over a webcam is a nice start, but with HKS you can be sure that your computer isn’t spying on you and can conveniently enable the camera and microphone only when you need it.

We got feedback from a number of customers that having HKS on the side meant you had to crane your neck to see the current state and find the right switch. We also heard that some customers were flipping HKS when inserting their laptops into a case. With the Librem 14 we have moved the HKS back above the keyboard and have added LEDs to make the current state of the hardware obvious at a glance. We have also extended the webcam/microphone hardware kill switch so that it also disables the microphone in the headphone jack.

Ethernet Port

A physical Ethernet port might not seem like a security feature to some people, but for people facing particular threats it’s a critical security feature. The ability to remove the WiFi card completely, or at least keep it disabled with a HKS, and access the network over a physical Ethernet port, means you can completely avoid entire classes of attacks on WiFi cards and protocols.

Firmware Write Protection Switches

Another security feature that’s completely new to the Librem 14 is a set of switches on the motherboard that will allow you to write protect the BIOS and EC firmware. Currently the physical switches are implemented, but we still need to complete some software and configuration work so that they actually trigger write protection.

Librem 14 Firmware Write Protect Switch in the Off PositionLibrem 14 Firmware Write Protect Switches in the Off Position

Firmware

After the hardware, the next area to focus on for security is the firmware–code that runs on discrete chips on your hardware that straddles the fence between hardware and software. Supply-chain attacks on firmware continue to be a growing concern in the security community so we take a number of additional steps on the Librem 14 to help secure its firmware.

Intel Management Engine

Perhaps one of the most famous bits of firmware on a modern Intel computer is the firmware for the Intel Management Engine (ME)–a chip that initializes Intel hardware and that is required for it to boot. Because the ME has core access to your hardware, because the code is proprietary so it can’t be audited, and because some versions of the ME include Active Management Technology (AMT) that enable IT administrators to control machines remotely over the network, there have been some concerns that the ME might contain secret backdoors. Also, as the features of the ME expand, there have also been concerns that the increased attack surface might allow attackers to exploit flaws in ME firmware and take remote control over a computer.

Like in past Librem laptops we select the simplest version of ME firmware available, without AMT, so that we begin with the smallest possible attack surface. Next we disable the ME by setting what is known as the HAP bit so that after the hardware is initialized the ME is disabled. In the past we have also performed an additional step of “neutralizing” the ME (overwriting most of the ME firmware with zeros, leaving only the bits critical to booting). As the Librem 14 is newer hardware running a newer version of the Intel ME, we haven’t yet been able to neutralize it, but hope to be able to add that in a future firmware release.

PureBoot

PureBoot is the name we give for a suite of technologies we use to secure the boot process. It starts with our boot firmware based on free software projects coreboot and Heads that help you detect firmware tampering when paired with a Librem Key. When you order a Librem 14 with the PureBoot Bundle, we pair the laptop with a Librem Key at our facility so that when you boot the laptop with the Librem Key inserted, the key will blink green if the system is safe, and blink red indefinitely if it detects firmware tampering.

PureBoot also extends into the operating system itself and will detect any tampering in the kernel or boot configuration files and alert you to them before it boots. Finally, PureBoot can even be configured to use your Librem Key to unlock disk encryption.

Embedded Controller

In addition to the Intel ME, another area of concern for firmware security is the embedded controller (EC). This chip manages the keyboard in addition to many other things:

With more tasks assigned to the EC, the software and its capabilities grew which makes it a pretty essential piece these days, especially for laptops. So the first thing the EC needs to do is to control the power up and power down of the machine, which means to enable or disable certain voltage domains, doing that in a controlled fashion honoring dependencies (often some power rails are derived from others), and also taking into account the power supply constraints of the main CPU in certain power modes. This is especially important for low power states like suspend to RAM where you just want to power what is needed. There are also other very interesting peripherals attached to the EC. Of course the EC controls the keyboard matrix, i.e. it assigns keypresses in that matrix to key scan codes sent to the main CPU.

Normally the EC runs proprietary firmware, and like with the ME, due to the level of access the EC has (such as the fact that it controls the keyboard), there is concern over what an attacker could do with backdoored or hacked EC firmware.

Starting with the Librem 14 we are freeing the EC firmware which will not only allow you to audit the firmware for backdoors and security flaws, but also give a Librem 14 owner much more control over their hardware. The blog post I linked above goes into much detail about the EC overall as well as our plans for it.

Software

By default the Librem 14 will ship with PureOS Byzantium–our latest and greatest release of PureOS featuring many security and feature updates while being accessible and convenient for the average user to use. For users who want even more security, perhaps at the expense of some convenience, we also offer Qubes as an operating system option on the Librem 14.

We have a long history of Qubes support on our hardware and treat Qubes as a first class operating system at Purism. Because Qubes makes heavy use of hardware virtualization, the average Qubes users finds themselves running ten or more virtual machines simultaneously, with some users running many more than that. With the 6 core, 12 thread tenth generation Intel i7 CPU, fast NVMe storage, and dual SO-DIMM slots allowing a maximum of 64GB RAM, we believe the Librem 14 is the best laptop for Qubes.

Anti-Interdiction

Finally, some customers face security threats such that having their laptop tampered with during shipment is a real concern. Other customers simply want the peace of mind that their laptop hasn’t been tampered with. Regardless of the reasons, Purism offers a premium anti-interdiction service where we work with a customer over encrypted email to model their particular threats and custom-tailor our anti-interdiction measures both on the hardware itself with glitter nail polish and tamper-evident seals, and on the software with an integrated PureBoot Bundle using customer-supplied secrets.

A close-up of the unique pattern of blue glitter nail polish on the center screw.A close-up of the unique pattern of blue glitter nail polish on the center screw.

Conclusion

We are very proud of the Librem 14 and believe that its combination of hardware, firmware, software, and anti-interdiction features make it one of the most secure laptops you can buy.

Librem 14

Discover the Librem 14

The first 14″ laptop designed to protect your digital life. Ultra-portable workstation laptop that was designed chip-by-chip, line-by-line, to respect your rights to privacy, security, & freedom.

Pre-Order Now

The post Librem 14 Security Features appeared first on Purism.

by Kyle Rankin at March 22, 2021 19:54

Tutanota

Microsoft Exchange Hack: How it was possible and how to prevent it.

The beginning of 2021 saw one of the worst hacks of company data around the world: Several zero-day vulnerabilities in Microsoft Exchange were exploited and thousands of companies were affected. This attack is another example why we need strong end-to-end encryption.

March 22, 2021 00:00

March 19, 2021

Pine 64

Beta Edition Pre-Orders

I am pleased to announce that pre-orders for the PinePhone BETA Edition will open on March 24. The PinePhone BETA Edition is powered by KDE Plasma Mobile and Manjaro Linux. To learn more about the BETA Edition please read the March Community Update. PinePhone BETA Edition will be made available in two hardware configurations: $149 — 2GB RAM; 16GB eMMC $199 — 3GB RAM; 32GB eMMC (includes a USB-C...

Source

by Lukasz Erecinski at March 19, 2021 19:26

Purism

The S in IOT is for Security

Recently I was given two LED desk lamps to improve lighting for video meetings, these are just lamps with three controls, on/off, temperature, and brightness. In the misguided vein of “make it an IOT device with an app to monetize human data” mentality the temperature and brightness control aren’t just knobs on the lamp, no, they are controlled by a proprietary app that you are forced (well… unless you hack it (as I explain below)) to download to your phone or computer. You also have to agree to the terms of service to install and use the application. After installing the app you must “activate” the lamp in the app by connecting it to your WiFi and the Internet.

Full Lamp Stack

This is no longer just a lamp… it is a full computer and WiFi access point. Secondarily it requires a proprietary app to be installed on a phone or computer that cannot be audited for security. Ownership is the ultimate measurement of privacy, security, and freedom; if you don’t own the device fully, you are owned by the developer (and manufacturer) of the device. The only way to own my lamp was to pwn my lamp.

Knowing (from experience) that a device that can access the Internet can create a reverse tunnel into the local network (autossh ... -R ...) and my refusal to connect these lamps to my local WiFi and the Internet, I decided I would either a) recycle them; b) only use them in ‘lamp’ offline mode with the default values; or c) see if I can control their access point APIs without ever using (or agreeing to the terms of service of) the proprietary app.

Remember, there is just on/off, temperature, and brightness.

On/off works from both a physical switch on the lamp (right next to the reset button, since you know, it’s now a computer) as well as the app (that I only saw from the screenshots since I never installed it). Temperature controls the blue to yellow colors of the light (and the default is full blue unless you change it). Brightness is about 90% bright by default, and I would like to adjust depending on the time of day.

I thought if I can hack the lamp I could also put together an app that I own that can manage the lamp for my personal purposes. Since I have been following the incredible progress of app development for PureOS and the Librem 5 by using GNOME-Builder, writing a simple app would be a great project-based experiment to fully own/pwn my lamp.

Pwning the Lamp

Seeing that these two lamps are WiFi access points and seeing from the screen shots of the proprietary app that their general flow is to “add” the lamp from the app (which means connect to it as your WiFi Access Point) then connect the lamp to the local WiFi (which then of course gives it unfettered Internet access unless you do a lot of firewall rule guessing/setup at your router) I decided to connect to the Lamp AP and see what I could glean. The (unnamed) manufacturer did setup the APs with unique hex codes appended to their ESSIDs (“Manufacturer 4CDC”), and after connecting to the first lamp (it will take me a long while to not laugh that a lamp is an IOT device) I got the local ip 192.168.1.24 with the access point at 192.168.1.1. A browser at that address 404’d so I probed the ports and came up with a port open at 8193. A browser hitting that returned a page to connect the lamp to local WiFi. That is a no-go, so maybe there is a web API…

The Web API

A brief search returned the web API URL path that returns a JSON structure {"numberOfLights":1,"lights":[{"on":0,"brightness":28,"temperature":309}]}, so you can read the three values the lamp uses in the one-line data object. A method GET returns the values and a method PUT sets the value. I was now able to connect to the access point and PUT a JSON string to the address:port/path and control the lamps three values. Score: Lamp 0, Me 1.

A quick bash script allowed me to at least power on the lamps and set them to a predetermined temperature and brightness.

Having the ability to pwn the lamps via the web API means I do not have to give up any of my digital rights and can have complete ownership of these lamps, never giving any control the the manufacturer or app developers. Score: Lamp App 0, Me 2.

The App

Liberating the freedom crushing proprietary app and regaining control was fun. It’s not just that it’s a bad idea to connect a lamp to the Internet, it’s also that it’s a bad idea to install a random application you can’t audit on your phone.

GNOME-Builder is amazing (hi Christian). I decided to start a new project, select Python and it immediately started me into a fully-functioning (and buildable) Hello World example project.

I whipped up a quick layout in GNOME-Builder’s View Design tab and began translating bash’s nmcli and wget into Python libraries. After a bit of work learning how Flatpak manifests work to include the necessary libraries (hint: manifests are required learning to solve dependencies within a flatpak), I had a proof of concept app that allows me to connect to a lamp and adjust temperature and brightness.

An IOT Light App on PureOS for Librem 5

Securing my Lamp

Now I am able to control the lamps without their ever accessing the Internet from my Librem 5 phone as well as Librem Mini desktop, adding the much needed security to this IOT device. Fortunately because I have a Librem 5 running PureOS, it was relatively simple to replace the proprietary, insecure app with my own simple application that works both on my phone and (through convergent app development) on my desktop so I can keep the lamps in their own private compartment, disconnected from the Internet, and control it with my own trusted app.

The more Internet of Things (or as some call them Internet of Stings) makes it onto more networks and into more homes, the greater exploitation you and your digital life will suffer. This exploitation is highlighted regularly, today’s example as published by Washington Post, Massive camera hack exposes the growing reach and intimacy of American surveillance, showcases the creepiness of insecure IOT.

Securing IOT

It’s commonplace now for companies to ship devices that take control away from you. In this case I was able to take control back.

Security must be at the foundation of IOT products, if a lamp needs to be an IOT device it can at the very least be developed in a way that the user has complete control over it, doesn’t require signing a terms of service, doesn’t phone home, and doesn’t send a single bit over the network without user request. I made my lamp IOT device do just that.

The post The S in IOT is for Security appeared first on Purism.

by Todd Weaver at March 19, 2021 17:38

Pine 64

The Dual-Screen Pinebook Pro

In this project, I’ll turn my Pinebook Pro into a portable multi-monitor Linux laptop and show you how to do the same. In this post, I’ll share how I turned my Pinebook Pro into a dual-screen Linux laptop. It’s a rather inexpensive upgrade, and what parts I didn’t personally have on hand I was able to manufacture myself. This post is not meant to be an exhaustive guide. I simply want to put the...

Source

by Robbie Ferguson at March 19, 2021 12:48

March 16, 2021

FreeYourGadget

Gadgetbridge 0.56: UM25 voltage meter support, Fossil Hybrid HR improvements and more!

Only one week between releases - and again thanks to contributors, still an impressive changelog. We are currently waiting for F-Droid to sign and publish.

HM25 voltage meters

Daniel Dakhno has contributed initial support for HM25 voltage meters. This was a longstanding PR which we almost forgot about, sorry and thanks, Daniel!

Fossil Hybrid HR improvements

Arjan Schrijver has contributed various improvements for Fossil HR specific code, like fixing missing menu headers in Gadgetbridge and disabling feature that cannot be used on later firmware revisions.

One of the big improvements - tracking and syncing of dismissed notification was actually generic code which also became a feature for the pebble! We had that kind of feature long ago, but is was broken and disabled. Arjan's take seems to work much better. If it leads to problems or is not wanted, it can always be disabled - per device.

Work around permission problems

Many users could not install firmwares from some file managers, with this release many of those problems should be resolved by using requestLegacyExternalStorage. This is probably something that needs more proper fixing in the future, but a workaround is better than nothing ;)

For all user-facing changes since the previous blog post, check the following list:

0.56.0

  • Initial support for UM25 voltage meters
  • Pebble: Remove read/dismissed notifications on watch (can be disabled)
  • Fossil Hybrid HR: Remove read/dismissed notifications on watch (can be disabled)
  • Fossil Hybrid HR: Fixes for running firmware DN1.0.2.20 or newer (disable widget features, currently not supported)
  • Fossil Hybrid HR: Fix up/back navigation and add titles to Fossil specific menus
  • Huami: Fix displaying title for calendar events
  • Use requestLegacyExternalStorage in manifest to fix file access problems in some Android 10 roms
  • Add header and chart to each activity in Activity list

by Andreas Shimokawa at March 16, 2021 23:00

March 15, 2021

Pine 64

March Update: Status Report

Welcome to this month’s community update. We’re now facing one of the most challenging electronics manufacturing circumstances in years, and possibly even in all of electronics history. Despite this, I’ve got some good news to relay this month, including a Quartz64 pilot production-run, SOEdge being available next month and plenty of community news. Last minute update: looks like we will have the...

Source

by Lukasz Erecinski at March 15, 2021 19:43

Purism

Why Librem Tunnel is Leaving iOS

Update 2021-03-17: We’ve been asked a few times what our plans are for existing iOS customers. Because Librem Tunnel uses the standard, open, OpenVPN protocol, we have been working with customers to apply their OpenVPN configuration to a different iOS OpenVPN client. It’s less convenient than Librem Tunnel of course, but works. We are also updating our documentation to reflect these new steps.

When we launched Librem One almost two years ago, the goal was to provide a convenient and privacy-respecting suite of services running on open platforms as an alternative to Big Tech platforms. The service launched with Librem Chat, Librem Social, Librem Mail, and Librem Tunnel. We feel everyone deserves privacy and we are not a fan of vendor lock-in, so when we launched, we provided free software Librem One applications for Android and iOS so customers on those platforms could join the party. Recently we’ve been forced to remove Librem Tunnel from iOS due to their unfair policies and in this post we’ll explain why.

Anti-Trust and the App Store

If you have been following the anti-trust hearings the United States Congress has held for Big Tech companies over the past year or two, you will be familiar with some of the anti-trust concerns Congress has over Apple and its App Store. Apple’s anti-trust concerns centered on two main points:

  1. Their use of the App Store to disadvantage competitors (such as when they removed competing parental control apps in the name of privacy coincidentally when launching their own).
  2. The fees they charge companies who create apps that make money in the App Store (such as the ongoing legal battle between Apple and Epic over whether Epic owes Apple 30% of its revenue from games like Fortnite).

Apple’s policy is that applications that make in-app purchases or offer subscriptions using Apple’s payment platform pay Apple 30% of their revenue. The justification behind that fee is that companies are benefiting from all of the work Apple has put into its payments platform and so the fee helps them maintain that payments infrastructure while saving app developers from having to implement their own payment or subscription infrastructure.

This policy may seem straightforward and even reasonable at first, but gets complicated when you start talking about apps that have their own payments infrastructure. In Epic’s case, they are using their own infrastructure, not Apple’s, for sign-ups and payments. Apple is saying that regardless of what payment infrastructure they use, Epic’s apps are on the App Store and must pay Apple 30% of any revenue from them. Because Apple doesn’t allow alternative App Stores on iOS, Epic and other iOS developers have no alternative but to use the App Store if they want their iOS users to be able to run their applications.

Tunnel Vision

Where does Librem One fit into all of this? In addition to the free Librem Social and Librem Chat services in Librem One, we also offer paid subscriptions which give you access to Librem Mail and Librem Tunnel. Recently our VPN endpoints have changed, which required us to update the Librem Tunnel application.

Unfortunately our attempts to push an update were blocked, because Apple saw that the application was a VPN, which flagged it to check whether it was a subscription service (which VPNs frequently are). Even though Librem Tunnel is just part of the overall Librem One offering, because it’s part of a subscription service, Apple is requiring us to add the ability to sign up and pay for Librem One subscriptions within the Librem Tunnel app before they will allow updated versions into the App Store.

Why are they making that requirement even though we already have our own independent payment infrastructure? Because once that app allows in-app purchases, Apple can then automatically take their 30% cut.

We do not accept these kinds of monopolistic practices, nor do we want to fund them through our own customers. Since Apple does not allow alternatives to the App Store on their platform, we have no choice but to remove Librem Tunnel from iOS, until such time Apple changes their policies either on their own, or through government intervention. Because our other apps on iOS are linked to our free services, we don’t believe Apple will make the same demands of them.

We are really sorry for those Librem Tunnel users who are on iOS, and we hope one day we will be able to add Librem Tunnel back to the App Store.

The post Why Librem Tunnel is Leaving iOS appeared first on Purism.

by Purism at March 15, 2021 18:08

Tux Phones

The JingPad A1 is a Linux tablet with 2K display, pen input, 5G and much more

Update 04/2021: More information on specs and hardware, pre-orders, see gallery below
The JingPad A1 is a Linux tablet with 2K display, pen input, 5G and much more

Some months after the initial announcement, the first JingOS device has been officially announced. The device has been announced as a "consumer ready" full Linux tablet featuring high-end specifications such as a 2K+ display, a built-in 5G modem, and an included detachable keyboard with touchpad. In addition, the device will come with a stylus (with 4096 levels of pressure) according to the official website.

Technical specifications (stated months ago on a thread, which may be updated further) look particularly promising for a native Linux tablet, being higher than ever seen on this still young category of devices:

  • 11″, 4:3, 2K AMOLED Screen
  • 6GB RAM, 128GB ROM
  • 5G modem (not for all regions - support report coming before June, 2021)
  • 8-core Unisoc Tiger ARM CPU (4x Cortex-A75 @ 2.0 GHz + 4x Cortex-A55 @ 1.8 GHz)
  • PowerVR GM 9446 GPU @ 800 MHz
  • V510 baseband
  • 16MP back camera and 8MP front camera
  • 8000mAh battery
  • 6.7mm thin, less than 500g weight
  • Keyboard accessory and pressure-sensitive pencil (4096 levels) available

The main selling point, however, is that Jing promises a stable tablet OS (which we tried in a pre-alpha release in our previous article) and a "daily driver" ready experience. Regarding the software stack, JDE has been developed as an open-source fork of KDE Plasma Mobile (also, importantly, while keeping contacts with upstream developers, as we have been told by a Plasma developer), with a custom skin (somewhat Huawei-like) and a customized UI and launcher (e.g. adding touchscreen gesture navigation and iOS-like quick toggles). This means that native Qt5 (and Gtk3/4) Linux applications should work on it without issues. Android applications will also be supported out of the box, probably either through Anbox or hybris.

The JingPad A1 is a Linux tablet with 2K display, pen input, 5G and much moreA closer view of the A1 with the JDE UI

As a final note, mainline Linux status is yet to be known, since the ARM chip, probably belonging to the Unisoc "Tiger" high-end series, will hardly run mainline Linux without work around SoC internals and peripheral drivers. It is well possible that, if not immediately, a mainline kernel porting will become available well after the release, since the Plasma Mobile base and Qt5 rely heavily on GPU performance and hardware acceleration, which is not always obtainable as easily with abstraction layers such as Halium. However, that depends on the ultimate success of the product launch, since proper mainline ports tend to be backed by a large community of users and developers.

The JingPad A1 is a Linux tablet with 2K display, pen input, 5G and much moreJingPad A1 with detachable keyboard, running Visual Studio Code

You can check out the official page for this device and join the mailing list for more information about the device. Pre-orders have just been announced on its IndieGogo page, while pricing is still unknown. The below video presenting the device has also been released, and we expect initial crowdfunding to start within few weeks.

If you would like to try out JingOS on an x86-based tablet or laptop as "live CD", you can download the latest v0.8.1 release as ISO from this page (needs e-mail for link). Finally, the official JingOS Reddit community offers some further (although possibly outdated) details on prototype devices, manufacturing and more.


by Raffaele T. at March 15, 2021 13:23