Don’t say, hey android has Linux in it, yeah no, idc, I want to know how far we are from buying a Linux phone at a price point of 200 USD.

A Linux phone is one which is built completely on Linux, uses Linux apps and most important has a terminal.

I don’t want a Linux Phone for privacy, although that’s a great reason, but I want it for the freedom it provides me. Hell, I don’t care if Android itself comes with a terminal and has similar features to Linux, I just want a Terminal which can install apps, where I can write commands and it will execute it. Complete Control on my phone and how it behaves is what I want.

I want to tell it when to sleep, when not to sleep, when to boot, when to edit a file and how, when to take a screenshot and what to do with it and where to save it, etc, etc. I hope you get the idea.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    51
    ·
    1 year ago

    Yes. You have your pine phone. It’s more expensive than you’d like. But if if and only if enough people adopt it. Prices will come down with time

    Since you don’t want anybody to tell you that Android is Linux, and you can do everything you want to do on Android with a custom ROM. I won’t mention it

    • Jerald@lemmy.mlOP
      link
      fedilink
      arrow-up
      12
      arrow-down
      3
      ·
      1 year ago

      Android with a custom ROM. I won’t mention it

      do you know of any projects which has good support (and reputation) which has something like a terminal in it? I mean, I just want a terminal.

      Also, I will be happy to spend 500USD on a Linux phone just to support it, but I wanted to know how far they are. Thank you for your comment.

      • I_like_cats@lemmy.one
        link
        fedilink
        arrow-up
        32
        ·
        1 year ago

        If you just want a terminal you can install termux from github right now. No need for a custom ROM. It will be fairly locked down but you can use almost all programs that there are for linux. I use yt-dlp in Termux to download youtube videos

        • Jerald@lemmy.mlOP
          link
          fedilink
          arrow-up
          13
          ·
          1 year ago

          I like you lol. btw, can I do stuff like control volume using Texmux? Like idk, switch on or off my wifi and turn off airplane mode and stuff

          • Quacksalber@sh.itjust.works
            link
            fedilink
            arrow-up
            9
            arrow-down
            1
            ·
            1 year ago

            I’d guess not, at least without root, as Texmux is still an app and Android won’t allow apps that much control over the phone.

              • AssholeDestroyer@lemmy.ml
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                Root access is pretty easy to get. People don’t reccomend it much anymore but I’ve had zero issues on a Pixel 7 aside that I can’t use the phone’s tap and pay feature. Bus passes and plane tickets still work.

          • mexicancartel@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            You can control volume using termux with termux-volume command nand wifi with termux-wifi* commands. Not sure about airplane mode but reboot is possible with adb only

          • Square Singer@feddit.de
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Pretty easily if you go a different route.

            • Download something like the Terminal Emulator app. This gives you access to the CLI on any Android phone. Now you can already control some things over CLI, basically anything you can control without root.
            • If you want more, root your phone. Now you can controll all of the things you mentioned from CLI
            • Install a full Linux in a chroot (you can use LinuxDeploy for that, which is outdated, but that only means you need to update the Linux environment like a regular Linux). Inside of that, you can mount your Android system. Now you have a full Linux that can do all usual Linux things, and also control your phone. This Linux can be either accessed via shell (through Terminal Emulator app) or via VNC to view it’s GUI.

            Now you have a full Linux inside Android that you can use as a full Linux, and that can control your phone from CLI.

            If you are crazy enough, you might even get stuff like calling to work from inside Linux, but what’s the point? You still got a full Android to do Android things with it.

            Linux in a chroot is so much real Linux, that I managed to get FEX (x86/x64 emulator) to work inside it, and Wine on top of FEX, so now I can even run Windows x86/x64 programs on my phone.

          • wolo@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            You need to use root or pass through some other access control mechanism to control network interfaces or audio devices on Linux too, Android’s access control mechanism for those things just isn’t built with shell scripting in mind because using a terminal on a phone is a pain…

      • WastedJobe@feddit.de
        link
        fedilink
        arrow-up
        4
        ·
        edit-2
        1 year ago

        custom ROM

        I’m using CalyxOS on a Fairphone 4, works pretty well, appart from getting Playstore apps from Aurora Store without a Google account (I search for apps in firefox and open the link with Aurora which is clunky but works). You can install a terminal emultor from F-Droid, not sure why you would tbh but I’ve found several.

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        Pine phone and Jolla/Sailfish are the only real ones out there.

        Librem is a scam, they don’t have a real product. (Go watch Louis Rossman’s newest videos if you care).

        Pine phone is… not exactly usable as a main phone. It’s very much beta. But it is a Linux device in the shape of a phone, and even though it’s incredibly basic hardware, it at least exists, it can be bought right now and some parts of it work.

        Jolla have been doing their thing for a while. Afaik they don’t sell their own devices anymore, but you can flash their OS onto other phones, like e.g. the Fairphone 4. That kinda works in some regards, but at the moment e.g. mobile data just doesn’t work on that phone.

        More to that here: https://forum.fairphone.com/t/fp4-sailfish-os-4-5-0-18-for-fairphone-4/97052

  • MagneticFusion@lemm.ee
    link
    fedilink
    arrow-up
    33
    arrow-down
    1
    ·
    1 year ago

    Probably not. The third party apps just do not exist. If the Windows phones from big brother Microsoft were not able to get many third party applications, I doubt Linux phones ever would

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        But they also have much less money to get the word out. And much less ability to pay people to develop apps for their platform.

    • smileyhead@discuss.tchncs.de
      link
      fedilink
      arrow-up
      11
      ·
      1 year ago

      All it is needed is to have at least equivalents of basic apps from F-Droid and we’re getting there.

      Propietary apps for accessing one smart toilet seat brand or some trash locked down social platform should be abandoned anyway.

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        What to you think about proprietary apps for accessing a bank account?

        I kinda need these. Otherwise I’d have to carry two phones and I don’t want to do that.

        • smileyhead@discuss.tchncs.de
          link
          fedilink
          arrow-up
          3
          arrow-down
          6
          ·
          1 year ago

          They shouldn’t be used, not on Android, not on the web, not on Linux. We should not show companies, banks and our goverment that we are capable of giving up our freedom for some convience.

          Maybe if I’ll be doing buissness and need to do multiple money transfers a day I’ll be using their web apps on a computer, but as I am individual person, I give friends cash and pay online via other methods.

          • Square Singer@feddit.de
            link
            fedilink
            arrow-up
            7
            ·
            1 year ago

            That’s your choice. But you can make the same argument about using the Internet in general. Or any device that runs any proprietary, non-user-modifyable code.

  • secret301@sh.itjust.works
    link
    fedilink
    arrow-up
    31
    ·
    1 year ago

    I have a feeling those budget phones around that price are sold at a loss and gain the money from selling user data. So I doubt it’d get down to that price

    • limerod@reddthat.com
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Outside of ads or razor thin margins, data profiling. They can recoup the costs from selling more expensive and premium smartphones. A new entrant in the market catering to a niche is unlikely to do so.

  • Square Singer@feddit.de
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago

    Yes, no, maybe, depending on what exactly you mean.

    • A phone that is comparable in specs to a similarly priced Android and runs native Linux without tricks: This is not going to happen ever.
    • An Android phone that can be hacked into running Linux with tricks: Yeah, that exists, but it’s DIY. There are a lot of cheap phones that you can e.g. install PostmarketOS on.
    • A phone that runs native Linux without tricks for that price point: Yeah, that’s called a Pinephone, and it’s pretty much that.

    There are two main issues, why a Linux phone with good specs and without tricks and with full, real Linux is impossible:

    • Linux phones got a tiny market share and due to the natural monopoly of operating systems and app stores, that’s not gonna change any time soon.
    • SoC manufacturers have a different way of working than PC part manufacturers. For example, they won’t upgrade the Linux kernel/drivers necessary. Because of that, my phone (Fairphone 4), which came out in 2021 and runs Android 12 still uses the 4.19.157 kernel, even though 4.19 came out in 2018. And even of the 4.19 version, the newest revision is 228, and I’m still running 157. They didn’t even bother upgrading the revision number. Stuff like that doesn’t fly on decent native Linux. And SoC manufacturers will not support newer kernels if it’s only for <3% of the market share or some miniscule number like that.
    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      20
      ·
      1 year ago

      Don’t forget the SoC players NEVER open source anything including APIs so community drivers are not easy either

    • bingbong@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      5
      ·
      edit-2
      1 year ago

      Do you think that might change with risc-v? As in, it would be more likely to have open source code and community support for kernel updates

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        I don’t think so, no.

        What causes the situation currently is not ARM, but the companies making SoCs.

        Currently, with RISC-V, we are seeing early-adopter trial runs by early-adopter companies. None of the usual suspects have any amount of serious skin in the game.

        When Qualcomm is making mass-market high-performance RISC-V SoCs, they will treat them exactly the way they are treating their equivalent ARM SoCs right now.

          • Square Singer@feddit.de
            link
            fedilink
            arrow-up
            5
            ·
            1 year ago

            Tbh, if we are unlucky, RISK-V might even get worse than ARM.

            The point of RISK-V is to get rid of ARM ltd., the company that manages the ARM ISA and the reference designs, and asks for a lot of money from companies that want to use ARM.

            RISK-V was made to have an ISA without such a middle man.

            The issue here is that (apart from some university researchers) nobody makes freely available reference designs.

            If a company wants to make their own high-performance ARM SoC, they call up ARM, pay a lot of money and get some directly usable reference designs. They maybe configure it with the features they want and then send the design to e.g. TSMC and they build it. Apart from a lot of money, not much else is necessary.

            With RISC-V, there is no such instance where you can buy great reference designs from.

            Instead, each company designs their own designs. Maybe some will sell their designs, but it might well be, that the top companies will just not share their designs, same as is the case currently with x64, where you can buy a ready-made AMD/Intel SoC and that’s it.

    • Jerald@lemmy.mlOP
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Seems like Android which supports a broad range of Terminal commands is the best next thing.

      • mexicancartel@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Termux is the best i could get. You can run a lot of apps, compile with clang; use vim, emacs and nano; run XFCE with the help of X server(maybe running locally ny XSDL app), run proot distros like ubuntu debian arch and all, use ffmpeg, and with extension apps like Termux:API you can use more android permission to do things like initiate a call with a command. You may use termux:widget and termux:float or maybe even termux:boot and do a lot of things there

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        If you want just an user-land mostly-compatible system, that’s pretty much it.

        You can use Termux which proots if you don’t have root.

        If you have root, you can use something like Linuxdeploy (which is seriously outdated, but if you know what you do, you can update the Linux installation in there). This gives you a chroot-based Linux with shell and GUI over VNC and root. It’s able to play almost everything you want.

        On my installation (Ubuntu 22.04 with XFCE) I even got FEX to work, which allows me to run x86/x64 Linux programs. Then I installed x64 Wine and now I can run Windows x64 apps on my phone.

      • Dandroid@dandroid.app
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        You can toss BusyBox on Android and have most of the commands you are used to. It has been a long, long time since I have done Android development (Android 7 was the last version I developed on), but back then, Android didn’t have bash. It was ash. So very similar, but you are missing some things.

  • drcouzelis@lemmy.zip
    link
    fedilink
    English
    arrow-up
    18
    ·
    1 year ago

    I didn’t see anyone mention SailfishOS.

    I bought a Jolla Mobile with SailfishOS when they came out and I LOVED it. It’s a fast smooth beautiful user interface, has Android app support, and truly is Linux. Like, it comes with a Terminal, full root access is easy to unlock, uses BtrFS, Wayland, the Linux standard hierarchy… It was wonderful.

    The Jolla Mobile is pretty old now, but I think there are still phones you can get it on.

  • gnuplusmatt@startrek.website
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    Before the rise of Android and ios I’d have said it was possible, but the goal posts have shifted pretty far. Unless something backed by a corporate entity or government rises Up, it’s a no. A chromeos type thing for smartphone is not going to happen for mass market, because there is already Android.

    Discounting Android, the last mile of what a smartphone is capable of can not be accomplished in Foss manner, without end to end verified OS images and some kind of secure enclave for banking and “security” features, carriers and banks are not going to get on board any more. Convenience features like DRM video streaming, casting also probably are not achievable either

    • Square Singer@feddit.de
      link
      fedilink
      arrow-up
      10
      arrow-down
      1
      ·
      1 year ago

      True, with the goalposts. Nowadays we are happy if we can root/custom ROM and are still able to access our banking apps.

      • gnuplusmatt@startrek.website
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        I went back to a pixel, as I couldn’t get my oneplus with lineageOS to do Android pay, after custom roms on all my phones since the HTC Dream, I have been running stock for the last 18 months, kind of miss it

        • Square Singer@feddit.de
          link
          fedilink
          arrow-up
          3
          ·
          1 year ago

          There is a way to get it working, but it’s a pain and a half in the rear and you never know when they will kill the workaround.

      • gnuplusmatt@startrek.website
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        1 year ago

        Things like androidpay/apple pay type functions require a chain of security checks, on Android it’s levels of safety net. some banking apps require similar

        • z3rOR0ne@lemmy.ml
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Ive been on Graphene OS for a few months now and can confirm that banking apps work, but Google Wallet does not. One of my banking apps required me to toggle off hardened malloc in favor of Android’s standard malloc though, which definitely had me raising an eyebrow.

          • intensely_human@lemm.ee
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            If there’s one thing I’ve learned about banks it’s that they were still using ie 8 when nobody else was.

    • fernandu00@lemmy.ml
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      I think you’re totally right! It’s kinda hard to use banking apps with a custom ROM already… Unless some big corporation makes a move into something different we’re gonna be stucked in the iOS and Android chains …In that case I wish Microsoft would have been successful with their mobile OS so other companies had the guts to launch their own and compete in a more fragmented market

    • flashgnash@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      I can stream DRM content just fine on my Linux PC though what would be different about a phone?

        • flashgnash@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          Oh really? Damn that’s crazy never realised

          Could’ve sworn I’ve watched stuff at 1080 though I usually hate watching anything lower res than that

  • CalcProgrammer1@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    PinePhone is $150. The more appealing option long term will be getting Linux running well on old Android phones though, as they are available used for $100 or less and have better specs. Often better specs than even the $400 PinePhone Pro, which is the most powerful designed-for-Linux phone I know of.

    I’m typing this on a OnePlus 6T running postmarketOS. I paid somewhere around $125 for this phone, with box and accessories and in very good condition. It has an 8 core processor, 6GB RAM, Vulkan-capable Adreno 630 GPU, better WiFi/Bluetooth than either PinePhone, much better battery life, and a very nice OLED screen.

    It’s not all perfect yet though. It doesn’t support VoLTE yet in Linux, so you have to force 2G mode to be able to receive calls and texts. Call audio is sometimes missing. No camera support. No USB host mode support. Sensors are WIP, but I’m testing the merge request for them and rotation works.

    I ran a PinePhone and then a Pro for a year each. I think I prefer the OnePlus 6T experience. If they get the modem issue figured out it will be an amazing option.

  • Lettuce eat lettuce@lemmy.ml
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    I think that I would be a close to ideal candidate for a Linux phone, because I use my phone for so few things.

    That being said, the few things I do use it for are absolutely essential for me, as in I must have them to function throughout the day, and I am not interested in having multiple devices I need to carry to do them. Those are as follows:

    • A quality OSM map/nav app.
    • A Discord app.
    • A Matrix client and an XMPP app.
    • A fast browser.
    • A quality media player.

    Most those have something on a Linux phone, but they are either slow, buggy, of missing features, at least as far as I know.

    There are other issues too though, so far Linux phones seem to be slow and buggy from the reviews I’ve seen.

    But the ecosystem is a bigger issue. One of the nice things about being on an unlocked android phone running GraphenOS or Lineage is that you not only have access to most of the official Android app ecosystem, but also to the thousands of apps in the unofficial fdroid ecosystem and naked APK ecosystem.

    So you get overall so much more than just Android, which is already a lot.

    Switching to a Linux phone severely limits you on that ecosystem, because many desktop Linux apps won’t run at all on a Linux phone OS.

    Another user here pointed out the similarity to Microsoft’s Windows phones that they tried to enter the market with years ago.

    I had two of them, and honestly, I absolutely loved them. The hardware was sleek and powerful, everything that made Windows 8 suck on desktop was actually awesome on mobile. The only issue was, MS didn’t deliver on the app ecosystem. There were a few dozen popular apps that were ported over from Android, and many of those were buggy or had limited features. That killed the phones hardcore. Who wants to use a phone that looks nice and runs fast, but only has a few apps that you need?

    Would you buy a super powerful and sexy gaming computer that could only play 10-20% of your game library?

    Personally, I would prefer to see the teams that are developing Linux phone OSes stop working on those projects and switch over to fully custom and FOSS Android versions. Similar to what we have now with different companies’ Android versions. But instead of the main differences being icon themes and bloatware, make them more varied like distros.

    KDE Android, Ubuntu Android, Arch Droid, etc.

    Have them focus on making their Android distros fast and feature-full. People could then have android powered tablets and car consoles that are compatible with Linux and other unofficial versions of Android.

    I would love to have a KDE Android phone that is 100% integrated with a custom KDE Android car console. It would be a FOSS version of Android Auto. Imagine being able to remotely transfer files from my Linux PC to my car, both running KDE connect. Syncing them together to update my OSM custom maps. I could install Finamp on my car’s console and stream my Jellyfin music to it while navigating using Magic Earth or OSMand on a nice big screen.

    I can keep dreaming…

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        8
        ·
        1 year ago

        My phone runs Android, on which I run Linux in chroot, on which I run FEX, on which I run Wine x64.

        That means I can run Android apps, Linux-ARM apps, Linux-x86/x64 apps and Windows x86/x64 apps.

        Also I got Magic Dosbox running DOS and Win95.

        And a bunch of emulators, namely C64, GB/C/A, DS, 3DS and Switch.

        Yes, I might have a problem ;)

      • Lettuce eat lettuce@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        That’s true, something like Proton for Steam but instead of Windows apps, it allows installing and using Android apps on Linux.

        I still think a pure Android base would be easier to impliment and engineer, but I’m not experienced enough with software or low level Dev work to know of that’s true or not.

  • ExLisper@linux.community
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    1 year ago

    I hoped for that when PinePhone came out but now I don’t know. PinePhone should be easy to clone so I hoped more similar devices will start to show up and we will see some competition and progress but as far as I know PinePhone is still the only device like that. So couple years after it was released Linux on mobile still barely works. You can get Volla Phone with Ubuntu Touch and, according to their page, you will have issues with incoming and outgoing calls. Not really what I’m looking for in a phone… And then we have the issue with apps. What I’m actually using my Android phone for:

    • banking apps 2FA
    • electric car charging - my home charger, all networks of public chargers and my car itself use android apps
    • moonboard app
    • signal
    • GPS

    Those features are why I have a mobile phone. Everything else I can do in my PC. None of those things will have dedicated Linux app except maybe for Signal but as of today even Signal doesn’t have a mobile Linux app. GPS still have issues in most Linux phones. So as of today, years after PinePhone was release Linux phones are still useless to me. Maybe one day Android emulation will work well enough to support all those things but today it’s also not a real option. I’m willing to use ‘crippled’ phone for some time (same as I was using Linux desktop back when it didn’t have many popular apps) but as of today Linux phone would be a hobby project and I still would have to do everything on Android phone so it’s not a great option. And I’m not sure this will change in the next 5 years.

  • deadcade@lemmy.deadca.de
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    “Android” phones can sometimes have “close to mainline” Linux distributions flashed onto them. You can get some of those, used, for less than 100$.

    A custom Android rom would provide you with a decent chunk of the freedom you want in a mobile device.

    A phone specifically built for Linux, with as much as possible FLOSS firmware, will cost a lot more. The cheapest is probably the PinePhone.

  • redditblackoutkekw@lemmy.zip
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    Good Q. Consider you can install Ubuntu touch on fairly cheap older phones already. I know you’re asking about “ready to go” phones but this is an alternate solution

    • Jerald@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      I wonder how Ubuntu Touch is doing, apparently Ubuntu has given up on it’s linux smartphones bet and the project is not officially maintained by Ubuntu now? idk.

  • wolo@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    My big killer feature for Linux phones is running Wayland/X11 apps mostly unmodified, if AOSP added support for that I wouldn’t be too disappointed about sticking with it. I’ve tried to make android apps before, but doing things the Android Way™ basically requires you to use java and their bespoke UI primitives, and it always makes me wish I could just use the tools I’m already used to.

    Being able to have intricate control over my phone is nice, but I’d rather do it with a KDE-like settings maze than a terminal because of how tiny the screen is, and if I’m doing something serious that would require a terminal I would rather do it at my desk.

    I definitely think the Android ecosystem has some serious problems, but I already run a custom ROM without Google Play Services installed so I’m fairly well-insulated from that. I do plan on installing a mobile Linux system on my old phone to experiment, but I doubt it will become my system of choice.

  • daveplx@kbin.social
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Just sharing a recent 5-minute talk from CCCamp:
    link

    Haven’t tested it myself but sounds cheap enough to give it a shot. I Plan to.
    Note: Linux phones are notoriously insecure (source) but please correct me if you know better

    • Jerald@lemmy.mlOP
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Note: Linux phones are notoriously insecure (source)

      yeah, now I am not buying it lol. I wanted a daily driver not a phone for some habit :(

    • alcasa@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      For most linux users I’d say less security is a necessary evil. Security hardening is a tradeoff and I’d guess most people dont want their systems to be as locked down as ios or android. Or even modern MacOS, there are quite a lot of modifications that will require you to turn of System Integrity Protection, which blocks modifications of system files in normal use.

    • elouboub@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Note: Linux phones are notoriously insecure (source) but please correct me if you know better

      A few points

      Operating systems like Android and ChromeOS have full system mandatory access control, every process from the init process is strictly confined.

      Android uses SELinux for mandatory access control as per their own docs

      As part of the Android security model, Android uses Security-Enhanced Linux (SELinux) to enforce mandatory access control (MAC) over all processes, even processes running with root/superuser privileges (Linux capabilities)

      As for ChromeOS, it’s built upon Linux and that blurred line between Chrome and Linux is being completely removed –> hello Linux And ChromeOS aka LACROS

      To make matters worse, some system daemons are not designed with permission control in mind at all. For example, PulseAudio does not have any concept of audio in or out permission.

      PulseAudio is due to be replaced by PipeWire which

      was designed with a powerful security model that makes interacting with audio and video devices from containerized applications easy.

      https://github.com/mikeroyal/PipeWire-Guide

      There’s also Wayland, which is being written to replace X11. It has better security

      Wayland isolates the input and output of every window, achieving confidentiality, integrity and availability for both.

      While it’s true that many apps aren’t designed with security in mind, flatpak and snap packages have their portals API. The author did mention that they are underutilized, but that’s slowly changing.

      Additionally, immutable distros (nixOS, Fedora silverblue) do exist, which make it quite hard for unauthorised applications to modify root partitions since they are mounted as read-only. Mobile NixOS is still in its infancy, but it’s being worked on.


      In conclusion, security on linux isn’t hopeless, there are solutions being worked on, and improvements in linux phones will benefit all desktop users, unlike distros like Android and ChromeOS that build custom solutions that aren’t contributed back to the community.