https://techcrunch.com/2019/05/20/tr...cks-in-europe/
different European startup is hoping to catch some uplift: Finland-based Jolla steers development of a made-in-Europe Android alternative, called Sailfish OS.

It’s a very tiny player in a Google-dominated smartphone world. Yet could be positioned to make gains amid U.S. and Chinese tech clashes — which in turn risk making major platform pieces feel a whole lot less stable.

A made-in-Europe non-Google-led OS might gain more ground among risk averse governments and enterprises — as a sensible hedge against Trump-fueled global uncertainty.

“Sailfish OS, as a non-American, open-source based, secure mobile OS platform, is naturally an interesting option for different players — currently the interest is stronger among corporate and governmental customers and partners, as our product offering is clearly focused on this segment,” says Jolla co-founder and CEO Sami Pienimäki .

“Overall, there definitely has been increased interest towards Sailfish OS as a mobile OS platform in different parts of the world, partly triggered by the on-going political activity in many locations. We have also had clearly more discussions with e.g. Chinese device manufacturers, and Jolla has also recently started new corporate and governmental customer projects in Europe.”

Huawei has their own OS already. They already said that they will use that.
And it will support all Android apps (without Google Services)
https://interestingengineering.com/h...l-android-apps

“Sailfish OS, as a non-American, open-source based, secure mobile OS platform, is naturally an interesting option for different players — currently the interest is stronger among corporate and governmental customers and partners, as our product offering is clearly focused on this segment,” says Jolla co-founder and CEO Sami Pienimäki ."

Like how you say "open source based"
It either IS ...
or ISN'T ...
open source.

And Sail ISN'T classed as open source.

(I know the same old argument ...and I am not being critical or over-the-top concerning the finer points regarding "must have" finicky philo of things being open source ...and all... but nowadays more than ever ...if I can do without black boxes in my os ...I go without .
I use Android ONLY for what I must ...and use my buntu phone for everything else)

is it even possible to have a cellular access device without closed source blobs? Considering everything that's going on between devices, cell towers and baseband units I highly doubt that any manufacturer would allow that. I mean, for the very same reason we have FPR, passcodes..... on our devices, providers have to keep their network safe.
Othewise, what would stop huawei to spy on ericsson equipment

So to have opensource community approved closed source suplier is the best thiong there can be. The opensource famous gurus should hop in to some such so that people could trust it to be trustworthy even it is closed.

Well...
It doesn't quite work like that...
As has already been mentioned ...the different kinds of closed source there is in the two examples of Android and Sail..
Android uses closed source apps.
Sail uses closed source UI...

(and it would be great if someone here did the legwork ...and did a list of exactly what all the various os's closed source aspects were...so as to compare.)

So back to the example...
Which is more dangerous and more compromising to have?
Black boxes in apps?
Or
Black boxes in the UI?

From where I stand...my perspective is that I can use alternate open un-compromise-able apps far more readily than use an alternate UI .

If at any point the UI becomes abused or compromised...it is truly devastating.....since everybody uses the same UI

One can easily migrate to open, secure and safe apps easily enough...(and at worst do without a couple ...say in the result of a perceived threat or threats..)
But ..migrating to a different UI so easily if it becomes compromised or abused by those who control it? Not easy.
And we have seen from the past, any organization or corporation that say they have everything under control, and everyone's security and safety in mind, end up becoming compromised by either flaws, that go unreported and kept hidden from the public (in some cases for years...leaving everyone except the corp.vulnerable and unknowing of their compromised security...
or ..
it becomes compromised by the "State" where the corps. resides...or by a foreign State...
done under the premise of "national security".

That is why I do not use apple phones.
That is why I did not use MS phones.
That is why I won't use Sailfish . (and yes a LONGGGG time ago I wished they hadn't diverged into what Sailfish is now..and just kept up with MER and Nemo...loved old MER especially...)

For all the dislike I have for android ...(which is really a dislike for the app market mess it is...and having to cherry pick apps)
it is a safer option in the current climate ...in my humble estimation.

(of course I do love my buntu phone ...won't forget that mention...
and hope for the best for Leste and its advancements...and I really should check in on Plasma Mobile again and see how they are doing ...its been a while.)

This is a difficult topic since there are so many individual things to consider.

kingoo is right with the point that there is no open source baseband available, so there can't be a true, complete "open source" device. This has more to do with the monopoly of qualcom than with mobile network security, if you ask me. But in the end, your device has an interface to a closed source, rarely updated, known to have bugs operation system on the baseband unit, reachable over the air.

Now for SFOS, which from my understanding went further away from the open source idea with moving to the Sony Open Device Program. On the Sony devices, SFOS uses the bootloader and Android kernel provided with the device (which prevents Jolla from fixing certain bugs on the Xperia X, as they would have to migrate to the new kernel v4, provided by Sony). While the kernel can still be counted as open source (because it's a Linux kernel), it's making the whole handling much more difficult because it is no longer in the hands of Jolla to modify it.

Still, I personally prefer SFOS over Android any time. Open Source simply means that you can review the source code, not that this code is "good" in any way. With Android, my issue is less the closed source part of the Google Apps, but the whole ecosystem of Google with the goal of collecting as many data as possible. And this is present as well in the AOSP systems (regular "internet connection checks" to Google servers, default synchonization of all data, ...). Using an Android system always makes me paranoid that all and everything wants to grab my data. And while you can manage that for Apps quite well by now, you can't really restrict the core system (at least not without a big effort).
So the point "better having closed-source apps which you can replace easily than closed-source UI which you can't" isn't valid when you can't trust the company behind the whole system.

It doesn't have to be an android phone to accomplish being data mined.

The moment anyone goes to a page...a site...anything ...with signs of said data miners present...(or not visibly present even..) ...a facebook "like" button ...for instance...
Anything...hinting at any of the culprits presence...
Then...
It is already too late...
They will have the data on where you last came from ..
When you arrived...
What you are looking for...
What you are looking at...
And where you are going to after you leave said page.

They are already there and waiting ...

You will have been shot..
Studied...
Tagged...
And released ..
To be followed further...
And all without you...I ...or we all...ever knowing anything ever happened...

Until later...
When the advertisements start coming ..
Very pointed advertisements ...
Concerning things one was just recently looking at on said sites.

Anyway...
That ...as I said ...is a whole other kettle of cats...
And really is the pervue of a whole other discussion on privacy and data mining...
Which are "soft tactics"

More the concern ...which I specified...
Were more "hardened tactics"
Was the COMPROMISING ...
Whether by negligence...or deliberation..
Whether by the corporation in control of the components , os or fevice...
Or whether by the State that can pressure the residing corporation...
Or whether by a Foreign Actor (malignant hack or Foreign State)...
Who gains access to said Black boxes in said components, os, apps or device
That was more the running issue...that can be mitigated ...first.

How many times have the corps. had to admit that vulnerabilities were exposed for years in some cases...
That they are just confessing to now?
I can't count that high...I run out of figers and toes...and neighbours digits as well.

I am.more concerned about serious compromising of devices ..os's ...first ...
data mining must needs take a back seat to it...
Until one can be certain one has a secure system.

...if windows has a black box in your win7 or win10 system...(and we all know they are there...)
.you think you should be caring about data mining?
Data mining would be the least of my concerns.

It is no different on mobile...
Folks should be even more concerned.

And the issue of the telephony?
There isn't a government on the planet that will let folks use an un-locateable untrackable device.
That will never happen.
There will always be a closed vulnerability in every phone.
That is why no phone can make the open source list.
It can never ever happen.
No government would allow it.

I think (but anyone is free to correct me) that nothing really changed from before in this regard other than having more kernel-driver-blob bundles to choose from.

Before on Jolla sold devices they got one such bundle from the manufacturer and that was it, effectively locking the kernel version in place as the blobs would stop working if the kernel was rebased to newer version, but adding individual patches that don't change the internal API/ABI (such as CVE fixes) is fine.

Now the open device program provides more kernel-driver-blob bundles you can change from, but there might still be issues such as having to port all your patches to the new version, possible regressions in the kernel and drivers and apparently some issues with updating the drivers without reflashing the device.

I agree that Sailfish OS is better fit in this regard that Android, but still not ideal due to some of the closed parts and other factors.

Some might still remember the discusions during the big Jolla investor crisis which killed the Tablet and overall looked pretty bleak at some times. The posibilities of community having to take over, alla Meamo/CSSU if Jolla goes under were discussed and it was far from easy. There will be no primary repos available, no flashable images (back then for Jolla devices, this improved with Sailfish X), many component would have to be fully replaced due to being closed source and thus could not be fixed without Jolla. Also withou the Jolla account system and services such as the am-I-online API the devices might be even just hard to use at all.

For Android you can do a community build of AOSP (well, of course without all.the Google services, but still functioning as a standalone OS) and many people use such builds, while this is not really possible for Sailfish OS at the moment. So if Sailfish OS should be a real alternative to Android as an independent OS it really should be also possible for the community to build and maintain a community version, which is the ultimate failsafe, for example if someone bans Jolla from providing their services in some country.