Active Topics
-
Full linux distros on Sailfish OS (253)
to SailfishOS by qoh - 1 day ago - more...
| The Following 7 Users Say Thank You to pichlo For This Useful Post: | ||
|
2015-09-16
, 09:36
|
|
Posts: 134 |
Thanked: 370 times |
Joined on Oct 2012
@ France
|
#392
|
Well, I would like to add some words about Nemo and Open Source OS :
Nemo with Glacier is not fully unusable, and working on it is not building an UI from scratch. But yes, because of the lack of developers, it is not ready for an everyday use. however, I used it few days on my N900 (my main phone at this time) for testing purpose and it worked more or less. IMO, there is not so much work required for having an usable OS with the basics functions working well (if I remeber well, SMS were fully working and calls half working).
About the devices : there were working phones with Nemo when nobody talked about Sailfish : the N900 (which is now not maintained because of Wayland) and the N9. So if you have a N9, you have some hardware where you can test Nemo.
And finally, why someone could would like work on Nemo. In first, it's open-source. And there is one think especially great with the open source : diversity. Working on Nemo could provide an other choice of GNU/Linux phone distribution, and will add diversification.
But if you tell me that working on a abandonned OS with (as it seems) nobody working on it is less interresting than a one maintained by a compagny with many users using it, I can only agree but if you want a fully open-source OS, someone have to do the first step. And here, the first step is not to do everything from scratch but to work on existing code.
Nemo with Glacier is not fully unusable, and working on it is not building an UI from scratch. But yes, because of the lack of developers, it is not ready for an everyday use. however, I used it few days on my N900 (my main phone at this time) for testing purpose and it worked more or less. IMO, there is not so much work required for having an usable OS with the basics functions working well (if I remeber well, SMS were fully working and calls half working).
About the devices : there were working phones with Nemo when nobody talked about Sailfish : the N900 (which is now not maintained because of Wayland) and the N9. So if you have a N9, you have some hardware where you can test Nemo.
And finally, why someone could would like work on Nemo. In first, it's open-source. And there is one think especially great with the open source : diversity. Working on Nemo could provide an other choice of GNU/Linux phone distribution, and will add diversification.
But if you tell me that working on a abandonned OS with (as it seems) nobody working on it is less interresting than a one maintained by a compagny with many users using it, I can only agree but if you want a fully open-source OS, someone have to do the first step. And here, the first step is not to do everything from scratch but to work on existing code.
| The Following 6 Users Say Thank You to Astaoth For This Useful Post: | ||
 |
|
2015-09-16
, 10:23
|
|
Posts: 1,389 |
Thanked: 1,857 times |
Joined on Feb 2010
@ Israel
|
#393
|
Originally Posted by Stskeeps
We are tunned few years already. If there is some information - just give it to us. Because this "soon" thing is not funny anymore.
Stay tuned.
| The Following 11 Users Say Thank You to ZogG For This Useful Post: | ||
 |
|
2015-09-16
, 11:33
|
|
Posts: 654 |
Thanked: 2,368 times |
Joined on Jul 2014
@ UK
|
#394
|
Right... wish me luck, I'm going to try and pull ths in a slightly more constructive direction and talk about something Jolla could change without turning their business model upside-down:
Sailfish' security model sucks because it doesn't follow the principle of least privilege:
I think this is something Jolla could improve quite easily, without affecting their business model. Pretty sure the reason people don't bitch about this more is because they're used to it - n900's security model was pretty awful too, and really shocked me when I picked it up for the first time last year.
I forgave the n900 because it's an old design, but Sailfish is a modern OS and is way behind Android/iOS in this regard!
Why not:
Doesn't seem like a lot of work, we have the tools to do a lot of this already. The difficult bit would be the next step: showing a list of required permissions (groups) before installation, and allowing the user to grant/revoke them.
Does anyone know why this wouldn't work/hasn't been implemented already? Or can you think of any improvements?
Also related, the roadmap says Jolla researched SELinux some time ago, so maybe there's a more elegant way of achieving this using SELinux?
Originally Posted by MartinK
I read somewhere before that a big chunk of Red Hat support contracts are with the US military. If Jolla wants to capture part of the government/military market, they desperately need to improve the security model on Sailfish. There has been some talk of "Sailfish Secure" but as far as I can tell nothing has materialised so far.
I'll just leave this (article about Red Hat success) here.
Sailfish' security model sucks because it doesn't follow the principle of least privilege:
- Nemo can install packages without authentication (via pkcon)
- Installed apps run as nemo...
- ...installed apps could therefore install other things (that run as root) without authentication! I'm not really worried about malicious apps since most Sailfish apps are Free/Open Source, but if you subscribe to the Ubuntu security announcement list you'll see lots of bugs like "potentially allows remote command execution as the user firefox is running as"... I am worried about the fact that exploiting a security flaw in a single app could give you easy root via nemo.
- all kinds of other important stuff also runs as nemo (like systemd)
I think this is something Jolla could improve quite easily, without affecting their business model. Pretty sure the reason people don't bitch about this more is because they're used to it - n900's security model was pretty awful too, and really shocked me when I picked it up for the first time last year.
I forgave the n900 because it's an old design, but Sailfish is a modern OS and is way behind Android/iOS in this regard!
Why not:
- Create groups with permissions to read contact data, change network connections etc
- Require nemo to authenticate when installing applications (otherwise you might as well just run everything as root)
- Each app runs as its own user
- Only grant harbour-foo permissions for the groups required to do what it needs
Doesn't seem like a lot of work, we have the tools to do a lot of this already. The difficult bit would be the next step: showing a list of required permissions (groups) before installation, and allowing the user to grant/revoke them.
Does anyone know why this wouldn't work/hasn't been implemented already? Or can you think of any improvements?
Also related, the roadmap says Jolla researched SELinux some time ago, so maybe there's a more elegant way of achieving this using SELinux?
| The Following 11 Users Say Thank You to Feathers McGraw For This Useful Post: | ||
|
|
2015-09-16
, 11:57
|
|
Posts: 337 |
Thanked: 891 times |
Joined on Jul 2012
@ Royaume Uni.
|
#395
|
Originally Posted by pichlo
Agree completely.
A bare OS, with no Android installed and no apps running, using 69% of the available RAM (gone up to 83% in 1.1.9) is a scandal. Fixing it may take a few months if you put your mind to it but it would be time well spent. That is exactly what Apple (Leopard->Snow Leopard) and Microsoft (Vista->7) did and it worked for them.
Either sort the memory issue out, or else give us a new phone with more memory. It drives me crazy that we have these much vaunted multi-tasking capabilities that we simply can't use because apps have to be continuous recycled like in Android.
| The Following 2 Users Say Thank You to NokiaFanatic For This Useful Post: | ||
 |
|
2015-09-16
, 12:05
|
|
Posts: 1,986 |
Thanked: 7,698 times |
Joined on Dec 2010
@ Dayton, Ohio
|
#396
|
I sense a contradiction here:
I guess I'm saying, can you really convince Jolla that full open-source is going to help their business? Cause right now, I'm just not seeing it...
Originally Posted by dcaliste
and
The Jolla phone is my only phone. I cannot contribute to something that would stay as a toy on a board, I don't have enough time for that, so everything that is fully Open Source but lacks the capability of being my main phone in mundane life is a no go for me, sadly
Originally Posted by dcaliste
Ok, here's the problem I see: as you say, the fully open mobile devices are still "toys on a board". Only the organizations that have adopted closed-source practices have devices viable for every-day work. So, just what are the advantages of Open Source, then? If, for example, Nemo can never become a viable product, why should anybody at Jolla want to adopt the same strategy as Nemo?
I don't simply understand why they are not releasing as Open Source all the small applications of SFOS (calculator, calendar, mail…).
...
The only reasonable explanation that I imagine is a lack of Open Source advantages understanding from the management…
I guess I'm saying, can you really convince Jolla that full open-source is going to help their business? Cause right now, I'm just not seeing it...
| The Following 2 Users Say Thank You to Copernicus For This Useful Post: | ||
|
|
2015-09-16
, 12:13
|
|
Posts: 702 |
Thanked: 2,059 times |
Joined on Feb 2011
@ UK
|
#397
|
Originally Posted by NokiaFanatic
Absolutely. I'd been through a few Android phones before getting devices with 2GB and 3GB of RAM and on Android it's night and day compared to phones with 1GB or less. On Symbian it was always 'never buy a phone with less than 128MB' of course so it is kind of bonkers we're talking about multi-GB now but chips are a cheap fix.
Either sort the memory issue out, or else give us a new phone with more memory. It drives me crazy that we have these much vaunted multi-tasking capabilities that we simply can't use because apps have to be continuous recycled like in Android.
Jolla expect to run Sailfish AND Android in less than 1GB so they either need to optimise the fudge out of Sailfish or port it to devices with more RAM.
...and fix CalDAV
|
|
2015-09-16
, 12:17
|
|
Posts: 1,986 |
Thanked: 7,698 times |
Joined on Dec 2010
@ Dayton, Ohio
|
#398
|
Originally Posted by javispedro
I'd love to share your point of view, but in the absence of viable fully open mobile operating systems, I'm not finding a lot of valid reasons to go open-source either.
Please note that IMHO, in the absence of valid reasons for going closed source, the default should be free software. In this day and age, I'm just no longer entertaining the opposite point of view.
Just where is the community support for community-based software? Why is there so much interest in trying to make commercial software open, when open-source alternatives already exist? And, if Jolla did fully open-source Sailfish, would anybody actually work on it, or would they just go to the next piece of commercially-built software and demand that it become open as well?
Originally Posted by javispedro
Cool! So, I've gotta ask, just where are the fully open Mer-based devices? Jolla doesn't have a patent on Mer or anything; just what is stopping another company from building one?
Mer, Replicant, etc. do not currently ship devices with support and that's something I'm willing to pay for. Note this would be closer to the role I wish Jolla had: selling working Mer devices and supporting them.
| The Following User Says Thank You to Copernicus For This Useful Post: | ||
|
|
2015-09-16
, 12:31
|
|
Posts: 285 |
Thanked: 1,900 times |
Joined on Feb 2010
|
#399
|
Originally Posted by Feathers McGraw
Good luck.
Right... wish me luck, I'm going to try and pull ths in a slightly more constructive direction and talk about something Jolla could change without turning their business model upside-down:
I read somewhere before that a big chunk of Red Hat support contracts are with the US military. If Jolla wants to capture part of the government/military market, they desperately need to improve the security model on Sailfish. There has been some talk of "Sailfish Secure" but as far as I can tell nothing has materialised so far.
I'd also like to point out that there are numerous endeavors that have ended up in bankruptcy or just ceased operations on FOSS consumer market. Even Canonical is funding their consumer desktop operations using revenue generated from enterprise as the consumer operations income don't really cover the costs. It may be different though within mobile space as it's more difficult to implement those sources into working device.
...installed apps could therefore install other things (that run as root) without authentication!
Another thing is that (if I understand it correctly, please correct me if I'm wrong) root privileges are by default beyond the reach of regular user in Sailfish. You need to enable developer mode and set the password to be able to get root privileges. This IMO is safer than having users with either default passwords or those 123456-style passwords for root in their devices. This doesn't mean that user or malicious software is not able to do harm, as the important stuff (like contacts, other personal data) needs to be accessed by nemo.
Also related, the roadmap says Jolla researched SELinux some time ago, so maybe there's a more elegant way of achieving this using SELinux?
Last edited by JulmaHerra; 2015-09-16 at 12:37.
| The Following 4 Users Say Thank You to JulmaHerra For This Useful Post: | ||
|
|
2015-09-16
, 12:38
|
|
Posts: 1,548 |
Thanked: 7,510 times |
Joined on Apr 2010
@ Czech Republic
|
#400
|
Originally Posted by Feathers McGraw
Check the xdg-app project, it aims to pretty much that - fully sandboxed GUI/desktop applications. Citing:
Does anyone know why this wouldn't work/hasn't been implemented already? Or can you think of any improvements?
There are two main goals with this project.
We want to make it possible for 3rd parties to create and distribute applications that works on multiple distributions.
We want to run the applications with as little access as possible to the host. (For example user files or network access)
In the long run the sandboxing aspect is very important as it allow you to trust the applications less, which is important for users of 3rd party applications. It also gives the user some level of protection against things that were historically not handled by the security system on unix (which is primarily focused on protecting the system installation against the user).
The sandboxing is done with a set of technologies, including:
cgroups
namespaces
selinux
kdbus
wayland (because X11 is inherently insecure)
In particular, kdbus is very important as it allows us to have an efficient very expressive IPC mechanism with access-validation by the kernel.
__________________
modRana: a flexible GPS navigation system
Mieru: a flexible manga and comic book reader
Universal Components - a solution for native looking yet component set independent QML appliactions (QtQuick Controls 2 & Silica supported as backends)
modRana: a flexible GPS navigation system
Mieru: a flexible manga and comic book reader
Universal Components - a solution for native looking yet component set independent QML appliactions (QtQuick Controls 2 & Silica supported as backends)
| The Following 4 Users Say Thank You to MartinK For This Useful Post: | ||
A fellow TMO member once asked me about my Jolla experience to help him decide whether to buy one. Like me, he had an N900 and an N9 before. I just looked up my response, it was sent on 2014-12-17. It is quite long and I am not going to copy it here but I have to say, having re-read it again, it saddens me to see that none of the points I mentioned there have been addressed. For example, the lack of a global copy and paste.
Nevertheless, the gist of that write-up was, "it has some potential but it is not quite there yet", with an implied belief that it would get there eventually. Now, nearly a year on, I would have written a different summary: "The potential was there but has been completely wasted."
Yet I think there is still a chance. But that would require a complete U-turn on Jolla's side. Stop fidgeting with the UI. It is not perfect but it will do as it is. Focus on things people are actually asking for. Fix or implement basic functionality. Fix the truly terrible memory consumption and management. A bare OS, with no Android installed and no apps running, using 69% of the available RAM (gone up to 83% in 1.1.9) is a scandal. Fixing it may take a few months if you put your mind to it but it would be time well spent. That is exactly what Apple (Leopard->Snow Leopard) and Microsoft (Vista->7) did and it worked for them.
Otherwise the future is bleak. More and more peole will move on, leaving behind only those still refusing to accept the reality. As their concentration increases, so will their cognitive dissonance which they will vent by an increasing aggresivity towards the few remaining people with some common sense. Eventually, the only Jolla's users left would be the 1000 or so die-hard yes-men, Jolla will stop receiving any useful feedabck and the system will collapse. A business cannot exist with such a small user base for very long.