Hi all,
I wanted to discuss potential advantages of NitroPhone over other solutions on the security-convenience spectrum (this discussion voluntarily excludes privacy aspects for example).
Use-casel:
- best defense against hackers who try to gain access to your computer through email, dowloads, apps/browsers, intercepting your wireless if attacker is in your neighbourhood…
- NOT interedted in cases where attacker has physical access to my machine
- NOT interested in government level security/threat mitigation, non-disclosed 0-days etc.
- essentially for web browsing, emailing, downloading documents, watching videos (youtube, netflix…). Minimal use of applications (the most basic). No banking apps for example.
After quite a lot of reading on the topic, here are my conclusions:
- Security: both NitroPhone and NitroPC/NitroPad are secure but little advantage for Nitrophone ?
1- “InfraOS”-level :
Debatable but I believe that, as ot today, there is a little extra assurance for the NitroPhone as although underneath google pixel is (surprise) google firmware and not opensource, I have confidence in people at grapheneOS making sure it is relatively bullet proof. On the other hand, the team at Nitrokey is doing all they can to prevent damage from intel processor vulnerabilities.
However, considering my threat-model, although I want to take my security seriously, this aspect is not my main concern.
*2- **OS-level and above**: extra assurance with NitroPhone.*
a) For example, according to Madaidan’s blog (and others), mobile OSes are built with more security in mind than desktop OSes and points out some vulnerabilities in Qubes.
I consider those threats also to be too sophisticated for a target like me.
b) Bad OS configuration: this point is probably more of a main concern. It seems Qubes needs a lot of tweeking and configuring in order to be secure compared to Graphene, I could definitely see myself making mistakes (not considering the convenience issues yet)
c) Sandboxing vs VMs: it seems compartmentalising into VMs is not exactly the same as sandboxing (the latter offering more guarantees). Application sandboxing is a key feature in Graphene.
→ However to what extent does NitroPhone using wifi to connect to my wifi pose significant additional threat to let’s say a NitroPC connected via ethernet ? Is my NitroPhone wifi encrypted ? Can it be not only intercepted but most importantly deciphered?
- Convenience : big advantage for NitroPhone ?
1- Less configuration boilerplate for NitroPhone which comes in handy especially for the basic tasks of my use case (browsing, email, file downloading etc.)
2- NitroPhone less ressource hungry. You can do more tasks in parallel without worrying about maxing out ressources
3- Portability. I would say NitroPhone is slightly more portable than a NitroPad/NitroPC and NitroPhone is minimal in my use case. Maybe when needing on a train/car ?
4- Viewing and typing experience : great advantage for NotroPC/Pad ? Here is where I seem to have the biggest issue with NitroPhone. But it seems there are possibilities to plug the phone onto a monitor and keyboard as shown in the second config of this thread:
Thanks for reading !