I'll reply to this now, even though the thread has been dormant for
a bit.
Quoth Michael Spacefalcon:
I see that after your post, the thread on the mailing list veered off
into a discussion of security. But that diversion totally misses the
point: it isn't so much about secure communication as it is about the
Four Freedoms of software:
The four freedoms are about user freedom. And to me freedom from
surveillance is an very important aspect of living and thinking
freely. You're quite right the FSF don't explicitly list this, but
to me it is just as important as their four freedoms (and indeed
depends on them).
But anyway. Meeting the four freedoms is an excellent place to
start!
There also are some practical considerations that affect only feature
phones and not smartphones. I have yet to encounter a phone UI design
that doesn't suck, and I hope that most people on this list will agree
with me that being able to customize the UI to one's preferences is an
essential freedom that a geeky, empowered phone user should have - and
I mean *really* customize the UI, not just twiddle menu settings, but
being able to study, modify or even totally rewrite the UI code.
The ability to customise is good, but to be honest I am OK with just
learning whatever weird idioms and bugs exist on a platform and
working around them. Though obviously I've never had much choice
before.
Now look at the situation from the perspective of a user who does NOT
want his or her phone to be anything other than a plain phone. For
such a user, a non-smart feature phone ought to be ideal, but if the
user also wants the freedom to fully own the UI design, s/he currently
has to pay for an otherwise completely unnecessary application
processor. And when I say pay for, I'm *not* referring to the
purchase price of the device - I would gladly pay a lot more for my
ideal Free Dumb Phone than the most expensive GTA04 or Ubuntu Edge or
whatever. Instead I mean pay for in terms of carrying extra weight,
extra power consumption, extra system complexity otherwise unneeded,
many additional points of failure, etc.
*That* is what I seek to rectify with my Free Dumb Phone project,
aside from the moral issue. Freedom is a right that all phone users
should enjoy, not a privilege that's limited to just Linux smartphones
to the exclusion of non-smart feature phones.
Sounds great to me.
I've heard that the encryption used is really crappy, and while some
things like MITM forced reregistration to disable encryption and
ease surveillance could be countered by appropriate phone settings,
if the best encryption algorithm available can be cracked by a home
PC in a few days, you're still screwed.
The GSM encryption is a red herring - it makes absolutely no difference
whether it's there or not. Imagine if the GSM encryption were perfect
and unbreakable - what would change? Nothing. The over-the-air
encryption is only between the mobile station and the network. In a
public phone network, where you can dial the phone number of any
stranger and hear each other's voices if the other party answers,
encryption can't be end-to-end. The network has to be able to decrypt
with one end's key and re-encrypt with a different key for the other
end, so the network itself has (and must have) access to the cleartext
form of your digitized voice.
If I am the world's most wanted criminal and enemy #1 of all major
governments, and they want to spy on my phone conversations, they
aren't going to bother with cracking GSM over-the-air encryption,
they'll just put in a lawful intercept at the switch.
The only way to render all lawful intercept mechanisms ineffective
is to use end-to-end encryption. That won't work when calling
strangers, or calling the transit line to check bus/train schedules
etc, but it's a very feasible mechanism for private and secure
communication mechanism among family members, friends etc.
Aah, thanks for the clarification. Of course you're right, I hadn't
thought through the GSM encryption thing, but of course it's only
between the mobile station and the network. So yes, end-to-end is
the only way, and that will obviously be a more distant goal (and
one that sadly is impossible to make compatible with many other
things). Fine.
Because one of the nice things of free software traditionally has
been the ability to say it's free software, so I can do what I like
with it, and you can't invoke state violence against me for doing
so,
Counter state violence with your own violence: raise your own army
that can challenge the forces of the state on a tactical battlefield.
It isn't too hard, we did it successfully back in 1917, and we can do
it again.
This is where we certainly differ. State violence is awful, but
organise to counter it with your own violence and you'll at best
replace their bad reigime backed by violence with your good
regime backed by