• 0 Posts
  • 8 Comments
Joined 1 year ago
cake
Cake day: December 6th, 2023

help-circle






  • From what I can find it has a quad-core Cortex-A7 ARM32 chip, a.k.a Mediatek MT8321, with 1 GB of RAM and 8 GB of storage, which is not plenty for a device running Android 8.

    Your best bet for running “Linux OS” is postmarketOS. But the ARM world is a lot different than the x86 world that you might be familiar with: you can’t just “install” any OS on an ARM platform, you need to port it (write code & tweak config) for each device. And the only device that has the same SoC does not look good.

    So you next best choice is probably Termux. It could be installed on any Android devices, and provides a decent “Linux” environment that are pretty close to a real Linux console. Of course, it’s really difficult to run GUI applications, and running things like Docker would probably be out of the questions (ARM32 already had pretty rough Docker support as-is). But still, it’s a good way to get your hands dirty with Linux, and you can definitely use them for quite a few things: writing C or Python code on the go, get familiar with command line, or just run a few small services (e.g. SSH for remote connection, NginX for web server). The possibilities are still endless.

    Now, as for the de-googling part, you will still need a custom ROM for this, and I’m not even sure if your device even support flashing third-party ROMs (some carriers would lock it down), so it might not be possible to flash an entire new OS, but someone else seemed to have already posted a potential ROM you could try. Still, you can still find some tutorials that can help you disable as much Google as possible with ADB command, which you might need to adapt to your specific device.


  • The first link is basically an “advertisment hidden in a normal, professional-looking article”. All they’re saying is how these ways are not secure, but most importanly, how their solution is more secure, published under their own site.

    When you take this into account, their claims start to break down: while yes, email and SMS MFA might be inherently less secure since the code could be transmitted via an insecure channel, saying TOTP is not not secure because “you device can be hacked” is a kinda bad take: if your device is already hacked, you’d have a much bigger problem: even if you are using security keys, the hacker would already have access to whatever service you might be trying to protect. As for the lost/stolen case mentioned in the article, if you put TOTP code in a password manager (as most would probably do if they’re doing this), that shouldn’t be a problem. The only way this would be a problem is that the TOTP secret is stored in plain text, which would be the same for any authentication methods.