PureOS isn't as secure as it says it is
Open, Needs TriagePublic

Description

I recently saw this video from a YouTuber (Switched to Linux) that shows that PureOS doesn't have any of the special modifications that the website says it does. I decided to test this in my own VM, and so I downloaded and verified my ISO for PureOS. In the live environment, I get the same results that Switched to Linux (the youtuber) mentions, with none of the extensions installed, Google as default, etc. After the installation, the same results show up.

For "A user friendly, secure and freedom respecting OS for your daily usage", this doesn't seem really secure at all. This is basically a version of debian with a "secure" browser, and gnome slapped on top of it all (with a Plasma version on the download server). This makes me question about the Librem 5. Will it have the same problems as this OS does?

I've also noticed firefox esr 46, which is out of date compared to esr 52 and 60.

EchedeyLR added a subscriber: EchedeyLR.EditedJul 23 2018, 8:02 PM

PureOS 8 is still in beta state. Maybe, the developers will add some features later.

There are packet conflicts and they have to choose and prepare the default software, among other problems ...

EchedeyLR added a comment.EditedJul 23 2018, 8:08 PM

On the browser case, it would be great if you compare the about:config between firefox (the based version) and purebrowser. On many firefox forks related with privacy and security (like tor browser) about:config have a lot of changes or some of them like disable location services, referer or website fonts, etc.

PD: I have not compared them, i have not idea about changes, etc. I only believe these changes would be added.

d3vid added a subscriber: d3vid.Jul 24 2018, 8:57 AM

@SheepKid12 regarding the PureBrowser version, I get:

$ purebrowser --version                                                                                                                                             
Purism PureBrowser 52.9.0

...as expected. Is your package up-to-date?

Additionally, can you create a ticket for each actionable issue and/or link to existing tickets. See, for example, https://tracker.pureos.net/project/profile/1/ for a list of existing PureBrowser issues.

I saw the older version in the repos, that's why I thought that's what was installed. Sorry for that.

hethi added a subscriber: hethi.Jul 25 2018, 3:27 PM

Add Comment