Day 6
Hello,
I've had a bit more time to play with the FairPhone now and get more used to its specific set of nuances.
For me personally the lack of NFC is a bit of a pain, as this means many of the daily security tasks I take for granted are a bit harder to perform, although admitedly, this will not affect most people, nor will it affect anyone in the workplace as far as I can tell, its just a personal niggle and also means that you are unable to use Android Pay should you wish, or any card services that can be replaced by NFC.
Another thing I have noticed today is the slower than average processor, I'm not a big gamer or anything like that, but some apps I use I have noticed a slowdown in, I think this is probably a combination of low memory (2GB) and a CPU that is a few generations old, I particularly noticed it with LastPass when decrypting my vault, and a few times using the MS Outlook app when syncing.
I have also found it amusing going back to Android 6 from my current phone's Android 8.1, it's like stepping back in time a bit, and a testament to how far Android has come, even in a few generations since.
I need to investigate the continued support (if any) for Android 6, as being a security professional, and generally security conscious, it is always on my mind when a device is running a much older version of an OS.
Don't get me wrong, I still completely agree with the ethos of the device, I jut think that to market something like this in the current hyper competetive mobile space, you really need to be running the bleeding edge latest OS, and have a more up to date CPU, but that is my opinion only and is of course subjective.
The built in updater seems to work well, and I have had a couple of updates since turning the phone on for the first time, these seem to be mostly security patches, which is a good thing, but no OS updates as of yet.
I am going to investigate the bootloader next, and see if there are any options for custom ROMs or ROM updates either official or unnoficial.
I will continue to work my way through the corporate apps and see how they fare on the device.
Update:
Having done some more research now, I have just come across the FairPhone latest OS release notes, there are some things listed here that are of note to me from a security perspective:
https://support.fairphone.com/hc/en-us/articles/208342503-Fairphone-OS-for-Fairphone-2-Release-Notes
Fairphone OS version 18.01.1 (Android 6.0) - 11 January, 2018
What's new
This article led me to look into Project Treble support for the FairPhone, it would appear that currently Project Treble is not supported, which is a shame as it would eliminate most vendor specific issues with patches, allowing for Android core components and services to be updated in an vendor angnostic way instead of having to wait for carrier and vendor patches specifically.
You can find out more about project treble here:
https://source.android.com/devices/architecture/treble
I've had a bit more time to play with the FairPhone now and get more used to its specific set of nuances.
For me personally the lack of NFC is a bit of a pain, as this means many of the daily security tasks I take for granted are a bit harder to perform, although admitedly, this will not affect most people, nor will it affect anyone in the workplace as far as I can tell, its just a personal niggle and also means that you are unable to use Android Pay should you wish, or any card services that can be replaced by NFC.
Another thing I have noticed today is the slower than average processor, I'm not a big gamer or anything like that, but some apps I use I have noticed a slowdown in, I think this is probably a combination of low memory (2GB) and a CPU that is a few generations old, I particularly noticed it with LastPass when decrypting my vault, and a few times using the MS Outlook app when syncing.
I have also found it amusing going back to Android 6 from my current phone's Android 8.1, it's like stepping back in time a bit, and a testament to how far Android has come, even in a few generations since.
I need to investigate the continued support (if any) for Android 6, as being a security professional, and generally security conscious, it is always on my mind when a device is running a much older version of an OS.
Don't get me wrong, I still completely agree with the ethos of the device, I jut think that to market something like this in the current hyper competetive mobile space, you really need to be running the bleeding edge latest OS, and have a more up to date CPU, but that is my opinion only and is of course subjective.
The built in updater seems to work well, and I have had a couple of updates since turning the phone on for the first time, these seem to be mostly security patches, which is a good thing, but no OS updates as of yet.
I am going to investigate the bootloader next, and see if there are any options for custom ROMs or ROM updates either official or unnoficial.
I will continue to work my way through the corporate apps and see how they fare on the device.
Update:
Having done some more research now, I have just come across the FairPhone latest OS release notes, there are some things listed here that are of note to me from a security perspective:
https://support.fairphone.com/hc/en-us/articles/208342503-Fairphone-OS-for-Fairphone-2-Release-Notes
Fairphone OS version 18.01.1 (Android 6.0) - 11 January, 2018
What's new
- Security fixes* – Android Public Security Bulletin from January 2018 (partial)
Please note: Due to missing platform vendor specific patches, the Android security patch level will remain December 1, 2017. Protecting our users is our top priority, and as this month's software update addresses some important security issues, we have decided to not wait with releasing this month's update. We are working closely with our platform vendor to address the remaining issues as quickly as possible.
What this essentially means is the hardware vendor (that make the actualy phone motherboard if you will) have not kept up with the vendor specific patching for the OS, hence only a partial implimentation of the January security patch, admittedly most of the main OS vulnerabilities have been patched, but some low level and hardware specific ones remain, this has set off some alarm bells in my mind.
This article led me to look into Project Treble support for the FairPhone, it would appear that currently Project Treble is not supported, which is a shame as it would eliminate most vendor specific issues with patches, allowing for Android core components and services to be updated in an vendor angnostic way instead of having to wait for carrier and vendor patches specifically.
You can find out more about project treble here:
https://source.android.com/devices/architecture/treble
Comments
Post a Comment