2167 sats \ 1 reply \ @final 18 Jun 2023 \ on: Competing with Apple and Google - A Weekend Discussion tech
If I had money this is how I would do it:
Create a large scale open-source project and back it behind an organisation/company similar to the AOSP, Ubuntu or Sourcehut business model. Initially start as a project for other devices to reduce cost and achieve funds, and eventually work with an OEM to manufacture a hardware device for that with said funds.
A possible solution is crowdfunding like Purism and MNT Reform did, I think it could work well if done correctly. GrapheneOS's non-profit organisation + co-operation with OEM's approach could also work if not to start a business or crowdfund.
PINE64 often sells products with minimal profit and lower specs/quality assurance at the start of the product releasing so the first people to buy are developers, testers and early adopters. They then usually raise the price after quality of the software improves.
A problem with these other projects business wise I think worth to note:
-
Purism: Costly and limited product stock. For years I have never been able to get one, and I have heard the phone isn't that great either. The Linux Desktop-Mobile hybrid OS' kind of are not there development wise.
-
GrapheneOS: Has no hardware of it's own right now, a very successful project nonetheless. But it also isn't trying to be a competitor against Apple and Google for the sake of platforms but for the sake of security and privacy. GrapheneOS uses Android as the base has tough security models already.
-
PINE64: Mainly development kits rather than stable devices. I would not use my PinePhone as a daily driver. Has the same flaws Purism has but is way more successful due to the cheaper price in my opinion.
-
Solana Saga: Depends on a shitcoin, is just an Android phone with a "Web3" skin.
None of these projects other than GrapheneOS seemingly take security/privacy as the #1 priority either. Purism is more for the 'freedom' aspect, it is just a Linux desktop / Raspberry Pi like device with a cellular radio in a phone form factor. Developers of hardened Linux operating systems have made comments on the flaws of mobile Linux already.
The DEFINITIVE platform should be as secure as GrapheneOS or better, as cheap as Pine64 for easy adoption, and be focused at a large audience INCLUDING normal guys you find on the street. Unfortunately for success you need to also be compatible with popular platforms including shitcoins if it's going to be a cryptocurrency phone. I'd rather have 100,000 sales from various shitcoiners and bitcoiners than just 10,000 bitcoiners. You can make a Bitcoin-only variant to counteract.
OS developed with a microkernel/hypervisor that runs applications within virtualized sandboxes that communicate to one another with user permission. For Android app compatibility either virtualize Android instances for each app or make virtualized containers with an Android compatibility layer that takes care of permissions, OS integrations etc.
Kernel and OS modules would be made in a memory-safe language but another language is fine provided memory allocation is hardened and Core OS components could be virtualized like Windows 11's Device Guard. OS should be developed with a Defence in Depth and Safe by Default approach and apps should be designed with principle of least privilege. Apps should not be trusted.
OS shouldn't depend on a suite of services like iCloud or Google Play either.
I'd want developer friendly app distribution, free app repository with no account to download like Linux and Windows' Winget repository. Strong security requirements required for each app is needed, I like the standards Acresscent has.
There's a lot of things I'd want so I'll save this part for another time.
Phone would have a secondary pop-up, back, or fold display that works as the hardware wallet interface. The hardware wallet would run as it's own isolated component, with it's own firmware independent of the phone OS. The wallet and the OS would only be able to interact through an API. This is so if the phone OS was compromised or the app was, the wallet itself would not be. This would completely remove the reliance on Android / The app of choice to protect your keys. It should have security of a cold wallet but practical use like a hot wallet.
Wallet security model would have:
- Secure boot process where only firmware signed with the right keys are able to be flashed onto it, if the keys are changed, all secrets / wallets are wiped for safety.
- Reproducible builds for firmware of the wallet component
- Possible NFC or secondary USB port to interface with the wallet on another device if the phone's OS is not trusted.
- Hardware killswitch to manually turn off/disconnect the internal 'wallet' component from the phone OS to completely airgap as a choice.
- Secondary display prevents against attacks to the OS or apps that try and mislead by making transactions to incorrect addresses.
- Choice for Bitcoin only firmware for attack surface reduction
For hardware security the phone could have two secure elements, one which manages OS and app secrets like decryption keys to the encrypted disk, while the second element is within the wallet component to store the cryptocurrency seed so the phone cannot interact with the seed. This would also save time to not be developing support for Secp256k1 in the phone's secure element.
Applications would develop support for that wallet interface the same way mobile apps develop support for Trezor, Ledger etc. Maybe if the success is good I'd have a wallet app developed by the OS developers made just for it.
The wallet component could choose to handle Nostr keys if possible.
I wouldn't mandate a Nostr app of choice as I don't know a lot about what's best.
And then after all that is done: Likely fail the project after the first release cause there wasn't enough people to buy it...
Congratulations! This was the top comment of the day, one year ago today.
reply