[Replicant] Replicant risks

John replicantor at riseup.net
Sun Oct 6 16:18:41 UTC 2024


On Tue, 1 Oct 2024 00:53:57 +0200 Denis 'GNUtoo' Carikli via Replicant
wrote:

> First the browser component shipped by Replicant is outdated, so it's
> probably trivial for a website to take control of the phone. The
> system browser component is used in a lot of applications shipped by
> F-Droid.

Is it not possible to use an alternative better browser? (which?)

> But it doesn't stop here as there could be unpatched vulnerabilities
> everywhere in the system, including in things like the SMS application
> for instance.
> 
> So even if the phone is not connected to Internet there are still
> risks.
> 
> Denis.

But such risks exist in all Android versions, no?
So, perhaps the even more important questions related to that are:

- How does Replicant compare to alternatives security-wise?
- What can be done to improve things without sacrificing freedom?


More information about the Replicant mailing list