I'm actually in the process of trying out various attack vectors. I'm trying to find out if it's actually possible to get access to everything besides /home as the Xperia 10 III doesn't have any custom recoveries yet. About the encryption I'm not sure tho. I could try and also encrypt dalvik using the same LUKS encryption but im afraid that might break some things. At least the /home folder is fairly safe if you choose a strong enough password.
Honestly? It feels janky. I got it on the latest Xperia 10 III and it feels like a cheap toy compared to a Samsung Galaxy S21. The OS feels rough. The navigation gestures fail regularly (you use the same gesture for going back in an app and going back to the home screen. I often end up not getting back to the home screen but going back in the app.)
Android Apps feel stuttery. I compared surfing the same webpage on the built-in browser and brave browser thru Android. Jerboa is stuttery too when compared to a Samsung Galaxy. It's def the Android layer and not the hardware as the native stuff works smoothly. Another concern of mine is the encryption. To my understanding the only encrypted part about the OS is the /home folder nothing else. Android runs in /opt tho (except for the sdcard stuff. That's in the /home folder). This means all configs and passwords and stuff is freely accessible when the device gets accessed thru a third party(?).
However! It's really cool as it's unusual and it runs linux so you are free to do whatever you feel like. That's a huge plus. In my opinion: if you need many android apps in your daily life, better go with something like GrapheneOS. Sailfish is great if you use the native stuff and occasionally android apps. (Although.. now that I think about it. The built-in weather app doesn't currently work as the api key jolla used to access the weather service isn't valid anymore..)
I agree!
- sent from Sailfish OS
"Motherlode": $4.99 for 25k Simleons
I found out that all app related android stuff is actually located in /home/.android/ so it seems your data is fairly secure - provided your encryption key is reasonably good. I also tried enabling Android Stock Encryption through the dalvik settings but Android Support just crashes when trying to enable that. Must be because Android is just translated and not emulated and the devs didn't implement the encryption.