I have found this tonight and would like to make some suggestions to bring about success. I open these suggestions to other projects to be discussed there as well.
“We are walking in a dark path, allowing undesirables to one day influence and control our lives. While we may trust certain entities today, the doors opened can be used by anybody, and in future maybe used that way.”
I have some design experience, but have not been well enough for coding for a long time.
I will start with improving privacy, then follow up with suggestions for the success of the OS. Some of these are commercial moves to hold the tide against commercial competition.
While you can make the OS private, you do not know what hackers have put in, or what is running in the phone section and firmware! But there is a way around this. 1 Encrypt your pipes of data and communications in such a way that hacks, or things external to the OS, have trouble intercepting or deciphering them. Second, you build the OS, you know exactly what the binaries are for all code, an unexpected binary is a hack or corruption. This also goes for binaries in memory. Third, you know the behaviour of all code, data files, data flow, hardware and network connections, any deviation in expected behaviour Maybe a hack. Fourth, if the behaviour is not estimable, recode and separate until you have something that has behaviour which is able to be estimated, leaving inconsequential inestimable behaviour separate (such as variable data away from binaries and static data). It then is possible to instantly detect corruption and hacks, and to stop, deal and heal them. Fifth, monitor and examine system usage outside the OS and Apps, to detect if the underlying hardware has been compromised, or firmware, or phone control etc. It is hard to hide such things, as there will be unexplained or irregular leakage, and the OS can test for performance and resource fluctuations. An underlying compromise can try to hide by generating a constant load between doing something for itself, or restrict the OS from seeing the full portion of cycles, but there is a precise number of cycles the hardware should have, if it doesn’t, it indicates the phone is compromised. This is a long term goal, requiring a lot of modeling and research to reach this level of privacy. Also, be careful of execute in place attacks, where the processing cycles are done off system in a memory card, sim, USB or even wireless. Speaker as microphone/microphone data connection/sensor/reverse oled as imager, are other unusual attack avenues (this possibly includes LCD led array scanning if there is a segmented led array zone control).
A simple one run way to install the new OS by: backing up all user app data (chrome web browser, tabs and tab history, history, bookmarks, angry birds app progress data etc) then to swap in the new OS and reroute apps and app data to it, using the backups if there is a problem. This would give the user no problems converting to the new OS. One of the biggest issues to preventing people joining, is loss of app data (and loss of services).
To virtualise all apps and permissions, and virtualise internet access through one local virtual network per app instance with permissions control. This allows existing apps to be used. A database of acceptable permissions for that app type, and of registered permissions, can be used to alert users of potential issues, and restrict down permissions automatically. If an app has done something it didn’t have permission to, security can detect that there is a problem in retrospect.
To enable backup of app data to off device local storage.
Separate virtual machines for each App, and separate package, service and item on or in the OS.
Lobbying with others for law changes in EU that mandate user app data backup to any external device chosen, and for such data to be able to be used with any other device or application. Also reconnecting the user app data to the App. Lobbying, for the transfer and reconnection of the app package as a whole which maybe encrypted except for the user app data unless the user chooses. All encrypted user app data the user has chosen to encrypt, to be freely and fully able to be decrypted by user using any suitable app. User is always given at least one commonly supported encryption option. Lobbying for the simple retrieval and backup of cloud data.
Doing deals with companies like IBM to do the OS for ultra private secure business phones, with backup. They put a billion dollars into setting up Linux code decades back. There is not a good secure phone base our there, and all their customers need them.
Attracting app developers onto the app store with paid versions of their apps.
Finding jurisdictions free from laws to force open or secret compliance, to run and host operations and move operations to instantly. Some small countries may like the income.
Keeping code and services dynamic with user local backup to reassign destination of users services instantly.
Hardware alliance and open contributions for development.
Working with and exchanging and partnering with other projects to move the code base forwards. Mixed teams of the best. An advanced code base can be collaborated on and shared around to everybody. The idea is to redesign items to work better, and to expand android. Each OS group keeping their own camp. May the best get the most installs.
Paid services to fund development and expansion.
Support for installable google apps in separate virtual machines, and routing of some (email, web etc) to local apps. I suggest also people like Vivaldi to do a paid purified private desktop level browser for additional choice.
Future Virtual machine support for Linux and Windows windows and screens through x86 binary transliteration. Looking beyond the handheld. I suggest looking at TextMaker Pro app as showing the lie that you can not have a desktop GUI like App on a tablet or mobile.