SilverLABS/SilverMetal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(naming): adopt OS / Enhanced product-line framing + align with existing repos

Browse Source 
Two product lines, named to make scope obvious to buyers:
- 🔒 SilverMetal OS — we ship the operating system or ROM
  (Linux, Pixel, Samsung-unlocked, Motorola-unlocked)
- 🛡️ SilverMetal Enhanced — we harden the OS the device already runs
  (Windows, macOS, iOS, generic Android)

Repo alignment:
- SilverVPN already exists as a SilverLABS product (server + MAUI client +
  Linux client + tunnel service). stack/vpn/ is now an integration pointer
  rather than a re-scaffold; per-platform READMEs reference it.
- SilverApple is deprecated; SilverMetal Enhanced — iOS supersedes it.
  Migration step added as roadmap milestone 3I.1.
- SilverDROID name clash explicitly noted as unrelated (it's the SilverSHELL
  AppStore Android client, not an Android ROM).
- SilverChat may overlap with SilverVPN.Client.Chat; alignment decision
  added as roadmap milestone 1.1.1.

Roadmap restructured: phases now track the OS/Enhanced split.
Platform matrix re-sectioned and decision flowchart updated.
README rewritten around the two-product-line framing.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
SysAdmin
2026-04-25 03:30:45 +01:00
parent 7d5f9cc246
commit 0a0075ce66
10 changed files with 316 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

135
docs/platform-matrix.md
View File

@@ -2,8 +2,17 @@
The honest per-platform capability and pros/cons table. This is what a buyer sees on each product page so they can choose based on their actual constraint.
## The two product lines
| Line | What it means | When you'd buy it |
|---|---|---|
| **🔒 SilverMetal OS** | We ship the OS or ROM | You're choosing a device with privacy as a priority, or you're willing to replace your existing OS |
| **🛡️ SilverMetal Enhanced** | We harden the OS your device already runs | You can't or don't want to replace your OS — corporate device, iPhone, or you're staying on Windows |
## Hardening tiers
Independent of product line, each platform has a tier reflecting how deep our hardening can physically reach:
| Tier | What it means |
|---|---|
| **A — Fully controllable** | We own the kernel, boot chain, MAC framework, and update infrastructure |
@@ -13,20 +22,27 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
## Capability summary
| Platform | Tier | Deliverable | Stack support |
### SilverMetal OS (we ship the OS/ROM)
| Platform | Tier | Deliverable | Stack |
|---|---|---|---|
| SilverMetal Linux | A | Custom Debian/Kicksecure-based ISO | Full, native |
| SilverMetal Droid (Pixel) | B | GrapheneOS-fork ROM | Full, native |
| SilverMetal Droid (Samsung) | C | LineageOS-fork ROM where bootloader unlocks; profile + Stack elsewhere | Full where ROM, Stack-only otherwise |
| SilverMetal Droid (Motorola) | C | DivestOS/LineageOS-fork ROM on supported models | Full where supported |
| SilverMetal Droid (generic) | D | "Harden any Android" — Stack + work-profile config | Stack + config only |
| SilverMetal Windows | C | LTSC IoT installer + hardening + Stack | Full (Stack apps run native) |
| SilverMetal macOS | C-D | Signed config profile + setup script + Stack | Full (Stack apps run native) |
| SilverMetal iOS | D | MDM profile + Stack from App Store | Full (Stack apps via App Store) |
| **OS — Linux** | A | Custom Debian/Kicksecure-based ISO | Full, native |
| **OS — Pixel** | B | GrapheneOS-fork ROM | Full, native |
| **OS — Samsung** | C | LineageOS-fork ROM (unlocked-bootloader models) | Full, native |
| **OS — Motorola** | C | DivestOS/LineageOS-fork ROM (supported models) | Full, native |
### SilverMetal Enhanced (we harden the OS in place)
| Platform | Tier | Deliverable | Stack |
|---|---|---|---|
| **Enhanced — Windows** | C | LTSC IoT installer + hardening + Stack | Full (Stack apps run native) |
| **Enhanced — macOS** | C-D | Signed config profile + setup script + Stack | Full (Stack apps run native) |
| **Enhanced — iOS** | D | MDM profile + Stack from App Store | Full (Stack apps via App Store) |
| **Enhanced — Android** | D | "Harden your existing Android" — Stack + work-profile config | Stack + config only |
## Per-platform pros / cons
### SilverMetal Linux (Tier A)
### 🔒 SilverMetal OS — Linux (Tier A)
**Reference setup. The strongest possible SilverMetal device.**
**Pros**
@@ -44,11 +60,11 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
- Some games, particularly anti-cheat-protected titles, will not run
- Hardware compatibility needs checking before purchase (Coreboot SKUs are best-supported)
**Best for**: users whose work is browser + email + office docs + dev + comms; anyone who would otherwise install Linux themselves; the maximum-privacy buyer.
**Best for**: maximum-privacy buyer; anyone whose work is browser + email + office docs + dev + comms.
---
### SilverMetal Droid — Pixel flagship (Tier B)
### 🔒 SilverMetal OS — Pixel (Tier B)
**The secure-phone flagship. GrapheneOS-tier engineering.**
**Pros**
@@ -64,30 +80,29 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
- Some banking apps and corporate apps refuse to run on non-Play-Integrity devices (workaround: sandboxed Play, but breaks the airtight model)
- Not all carriers support all Pixel models cleanly
**Best for**: the "secure phone" buyer, journalists, activists, anyone who would otherwise buy an Encrochat-style rebadged phone but wants real engineering.
**Best for**: the "secure phone" buyer; journalists, activists; anyone who would otherwise buy an Encrochat-style rebadged phone but wants real engineering.
---
### SilverMetal Droid — Samsung (Tier C)
**For users on Samsung hardware. Variable depending on model and region.**
### 🔒 SilverMetal OS — Samsung (Tier C)
**For users on Samsung hardware with unlockable bootloader.**
**Pros**
- Wide hardware availability and price range
- LineageOS / DivestOS fork for unlocked-bootloader regions gives most of the benefit
- Knox security layer is genuinely capable on locked models
- Full SilverLABS Stack supported either way
- LineageOS / DivestOS fork on unlocked-bootloader regions delivers most of the benefit
- Knox security layer is genuinely capable (when bootloader is unlocked, Knox is tripped — accept this trade)
**Cons**
- Many Samsung models — especially US-carrier models — have permanently locked bootloaders; we cannot replace the OS
- Many Samsung models — especially US-carrier models — have permanently locked bootloaders; SilverMetal OS — Samsung is not available on those (use Enhanced — Android instead)
- Even on unlocked bootloader, we lose verified boot rooting back to our key
- Knox tripped flag is permanent; some Samsung features (Samsung Pay, Knox-protected work apps) may stop working
- Knox tripped flag is permanent; some Samsung features (Samsung Pay, Knox-protected work apps) stop working
**Best for**: existing Samsung owners; buyers wanting a non-Pixel Android with strong-enough hardening.
**Best for**: Samsung owners who want real ROM-level hardening and accept the Knox trade-off.
---
### SilverMetal Droid — Motorola (Tier C)
**For users on Motorola hardware. Best Android option after Pixel for unlocked-bootloader hardening.**
### 🔒 SilverMetal OS — Motorola (Tier C)
**For users on Motorola hardware. Best ROM option after Pixel for unlocked-bootloader hardening.**
**Pros**
- Many Moto models support bootloader unlock cleanly
@@ -104,26 +119,7 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
---
### SilverMetal Droid — Generic / "harden my existing Android" (Tier D)
**For users who already own an Android and won't / can't replace the ROM.**
**Pros**
- Works on virtually any Android 13+ device
- Full SilverLABS Stack runs (Browser, VPN, Sync, etc.)
- Work-profile-based isolation contains tracking apps in a managed sandbox
- No bootloader unlock required; no warranty void
**Cons**
- We do not control the OS — Google + your OEM still do
- Verified boot is your OEM's, not ours
- Telemetry from OS-level Google services cannot be fully blocked without a ROM swap
- Honest tier label: D, weakest Android tier
**Best for**: existing Android owners who want privacy improvements without buying new hardware or unlocking their bootloader.
---
### SilverMetal Windows (Tier C)
### 🛡️ SilverMetal Enhanced — Windows (Tier C)
**For users locked into Windows-only software.**
**Pros**
@@ -145,7 +141,7 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
---
### SilverMetal macOS (Tier C-D)
### 🛡️ SilverMetal Enhanced — macOS (Tier C-D)
**For Mac-committed users.**
**Pros**
@@ -166,7 +162,7 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
---
### SilverMetal iOS (Tier D)
### 🛡️ SilverMetal Enhanced — iOS (Tier D)
**For iPhone users.**
**Pros**
@@ -182,27 +178,46 @@ The honest per-platform capability and pros/cons table. This is what a buyer see
- Configuration profile + MDM applies; cannot modify iOS itself
- Honest tier label: D, weakest tier in the family — *we say this in marketing*
**Best for**: users whose threat model is commercial surveillance (not state-actor targeting) and who need to stay on iPhone for personal/work reasons.
**Best for**: users whose threat model is commercial surveillance (not state-actor targeting) and who need to stay on iPhone.
---
### 🛡️ SilverMetal Enhanced — Android (Tier D)
**For users who already own an Android (any vendor) and won't / can't replace the ROM.**
**Pros**
- Works on virtually any Android 13+ device — Samsung locked-bootloader models, OEMs we don't have ROMs for, hand-me-down phones
- Full SilverLABS Stack runs (Browser, VPN, Sync, etc.)
- Work-profile-based isolation contains tracking apps in a managed sandbox
- No bootloader unlock required; no warranty void
**Cons**
- We do not control the OS — Google + your OEM still do
- Verified boot is your OEM's, not ours
- Telemetry from OS-level Google services cannot be fully blocked without a ROM swap
- Honest tier label: D, weakest Android tier — *we say this in marketing*
**Best for**: existing Android owners who want privacy improvements without buying new hardware or unlocking their bootloader.
## Decision flowchart
```
Does the user need maximum privacy and is software-flexible?
→ SilverMetal Linux
Are you choosing a new device, or hardening one you already own?
Does the user need a phone, primarily?
→ Pixel? → SilverMetal Droid Flagship
→ Samsung/Motorola with unlocked bootloader? → matching ROM tier
→ iPhone or locked Android? → corresponding profile tier
CHOOSING NEW
Need maximum privacy and software-flexible? → 🔒 SilverMetal OS — Linux
Need a phone, primarily?
Pixel ok? → 🔒 SilverMetal OS — Pixel
Samsung (unlocked bootloader region)? → 🔒 SilverMetal OS — Samsung
Motorola (supported model)? → 🔒 SilverMetal OS — Motorola
Want iPhone? → 🛡️ SilverMetal Enhanced — iOS
Does the user need Windows-only software?
SilverMetal Windows
Is the user Mac-committed?
→ SilverMetal macOS
Does the user already own a device they're keeping?
→ The corresponding "profile" or "harden existing" tier
ALREADY OWN A DEVICE
Windows machine you keep? → 🛡️ SilverMetal Enhanced — Windows
Mac you keep? → 🛡️ SilverMetal Enhanced — macOS
iPhone you keep? → 🛡️ SilverMetal Enhanced — iOS
Android you keep (any model)? → 🛡️ SilverMetal Enhanced — Android
Linux laptop you'd convert? → 🔒 SilverMetal OS — Linux (re-install)
```
We do not push users between tiers. We tell them what each can deliver and let them choose.