Read the whole thread
However, we don’t have a “hardened security” approach, we aren’t developing a phone for pedo(censored) so they can evade justice.
“anyone who wants privacy from their government is a pedophile” is a hell of a stance…
Honestly by now it’s becoming reasonable to assume “projection” as a baseline, to then change based on evidence, when someone has a take like this guy’s.
I don’t mean the political tactic, just the garden-variety kind of projection. “Probably ~everyone thinks the way I do, and boy, we better not give everyone the tools to act on that…”
Deeply wrong about how most folks think, because of how they themselves do, and believing they’re therefore helping. Likewise a self-admission, because they don’t realize they’re admitting anything.
Maybe not the case with this guy, I’m not gonna dive in.
But I do sincerely believe that’s a somewhat charitable take toward anyone making a claim like this today. Charitable in the sense of acknowledging a misunderstanding and desire to help.
The less charitable one being - just obviously complicit. Fuck this noise.
the privatized western govts & their tech boys literally are the infrastructure of the global pedos it’s asinine & dangerous to tell people to ignore that!
“Why did you lock your doors, what did you steal?”
More like, “Why did you lock your doors, are you diddling kids?”
The stereotype of pedophiles in cop shows is that they use desktop computers anyway, not phones. Don’t know how true to reality that is though.
I think it’s fair they support way more phones than GrapheneOS, even if the security is way worse. But it’s a whole other thing to call people who want secure phones pedophiles.
I am skeptical how worthwile it is to use /e/os over OEM Android at this point
Well, you get a superiour privacy and security by just debloating a device via ADB.
You keep access to non-verified apps no matter what Google wants since it uses microG.
It’s openness vs security.
Agree with your outlook, but I think it’s not too farfetched to give the benefit of the doubt to the speaker here and establish that pedophiles were used as an example (of people whose survival depends on their data not being breached), rather than a direct comparison. And he goes on to name being an executive to the secret services as another example (again, of people to whom hardened security of data is an imperative), but we’re not saying he thinks secure phones are just for people in secret services, are we?
He’s just saying, albeit rather clumsily, that their goal is simply not that level of hardened security, but rather privacy from data miners.
I think both approaches are too extreme. Supporting every device leads to poor security, poor stability, and therefore a poor user experience, but only supporting just Google devices (while there is a good reason for that) is a step too far for most people.
If I were in the position of e/os I’d just support probably three manufacturers. Going through the major ones that I know of: Motorola and Google are obvious picks. Next would need to be something cheap and popular. Samsung is way out of the question. Xiaomi and Vivo I’ve never seen their phones mentioned outside of China (which is a country that generally doesn’t have the same privacy considerations as people in the west do). That leaves Oneplus and Tecno Mobile for the third model.
CalyxOS (when it existed) supported Fairphone, Motorola (some) and Pixel.
The full translation of the clip of Gaël Duval provided by GrapheneOS:
There’s the attack surface, on that front we’re not security specialists here, so I couldn’t answer you precisely, but from the discussions I’ve had, it seems that everything we do reduces attack surface.
However, we don’t have a “hardened security” approach, we aren’t developing a phone for pedo(censored) so they can evade justice. So there aren’t difficult things to check if the memory is corrupted, really hardened security stuff that could clearly be useful for executives, in the secret service, or whatever.
That’s not our goal, our goal is to start from an observation: today our personal data is constantly being plundered and that wouldn’t be legal in real life with the mail or the telephone, we want to change that. So we are making you a product that changes that by default for anyone.
As a french speaker, I can attest that the translation is fairly accurate.
While I don’t agree with the characterisation Gaël Duval makes here, I believe the statement from GrapheneOS here:
Duval and his organizations have consistently taken a stance against protecting users from exploits. In this video, he once again claims protecting against exploits is for only useful pedophiles and spies.
Is a bit disingenuous. It sounds like they do make some efforts to secure their device, but it’s not their main focus. Theirs is to improve privacy first and foremost.
I would take anything GrapheneOS devs says with a grain of salt, as we all know that they have quite an adversarial relationship with… well… everyone. But especially other OS makers.
It sounds like they do make some efforts to secure their device, but it’s not their main focus. Theirs is to improve privacy first and foremost.
I don’t have any issue with that: different OSes have different priorities and that’s okay. However, I feel like he’s basically saying that users of hardened secure devices are pedos, and I have a very big issue with that. I don’t know if maybe in French it doesn’t sound that way, but the English translation does for me.
That’s how it sounds. So, I’m a pedophile because I run GrapheneOS on my phone? I guess I better tell my wife, and my kids.
… and my kids
“Hey Kiddos! So I have some good news and some bad news…”
Pedophiles use their work emails and gmail. Making a secure phone OS won’t make a difference.
some people in this thread still dont get it, so:
you cant expect privacy while also having poor security practices. ideally you’d have both and most of these privacy projects are not much more than just a lineage fork with a dns blocker
apparently in duval’s mind, you can always trust even a fascist government to never try to exploit your phone and to give you privacy. or something idk
I can see how one can interpret it like that, but it’s not how I read what he said. I think the point he’s trying to make is that hardened security protects the user from attacks, yes, but their focus is to provide services that can be trusted not to attack the user. He said: “really hardened security stuff that could clearly be useful for executives, in the secret service, or whatever. That’s not our goal”
I mean, I use GrapheneOS on my phone, but do I personally need all the hardened security? Not really. It’s nice theoretically, but mainly I’m just happy the OS itself isn’t spying on me. I’m personally not very worried about an evil maid attack or state level spying.
Well, that’ll be another 100€ December donation to GrapheneOS.
Kind of shameful of /e/ to blatantly disregard user privacy like that. Is Graphene our last stand against Orwellian surveillance?
i honestly dont care much about privacy in the sense that i dont rlly need it to be provided by an OS, just give me max freedom and let me handle privacy myself. That being said I am on grapheneOS atm but still hoping for librephone to enable me to have an arch linux like phone experience that i can customize to hell
That would be really cool.
You did not need to censor anything this is not Reddit
First of all, I didn’t censor it, that’s a quote from the Bluesky post.
But also, why is everybody so offended by censored words here? I don’t get it.
But also, why is everybody so offended by censored words here?
I think because it’s a sign how social media corps have trained us to avoid certain words or even create new ones (for example “unalive” instead of “kill”).
The term is algospeak, where you change your wording due to online censoring. I fucking hate that corporations have managed to literally change the way we speak.
But it’s also great that humans evolve language to keep ahead of algorithms and corporate bullshit.
It shows that people internalize censorship and start doing it unprompted.
But also, why is everybody so offended by censored words here? I don’t get it.
The biggest reason seems to be that it will evade filters, which people set up very intentionally and specifically to keep these Fedi-spaces a safe place for them mentally.
So, for example, someone comes here to get away from the ‘real world’ and news and whatnot, may have a filter that blocks anything with the word “Trump”, or one I actually see censored a lot more often, “Israel”
Then someone makes a post about “Isr*el is so bad” and it sails right through their filters.
Ah fair enough
Because its fucking pathetic. Say what you mean and mean what you say.
Take this with a grain of salt: GrapheneOS is always stirring shit with other players in the privacy space and they try to paint them in the worst light possible.
It’s a video of him speaking in his own words, not much salt needed.
Lmao e/OS CEO says a thing, someone inevitably in the comments, “How could GrapheneOS do this!”
GrapheneOS devs just spitting truth and people get butt hurt about it.
Please provide the video with the question included. This looks cut to fit the anti murena narrative that GrapheneOS has been screaming about for years. It’s the same tactic Republicans use against others: cutting only a bit that sounds bad when taken out of context.
Lmao what a toxic piece of shit
Privacy is something everyone deserves, not something only criminals want
I can’t believes he’s intentionally anti-privacy. Occam’s razor suggests he’s instead a fucking idiot.
Yeah maybe. But whether it’s intentional or not, I would not want to use /e/os.
But also, from the linked thread:
Murena is a for-profit company owned by shareholders including Gaël Duval. /e/ has a non-profit organization which is also led by Gaël Duval. /e/ includes paid services from Murena. /e/ very clearly exists to build products for Murena to sell in order to enrich the shareholders.
Despite being done for profit, /e/ receives millions of euros in funding from the EU on an ongoing basis. /e/ and Murena use extraordinarily inaccurate marketing to not only promote their products/services but also to mislead people about GrapheneOS and scare them away from it.
From @grapheneos.org
Graphene made an OS only for Google phones. I can see what they mean here, but not sure they have room to talk regardless of the security circumstances.
It is shitty if there was a smear campaign against them though.
Oh agreed. I wouldn’t want to install an OS from a fucking idiot either.
(And I take your point that said idiot may also be a dishonest slime ball.)
Anyone telling you the list isn’t graphene -> ios -> good custom android -> aosp-> google stock -> samsung stock is lying to you.
How is iOS - a proprietary OS owned by a big tech company - second in your list?
It has some of the best exploit protection next to Graphene if you enable lockdown mode.
Which flavor of Google surveillance would you consider a more private and secure phone platform than iOS?
It can be made very good from a security and privacy perspective.
If you know you know I guess.
There’s good reason to suspect that it’s very terrible from its privacy and security perspective.
Do you think it’s possible for companies or individuals to not comply with court ordered surveillance and search warrants? That’s what prism is, nsa driven data collection ordered by the court system.
Further, on its own and absent any other evidence, the timeline of prism entry corroborates my statement that ios is second to graphene.
Apple is not a good company, there are no good companies. Apple is a company selling security and privacy amongst other things. You have to buy security and privacy because you can’t go out into the backyard, fell a phone tree, carefully choose the section with the strongest, straightest traces and shape it into an optimally private and secure device in the shed using your grandfathers antique phoneworking bench and strap driven phone lathe.
Do you think it’s possible for companies or individuals to not comply with court ordered surveillance and search warrants?
Companies can’t, no. That’s precisely my point. Hence your argument that iOS is more “secure” than any other bar Graphene is disingenuous. iOS is developed by a company which can be (and likely already has been) pressured into compromising its users on behalf of three-letter agencies. The NSA slides are strong evidence of that.
Large collectives of devs spread out all over the world, however, can withstand such pressures since they’re hard to get a hold of. The developers of OSs such as Graphene, Debian or Lineage could easily resist such attempts, simply because they’re not a legal entity incorporated inside a single jurisdiction.
You’re correct in saying that Apple is “selling” privacy and security (as in: marketing, pinky-promising). They may be selling that story, but I ain’t buying it.
As a longtime and current debian user, lol if you think it hasn’t been infiltrated or that any network of developers spread over the globe could resist infiltration let alone the open source “community”.
A large portion of the maintainers of popular open source projects are en the employ of some company or other explicitly because of their maintainer role. Even if some hypothetical distributed global network of developers could resist infiltration, the maintainers of our open source software cannot.
The building blocks of android are maintained by developers who are employed by google. Google was compliant with prism four years before Apple (the exact amount of time it would take for a sealed case to wind its way through appeals).
If the fact of apples compliance with the laws of its jurisdiction worry you, the fact that people don’t get targeted or convicted off of information from properly configured icloud accounts or locked Apple devices should counteract that worry. The fact that other generally held to be trustworthy companies like mullvad are compliant with the laws of their jurisdiction should make it clear that legal compliance doesn’t necessarily mean a company or service isn’t trustworthy.
I would also like to point out that for the purposes of us law, entities outside the jurisdiction of the us are subject to a freer surveillance apparatus which need not be hampered by what some judge is willing to sign off on and doesn’t need to comply with its subjects rights as defined under us law.
An apple in Mexico would be able to offer fewer protections to its us customers than one incorporated in the us.
I thought Samsung stock was better because of Knox et all
better but than the rest of the unmentioned dogshit
Another quote from the thread
Their marketing heavily focuses on avoiding Google and gives the impression they believe privacy means avoiding one company. Meanwhile, they add a bunch of Google services not present in the Android Open Source Project and give extensive privileged access to Google apps/services.
From @grapheneos.org
Recently, France’s national law enforcement began fearmongering about GrapheneOS and smearing it with inaccurate claims. France’s corporate and state media heavily participated. Many articles and also radio/television coverage misrepresented GrapheneOS as being for criminals.
From @grapheneos.org
It was already debunked. A single french tabloid (not true journal) featured why graphene was used by criminals. It’s not the government that was specifically targetting it by all means it had.
A fine endorsement.
What priveledged access? I only found one call home from MicroG, and it was easily disabled.
Been a while since I used microG but I remember the Google registration specifically being opt-in. Then again, I also remember reading that /e/OS automatically enables it, so…
