• S410@kbin.social
    link
    fedilink
    arrow-up
    23
    ·
    1 year ago

    Considering the lead developer of GrapheneOS bans anyone from their chat for asking how an Android phone with GrapheneOS compares to a non-android phone, such as a PinePhone or Librem 5, in terms of security, because, according to said developer, PhonePhone and Librem5 are “scam products” and even asking questions about them is “spreading misinformation” and “promotion of fraud”, I’d be quite, quite vary of the claims GrapheneOS developers make about its security.

    • FutileRecipe@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      The lead dev stepped down months ago, and the main thing with non-Pixel phones are the lack of security which is why only Pixels are currently supported.

    • HaggierRapscallier@feddit.nl
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Isn’t Librem the one so slow to ship products and do refunds thereafter, it’s basically a scam? Yes, it is. It’s the Purism scam company. I watched a video on it. It was informative and unfortunate.

      GrapheneOS is good apparently, even though I’m wary of the idea that a phone that Google sells could ever be secure…

      • Goku@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        1 year ago

        The only parts of this phone not open source are google proprietary drivers for the hardware. I highly doubt those are compromised.

        I’m pretty confident my Pixel 6 is not phoning home to the mother ship.

        Edit: and I guess whatever grub/bootloader is on here might also be closed source, not sure.

      • S410@kbin.social
        link
        fedilink
        arrow-up
        18
        ·
        1 year ago

        Reviewing the source code of an entire operating system is not a task doable by a single person, particularly when that person is not an expert in the field.

        A proper code audit needs to be done by a team of professionals capable of spotting things like actual security vulnerabilities and logic errors that might result in more data being exposed, than advertised.

        • Hiro8811@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Meh. If someones willing to pay to do that it’ll be interesting. Skepticism is good but accusing with no concrete proof is not nice

          • S410@kbin.social
            link
            fedilink
            arrow-up
            8
            ·
            edit-2
            1 year ago

            “Accusing with no concrete proof” is exactly what GrapheneOS developers are doing in regards to other projects. Claiming other products are a scam, particularly when those products somewhat compete with yours, is a pretty big red flag.

            • Hiro8811@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Is that so. I don’t known the full story but I did heard something about librem being a scam. Either way both of them seem shady so I’ll look more into it

            • h3ndrik@feddit.de
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              1 year ago

              You missed that GrapheneOS got rid of Daniel Micay 6 months ago. (For the better or worse)

              • FutileRecipe@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                ·
                1 year ago

                To be clear, GrapheneOS did not “get rid” of Daniel. Daniel stepped down as lead dev and shifted some of his roles to other devs. He still contributes code to GOS.

                • h3ndrik@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  edit-2
                  1 year ago

                  Thanks for the info. I wasn’t aware of that. I had a look at the commit history on Github, you’re right.

              • S410@kbin.social
                link
                fedilink
                arrow-up
                3
                ·
                1 year ago

                I’ve heard that he passed some of his duties onto other people.

                However, I’m not aware of anyone within the team criticizing his behavior or statements, which, while might be a bit of a stretch, likely implies that everyone related to the project, at the very least, tolerates, if not outright shares the the views.

                I find it practically impossible to trust claims of people like that, to be honest.

                • h3ndrik@feddit.de
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  1 year ago

                  Yeah, I’m not sure if you always need to apologize for other people. They have a Code of Conduct and that criticises exactly that. I don’t want to warm up all the internet drama that happened back then. There was harassment involved, in my eyes probably mental health issues and a bit of persecution mania. You’d probably only make it worse. If you don’t like how it turned out… You don’t have to use that project. Just use another smartphone OS.