Read the whole thread
However, we don’t have a “hardened security” approach, we aren’t developing a phone for pedo(censored) so they can evade justice.
We’ve known that /e/os is anti security/privacy look at all their attacks on grapheneos
I have a huge problem with GrapheneOS: they rely too much on Google hardware. That is why I never used Graphene and probably never will.
Its a shitty thing to say.
I do use /e/os because I fundamentally object to giving money go google to not use android. It seems like a false economy.
When I first moved away from android I had a pixel but it was not supported by graphene as it was out of security updates from android. So I went for a fairphone so I had a phone that was supported for 10 years. Stopping security updates for a working phone to force me to give money money to google while contriting to e-waste and planned obsolescence fucked me off.
I’m looking forward to seeing the output of the graphene/Motorola project as I do agree with the approach to security.
The full translation of the clip of Gaël Duval provided by GrapheneOS:
There’s the attack surface, on that front we’re not security specialists here, so I couldn’t answer you precisely, but from the discussions I’ve had, it seems that everything we do reduces attack surface.
However, we don’t have a “hardened security” approach, we aren’t developing a phone for pedo(censored) so they can evade justice. So there aren’t difficult things to check if the memory is corrupted, really hardened security stuff that could clearly be useful for executives, in the secret service, or whatever.
That’s not our goal, our goal is to start from an observation: today our personal data is constantly being plundered and that wouldn’t be legal in real life with the mail or the telephone, we want to change that. So we are making you a product that changes that by default for anyone.
As a french speaker, I can attest that the translation is fairly accurate.
While I don’t agree with the characterisation Gaël Duval makes here, I believe the statement from GrapheneOS here:
Duval and his organizations have consistently taken a stance against protecting users from exploits. In this video, he once again claims protecting against exploits is for only useful pedophiles and spies.
Is a bit disingenuous. It sounds like they do make some efforts to secure their device, but it’s not their main focus. Theirs is to improve privacy first and foremost.
I would take anything GrapheneOS devs says with a grain of salt, as we all know that they have quite an adversarial relationship with… well… everyone. But especially other OS makers.
It sounds like they do make some efforts to secure their device, but it’s not their main focus. Theirs is to improve privacy first and foremost.
I don’t have any issue with that: different OSes have different priorities and that’s okay. However, I feel like he’s basically saying that users of hardened secure devices are pedos, and I have a very big issue with that. I don’t know of maybe in French it doesn’t sound that way, but they English translation does for me.
I don’t think he’s actually making the parallelism with pedophiles and security per se, but rather he’s making the case that his OS’ mission isn’t by default focused on that level of security or anonymity, but rather privacy and disengagement from companies who profit from your data being mined.
He mentioned pedophiles, as well as the secret service, right after, as examples of either criminals who need to be obscured from detection (maybe because it’s easy for the Epstein class to pop in someone’s head, nowadays?) or government agents that need to protect themselves from data breaches, and said his type of OS isn’t made with that level of airtight security in mind, which is understandable and reasonable, and something we probably all knew already. It could’ve just as well been terrorists and investigative journalists mentioned.
One could take his stance and engage in discussion on whether we need that level of security by default as ordinary citizens, or that even without exceptional circumstances, it becomes necessary in an increasingly hypervigilant society/government, but that’s a separate discussion.
We should have a little nuance in interpreting speeches like these rather than taking things this literally, especially when it’s coming from a direct competitor in the degoogling sphere, who would naturally gain from holding it up in the most unflattering light.
Yeah, no shit. Look at their OS and online services.
It fits into the whole philosophy. There are several posts ( Initial Kuketz, discussion on Kuketz critique, reminder/restart discussion, criticism on usage of OpenAI in /e/ and poor communication, same questions again with no or wrong answers) criticising /e/ for heavily ignoring privacy and security flaws and only one response post on this Duvals answer on OpenAI usage in which they clarify to see ‘emotional’ reactions and look for alternatives while still finding it acceptable and criticism is ‘FUD’ and ‘hurt of reputation’ instead of valid concern.
Additionaly the points postet by Kuketz are not addressed since today. Updates are a bit faster but still with weeks delay and still not including several parts of security updates (instead it’s the bare minimum).
I looked for several posts on social media and Duval always ignores the points and yells that all the people are only up to harass him. He also uses false arguments to convince (probably) himself of this ridiculous behaviour.
I started using /e/ in summer 2022 and was positive and hopeful because of the idea (long updates, privacy in mind, degoogled). But over the years learning that nearly all internal community and external expert criticism was ignored or marked as irrelevant or harassment when it’s not, my opinion changed and I’m no longer willing to talk or write about /e/ diplomatically as it is inappropriate.
Interesting conversation with GrapheneOS. Didn’t know they essentially hate each other. I’m using e/os but just because I cannot run graphene on my device.
GrapheneOS’s leadership hates basically any other ROM. If you say something negative about GrapheneOS, he will probably calle you out as part of CalyxOS team in a hate raid party, or something of the like.
They make an amazing OS, but you’re better off not giving them much attention in their constant drama.
honestly, given Graphene’s social media record, I’d assume they’re translating the video in the least generous way possible
Honestly I think it’s a neutral translation, he really poorly chose his words.
But is there any other choice possible if GrapheneOS isn’t supported on your device? Graphene seams to say that AndroidOS is better?!
Well, look at the /e/ os. It just confirms the narrative. If you just hate google, you can remove their apps via ADB.
For context, for those in the anglosphere, Graphene OS had some troubles in France because the government portrayed the users of the OS as majority criminals, like narcos and including pedos. They left the French market.
Occam’s razor would lead one to believe Gael is not talking to users but to shareholders and the government, where he mentions pedos, which is the soup du jour to go after privacy.
Now, why is this being spread by GOS without context? Easy, they just entered a deal with Motorola, and creating an environment where people hate the competition is a very profitable endeavour for GOS. Finally, Mikay should get help, he’s impossibly technically endowed but also facing some demons that push GOS into unsavoury practices.
Finally, Motorola produces a panoply of devices for LEA, if you think a for profit company will not leverage their deal with GOS to sell a bypass device to law enforcement agencies and have the monopoly on that market you are out of your goddamn mind. The truth is /e/ doesn’t purport to sell a private OS, they sell an OS with less tracking. Graphene advertises a fully “private” OS but then enters a deal with one of biggest cop suppliers in the world and not a word on how that compromises their promise of security for users.
There’s only one way to be really safe, a 0 trust model where you don’t use your phone as a reliable communicator.
Please provide the video with the question included. This looks cut to fit the anti murena narrative that GrapheneOS has been screaming about for years. It’s the same tactic Republicans use against others: cutting only a bit that sounds bad when taken out of context.
Please provide the video with the question included. This looks cut to fit the anti murena narrative that GrapheneOS has been screaming about for years. It’s the same tactic Republicans use against others: cutting only a bit that sounds bad when taken out of context.
First they came for people I don’t like, I assume, and I said hell yeah, there’s no way that will ever be me. Over here, officer. Come for a few more kinds of people I don’t like. Nothing bad ever happened to the French!
I think it’s fair they support way more phones than GrapheneOS, even if the security is way worse. But it’s a whole other thing to call people who want secure phones pedophiles.
I think both approaches are too extreme. Supporting every device leads to poor security, poor stability, and therefore a poor user experience, but only supporting just Google devices (while there is a good reason for that) is a step too far for most people.
If I were in the position of e/os I’d just support probably three manufacturers. Going through the major ones that I know of: Motorola and Google are obvious picks. Next would need to be something cheap and popular. Samsung is way out of the question. Xiaomi and Vivo I’ve never seen their phones mentioned outside of China (which is a country that generally doesn’t have the same privacy considerations as people in the west do). That leaves Oneplus and Tecno Mobile for the third model.
CalyxOS (when it existed) supported Fairphone, Motorola (some) and Pixel.
I am skeptical how worthwile it is to use /e/os over OEM Android at this point
Well, you get a superiour privacy and security by just debloating a device via ADB.
Another quote from the thread
Their marketing heavily focuses on avoiding Google and gives the impression they believe privacy means avoiding one company. Meanwhile, they add a bunch of Google services not present in the Android Open Source Project and give extensive privileged access to Google apps/services.
From @grapheneos.org
What priveledged access? I only found one call home from MicroG, and it was easily disabled.
Recently, France’s national law enforcement began fearmongering about GrapheneOS and smearing it with inaccurate claims. France’s corporate and state media heavily participated. Many articles and also radio/television coverage misrepresented GrapheneOS as being for criminals.
From @grapheneos.org
It was already debunked. A single french tabloid (not true journal) featured why graphene was used by criminals. It’s not the government that was specifically targetting it by all means it had.
A fine endorsement.
