The drama and accusations the GrapheneOS developers are spewing and engaging in are giving me a bad taste in the mouth and make me doubt the OS’s reliability am I the only one?
While I do find GOS drama a bit annoying, they aren’t wrong about the lacking security of many AOSP forks. iode and /e/OS have a history late patches for security vulnerabilities in both the OS (https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history) and for the forked apps they bundle with it. Each Android monthly and Chromium patches usually contains dozens High Risk CVEs, so taking a month or 2 is unacceptable. Neither are good for privacy or security.
See a comparison between some Android ROMs here, especially noting the update speed section: https://eylenburg.github.io/android_comparison.htm
I understand security implications but I’ll be getting Fairphone 6 with /e/OS over Pixel with GrapheneOS. For me FOSS ranks higher than HW security features, and buying Google device goes against FOSS principles.
deleted by creator
No, there is no modern smartphone like that, yet AFAIK.
deleted by creator
Google itself. GrapheneOS bridgea the gap but still…
Buying a used Pixel lets you use the hardware without funding Google.
*Directly funding Google. You are certainly participating in a secondary market for their product you purchase used.
Not being familiar with the controveries referenced in this thread…
All of this reminds me very much of OpenBSD and Theo de Radt (?) back in the 98-02 era.
OpenBSD is certainly not the most popular *nix today, but it’s probably the most secure.
They’re being threatened by the entire French government. Its not drama. This is a very real situation.
deleted by creator
I also feel concerned about GrapheneOS. Here’s why.
I got banned from the GrapheneOS Matrix chat simply for asking a question, it was worded similar to this:
“Hey there! GrapheneOS is cool. I noticed CalyxOS added support for eSIM, are you planning to add that as well?”
The post got deleted, I thought I had not sent it and posted it again. It was deleted again. I asked something along the lines of “Wait, where has my question regading eSIM support and doing the same as CalyxOS gone? Seems to have disappeared, lol”.
THAT was also deleted.
Then I posted something along the lines of “Huh, my questions seem to be disappearing”.
That was NOT deleted.
Then I asked something like “Anyway, are there plans to add eSIM support just like CalyxOS? :)”.
That was ALSO deleted.
I got a private message from a mod saying I was banned.
That was alle the interaction I ever had with the GrapheneOS project. I might have started contributing, but I could not even ask a simple question. It seems that they don’t like it if you mention any other custom ROM, I guess.
(This has been a while ago, so I don’t remember my precise wording)
Which channel on Matrix ? They seems to have many ones so mods in general if questions get asked in wrong channels ban which is weird I would expect them to reply that go to #relevant room and ask there
I’m pretty sure it was a general GrapheneOS room, but as said it’s been a while, so idk.
At least asking the question did not seem wrong.
It seems you were rightfully banned.
The source code’s just as transparent, and the fundamental concepts and implementations aren’t going to vanish at all. If we get a future CarbonOS, so be it, but I doubt that will be in any near future scenario.
Why is it transparent? Cause its open source. Yes there has never been anything a bug or backdoor in open source code before ever.
Bing transparent is not the same thing as being secure. The difference is that closed source code can be audited by no one except its’ developers, and open source code can be audited by anyone.
Who benefits?
Who benefits from sowing a narrative around “drama”, “accusation”, and/or “paranoia”. Seriously.
I think given the following circumspect; GrapheneOS’s reaction, to move project pieces out of potential hostile environments/jurisdiction, is perfectly reasonable.
-
France’s Support for EU “Chat Control”, scanning proposals. France has been one of the governments most supportive of EU‑level proposals that would require scanning of communications and devices for illegal content.
-
The general French framing and approach to cybercrime. As in other EU countries, French authorities are pushing for: Expanded powers to compel cooperation from service providers, and developers. Strong rhetoric against tools that are seen as systematically obstructing investigations.
The main GrapheneOS dev creates beef with a bunch of other projects. It’s not some shadowy organisation, it’s him having stupid takes in GitHub issues and spreading false claims about other projects.
Removed by mod
-
Unless there’s drama in my updates I don’t particularly care too much about drama.
The drama can be so minor too
“How can he run our department when his favorite color is INDIGO!? I can’t BELIEVE that guy!”
I’ve accepted for a while that the lead developer is extremely paranoid and could probably genuinely do with healthcare intervention. Like in much open source development I think it isn’t helped by overwork and burnout, so I hope that at some point Graphene gets a better governance structure which spreads responsibility and which hopefully will limit the incessant drama that only harms the project. I don’t see him being willing to give up his grip, but I can always hope.
I’ll continue to use Graphene unless things go entirely off the rails though, as it is a great OS and I don’t really think there are many great alternatives.
deleted by creator
Thanks for pointing that out, looks like I’m a bit behind the times when it comes to the inner goings on at GOS!
It mainly makes me pine for linux phones. I think Graphene is the best we have at the moment in the mobile space, but that’s far more of a testament to our lack of options than how valuable Graphene is. I have no doubts that we’ll eventually kick Graphene to the curb when it stops being useful, so I’m not overly concerned with its future. Worst-case, I think many of us would be just fine on any other AOSP rom for a few extra years until linux phones can come save us all.
pine for linux phones
I see what you did there.
I could be wrong, but I think Linux would be horrible for the kind of security you’d want in a smartphone. At least that’s what I read from the GrapheneOS folks…
Depends on what your threat model is. Sure a fully locked down mobile OS is more secure, but I also care about freedom and privacy. It’s not all black and white.
As far as I’m aware this is true (same with a lot of desktop linux distros), but I’m more interested in freeing myself from Android at the moment. I’m sure we can get there eventually w/r/t security, but it takes time, and we’ll never get there if we don’t start moving.
I don’t care about the community, I just care about the experience of using it.
Two things can simultaneously be true, Daniel can be an individual who engages in very problematic behaviours and GrapheneOS can still be the most-secure and reliable OS out there.
Can we get a tldr of the “problematic behaviours”?
As a casual who bought a pixel 9 specifically for Graphene, I not too embedded in the culture/dramas, and surely many others reading here are similarly unfamiliar
His «problematic behaviour» is simply callingäoutäthings for what they are, with no soft wording.
Basically this. The project head might be a bit too paranoid, bellicose and problematic, but at this time a phone with GrapheneOS seems to be by far the safest way to have a smartphone, and the project head’s personality might be a part on this as their stated objective is to be able to resist state-level actors, you likely need someone who’s more than a bit “out there” to have the right mind for this
The main reason why I decided not to use it, despite it being an obvious choice. But I’m also that kind of old dude that is not very receptive to drama… this may explain ;)
GOS is a great project. This is a FUD campaign.
Too be fair (not French but aware of their culture and government) the French are pretty smart, for people and don’t fuck around with serious issues. I bet you if they got access, it wouldn’t be long till issue a long warning before a ban if it were to cause harm to others.
Such drama has been going on for years. I wouldn’t read too much into it.
