The drama and accusations the GrapheneOS developers are spewing and engaging in are giving me a bad taste in the mouth and make me doubt the OS’s reliability am I the only one?
In my opinion both the evident ego of of the project lead as well as his naivety (tethering the project to Google) are huge red flags despite any assumed technical superiority.
I also feel concerned about GrapheneOS. Here’s why.
I got banned from the GrapheneOS Matrix chat simply for asking a question, it was worded similar to this:
“Hey there! GrapheneOS is cool. I noticed CalyxOS added support for eSIM, are you planning to add that as well?”
The post got deleted, I thought I had not sent it and posted it again. It was deleted again. I asked something along the lines of “Wait, where has my question regading eSIM support and doing the same as CalyxOS gone? Seems to have disappeared, lol”.
THAT was also deleted.
Then I posted something along the lines of “Huh, my questions seem to be disappearing”.
That was NOT deleted.
Then I asked something like “Anyway, are there plans to add eSIM support just like CalyxOS? :)”.
That was ALSO deleted.
I got a private message from a mod saying I was banned.
That was alle the interaction I ever had with the GrapheneOS project. I might have started contributing, but I could not even ask a simple question. It seems that they don’t like it if you mention any other custom ROM, I guess.
(This has been a while ago, so I don’t remember my precise wording)
I would prefer my privacy software to be developed by people like this, rather than people who are calm and flexible
The guy being paranoid asshole is passable, what I thought a really shit move is calling the community to create alt accs to harass people from other projects and saying he will ban anyone that complains. The Rossmann video is quite shocking, you see the dev’s complete disassociation with reality… yeah the code is open, but how many people outside the project are really auditing it? Even people inside the project, are they auditing each others’ work? If the guy doesn’t get treatment, how long until he decides his own userbase is after him?
admittedly i’m not up to date on all the drama, but i thought that graphene saw themselves as victims of alt attacks?
So yeah, it seems like he accuses everyone of persecuting and harassing him, but in those videos there are several examples of what he considers persecuting and harassing. Both channels were highly supportive of the project and actively promoted it, but because they would also promote other projects and do benchmark tests, they were “spreading misinformation”, “being biased”, “campaigning against him” and so on. And in the second video he accused the guy of campaigning against him just for saying “This is informative, and unfortunate” about the first video lol. So him being a “victim” is just his lack of proper medication, because anyone who asked him about such attacks, if he had prints or so, was also accused of attacking him lol
https://youtu.be/Dx7CZ-2Bajg
https://youtu.be/4To-F6W1NT0Undoubtly GrapheneOS is the best project out there, so yeah, this is unfortunate.
Its all fine until their approach of privacy or security differs with what’s best for the project, then there’s no reasoning with them to fix it because they’re not calm and flexible. Then ya gotta fork it and get everyone to transition to the new fork, and get developers back onboard, etc.
A crazy, but pointed example of something like this could be: the dude could just claim grapheneos going forward will not have networking anymore because thats an attack vector, and at that point the project doesn’t even suite anyone’s needs to be used as a smartphone anymore. How are you gonna reason with someone like this that, while keeping networking in the project is an attack vector, its necessary to be able to use the project for it’s intended use case? You probably aren’t
While I do find GOS drama a bit annoying, they aren’t wrong about the lacking security of many AOSP forks. iode and /e/OS have a history late patches for security vulnerabilities in both the OS (https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history) and for the forked apps they bundle with it. Each Android monthly and Chromium patches usually contains dozens High Risk CVEs, so taking a month or 2 is unacceptable. Neither are good for privacy or security.
See a comparison between some Android ROMs here, especially noting the update speed section: https://eylenburg.github.io/android_comparison.htm
I understand security implications but I’ll be getting Fairphone 6 with /e/OS over Pixel with GrapheneOS. For me FOSS ranks higher than HW security features, and buying Google device goes against FOSS principles.
Buying a used Pixel lets you use the hardware without funding Google.
*Directly funding Google. You are certainly participating in a secondary market for their product you purchase used.
Not as bad a taste as the French government is giving me.
If its do I trust GOS or a confirmed pro chat control governments side of the story, its an easy choice.
There are many more sides than those 2. GOS is screaming about a new “harrassment” campaign every week.
Knowing nothing of the situations details, when you’re a thorn in the side of the most powerful interests on the planet,it seems reasonable that a small group would face deliberate, concentrated pressure from business to legal and the state and any other mechanism. That’s generally what power does, assuming the little guy isn’t subsumed.
What is the evidence of foul play by GOS, or why would they not have a pretty extreme bias of support?
from business to legal and the state and any other mechanism.
I’m not referring to any of those “mechanisms”, I’m referring to basically the entirety of the privacy/security/sovereign communities. They disparage other Android “privacy” platforms and communities on a regular basis, then claim to be victims of “targeted attacks” from those communities. Louis Rossman and Techlore are also 2 people who have also been accused of “harassment” without evidence. Just for starters.
I think everyone would love some evidence here, but so far it was one journalist from one newspaper talking to one cop that said criminals are using GrapheneOS because it destroys evidence. Afaik Daniel didn’t post any notification, inquiry or general communication he received from any government official or agency…
Who benefits?
Who benefits from sowing a narrative around “drama”, “accusation”, and/or “paranoia”. Seriously.
I think given the following circumspect; GrapheneOS’s reaction, to move project pieces out of potential hostile environments/jurisdiction, is perfectly reasonable.
-
France’s Support for EU “Chat Control”, scanning proposals. France has been one of the governments most supportive of EU‑level proposals that would require scanning of communications and devices for illegal content.
-
The general French framing and approach to cybercrime. As in other EU countries, French authorities are pushing for: Expanded powers to compel cooperation from service providers, and developers. Strong rhetoric against tools that are seen as systematically obstructing investigations.
The main GrapheneOS dev creates beef with a bunch of other projects. It’s not some shadowy organisation, it’s him having stupid takes in GitHub issues and spreading false claims about other projects.
-
