For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash
Even @TheAnonymouseJoker@lemmy.ml gives it backlash despite being a moderator of Lemmy’s biggest privacy community. A quote here: “grapheneOS trolls are downvoting every single post and comment of mine, and committing vote manipulation on Lemmy. They are using 5-6 accounts.” That was in response to downvotes on a comment posted in the c/WorldNews community, which is entirely unrelated to technology.
One of the reasons is that GrapheneOS can only be installed on Google Pixels due to security compatibility, which makes complete sense considering Android should be most compatible with Google’s own devices. GrapheneOS even lists the exact reasons they chose Pixels, and encourage people to step up and manufacture a different supported device.
One year ago, Louis Rossmann posted this video outlining his reasons for deleting GrapheneOS. Mainly, he had multiple bad experiences with Daniel Micay (the founder and main developer of GrapheneOS) which put his distrust in the GrapheneOS project. Since then, he has stepped down and will no longer be actively contributing to the project.
So, I am here to learn why exactly people still do not like GrapheneOS.
I don’t hate the project but I do find its users to be among the most annoying within the privacy community. They seem to have absolutely zero understanding of threat modeling and will get very dismissive and condescending the moment you mention a project other than GrapheneOS.
I think this is likely just a result of GrapheneOS being the most well known privacy ROM; it’s just naturally going to attract the type of person who watches a single YouTube video on a topic and then acts like they are now an expert who deserves to be respected and listened to at all times. Sorry, but if all you can do is parrot dot points from the project’s website and spout some security theatre gobbledygook that has absolutely zero relevance to my personal situation then I’m probably not going to be taking any of your unwarranted advice.
GrapheneOS developers were literally harassing me! No cap. I highly suggest avoiding it.
Don’t worry, I don’t use it. I don’t like Pixels and I don’t need the security features of GrapheneOS. The level of privacy I require can also be achieved through many alternative projects that support a wider range of devices, including maintaining support for older devices instead of encouraging e-waste, and have communities that are more positive, welcoming and open-minded.
But as I said, if people need that level of security then go right ahead. I am certainly not opposed to its existence; only the attitude from many of its users that GrapheneOS is superior in every aspect and that if you don’t use it you’re somehow uneducated or naive.
I don’t like it because its not actually FOSS. It includes closed source software (Sandboxed Gservices, Android Auto, etc.) which completely defeats my main goal of wanting to take power away from big corpos. I dont want that to even be an option in an OS I’d recommend because if the easy way is there lazy people who dont care about their privacy will use it. Ive actually installed a few custom Roms for friends and their phones always end up with Insta/Snap/Discord installed and it just defeats the whole purpose…
For what it’s worth, GrapheneOS includes neither Google Play nor Android Auto. Like nearly any Android-based OS, it allows you to install apps of your choosing, but it does not include either of those. It is a FOSS project through and through.
Why are so many people so fast to downvote over a misconception? GOS does not include any Google anything, it does allow to install, but it is the most bare ROM out there in terms of pre-installed stuff, for sure.
I am not defending “MacCock” and his goons in any way, shape or form, I believe they are all certifiable, but misconceptions don’t help anyone either, which is why I chose to clarify this.
I was talking with Matchbox Banana Synergy in their Matrix Support Room and they said that there’s still no interest in making Graphene OS Lite for Pixel Devices which is very unfortunate since it won’t take 5 years to make but the GOS is still good to use just not easy like Lineage Or Calyx
What a dumpster fire this thread is.
I‘m not a fan of graphene, especially because of the cult like following of tech illiterate folks it has, not saying all users are tech illiterate.
I have neither the time or the nerve to read up about the inner workings but I‘m sure someone meant well writing the OS.
However, I use and work on portmarketOS because I dont believe in android and I do believe in linux both for desktop and phone/tablet.
Can I ask what’s you’re use case for postmarketOS?
I mean, are you a “just calls and messages” guy or are you using extensively, like many are using an Android/iOS devices?
I ask because I don’t believe in Android at all, but I found pmOS not ready yet to be usable daily, last time I tried. I’m anxious for it to be ready though
When you say “believe in Android” what do you mean?
Not OP but I think they’re just saying they’re not invested in Android as an ecosystem.
Yeah, what to other guy said.
I just mean that I don’t like it. I use it, because it’s surely better than iOS (for my needs, obviously). I can use a custom ROM, change launcher, use F-Droid… All things that aren’t easily possible on iOS.
But it’s still far from ideal for me and I use it just because there are no better alternatives. I mean, the real better alternative is Linux Mobile and it’s great, but I don’t think that, as today, Android it’s 100% replaceable with Linux.
I’m really looking forward for that moment though.
I‘m a sysadmin and hobby dev and I am trying to make it work as a daily driver and make it a full replacement of iOS.
Still needs work but I‘d say 80% of my needs are met and I‘m already ahead of iOS in other things (like a full terminal, being able to make my own backups over ssh, being able to control what data leaves my device).
Two things are astonishing: the amount of progress mobile linux projects make and the obliviousness one (I too) has as a proprietary software. We expect things to „just work“ yet we pay for proprietary software either by cash or our data yet most of us are unaware or unwilling to contribute money or work to the cause (translations, writing helpful or nice documentations).
I suggest you give it a whirl and look at it from a „what would I be able to let go of“ perspective.
look at it from a „what would I be able to let go of“ perspective.
I think this is a wonderful advice. I have this idea that the limits of Linux Mobile could actually be a huge help to rethink the relationship with the smartphone and to build a new, healthier one.
I totally agree with you’re observation about how proprietary software spoiled and ruined us in some ways… I think we all need to recover from this, and that’s why I have so much faith in postmarketOS (and Linux Mobile in general).
That said, the last time I tried it there were some actual showstoppers for me, but maybe it’s better now so I’ll definitely give it another go. Thank you!
If you don’t mind, I have a couple of questions to help me to have a better idea on how to approach it.
Do you use Phosh? I tried Plasma Mobile, Phosh and GNOME. Now for me, Plasma was a big no because of a trillion of various bugs. I had the feeling that Phosh was the more optimized and overall the best option, but GNOME had more features (notably the amazing gestures, which were limited and a bit buggy on Phosh). What do you think about it?
And… One thing I thought that could really be a problem (beside the banking apps, that’s just a lost cause I think) were some messaging apps. I think that if you use just matrix and xmpp you could be just fine on pmOS, but I use Signal on a daily basis and sometime I’m forced to use WhatsApp. I think that one could use unofficial flatpaks, but would still be necessary to have an Android phone to manage login from time to time… Is that right? How do you manage your messaging apps?
Sorry for all the questions, but I think that it’s pretty rare to have the opportunity to talk about this with someone who uses pmOS on a daily basis so I sort of had to 😄
Don’t worry! I‘m glad you asked. :)
Currently I use pmos 23.10 stable with phosh. Depending on the software, using stable vs unstable/edge/etc makes a huge difference.
That said current situation is quite good. I use podcasts, phone, matrix (fluffychat) bridged to whatsapp, signal and discord, nextcloud and a couple more things.
Currently I‘m trying to port the bitwarden desktop app which is quite the endeavor.
All in all I love the OS but its nowhere near consumer ready. Peeps who can give constructive and detailed feedback are needed hence my issue with corporate „polish“ and the resulting standards.
Banking is dead at this point and so is the camera for now.
The „separate phone for login“ could technically be a docker container or vm but easiest is some crap phone so their security measures dont get triggered (locking you out).
Its just a bad situation in total. Phone monopolists ruling with an iron fist, having most governments and companies jump through loops for them.
But yes, linux on phone def is the future imo. I think I might check ubuntu touch too just to know what I might be missing.
I hope this helps. Feel free to ask more.
Thank you for the reply!
Feel free to ask more.
Okay, I will 😄
using stable vs unstable/edge/etc makes a huge difference.
Yeah, that’s why I was thinking that using edge could have been a good idea, on software so rapidly evolving. Do you use stable because you fear sudden bugs and breakages or for other reasons?
matrix (fluffychat) bridged to whatsapp, signal
So you’re using only fluffychat with bridges? I mean, you have not installed WhatsApp, Signal or Discord clients, right? But there are unofficial flatpak which should work I guess. Or bridges are the only choice? I ask this because while I think bridges are neat, they have their problems and I’m not sure I would happily and painlessly be able to use only them.
And, you’re still using an iOS/Android device from time to time to prevent automatic logout from WhatsApp’s bridge and manage Signal’s login, right? Well I think you should have a device anyway for banking apps. Yes I saw banking it’s dead on Linux and this may be alone one reason to keep an Android device around. It’s a good idea to use a container, although I agree on the risk of being locked out. Though for other android-only apps mendeavor
the bitwarden desktop app which is quite the endeavor
You know, to be honest the last time I tried pmOS it was specifically the unusable state of Bitwarden and Freetube which made me think “okay, maybe it’s better to wait more time before trying to using it”. But after reading your messages I think the time has definitely come :) I’d love to contribute too!
Anyway, one last thing. How do you primarily install software? Apk and flatpak should be the easiest ways I think…? Because I’m talking about flatpak when I say that I tried, but now that I think about it I’m not sure at all that I was supposed to install graphical apps like that, it was just the more obvious way to do it.
Do you use stable because you fear sudden bugs and breakages or for other reasons?
No. I installed it because they said its better for daily use because the other versions might break. I have since used it with few real issues and no serious (as in requires another machine to get back in a working state or serious knowledge of the inner workings). I might try different things but not without having done and checked everything in stable. :)
So you’re using only fluffychat with bridges?
yes
I mean, you have not installed WhatsApp, Signal or Discord clients, right?
Not on the linux phone
But there are unofficial flatpak which should work I guess.
I dont install things I dont need. I have a configuration that works with every service I need and has zero breakage as of now.
Or bridges are the only choice?
I dont know. It is the most complete and privacy friendly compromise that I know of. The more privacy route would be to abandon whatsapp but I guess for you its the same as for me: not an option at this point.
I ask this because while I think bridges are neat, they have their problems and I’m not sure I would happily and painlessly be able to use only them.
Bridges work 99% of the time for me, maybe 100 messages+ per day. It has been months and I had to reconnect two bridges, one time each. This is not proprietary stuff with billion dollar budgets so in my book that is perfect with no issues. If I want stuff to “just work” I pay someone to write it for me. Can someone break it by sending huge files, have 1000 messages per hour or 1000 contacts to sync? Of course. But thats not my usecase so I cant swear to you that everything will always work perfectly. Again. Companies are investing insane amounts of money in these services and if you dont want to be the product and you dont want to pay for it, thats what you get. :)
And, you’re still using an iOS/Android device from time to time to prevent automatic logout from WhatsApp’s bridge and manage Signal’s login, right?
yes, same for discord btw. I am still testing mobile linux so I have two phones anyway.
You know, to be honest the last time I tried pmOS it was specifically the unusable state of Bitwarden and Freetube which made me think “okay, maybe it’s better to wait more time before trying to using it”
Bitwarden as a firefox extension works okay but it needs work. The standalone app which I’m trying to port is pretty tough, not sure what the exact reason is.
How do you primarily install software?
APK, if that doesnt have anything or the program doesnt work well I try flatpak. A LOT of stuff is available. No comparison to more popular platforms though. Mobile linux is in the infancy of infancy so whoever uses it rn is a pioneer in my book. It works well but peeps who use it need to have the correct mindset or they will hate it: You’re not in kansas anymore. Stuff will break and you’re supposed to help fix it and not let out your frustration on others as they dont on you. :)
I hope that helps.
Thanks mate!!
On the bridge thing I 100% agree, although for the way they works you’ll have to deal with your messages being unencrypted. On WhatsApp (and Discord, I guess? I don’t use it) this probably is still far better than having the app installed, on Signal it’s a bit of a shame because it’s the only app with proprietary-level usability while being real FOSS and e2e. So using it with the bridge kind of defeat the purpose of e2e I guess, but still I’m definitely gonna try it again.
I have a OnePlus 6 and a Poco F1, so I’ll just choose one and give pmOS another go :)
I’d like to know too, for picking out my next phone.
TheAnonymouseJoker is a clown (imo, no harassment or anything)
Talked with them on the subject of privacy emails and they recommended services that store mail unencrypted and logs your ip address and stuff
Their sources are « activists » that they like, rather than facts. I suspect their don’t like bigger companies and famous things even if they’re better
I use grapheneos and it’s pretty good. Yes the main dev can be a bit of an asshole, but for what it claims to do, grapheneos is pretty good
Sadly anything with google services, even sandboxed, is going to track you, and I believe grapheneos is pretty good at what you can do without sacrificing too much
I personally blocked him and it was one of the best decision of my digital life. He’s basically wasting his life spreading misinformation about GrapheneOS. He’s simply too much to handled for my mind. Without seeing him, i feel this place is much more relaxing and useful to see it.
Removed by mod
Removed by mod
Mikay is an asshole. He didn’t leave, he’s just not “lead” anymore. But he still continues to attack community members
He is the ‘Administrator’ account on the gos matrix. He’s definitely still involved in community shit he just doesn’t do it as strcat.
He’s still attacking folks. That’s what matters.
Easy: it only supports pixels. I don’t really care what excuses they have unless it’s “we don’t have enough people”. But that binary " google is most secure so nothing else matters" makes me distrust them.
They are pushing people to give google more money than google could make on their data. I find that highly questionable.
“Excuses” are all security related: https://grapheneos.org/faq#future-devices
The project’s Twitter account has already stated they want to use Samsung phones, but the hardware security isn’t accessible for custom ROMs.
We know Samsung suck, though (The Samsung Galaxy S22 was just hacked in 55 seconds — yikes. Maybe the hardware sucks too, not just the software, so who knows.
Let me write a list of requirements that only a specific phone can fulfill and call that “secure”.
GrapheneOS devs probably.
Like:
At least 5 years of updates from launch for phones (Pixels now have 7) and 7 years for tablets
Why? The image is based on AOSP. Are they going to reverse engineer the releases of other vendors and incorporate whatever fixes are in there?
Complete monthly Android Security Bulletin patches without any regular delays longer than a week
Same as above. It’s like like red hat releasing a security bulletin but a Debian based project has to be up to date with that bulletin. Makes no sense - unless you aim to build upon red hat enterprise Linux (which you won’t).
Inline disk encryption acceleration with wrapped key support
Optimisations are part of the requirement? Come on.
Support for A/B updates of both the firmware and OS images with automatic rollback if the initial boot fails one or more times
How is this not a nice to have?
Seriously, basically what they’re doing is grabbing the newest pixel and setting that as the baseline regardless of whether other phones do things better or worse.
[Anti Commercial-AI license](https://creativecommons.org/licenses/by-nc-sa/4.0/
I do not like Graphene os as it is a vessel for proprietary software and anticonsumer practices. There are plenty of better options. For instance, Lineage OS runs on a large number of phones and is better in many ways.
Graphene OS also is kind of what I dislike about the cyber security industry. Many “cyber” people are filled with arrogance and overconfidence
Lineage OS is a shitshow when it comes to privacy and security
(no locked bootloader, using Google DNS by default)
From what I understand, GrapheneOS has the goals of being the best of the best when it comes to Android security.
There is and always will be CalyxOS or DivestOS for a wider range of devices (both are still much better than the likes of LineageOS and Pixelexperience)
It is in fact not a shitshow. Stop feeding fear. There are real potential concerns but Lineage OS does a great job of being a middle ground that allows for lots of tweaks and customization
Don’t reply to him. He’s just another marketing agent for google trying to paint other ROMs as inferior. All an elaborate marketing strategy for selling phones.
My man, Lineage OS isn’t google. All I’m saying is that Graphene isn’t the only option.
Clearly a woman. “My lady” would’ve been more appropriate. Please don’t be rude
I literally mentioned Calyx and Divest OS as alternatives which support non-google devices
also how is buying a used Pixel and degoogling it to the max with GrapheneOS (with reasonable compromises like optional sandboxed GMS) helping Google?
Didn’t know that cutting their mal-/spyware out, and trying to avoid them and their services wherever possible actually helped them, silly me 🤷♀️
(I assume this to be the standard way for most ppl and plan on doing that as well once my current Huawei phone breaks)please learn to read before insulting other ppl with your less-than-a-day-old account lol
It is completely subjective and depends on your threat model
Removed by mod
These people have been infiltrating the community for a while now. Look at that madaidan guy who blatantly pushes corporate propaganda similar to the grapheneos bots. They want to eventually make you use closed source garbage for “security” and compromising privacy in the process. That’s the intended plan.
bruh, I think I agree with most of your conclusions, but you gotta work on your delivery, as it definitely doesn’t serve your message well. I think you receive a lot more pushback because you use so many harshly negative words to describe people.
Just in this comment, you use:
- disease
- sewer
- “security” clowns
- pure snake oil
- disgusting sole developer
- minions
- witch hunt
- maliciously
- trained monkeys
which makes this comment sound more like a Donald Trump rally than a well-reasoned argument. It’s understandable given your history of conflict with members of the project, and I usually hate tone policing, but I think this word choice severely hurts your argument. Remember, most people here are just passerby and have no idea about the drama or your experiences with their community. Their first impression is gonna be you’re the flip-side to Micay.
I think your thesis is largely correct, that the project does a suspicious amount of shilling for big tech and Google and pushes a lot of anti-FOSS propaganda and has a toxic social media presence that silences good people geniunely asking questions or voicing opinion in good faith.
Removed by mod
What privacy oriented rom do you suggest?
Anyway happy cake day!
Removed by mod
Thanks for the alternatives.
I’m currently using a used ('cause fuck Google, you’re not gettin my money) Pixel phone with GrapheneOS (since my Pinephone stopped turning on) with TrackerControl and InviZible Pro. Is nice having a real clean AOSP rom with privacy/security customization.
GrapheneOS also provide an indeed cool feature: a proxy for Android services provided by Google, like Attestation key provisioning, Widevine provisioning, SUPL and PSDS. Does CalyxOS and/or LineageOS provide something like this?
Thanks in advance.Removed by mod
I’ve tried both CalyxOS and GrapheneOS, since I’ve had a Pixel already. I don’t consider one “better” than the other.
Calyx is based on LineageOS, so you get a wider range of devices and functionality. It uses microG, which works great as long you don’t use any apps with IAP.
GrapheneOS’ play service sandbox can handle the case though, so I went with that, not being able to live without MacroDroid pro. Plus I like they got rid of Google location services altogether, and functionality-wise I’m not missing anything either.
Other people will have other priorities or preferences when it comes to their devices. Use whatever tickles your pickle.
You are making too much sense. You need to choose a side or both communities will hate you.
That’s good, choose what you’re comfortable with and what works for you. Everyone should do just that. We all have our own needs, priorities and threat models.
As I’ve said, I do like GrapheneOS, it is solid software in my opinion, but the humans behind it make me more paranoid than Samsung devices.
GrapheneOS only works on Google hardware. Part of the advantage of Android is device variety, but GrapheneOS forces you down a narrow path. Want a rugged device, a headphone jack, microSD? Well Google doesn’t offer those so GrapheneOS can’t meet your device requirements.
I think part of the reason is there’s a chip that limits brute force attacks and it’s not in other phones
GrapheneOS has defined a set of security standards for their operating system which have hardware requirements. These standards have been published and there have been efforts to engage with hardware manufacturers to adopt the required hardware. Blame the manufacturers for skimping on security, rather than Graphene being unwilling to compromising their values.
Removed by mod
“What is this level of grand security…” Enumerated here: https://grapheneos.org/faq#future-devices
Once manufacturers can implement those things, then you will have an alternative to Google hardware for running Graphene. I’m not telling people to trust anything, don’t put words in my mouth.
Who is PrivacyPhones and why should I believe they are in any way affiliated with Graphene?
On top of it, they have lied about testing. https://i.imgur.com/woNxPhx.jpg
Yeah, no. Pretty sure that’s just a rando with GrapheneOS logo as their avatar. The way they talk doesn’t sound like the dev to me, and I also don’t think the dev would ever misspell a word like “cellular” as “cullar”.
Removed by mod
It would be possible to ship generic system images with separate updates for the device support code. However, it would be drastically more complicated to maintain and support due to combinations of different versions and it would cause complications for the hardening done by GrapheneOS.
Sounds like they could, but have resource limitations to do it. It’s also a knock against Google whose hardware has gotten worse. Personally, IDGAF about these project-imposed requirements if I can’t have the standard headphone jack on portable device.
People have to learn to separate software from its developer.
For example, I don’t care about Hyprland lead dev being an asshole sometimes, if the WM he’s developing works good. I don’t care about Cider devs political positions if it doesn’t directly affect my experience with the software.And people also have to learn, that if someone uses any particular software, they aren’t necessarily using it the way developer pointed out they should.
I use GrapheneOS on my device, but that doesn’t mean that I completely follow devs philosophy. I don’t use Vanadium, 'cause I don’t wanna support Chromium monopoly. I use F-Droid to install my apps, even if developers think, that I should get my apps directly from its devs.Does GrapheneOS founder or developer philosophy that you don’t agree with makes Graphene a bad OS? Of course it doesn’t. GrapheneOS is still one of the best options on degoogling your device if not the best.
Basically because Daniel “MacCock” behaves like a massive paranoid schizophrenic prick when he doesn’t take very strong meds (that’s my take on it anyway). And as others have mentioned, his claim to have stepped down is just that, “his claim”. Everything points to him still very much being at the help of the project.
I like the project, but any software I use being directed by someone like that guy is a huge red flag.
I’m good with a project that’s concentrating on privacy being run by a paranoid fuck. If he’s pouring all his lunacy into making it as locked down as possible, seems like a good thing to me.
I particularly like the recent duress PIN code upgrade. Seems like something every OS should have in it. I don’t need some cops fucking around with my social media and banking info because I got stopped for jaywalking.
It’s not just paranoid, it’s totally toxic and aggressive. He attacked and verbally abused dozen of different project for naive reasons, and spread FUD and slanders about other developers and projects
They do?
I dunno, maybe ask the person that says they hate it?
Your title is a sophist argument tactic called “begging the question”.
Uhhhhh it’s an OPEN question available to people who DO dislike the OS, so no. No just ASKING a question is NOT “begging the question”.
It’s asking a question.
It’s very close to begging the question, though. It really depends on OP’s actual intent, which is hard to determine through text. But it does seem like it could have a, “Those of you who still hate GrapheneOS, why are you wrong?” tone to it.
Edit: Reading through OP’s comments, they do sound genuine to me, I’m mostly just explaining why someone might mistake the post for begging the question.
Being hostile to a real question’s answers is also not begging the question.
Begging the question is a logical fallacy where someone is purposefully leaving out info or otherwise twisting things to end at a conclusion that was never properly supported. The point is there is an unsupported conclusion they’re trying to jump to.
Simply asking a question, even one with an obvious or sarcastic answer, is seldom “begging the question”.
Begging the question is a logical fallacy that assumes the conclusion within the premise. If OP was not being genuine, then the faulty conclusion would be “there are no good reasons to dislike GrapheneOS, therefore why do people dislike GrapheneOS?”
No, that’s NOT begging the question, that’s just being an ass about actually asking a question.
Maybe I have the wrong fallacy, or I’m just really stretching on this one.
This was my line of thinking:
- premise = there are no valid reasons to dislike X
- conclusion = people who dislike X don’t have any valid reasons
Well, since neither of you seems to want to post references, I’ll add a link.
Bruh he’s literally asking the question
