If ever they could understand that their social position and public opinion affect their project far more than the code quality or feature they ship.
I agree there is an issue, and their word are always put bqck into question because of this.
Unfortunately I do not have a solution for this problem, so I can’t add much to this 
I don’t want to fight with you on whether an attack is possible or not, since knowingly shipping shitty software is not something anyone can defend (similar arguments were given by Matrix devs when defending libolm by saying the attacks were not simple or easily possible, so you are in good company I guess). I was simply commenting that we do not know the scope of attacks possible, and thus we should criticize Google and not Graphene OS as I literally said below.
This is exactly the kind of conversation privacy absolutists like you have on public forums and then say nobody wants to use secure technology. Lack of nuance and consideration that there is a PERSON on the other side hurts the privacy and security movement, but the some people aren’t ready to change their attitudes.
Also, if it comes to hypocrisy @Lukas , just go and see the conflict in the ideas you have shared in this forum:
I understand your urge to defend the tools you use, but stop citing your opinions as facts and stop talking down on all the multiple instances I have seen you do on this forum.
Finally, a clear disclaimer: I am an avid GOS enthusiast, and have on multiple occasions clarified the FUD a lot of people try to spread about it. But GOS calling every project a scam, every group a bully, and their fanatics hogging public spaces with borrowed opinions masquerading as expertise is not a great look for them, or the associated projects.
It’s insane that GOS can’t work with:
- Tor Project
- Florisboard
- F-droid
- Kicksecure
- And many more…
They can’t all be scams right? Also, just FYI, Trail of Bits is TOO reputed to be called a scam due to association with iVerify and Palantir (which is most definitely a scummy company)
1 Like
Proton asks for either an email address, a phone number, or a captcha.
Signal just requires a phone number, there are no other options. You also had to give away that number to others for years until they recently released usernames.
Maybe you don’t, but I do. If someone has exploited your Android device to the point where they can disable or enable apps, then you’re already in deep shit.
1 Like
So do SimpleX, Matrix, Session, and many other messengers.
This is just common sense. You need to enable the app to exploit it, and you need a privilege escalation exploit to enable or disable apps.
Gecko-based browsers are significantly less secure on Android, and they also don’t provide the WebView. There is no point in GrapheneOS working with the Tor Project.
Will probably get included in GrapheneOS when the developer implements autocorrect, suggestions, etc. FlorisBoard developer and GrapheneOS have talked everything out, and there is zero bad blood between them.
Has some valid security concerns, and GrapheneOS is security-focused. It doesn’t make sense to work with them. They do work with Accrescent, which meets GrapheneOS security expectations.
1 Like
I am going to close this topic now, the news has been reported, the topic discussed, the rest of the conversation will likely end in a not to constructive chit chat.
7 Likes