I'm literally responding to a guy who spreads conspiracy theories, telling him to stop with this bullshit
Andromxda
joined 7 months ago
You summed it up really well
You need security to have privacy and freedom. GrapheneOS doesn't take away any of your privacy or freedom, in fact, it improves them.
Nothing is secure. Everything has risks.
Obviously. But relativizing everything doesn't help whatsoever with understanding the true risks associated with specific insecurities. You can read more about the issues with LineageOS at https://madaidans-insecurities.github.io/android.html#lineageos
Until Graphene OS pulls a Crowdstrike…
This is just pure speculation about a theoretical possibility and no counterargument to the fact that CalyxOS repeatedly missed important patches for months. Stuff can go wrong in any software release, including billion-dollar companies like Crowdstrike. Software is still written by humans, which have a very natural behavior of making mistakes. But please show me one broken GrapheneOS release from the past decade. This argument just makes no sense.
GrapheneOS always goes through extensive (including automated) testing before releasing anything. As I have explained many times, these guys actually focus on quality, security and reliability. Also, we're talking about ASB patches that are provided by AOSP, so if something goes wrong, not just GrapheneOS will be broken, it would affect all AOSP-based systems that deliver updates in a timely manner (Calyx of course not included, they don't give a fuck about delivering updates in a reasonable time)
Yes, but metadata is still important.
We Kill People Based on Metadata
– Michael Hayden, former director of the NSA
They deliver patches within a month. I don’t think there is that many critical vulnerabilities as AOSP has a small attack surface by design.
I really recommend reading more about Android Security Bulletins.
Graphene isn’t this magic OS that has patches faster than they come out. They are still dependent on the Android security team.
Obviously. But they also never claimed that. They at least do the bare minimum of delivering patches in a timely manner. CalyxOS takes a month, while GrapheneOS almost always does it on the same day. There is no excuse for taking a month to do this, unless you don't really care about the security of your users, and you are misleading them, and giving them a false sense of security.
Signal having the server code closed source for more than a year so the Signal devs could get a headstart and insider knowledge
That argument makes absolutely no sense. This server-side code does almost nothing. The only task it really has is passing around encrypted packets between clients. All of the encryption is client-side, of course including metadata encryption. That's how end-to-end encryption works. The server code really doesn't matter. The Signal protocol, which is used for client-side, local, on-device end-to-end encryption has always been fully open, and it can be used by any app/platform.
How one can trust Signal after them showcasing what they truly stand for is mind blowing
It's very simple. The client is open source, and the encryption happens locally within the client application. You don't need to trust anything or anyone except for the code and mathematics, which are fully open, so you can verify them yourself.
It's mind-boggling how people attempt to spread so much misinformation while having absolutely no understanding of the topic their talking about.
Unencrypted means that it's not just exposed to participants of the conversation, but also the server, as well as anyone who tries to snoop in on the conversation.
Virtualization on iOS is terrible. You can only use half of your device's RAM, because iOS kills any app that uses more than that.
I don’t even use proprietary apps so most if the “security features” aren’t even useful to me.
That's absolutely not how security works.
No it's not. You can build a very secure OS and deliver updates quickly, while still ensuring stability. GrapheneOS has proven it over many years. If you prefer to use CalyxOS which rolls back AOSP security and often misses ASB patches, that's your choice.