/e/OS (recipient of EU funding) and iodéOS are European projects that have not been singled out by the French government in smearing despite them having the similar self-professed goals to GrapheneOS. That they had any influence at all on the French government directly is speculated but not asserted.

CalyxOS/Techlore are blamed for being complicit in escalating the animosity and furore around what were initially low-key fallouts/disagreements. This led to GrapheneOS/Micay escalating to defend themselves which unchecked fuelled a spiral of influencer content, vile spamming of CSAM in GrapheneOS rooms (I can personally attest these were some of the biggest on Matrix at the time and led to the team giving up on Matrix moderation and self-protection capabilities), intense public speculation/accusations about Micay's character/mental health etc. which eventually resulted in the swatting attempts.

F-Droid project members have publicly aired their dislike of Daniel as a result of direct or indirect disagreements and did have a software quirk that caused an issue for GrapheneOS/possibly other custom OSes' users due to their added permission (which the two parties again disagreed on). Conspires is loaded wording.

But I do not think it is productive for me to dredge up posts and potentially cause more misunderstandings as a complete outsider for something that is directly affecting someone's life like this. They (Micay/GrapheneOS) have posted detailed contextual snippets and information about what has happened so please contact them directly for reference to the original posts and discuss if you really wish to find out more.

Barely any comments about the linked thread which is about Wired publishing an article that was extremely poorly researched after having misled GrapheneOS about the intention and content of what would be published. This seems like the sort of thing that should earn a disclaimer on future Wired articles as worthless and get them removed from RSS feeds/have subscriptions cancelled. Complete lack of integrity and respect for standards. Why did they not interview anyone else involved in the project or around at the time?

>Donaldson tried to make a deal with Phantom Secure, which ultimately didnt work out. Micay suspected other counterparties were linked to organized crime, but we cannot confirm those identities or ties on short notice. Donaldson began pursuing such deals before Micay left and continued afterward.

https://discuss.grapheneos.org/d/34369-original-grapheneos-r...

Even if I agreed with this statement, I don't understand why it is better to put limited/precious resources something the app developers can easily circumvent, praying they never stop being incompetent/lazy/pressured and tell device owners it is an important privacy feature? Instead of waiting for the apps to become actively hostile why not just feed them fake data in the first place? Like the scoped access permissions do?

If you really want to do this, you (and any GrapheneOS user) can do it today with mitmproxy and RethinkDNS but I think it is perfectly OK users choose their (privacy-invasive) apps and choose how to mitigate annoyances like that themselves. Otherwise they need to complain to the app developers and app stores.

>That's why I said that the main focus of GOS is security, not privacy. If they cared about privacy primarily, they would actively support microG and NetGuard, or at least similar solutions.

That feels more like you are framing your opinion as a fact. To me it is not so obvious.

When I think of privacy, I think of Privacy Enhancing Technologies (https://petsymposium.org/). I also think of things like:

* separate network namespaces for profiles (https://github.com/GrapheneOS/os-issue-tracker/issues/5225#i...) and/or a GrapheneOS-Gateway equivalent to https://www.whonix.org/wiki/Whonix-Gateway, * built-in OS support for chaining VPNs together or splitting different traffic over different privacy-enhanced networks like in RethinkDNS, * adversarial pressure wave + ultrasonic noise to thwart smart listening devices https://youtu.be/xMYm2d9bmEA?t=1305, * virtualisation as a sandboxing and anti-fingerprinting primitive (https://discuss.grapheneos.org/d/5775-device-fingerprinting-...), * control over what apps can communicate with each other https://github.com/GrapheneOS/os-issue-tracker/issues/2197 * location scopes/phone state scopes etc that are already planned.

etc.

>insistence on not supporting MicroG leads to poor UX,

The problem they are trying to solve is apps not working without the presence of Google Mobile Services or Google Play. They don't want to compromise by having a component with high privileges integrated in their image that involves security issues like signature spoofing.

MicroG will send less data to Google partly because it is simply an incomplete implementation of the features offered by GMS (sanboxed-google-play appp compatibility is quite a bit higher), partly because the access is more granular or there are choices offered for services like location (GrapheneOS provides non-Google location services and community support on only installing and enabling the parts you need for specific app features to work). UX is not adversely affected, but if you want to use a privileged app bypassing security checks and sending data to Google anyway then you have the freedom to compile microG with it integrated if you would like.

>They also seem to be very opinionated about (not) using a firewall for privacy, like NetGuard, instead recommending some weird alternatives like DNS firewalls

GrapheneOS tries to implement or end encourage sustainable approaches to privacy and security, and this partially means approaches that don't break if the adversary knows what you are doing.

Egress/outbound traffic filtering is fundamentally unworkable. Apps do not have to connect to known privacy a invasive third party domains to violate your privacy or expose your data to extra parties, they can simply send anything they want to their own servers and do anything they like with the data. From my understanding this is why GrapheneOS do not want to encourage the approach of blocking apps from connecting to certain domains/addresses.

Instead they tackle the problem at its source by providing a direct AND indirect network access toggle which cuts off an apps access to the outernet without letting the app know (pretends the network is down). This makes it non trivial for apps to exfiltrate data and as a side effect can provide benefits like data conservation (for capped plans).

>instead recommending some weird alternatives like DNS firewalls.

DNS based solutions are offered (not promoted) if you want more control over your DNS query resolvers or you want to improve your quality of experience by blocking advertisements and malvertising domains.

>they (heavily) prioritize security over privacy.

Can you point out another OS project with real privacy features like a network permission, sensors data access permission, contact access scopes, storage access scopes, per connection MAC randomisation and so on? https://eylenburg.github.io/android_comparison.htm They have even more plans for privacy like location scopes, anti-fingerprinting for Vanadium browser and maybe AnonymisedDNSCrypt/Oblivious DNS and probably more they haven't mentioned. If you suggest some more on their issue tracker they may get back to it when they have the resources.

Will Motorola allowlist/whitelist GrapheneOS's avb key for green boot state? Does that have any implications for Play Integrity?

Do GrapheneOS finally get AOSP full partner access as a result of this? Will the Motorola device have USB port control, OS virtualisation and GPU virtualisation? Will it have a better secure face unlock story than Pixel 5 - 10?

Will the gushing fans and secret admirers finally stop flocking to me because I switched from Pixel-GrapheneOS to Motorola-GrapheneOS?

Can you explain what you mean?

Without having an kind of authoritative knowledge or experience on the topic, those people are wrong and please ignore them. The argument has generally been that if you are specifically after privacy and security in your personal device then GrapheneOS or post-MIE iOS will be your most sensible choices. You CAN choose devices for other reasons, as has always been your prerogative.

The question of whether to support 'alternatives' is fraught. It used to be that there were two other OS projects that happened to be collaborating and adopting features from GrapheneOS and that would have been reasonable. The main argument (from GrapheneOS) in that case has been for people to please invest in alternatives with approaches to privacy and security that stand up to threat-model driven design and real world attacker/defender experience.

GrapheneOS was never meant to be alone in pushing for things like hardened secure element-based protection of secrets and side-channel resistant rate-limiting of unlock attempts, memory tagging/hardened memory allocators/secure application spawning/dynamic code loading control, anti-persistence hardening, prompt security patching, network/sensor permissions, contact/storage scopes, PIN scrambling, auto reboot etc. Unfortunately very few other projects that I am aware of are looking into doing things like this to give the device owner control and mastery over their data.

>and now that GrapheneOS isn't for everyone and anyone -- the majority of people -- without a specific narrow selection of hardware should get lost.

GrapheneOS tries to make most of their hardening transparent and non-intrusive by default. They also spend a lot of time and resources working on usability (sandboxed-Google-play and the web installer) and now accessibility (upcoming text-to-speech implementation?). The idea is that if you have a Pixel and choose to use GrapheneOS then it should be as easy to use as they can manage without compromising their efforts improving privacy/security. In that sense, GrapheneOS is for anyone and not just security nerds or tinfoil hats.

The exclusivity to Pixels is an unfortunate consequence of being the only platform equipped to provide what they need to achieve their goals. If multiple devices supported what they needed from the beginning, they would have probably supported three or four models from different brands as targets (for example you could imagine a couple Pixel lines + one Samsung line (Europe/North America/Oceania), one Xiaomi line (East Asia/South East Asia/South Asia/South America), one Tecno line (Africa). This is speculation on my part, but the main point is that the Android OEMs have been seriously slacking on basic privacy/security leading to this kind of situation.

>We need the people who buy $100 phones to have the ability to put a better OS on them than the burning mudslide that comes with them, is all I'm saying.

No disagreement here. This relies on AOSP adopting improvements and also on Google tightening their certification (for Play Store) requirements to include stronger privacy and security guarantees.