For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash
Even @TheAnonymouseJoker@lemmy.ml gives it backlash despite being a moderator of Lemmy’s biggest privacy community. A quote here: “grapheneOS trolls are downvoting every single post and comment of mine, and committing vote manipulation on Lemmy. They are using 5-6 accounts.” That was in response to downvotes on a comment posted in the c/WorldNews community, which is entirely unrelated to technology.
One of the reasons is that GrapheneOS can only be installed on Google Pixels due to security compatibility, which makes complete sense considering Android should be most compatible with Google’s own devices. GrapheneOS even lists the exact reasons they chose Pixels, and encourage people to step up and manufacture a different supported device.
One year ago, Louis Rossmann posted this video outlining his reasons for deleting GrapheneOS. Mainly, he had multiple bad experiences with Daniel Micay (the founder and main developer of GrapheneOS) which put his distrust in the GrapheneOS project. Since then, he has stepped down and will no longer be actively contributing to the project.
So, I am here to learn why exactly people still do not like GrapheneOS.
What’s stopping the developer to put a backdoor in it and collaborate with the CIA and the NSA?
Nothing. But what’s stopping you from checking out the source code?
The fact that the system is open source
A libre software license.
Nothing
Although it probably would be easier to attack the modem
In my personal opinion, privacy-oriented distributions are more likely to be targeted by intelligence agencies, I prefer a mainstream debloated version at least that way you have the advantage of not attracting attention among so many millions of users. trusting your OpSec in the good will of someone it’s not a good idea, at least for me.
Your logic is quite flawed.
Since GrapheneOS is based on Android (AOSP), any vulnerability that exists in Graphene definitely also exists in AOSP. Graphene is often faster at fixing security vulnerabilities than Google. GrapheneOS makes some substantial security improvements to AOSP, so the chance of a bug in AOSP being exploitable in Graphene is much lower.
That’s literally what you’re doing with the stock OS. Since it’s proprietary, no one can actually verify what’s actually going on. You’re literally trusting a billion-dollar big tech advertising corporation that participates In the NSA PRISM program. What you’re saying doesn’t make any sense.
If depends on what you mean by “privacy centric”
That’s why the modem is isolated from the rest of the system through IOMMU: https://grapheneos.org/faq#baseband-isolation