For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash

Even @TheAnonymouseJoker@lemmy.ml gives it backlash despite being a moderator of Lemmy’s biggest privacy community. A quote here: “grapheneOS trolls are downvoting every single post and comment of mine, and committing vote manipulation on Lemmy. They are using 5-6 accounts.” That was in response to downvotes on a comment posted in the c/WorldNews community, which is entirely unrelated to technology.

One of the reasons is that GrapheneOS can only be installed on Google Pixels due to security compatibility, which makes complete sense considering Android should be most compatible with Google’s own devices. GrapheneOS even lists the exact reasons they chose Pixels, and encourage people to step up and manufacture a different supported device.

One year ago, Louis Rossmann posted this video outlining his reasons for deleting GrapheneOS. Mainly, he had multiple bad experiences with Daniel Micay (the founder and main developer of GrapheneOS) which put his distrust in the GrapheneOS project. Since then, he has stepped down and will no longer be actively contributing to the project.

So, I am here to learn why exactly people still do not like GrapheneOS.

  • haui@lemmy.giftedmc.com
    link
    fedilink
    arrow-up
    0
    ·
    edit-2
    5 months ago

    Do you use stable because you fear sudden bugs and breakages or for other reasons?

    No. I installed it because they said its better for daily use because the other versions might break. I have since used it with few real issues and no serious (as in requires another machine to get back in a working state or serious knowledge of the inner workings). I might try different things but not without having done and checked everything in stable. :)

    So you’re using only fluffychat with bridges?

    yes

    I mean, you have not installed WhatsApp, Signal or Discord clients, right?

    Not on the linux phone

    But there are unofficial flatpak which should work I guess.

    I dont install things I dont need. I have a configuration that works with every service I need and has zero breakage as of now.

    Or bridges are the only choice?

    I dont know. It is the most complete and privacy friendly compromise that I know of. The more privacy route would be to abandon whatsapp but I guess for you its the same as for me: not an option at this point.

    I ask this because while I think bridges are neat, they have their problems and I’m not sure I would happily and painlessly be able to use only them.

    Bridges work 99% of the time for me, maybe 100 messages+ per day. It has been months and I had to reconnect two bridges, one time each. This is not proprietary stuff with billion dollar budgets so in my book that is perfect with no issues. If I want stuff to “just work” I pay someone to write it for me. Can someone break it by sending huge files, have 1000 messages per hour or 1000 contacts to sync? Of course. But thats not my usecase so I cant swear to you that everything will always work perfectly. Again. Companies are investing insane amounts of money in these services and if you dont want to be the product and you dont want to pay for it, thats what you get. :)

    And, you’re still using an iOS/Android device from time to time to prevent automatic logout from WhatsApp’s bridge and manage Signal’s login, right?

    yes, same for discord btw. I am still testing mobile linux so I have two phones anyway.

    You know, to be honest the last time I tried pmOS it was specifically the unusable state of Bitwarden and Freetube which made me think “okay, maybe it’s better to wait more time before trying to using it”

    Bitwarden as a firefox extension works okay but it needs work. The standalone app which I’m trying to port is pretty tough, not sure what the exact reason is.

    How do you primarily install software?

    APK, if that doesnt have anything or the program doesnt work well I try flatpak. A LOT of stuff is available. No comparison to more popular platforms though. Mobile linux is in the infancy of infancy so whoever uses it rn is a pioneer in my book. It works well but peeps who use it need to have the correct mindset or they will hate it: You’re not in kansas anymore. Stuff will break and you’re supposed to help fix it and not let out your frustration on others as they dont on you. :)

    I hope that helps.

    • yak@feddit.it
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Thanks mate!!

      On the bridge thing I 100% agree, although for the way they works you’ll have to deal with your messages being unencrypted. On WhatsApp (and Discord, I guess? I don’t use it) this probably is still far better than having the app installed, on Signal it’s a bit of a shame because it’s the only app with proprietary-level usability while being real FOSS and e2e. So using it with the bridge kind of defeat the purpose of e2e I guess, but still I’m definitely gonna try it again.

      I have a OnePlus 6 and a Poco F1, so I’ll just choose one and give pmOS another go :)

      • haui@lemmy.giftedmc.com
        link
        fedilink
        arrow-up
        0
        ·
        5 months ago

        I‘m running it on the OP6 and its pretty good.

        The bridge is still encrypting stuff afaik, just not e2e but from the server to the recepient.

        Also, signal is only foss on the client side, no? The server seems proprietary to me.

        Good luck and feel free to update.

        • yak@feddit.it
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          5 months ago

          The server seems proprietary to me.

          No, they stopped updating the source code of the server at some point, but then they started again. Anyway Signal is far from my favorite messagging app, I actually don’t like it at all, but it’s still e2e encrypted, so it’s (kinda) fine for me.

          The bridge is still encrypting stuff

          It is. But for a message to be bridged it have to be decrypted by the bridge first, then re-encrypted. So there’s a step where the message is in plain text and you have to trust the matrix server which manages the bridge. Don’t get me wrong, that’s surely better than to trust Meta and other big corporations, but still not ideal.

          Anyway thanks for all the useful insights, I’ll try to remember to update! 😄