B. The NSA hasn’t stolen the signing key and isn’t feeding you customized images?
True, you can’t verify that with iOS or Android either. I am saying though that trusting my security because it’s safer… by being in some guy’s garage feels like an odd trade. One that shouldn’t be casually ignored, at least.
If your threat model for your phone includes the NSA as an adversary, maybe you shouldn't be using a phone at all.
For the rest of us, who just want to be violated less, we have to choose our poison. The corporate options are shameless violators, and the alternatives are gambles.
Even if this was true, it seems harder to compromise a single paranoid coder working out of his garage than any one of 1,000 corporate developers, their workstations, or associated networking, or servers in any (even high-security) company.
Weakest link in the chain and all that. There are just a lot fewer links in the chain. More likely that a vuln is introduced as part of Android and makes its way into GrapheneOS than directly into a tiny project.
I’m saying that, if people who use it aren’t careful, they could end up like the university kid.
There was a university that received a bomb threat over Tor. They found one student who used Tor on the network at around the right time, and because he was the only Tor user, he’s in jail for a very, very long time. That kid was at Harvard, his persuer the FBI.
If you are going to use GrapheneOS, don’t be naive and think it will make you agency-proof. If anything it probably flags you to their attention.
Why are you under the impression that since I want to use a more secure OS than Android or the equivocating Apple that I must be wanting to bomb a university?
Absolutely not. But if anything bad happens, or you are attending a protest and suddenly getting investigated for rioting, you might have second thoughts.
I do not condone or endorse illegal activity. That does not mean your use of GrapheneOS might not be used against you if you use it at an inopportune time. There is currently almost no discussion online about this, so it’s worth a mention.
Edit: I forgot to mention some obvious context in my head. Think journalist, in Russia, using GrapheneOS for “safety.” In such a situation, probably a terrible idea.
The kind of over-cautious cowardice you are displaying is what drives societies to become conformity-enforcing police states.
"You're painting your fence beige instead of white? Are you sure that's a good idea? What if there's a crime committed in the neighborhood - beige-fenced deviants are the first that the police will look at!"
People have been trying to stick Linux and the AOSP for the same reasons, but it's quite obviously never worked. Linux and Android are not popular because they are superior security tools, they are popular because they are free and accessible. Governments play poker, they don't want you to know what their hands look like. Condemning any particular software is the equivalent of folding their hand; it's an admittance of defeat. It won't happen unless they face a hopelessly equipped adversary, like Huawei.
GrapheneOS is likely not a secure system, but neither is any smartphone OS. I'll compliment anyone taking steps towards transparency that makes governments and global-scale corporations tremble at the knees.
I remember seeing that news on arstechnica or some tech publication I was following at the time.
It actually put a little fear in me because I look around and not a lot of internet users in my small hell hole of an open prison I call home and i was like "dude. You're like a alert beacon screaming here is a tor user, check him out".
I was using tor at the time and that is the last day I used it because this use case fit me somewhat. Not for sending bomb threats but because the nature of surveillance, I am a target of the government so any outlier gets flagged pretty hard.
It doesn’t matter who is coding it, it matters who owns the signing key that will make your phone recognize the authenticity of the software. And, of course, if anyone else has it.
A. The builds match the code?
B. The NSA hasn’t stolen the signing key and isn’t feeding you customized images?
True, you can’t verify that with iOS or Android either. I am saying though that trusting my security because it’s safer… by being in some guy’s garage feels like an odd trade. One that shouldn’t be casually ignored, at least.