Even if this was true, it seems harder to compromise a single paranoid coder working out of his garage than any one of 1,000 corporate developers, their workstations, or associated networking, or servers in any (even high-security) company.
Weakest link in the chain and all that. There are just a lot fewer links in the chain. More likely that a vuln is introduced as part of Android and makes its way into GrapheneOS than directly into a tiny project.
Weakest link in the chain and all that. There are just a lot fewer links in the chain. More likely that a vuln is introduced as part of Android and makes its way into GrapheneOS than directly into a tiny project.