Hacker News new | ask | show | jobs
by usuallymatt 326 days ago
I was tempted to use this but when I looked into the team behind it there seemed to be some issues as exposed by Louis Rossman here: https://youtu.be/Dl1x1Dy-ej4.

Instead, I installed CalyxOS and have been using it over a year now and I'm very happy with it. Check it out.
4 comments
mbananasynergy 326 days ago
Hi there. GrapheneOS community manager here. It's a weird video to bring up without any context. Louis Rossmann made that video and leaked private conversations that were had fairly soon after the person in question was repeatedly swatted by someone who has a fan of the person Rossmann was voicing support for.

Unfortunately, Rossmann turned out to be very dishonest, which in retrospect makes sense, seeing as he has no issues with using Kiwi Farms. He's verified account there is named "larossmann". I suggest you look into it.

It's not just something he's done with GrapheneOS and the founder of the project. There are many videos, such as the one he did on Linus from Linus Tech Tips where he similarly misrepresented things and ascribed mental health labels on them.

Regarding CalyxOS, I would recommend people check out https://eylenburg.github.io/android_comparison.htm as a third-party comparison for various projects, including GrapheneOS and CalyxOS. They're not similar projects.

link
nicman23 326 days ago
that comparison you are pasting in multiple replies has lineageos without micro-g.
link
icar 325 days ago
MicroG is extremely insecure. Does nobody remember that they used to print your Google password in plain text in the logs?
link
nicman23 325 days ago
k but i do not care about an account that i do not have. i only use it for the gms or whatever is called now
link
BLKNSLVR 326 days ago
"Never meet your heroes". Also, the opening monologue to Tool's Third Eye[0].

The older I get the more examples I've come across of a person destroying their reputation by either self-over-exposure (social media) or just basic exposure via news of some outrageous or illegal behavior.

I don't have a problem with whatever line you choose to not cross, and I was once much more self-righteous, but I've more recently pretty much made the conscious decision to separate product from producer, art from artist, etc.

Theo Lengyel was recently arrested for murdering his girlfriend, and yet I will still listen to and enjoy Mr. Bungle's music.

Gary Glitter... I still like the song Rock n Roll Part Two.

J.K. Rowling has some controversial views on transsexual women, but that doesn't mean that the Harry Potter series is any less worthwhile reading than it was before.

ReiserFS

I still buy Nestle Quik occasionally

Steve Jobs, Bill Gates, Mark Zuckerberg, name almost any tech bro... (but not Steve Wozniak, he's a treasure)

Sports stars.

Musicians.

I wonder how many other things are worthy of protest if we knew all the facts about all the people who were involved in it's creation.

(I'm attempting to respond to the general concept of "he/she/they bad = it bad", not commenting on GrapheneOS vs CalyxOS or anyone's personal choice over where / what they choose to apply "he/she/they bad = it bad" to, other than saying that it should be a conscious decision not a reflexive reaction)

[0]: https://genius.com/Tool-third-eye-lyrics

link
Scrubbed4426 326 days ago
This a video where he openly bullies someone, live streams their private messages where they're getting upset with him bullying them and repeatedly, blatantly lies about them including falsely claiming they're insane, etc.

Rossman lied about stopping using GrapheneOS and has continued using it after that point.

The video was made to direct harassment towards the project and founder after the project refused to work with Rossman.

He has done similar things to others, labeling them as insane and delusional.

link
bernoufakis 325 days ago
> This a video where he openly bullies someone, live streams their private messages where they're getting upset with him bullying them and repeatedly, blatantly lies about them including falsely claiming they're insane, etc.

That is the most disingeneous take on the video. The claim this kind of commenters that freely carry water for the toxic GOS (ex-?) lead developer is the exact reason why Rossmann made the video. The evidence is all there for the public to see. Daniel does not get to essentially harass people he disagrees with after they have been asked to not contact them, threaten them to "publicly expose them" and get away scott free.

Being a genius at cyber security or autistic does not give one a free pass to treat other like garbage.

> The video was made to direct harassment towards the project and founder after the project refused to work with Rossman.

The video was made to expose the harassment of the project founder toward Rossmann, when the former contacted him out of the blue with frivolous accusations after they parted way a year earlier due to un-reconciliable disagreements.

> He has done similar things to others, labeling them as insane and delusional.

No evidence provided, as usual.

link
mbananasynergy 325 days ago
>No evidence provided, as usual.

You should watch Rossmann's video on Linus - he has a habit of doing these hit pieces.

link
bernoufakis 325 days ago
Yes, I have watched them all. As I mentioned somewhere before I am a fan of both channels.

He never called Linus "insane" or "delusional" as the parent post claims, hence the request for evidence.

He (rightfully IMO) criticized some of his business practices (Honey, BilletLabs, "Trust me bro"), and quite a few more controversies which LTT was embroilled in.

He criticized Linus' behavior and lack of accountability based on his personal interaction with him, as well as publicly available evidence. At worst, called him a narcissit. If anything, he is vindicated by all the LTT apologies videos (one of which Linus and other staff even make puns and sponsor placements ...) that follow up each controversies.

Any more specific evidence you think show that "Rossmann has the habit of calling random people insane and delusional". I am willing to bet you have none.

link
onli 326 days ago
You are exactly right. To summarise for those who do not want to watch a video, the video shows communications with Graphenes lead developer in which he was extremely hostile and threatened Rossman. It also goes into how said developers hallucinates being attacked by specific other sites, like a Linux YouTube channel that obviously did nothing to him. His goons then attack those projects.

You have to be aware that you give that person root when you use Graphene. All possible technical improvements aside this is a very big risk. He claimed he would step back after the video released, then called that a lie and continued with everything.

Calyx seems to be the best alternative right now without such a risk factor.

link
bernoufakis 326 days ago
I second this opinion, with some additional nuance.

While I don't think the developers necessarily hallucinates being attacked (i.e. given the nature of the project, I would expect them to be persons of interest, be it from surveillance agencies, or even state actors), the main issue with Rossmann is their claim that he is either personally directing harassment against GOS, or colluding with and encouraging other communities to harass (mainly Kiwifarms, Techlore, CalyxOS, and other Android related FOSS projects). This claim seems to originate then cascade from Rossmann leaving the comment "Informative, but unfortunate" on TechLore's video criticizing GOS's leadership. This is taken as explicit support of TechLore community's / KiwiFarms alleged harrassement on the lead GOS developer, and this has somehow been cascaded and blown out of proportions, and considered by GOS developers as evidence of Rossmann's wrong doing against them.

As mentioned somewhere else, I am using GrapheneOS since 2 or 3 years now, based on Rossmann recommendations. The software is very good, pretty much native Android experience, but without the extra alleged Google snooping / root access. Rossmann himself seemed to have stopped using it as his main device because of fear of retaliation given that the GOS devs could potentially target him. Better safe than sorry. I still use it because I am not that high profile of a person, and generally will use throwaway when it comes to discussing anything GOS related at this point. The overall leadership however, based on Rossmann's and later my personal interactions with them however, did leave a bad after taste.

link
other8026 325 days ago
> Rossmann himself seemed to have stopped using it as his main device because of fear of retaliation given that the GOS devs could potentially target him.

But he didn't. It's clear in his later videos that he was still using GrapheneOS, I believe even for months after the video.

> Better safe than sorry.

People who are familiar with how GrapheneOS updates work wouldn't agree. No identifiers are sent to the update server, so targeted updates aren't possible that way. Also, update servers only host static files. If Rossmann was really that worried, all he'd have to do is use a VPN. But that was all just a huge dramatic act so his video would get more views, and possibly to entertain his fellow Kiwi Farms members.

link
bornfreddy 325 days ago
> > Better safe than sorry.

> People who are familiar with how GrapheneOS updates work wouldn't agree. No identifiers are sent to the update server, so targeted updates aren't possible that way. Also, update servers only host static files...

We are literally talking about an OS here. It has an almost total control over your phone - what does it matter if the updates can be targeted? The GOS could snoop on their users and turn into malware only if it figures out that this is Rossmann's phone.

This is what is keeping me from installing GOS too. Interaction from the developers seems very aggressive towards the competing OSs, which doesn't inspire much trust. Who is reviewing the GOS changes? Are they really all benign? In the end you need to trust someone, but I'm not sure GOS is more trustworthy than LineageOS (which has a bigger community, more developers and /e/os building on top of them).

Happy to be convinced otherwise.

link
other8026 324 days ago
> The GOS could snoop on their users and turn into malware only if it figures out that this is Rossmann's phone.

Well, yes, but not really. What you're saying could be true if the OS wasn't open source. It's not some small OS that nobody knows about. There are forks of the OS, there are other projects that selectively copy code/commits from GrapheneOS, there are security researchers who pay attention to its development. There are also people who reproduce and verify builds. It's just not possible for that kind of code to be snuck in there.

This section of the website about whether GrapheneOS is audited is also helpful https://grapheneos.org/faq#audit

> This is what is keeping me from installing GOS too. Interaction from the developers seems very aggressive towards the competing OSs, which doesn't inspire much trust.

If you pay attention to what they're responding to, you'll find that a lot of that is in response to something they said, clarification about inaccuracies in news articles, etc. The official accounts are also followed by many of the OSes' users, so some posts are for them too if certain things are being talked about in the community.

> In the end you need to trust someone, but I'm not sure GOS is more trustworthy than LineageOS (which has a bigger community, more developers and /e/os building on top of them).

I personally prefer quality over quantity. GrapheneOS developers take a long time to develop new features, test them, rewrite them, and it goes on and on until they have a resulting feature that is very high quality. They also have to keep in mind how much they're adding/changing so features and changes can be ported quickly when there are new upstream releases. Updating quickly is very important for security. Leaving vulnerabilities unpatched for months is not acceptable for a project and users who value security. The same can't be said of LineageOS or /e/OS. They're slow to update, roll back security, etc.

link
bernoufakis 325 days ago
> But he didn't. It's clear in his later videos that he was still using Graphene OS, I believe even for months after the video.

Emphasis on "seemed to have stopped using it as his main device". For all we know, he kept it as secondary device (its just that good) after removing anything he deemed critical. Again, he never said "don't use GOS", or "GOS is not secure". He said he was did not feel safe enough because of the hostility from the lead dev.

> People who are familiar with how GrapheneOS updates work wouldn't agree. No identifiers are sent to the update server, so targeted updates aren't possible that way. Also, update servers only host static files. If Rossmann was really that worried, all he'd have to do is use a VPN. But that was all just a huge dramatic act so his video would get more views, and possibly to entertain his fellow Kiwi Farms members.

Does it matter ? Rossmann is a layman when it comes to software. What he perceives is that "lead GOS dev is hostile against me and has essentially full control over the project". First, he is under no obligation to spend hours learning how GOS updates work and audit the code every release, whether or not some identifier is being tracked or not (and by the way, you can still get identified and tracked even if you use a VPN). The damage was done once that lead GOS dev persist in toxic behavior, for the lack of a better word.

> But that was all just a huge dramatic act so his video would get more views, and possibly to entertain his fellow Kiwi Farms members.

Unsubstantiated claims. We cannot read his mind, and I have yet to see any evidence that would support these.

link
Andromxda 325 days ago
> you can still get identified and tracked even if you use a VPN

Sure, but that requires additional data about the user, which the GrapheneOS update server doesn't get. Both the update client and the update server are open source, so you can verify any of what I'm saying. The server only sees the user's IP address, which device model they're requesting an update for, and which update channel (alpha/beta/stable) they are using. The HTTP headers, etc. for the request would be identical across any GrapheneOS device, as they use the exact same updater app.

https://github.com/GrapheneOS/releases.grapheneos.org https://github.com/GrapheneOS/platform_packages_apps_Updater

> First, he is under no obligation to spend hours learning how GOS updates

That literally takes a few minutes to look up, it's all really well documented on the official website. https://grapheneos.org/faq#default-connections

But yes, I do believe that he's obliged to do some research before putting out such absurd claims entirely based on speculation with no technical knowledge or understanding.

link
bernoufakis 325 days ago
> That literally takes a few minutes to look up, it's all really well documented on the official website. https://grapheneos.org/faq#default-connections

Again, that is beyond the point. The developer going rogue (for arbitrary reason) and turning the code malicious is not impossible.

> That literally takes a few minutes to look up, it's all really well documented on the official website. https://grapheneos.org/faq#default-connections

All of you who keep commenting "But it's so easy, just look it up" are lacking consideration and empathy. Other people don't think like you, they don't have to think like you. Just the documentation you have linked has so many technical terms, someone not familiar with networking and system design will barely make any sense of it.

It is a also a matter of trust. After the developer express their hostility multiple time, even if someone was willing to go through it, what if the documentation is not forth coming ? It is within the devs control after all. How does one even make sure that the software does what the documentation says it does ? etc...

> But yes, I do believe that he's obliged to do some research before putting out such absurd claims entirely based on speculation with no technical knowledge or understanding.

What "absurd" claim did he put out exactly ? His issue was never about the technical aspects of GOS. It was about the broken trust and the perception that using software from a hostile developer was a risk factor, hence his stopping using it (at least on his devices with sensitive info).

link
gf000 326 days ago
Calyx has lackluster security practices, and even removes signature checking so they can sell microG as Google Play Store to apps. This is an objective statement, graphene OS is leagues ahead of anything on the market in terms of security, while calyx is basically just a custom ROM to tinker with.

As for the personal aspect, the lead developer is definitely not the best representative of the project from a communication perspective as he might not have that kind of social skills (based on his posts). [1]

But he (Micay) is an excellent security researcher, and has an excellent track record when it comes to prioritizing his users. There was a sponsorship in the beginning, where the legal entity, CopperheadOS tried to hijack the whole project. But Micay rather kill the project, than let the users' security suffer and revoked the signing keys. And I'm sure such a betrayal would cause anyone to lose a lot of faith in others' actions.

> Give that person root

Complete bullshit, what root?! And if anything, you are the one who are trying to discredit a project here, by sharing some dumb clickbait video.

[1] I see that there is now a project manager doing most of the communication, which is an excellent solution!

link
onli 326 days ago
Do I have to explain what root is, or what are you not understanding about the concept of the software provider having complete control of the software on your phone and thus having root rights?

Your CopperheadOS description is one perspective, one that does not look all that believable now after his mental illness became clear.

I did not share the video, but I would and it is not clickbait.

I will not further respond to you, I don't think this would lead to a fruitful discussion. Kindly think about what kind of trust is necessary to trust in the proper functioning of a device as personal as a modern phone, and think about attack scenarios that could occur when the main developer of your OS is not trustworthy in the slightest.

link
other8026 325 days ago
> after his mental illness became clear.

Here you are again in yet another comment repeating these baseless claims about mental illness.

> think about attack scenarios that could occur when the main developer of your OS is not trustworthy in the slightest.

First of all, he's not the main developer. There are multiple developers. The other developers do most of the development work these days.

But to say that the OS is untrustworthy is completely false. You say GrapheneOS's founder has a mental illness based on watching a video where someone turned malicious toward the project recorded a conversation where the founder was extremely upset after being swatted multiple times.

The update client doesn't send identifiers when checking for updates, and the update servers only have static files saved to them. You're making stuff up here, and clearly trying to turn people off of using GrapheneOS by repeating baseless claims that the founder is crazy and fake worries of being targeted by them.

link
gtsop 326 days ago
Can you elaborate on why this is a risk factor? What do you mean by saying we're giving him root? If a person is paranoid of being chased i would expect them to put even more effort into the security of the OS he develops, not to add backdoors. But please expand your own reasoning.
link
bernoufakis 326 days ago
To put it simply, the (at the time) lead developer of GOS and Rossmann had some disagreements.

At the time, Rossmann was mainly using GOS, but due to what he perceived as hostile behavior from GOS toward him through their communication, he opted to stop using GOS (at least on his main device, as he claims).

His rationale was that the behavior of said lead developer was not "rational" and "scary", and since the developer has not only edit access to GOS code but also update publishing infrastructure, Rossmann's data or himself could be targeted through malicious code pushed via an update, for example. While GOS is opensource and malicious code or exploits could be detected by the community, he himself did not have confidence to audit the source code to make sure it was safe, hence his decision to stop using.

By risk factor, I think the grandparent suggests that something similar could happen to someone else using GOS, the risk factor being essentially at the mercy of GOS developer, would they wish to harm said user.

link
gtsop 326 days ago
So rossmann literally feared of a patch that was like this getting into graphene

if (user is rossmann) {

  // do bad things
}

makes me think who is paranoid here.

link
fph 325 days ago
Note that this patch would have to be sent out to all users though, since I don't think there is an authentication mechanism that lets them send out different upgrades to different users.

And if your whole business is a secure OS, it's a very risky proposition: you get caught doing this once, and your reputation is gone forever.

link
bernoufakis 326 days ago
Your example is a strawman, as a determined enough actor, especially a security expert(s) like GOS developers could pull it off and get such patch / exploit. The probability is not zero. It will probably not be obvious to spot, would be spread over multiple files of code that don't necessarily relate to each other at first glance, as many documented CVE illustrated (one that comes to mind given HN context is the XZ utils backdoor from last year for e.g.)

Rossmann himself has no confidence to audit the code, so why take the risk ? Good enough reason to be "paranoid", or at least feel uneasy about it if you ask me.

link
gtsop 325 days ago
Is it really a strawman? At some point, the code would need to identify rossmann. Please elaborate on the techniques required to do it and how it could be obfuscated.

GOS doesn't use an account, so the code would have to perform very targeted heuristics in order to verify this is Luis' phone. It would have to compare his sim number against a known one, or dig into application data to find his logins and compare them against known emails. So the only way to not write `if (user is rossmann)` would be to send various diagnostics over the wire, to a service that contains these identifiers and perform the comparison onlinr, meaning he would introduce an imense security whole into everyone's phone, and everyone would see there is a home calling.

So it's either a patch of if user == rossmann, or a home calling patch.

link
other8026 325 days ago
> Rossmann's data or himself could be targeted through malicious code pushed via an update, for example. While GOS is opensource and malicious code or exploits could be detected by the community, he himself did not have confidence to audit the source code to make sure it was safe, hence his decision to stop using.

This isn't even possible given how updates on GrapheneOS work. The update client doesn't send identifiers to the update server, and the update server only hosts static files.

Rossmann either doesn't understand this, or he made it up to get more views, or possibly to entertain fellow Kiwi Farms members.

To be honest, I don't think that he didn't understand that he couldn't be targeted. He continued using GrapheneOS for months after the video. As I understand it, it was clear in a few videos months after the initial video was published.

link
bernoufakis 325 days ago
> This isn't even possible given how updates on GrapheneOS work. The update client doesn't send identifiers to the update server, and the update server only hosts static files.

> Rossmann either doesn't understand this, or he made it up to get more views, or possibly to entertain fellow Kiwi Farms members.

Expecting a layman to know that is not reasonable. The argument is not about the GOS updates work in practice. It is about the "perpection", from Rossmann's perspective that the lead dev of the OS is hostile against him. Humans are not purely rational machines, and given the choice of either 1) spend hours auditing source code and updates pipelines (every release ?) and 2) stop using it for critical purpose, the latter is the easier choice, especially for a busy person like him.

> To be honest, I don't think that he didn't understand that he couldn't be targeted. He continued using GrapheneOS for months after the video. As I understand it, it was clear in a few videos months after the initial video was published.

For all we know, he is using it on his secondary device where he has removed what he deems critical. Again, Rossmann NEVER said "don't use Graphene OS", or "Graphene OS lack security" or anything of the sort. If anything, even after that video, he kept recommending GOS whenever he talked about privacy.

His argument is that he did not feel safe knowing using software from a hostile developer; and that he can't be bothered / not qualified to audit the code well enough to make it worth it (which is reasonable if you ask me, and I dare say most people).

Edit: > Rossmann either doesn't understand this Again, I agree with you here. He does not understand. He trusted the developer(s) to know what they are doing, but they broke that trust by being unreasonable, to say the least. He is under no obligation to understand. As for what you stated after that, I won't comment on it as I don't read minds, and pretty sure neither do you.

link
other8026 324 days ago
There are a couple of comments in response to my own saying basically the same thing, so I'll do the same...

Rossmann shouldn't be excused for making his harassment video about Daniel because he doesn't understand how things work. Anyone who bothers to think about it for a moment would understand that someone who had been swatted 3 times by a crazy person spamming community chat rooms with illegal content would be extremely upset. Someone tried to _murder him_ and was trying to destroy the project, and then this video comes out leaking a private chat, and Rossmann portrays him as crazy? Rossmann knew what was happening and then his first thought was to start recording? How is that justifiable?

You confessed you are a Rossmann fan in another comment, but even a fan should be able to see what had gone on here...

> Expecting a layman to know that is not reasonable.

And you are defending the inaccuracy in his video saying he's afraid of being targeted when it's not even possible, and your excuse for him is that he doesn't understand. There is no excuse for his video in the first place, but to also add this falsehood that he even can be targeted is extremely damaging for a project prioritizing privacy and security. And yet even though I'm sure he knows this now, as far as I know he hasn't retracted what he said. I don't think he cares about accuracy. Among other things, he's a YouTuber and he got views and attention, so I guess he got what he wanted at the expense of someone else during an extremely trying time. I don't think that's justifiable, I think it's scummy.

> If anything, even after that video, he kept recommending GOS whenever he talked about privacy.

Doesn't excuse what he did.

link
onli 326 days ago
Well, he can do everything to your phone, software and data by pushing software updates. When there was a dispute in the former project copperhead he deleted the cryptographic keys, blocking software updates. Paranoia could result in just making the system more secure, but why not add a backdoor to find the spies in your userbases that communicate with the black suited men that secretly run our government? After all it is easy, they all play a specific game where they communicate via secret messages in chat.

You just don't know what will happen is what I'm saying.

The "he has root" is also a reference to ubuntus shuttleworth.

link
gf000 326 days ago
> when there was a dispute in the former project copperhead

You mean who tried to hijack the project in a very questionable direction, harming their users, he rather lighted the project on fire then let the users' security be compromised?

If anything, that is the greatest compliment you could give him.

Also, this is fud that he can push any kind of code, like you can easily check any part of the pipeline.

link
bernoufakis 326 days ago
> You mean who tried to hijack the project in a very questionable direction, harming their users, he rather lighted the project on fire then let the users' security be compromised? > If anything, that is the greatest compliment you could give him.

On one hand, sure it can be a compliment. On the other hand, it only increases the perception that he is could enact significant harm if he ever comes after you.

> Also, this is fud that he can push any kind of code, like you can easily check any part of the pipeline.

Who is "you" ? Neither Rossmann, neither me (software dev albeit not in cybersecurity), and even less so the average GOS user, and I would venture to guess that neither you can audit GOS code with enough confidence to declare that the risk of an exploit or backdoor being introduced is zero. Open-source is not a guarantee that code or software is secure (for e.g. CVE in xz utils and many such cases).

Edit: some clarifications.

link
other8026 325 days ago
> On the other hand, it only increases the perception that he is could enact significant harm if he ever comes after you.

But that would be incorrect. It's not possible for anyone from the GrapheneOS project to target a GrapheneOS user that way. Look into how updates and the update servers work.

> neither you can audit GOS code with enough confidence to declare that the risk of an exploit or backdoor being introduced is zero.

The updater app is pretty easy to read through. I think a software developer would be able to understand it. The update servers' setups are also very easy to understand. It doesn't take a software developer genius to figure these things out.

link
gf000 325 days ago
This is on a level of "5G causes autism" understanding of the topic. Maybe learn how reproducible builds and cryptographic signatures work.
link
Andromxda 325 days ago
> This is on a level of "5G causes autism" understanding of the topic

That sums it up perfectly

link
other8026 325 days ago
Wow. Reading and responding to your comments in this thread, I can see you are very motivated to trash GrapheneOS and its founder.

> Well, he can do everything to your phone, software and data by pushing software updates.

Other developers are doing the bulk of development work these days, so this is nonsense.

> Paranoia could result in just making the system more secure, but why not add a backdoor to find the spies in your userbases that communicate with the black suited men that secretly run our government?

Again with the baseless claims that he's crazy. Your argument here is that "he is crazy, so maybe this happens too." It's nonsense. There are no backdoors, and if there ever were any backdoors, they would be found. GrapheneOS isn't some small project that nobody knows about. It's famous for being very secure, even famous people have said publicly that they use it or others should use it. Cellebrite cannot even hack into it. Backdoors wouldn't go unnoticed. This is also nonsense.

link
other8026 325 days ago
There's way much more to it than what you said here.

> extremely hostile and threatened Rossman

At the time, he was very upset. You know, because he was swatted multiple times. Of course he was upset when Rossmann showed his true colors and was trying to talk to him. Rossmann saw this as an opportunity and recorded it as it was happening. He tries to portray Daniel as crazy and people who attack the project and his friends on Kiwi Farms lap that stuff up.

It's not true that he stopped using GrapheneOS, though. He continued using GrapheneOS for months after that video, which you can see by watching his later videos.

> hallucinates

Repeating baseless claims that he's crazy.

> You have to be aware that you give that person root when you use Graphene.

What? This is a very strange way to say it. Either way, it's literally impossible for someone on the GrapheneOS team to target someone like what was claimed in the video. GrapheneOS devices don't send identifiers when they contact the update server. The update servers also only host static files.

> Calyx seems to be the best alternative right now without such a risk factor.

The "risk factor" is completely false. It's all made up to attack GrapheneOS, making the founder look like a crazy person, then people are scared of using the OS. CalyxOS is not a hardened OS and rolls back security in some ways. It's not the next best alternative for people who care about these things.

link
onli 325 days ago
Nothing I said is baseless and contrary to you, I do provide sources.

> Of course he was upset when Rossmann showed his true colors

I saw the chats. You lie. Showing his true colors = not accepting that there is an evil conspiracy and asking for proof. You are completely brainwashed and I will not continue this discussion.

If Calyx is not the next best alternative be invited to link to what you think is the best alternative. I still think it's Calyx.

link
Klonoar 325 days ago
…you haven’t provided any sources at all.
link
bernoufakis 325 days ago
The main source is the video, where you can see the GOS developer writing him live.

For more context, there was a Google Drive link that is unfortunately not available anymore, but I found and uploaded it here: <https://www.swisstransfer.com/d/d75ff782-4a7d-4497-b04e-edd1...>

It has they initial conversation and disagreement in September 2022, after the GOS developer in question accuses Rossmann of being complicit with harassment campaigns again said dev., because he also gave the same 40K USD FUTO grant to other similar project and had some interview with their developers.

The second set of files are the text messages that feature in the video, after said GOS developer contacted Rossmann umprompted on May 2023 with the same type of accusation.

Feel free to peruse and make you own opinion.

link
onli 325 days ago
I'm responding to it directly, the main source is the video linked in parent of this thread. Its description contains further links. I also did link to a relevant statement from the developer in a subthread here.

All I said is sourced.

link
Klonoar 325 days ago
As best I can tell, you've done nothing more than brigade a thread with odd claims about the GOS developer, sourcing from an interaction with a known drama YouTuber/KiwiFarms associate.

The people you've had respond to you in this thread, who likely have more intimate knowledge of what actually happened, have done a better job of breaking down this stuff - so I'll just defer to them.

link
other8026 325 days ago
> I do provide sources.

You provided exactly 0 sources in all of the comments I've seen posted by you so far.

> Showing his true colors = not accepting that there is an evil conspiracy and asking for proof.

"Evil conspiracy"? You say that someone else is paranoid and yet you are saying things like this? It's kind of ironic.

> You are completely brainwashed

Okay. If you say so.

link
bernoufakis 325 days ago
The main source is the video, where you can see the GOS developer writing him live. For more context, there was a Google Drive link that is unfortunately not available anymore, but I found and uploaded it here: <https://www.swisstransfer.com/d/d75ff782-4a7d-4497-b04e-edd1...>

It has they initial conversation and disagreement in September 2022, after the GOS developer in question accuses Rossmann of being complicit with harassment campaigns again said dev., because he also gave the same 40K USD FUTO grant to other similar project and had some interview with their developers.

The second set of files are the text messages that feature in the video, after said GOS developer contacted Rossmann umprompted on May 2023 with the same type of accusation.

Feel free to peruse and make you own opinion.

link