[mbananasynergy]

GrapheneOS isn't a project that plans to be an aftermarket OS forever. In fact, we're currently working with an OEM to have their devices have official GrapheneOS support. This can mean devices being sold with GrapheneOS without someone even having to install it.

We're of the opinion that there's a growing portion of the population that is becoming more security and privacy conscious, and that's reflected in our userbase, which has been growing consistently over the last few years.

We're not saying we're going to have iPhone's marketshare, but we're constantly growing.

>Now if one is targeted by a really motivated and threatening adversary, I don't think wiping PIN is any better than secondary profile PIN. The moment one chooses to wipe the phone, the adversary could be triggered by the action and harm the victim anyway.

Yes, but at that point, the data is irreversibly rendered inaccessible. There are situations where the data itself is the most important factor, and where the owner of the device being hurt doesn't benefit the adversary now that the data is gone. Of course, as with everything, it depends on one's situation, but the duress PIN feature doesn't involve trickery. It's a way to reliably and quickly do a very specific thing.

[crossroadsguy]

> In fact, we're currently working with an OEM to have their devices have official GrapheneOS support

Oh god, yes. Please! I can't wait to leave the walled fruit garden, but can't tolerate Google sniffing everything I do or do not do on my phone either.

PS. I just hope it's an OEM that sells devices to a lot of countries including developing ones and not something like Fairphone.

[ThePowerOfFuet]

Google has no access to anything you do on a Pixel with GrapheneOS installed just because it's their hardware.

[CommenterPerson]

Explain this please. With enough detail for the HN gurus.

[ThePowerOfFuet]

https://grapheneos.org/features#sandboxed-google-play

[dotancohen]

  > we're currently working with an OEM to have their devices have official GrapheneOS support.

It's a long shot, but please see if you can get this vendor to include an EMS stylus like the Samsung Note devices and S Ultra devices. That is what is keeping me on Samsung, and I will be one of their first customers if they have an integrated EMS pen.

[YoumuChan]

I think it is all about audience. There is no one-size-fit-all. Different audience have different threat models and different requirements.

For a corporate using an OS in work phones. The threat model is state/corp-sponsored actors. Trade secret leak is unacceptable. When in doubt, data should be wiped. Now wiping PIN makes total sense and is the only sensible option.

An ordinary person, on the other hand, often deals with non tech-savvy ordinary people. The threat model is different. Most likely plausible deniability is enough. The threat level is low. Those users may accept to trade some data security for a more friendly feature.

The ultimate question is whether Graphene envisions itself an opinionated OS that always follows the "best practice" or a generic OS that allows users to define their own threat models.