[strcat]

Persistent app-accessible root greatly regresses OS security and breaks the verified boot security model. We're definitely not going to increase the number of build variants from 40 to 80 in order to provide an insecure option which would take away from efforts to properly implement features instead of doing it via hacks using apps running commands as root. If you want it you can make your own builds with it instead of us doubling the number of builds and deltas we need to make. Most of the people doing it are modifying the official builds and resigning them. Anyone who can understand the consequences of app-accessible root is capable of doing that.

[Aachen]

Hi strcat, we had this conversation often enough that I'm starting to recognise the username. It's the same every time: Graphene argues it's dangerous, tech-savvy users want it but aren't necessarily interested in the upkeep (even if they're technically capable of making such a build), plus missing security patches (part of the point of this OS, otherwise you can use Lineage or whatever), and Graphene is under no obligation to provide anything to anyone. Same arguments today as they were from the start except now maybe the security patches' embargo time makes it even more hostile to do custom builds by power users

[handedness]

"Every time someone makes the same unreasonable demand of you, you offer the same explanation of why their demand is unreasonable."

[Aachen]

Read what I wrote, "demanding" was addressed (though with the word obligation, functionally the same here):

> and Graphene is under no obligation to provide anything to anyone.

And here I thought it felt repetitive between (sub) threads

[dns_snek]

You say you understand that they're under no obligation to do anything, you already knew their reasoning, yet you still wrote a comment [seemingly] complaining about it. Was there a different purpose to it?

[Aachen]

GrapheneOS evidently wants to helping people manage threat actors in their life. Having a terminal with full control of your own hardware would help with that goal because it lets you further control what your device and the software thereon does (there are apps you don't fully trust but need for daily life, where you might want to do TLS interception or modify what it stored about you before connecting to the internet again)

I simply agreed with the person who posted this sentiment by mentioning another place where an organisation acts contrary to its stated goal (Signal wants privacy, but also your phone number? I can come up with reasons like that it costs money and thus helps against spam, but it's still at odds and different solutions and opinions are possible)

If someone comes to one of my open source projects' bugtrackers and says "I want you to implement X", I can say "enjoy implementing that", or I can say "this is a bad idea because reasons". GrapheneOS does the latter. Responding to that, waylaying arguments, is not the same as demanding free work. They're free to not care

[handedness]

He directly answered your question, gave you an alternative, which in your reply you didn't even acknowledge, but moved the goalposts.

People who spend huge quantities of time trolling somebody who makes an excellent mobile operating system are really quite something. I used to think he was overselling the quantity and quality of it, but this post's comments have really turned me around on that one. So: thanks for that.

[fsflover]

Removing access of users to their device is not security. At least not when users do not want this.

[handedness]

Your choosing to frame it that way is, at best, fraught.