GrapheneOSPositon (https://positon.xyz/) is a geolocation service closely tied to a group of people targeting our team with harassment. We urge people to avoid submitting their sensitive location data to this service. People involved in it have supported doxxing and swatting attacks.
They intend to lock people in to the service by keeping a lot of the data proprietary. They've repeatedly talked about locking people into it and avoiding having alternatives to it. Their priority is having control and ownership of data while sabotaging decentralized approaches.
rock eater@GrapheneOS do you have a source for these doxxing, swatting, or lock in plans….?
@GrapheneOS or the security claims about eOS either? i cant find any information about it online
Look at the DivestOS site and particularly the posts by SkewedZeppelin (security researcher and lead developer of DivestOS) about /e/OS on their forum and elsewhere.
You can find lots of information about it online beyond that. You can easily confirm that they're consistently way behind on security patches for the OS and browser, set an inaccurate security patch level, downplay it / mislead users about it and massively roll back security beyond how much LineageOS already does.
@GrapheneOS yeah, no, sorry. This is not a source. I asked for a source and you basically responded with “look it up”.
Just because you’ve given me more instructions on what exactly to look up (in this case the security researcher) that doesn’t mean you’ve provided a source. That’s like if someone comes up to you and starts parroting some random political talking point and when you ask where they heard this they just say ‘Biden said it in 2023’.
That’s not a source, it’s a guide to find more information.
@kali We're speaking about it as a privacy and security research/development project with a long history of discovering vulnerabilities and working with upstream projects. Our statements are based on the /e/OS source code and their public statements including marketing. You can confirm which Android version it's based on which patch level is provided for different components, and how they present that to users. It's completely verifiable information. Do you want us to link to a bunch of it?
@GrapheneOS my apologies if it wasn’t clear, but my previous post asking for sources was also referencing to your claims of doxxing and harassment- which would have required it’s own link.
It seems unnecessary to provide links to their source code because, as you said, it is already verifiable. Graphene and e/OS/ seem to share different visions. I am ending this conversation now, it’s late in the evening for me.
@kali They were just creating sockpuppet accounts on our forum today engaging in libel targeting our team and spreading misinformation in response to our post about this location service which they don't want people to know is tied to them. It's likely verifiable that it's Gael Duval himself doing it if mastodon.social cooperated and confirmed if the IP address used on our forum matches, if you can convince them to check that.
We have previous posts about their past attacks on our team members.