GrapheneOSJul 18, 2025

We published this response to a recent article promoting insecure devices with /e/OS with inaccurate claims, including inaccurate comparisons to GrapheneOS:

https://discuss.grapheneos.org/d/24134-devices-lacking-standard-privacysecurity-patches-and-protections-arent-private

The founder of /e/OS has responded with misinformation promoting /e/OS and attacking GrapheneOS.

Devices lacking standard privacy/security patches and protections aren't private - GrapheneOS Discussion Forum

GrapheneOS discussion forum

GrapheneOS Discussion Forum
Show threadGrapheneOSJul 18, 2025
We made a post with accurate info on our forum in response to inaccurate information, that's all. There's a lot more we could have covered. See https://kuketz-blog.de/e-datenschutzfreundlich-bedeutet-nicht-zwangslaeufig-sicher-custom-roms-teil6/ for several examples such as /e/OS having unique user tracking in their update client not communicated to users.
/e/: Datenschutzfreundlich bedeutet nicht zwangsläufig sicher – Custom-ROMs Teil6

/e/ punktet beim Datenschutz, aber hinsichtlich der Sicherheit bestehen erhebliche Bedenken.

Show threadGrapheneOSJul 18, 2025

The founder of /e/OS responded to the post we made on our forum here:

https://mastodon.social/@gael/114874688715085353

Gaël Duval has repeatedly personally targeted the founder of GrapheneOS in response to us posting accurate information responding to misinformation from /e/OS and their supporters.

Show threadGrapheneOSJul 18, 2025
Contrary to what's claimed in this thread, /e/OS does not improve privacy. /e/OS massively reduces privacy compared to the Android Open Source Project in multiple ways. /e/OS is consistently very far behind on shipping important privacy improvements in new major Android releases.
Show threadGrapheneOSJul 18, 2025
/e/OS regularly lags many weeks, months and even years behind on shipping important privacy and security patches. They roll back various parts of the privacy and security model, add a bunch of privileged Google service integration and their own privacy invasive services too.
Show threadGrapheneOSJul 18, 2025
The link posted at https://mastodon.social/@gael/114875028964272029 shows /e/OS shipping the previous round of Chromium privacy/security patches a couple weeks late. It regularly takes them months instead of weeks. They take far longer to ship many of the important driver, firmware and AOSP patches.
Show threadGrapheneOSJul 18, 2025
The link also shows they're using the wrong Chromium tags for Android and frequently results in missing Android-specific privacy/security patches. Chromium 138.0.7204.97 was a June 30th release for Windows, not Android. The Android tag for June 30th was 138.0.7204.63.
Show threadGrapheneOSJul 18, 2025

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
https://chromereleases.googleblog.com/2025/06/chrome-for-android-update_30.html

Patches in Chromium Stable channel updates for Android are often only in the Android tags, not the Windows ones.

The current Android release is 138.0.7204.157, with security patches beyond 138.0.7204.63:

https://chromiumdash.appspot.com/releases?platform=Android

Stable Channel Update for Desktop

The Stable channel has been updated to 138.0.7204.157/.158 for Windows, Mac and 138.0.7204.157 for Linux which will roll out over the coming...

Chrome Releases
Show threadGrapheneOSJul 18, 2025
These were minor releases of Chromium. It's trivial to incorporate the changes and ship them on release day within hours. Even major releases of Chromium every ~4 weeks are easy to ship on release day because major releases are open source for weeks in advance, unlike Android.
Show threadGrapheneOSJul 18, 2025
As can be seen by looking back through https://github.com/GrapheneOS/Vanadium/releases and comparing it to the Android release dashboard linked above, we ship the Chromium Stable and Early Stable releases on release day. This is not impressive. Shipping privacy/security patches is the bare minimum.
Releases · GrapheneOS/Vanadium

Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS reposito...

GitHub
Show threadGrapheneOSJul 18, 2025
Our forum post and this thread were both posted in response to inaccurate info about GrapheneOS posted to promote /e/OS. Once again personally targeting our founder with fabricated stories and harassment from their community is what /e/OS has done before and continues doing.
Show threadJak2k 🏳️‍🌈Jul 18, 2025

@GrapheneOS He is posting the same stuff about you, as you about them. You are both creating long threads, how childish the other one is.

This makes everyone, no matter if they are using Graphene OS, /e/OS or something else, trust both of you less. There are enough people using an insecure OS just because they don't trust you because of this kind of bullshit behavior. Please stop it. It's more damaging than their posts about you.

Show threadXavJul 18, 2025
Thank you @jak2k for saying this. I wish @GrapheneOS would realize that and be more mature online. It's a pity such a good developer devaluates himself with these attacks.
Show threadGrapheneOS

@xav @jak2k GrapheneOS is an open source project with 10 developers paid by the non-profit GrapheneOS Foundation. It is not one person's project and not a hobby project. Duval participates in misrepresenting it as such because it serves his interests including encouraging /e/OS supporters to engage in further harassment.

Contrary to your misrepresentation of what's happening, each of our threads about this has been in response to misinformation about GrapheneOS and attacks on our project/team.

Jul 18, 2025 at 10:34pmWeb