GrapheneOSThis is an extreme misrepresentation of both what Gaël Duval said in this interview and our response to it. What he clearly said is that /e/ and Murena aren't providing security hardening which he claims is only useful for pedophiles, criminals and spies. Gaël Duval has repeatedly said this in his posts including ones where he directly says GrapheneOS is only useful for pedophiles, criminals and spies. We can show archives of numerous posts with him saying exactly that.
🌱🏴🅰️🏳️⚧️🐧🔧📎 Ambiyelp@GrapheneOS I would switch to grapheneOS if I could use it on fairphone because I believe in an absolute right to privacy its not just for abusers. I'm not going to get a phone other than the fairphone because it's more important to me that there is no slavery and conflict minerals used in the phone and the modularity is a nice plus too. So unless grapheneOS supports a phone that has these features I can't ethically justify buying a phone without them just to use it.
#GrapheneOS #Android #Fairphone #ConflictMinerals #ModernSlavery
HéliosélèneThere is no absolute privacy on grapheneOS phones. For example using graphene's default browser vanadium, you end up being a lot more uniquely fingerprintable than with a regular android and google chrome.
So this is all a matter of threat model. GrapheneOS is secure, but no device connected to the internet is 100% private, and using grapheneOS stands out a lot more from a metadata standpoint (for now at least).
@helioselene @ambiguous_yelp GrapheneOS goes out of the way to avoid standing out as being GrapheneOS on networks and to services when people are using a VPN. That's why it has a toggle to use the standard connectivity checks. Fixing privacy and security vulnerabilities inherently makes it possible to see those are fixed but that doesn't mean it stands out.
Contrary to your claims, Vanadium has far better protection against fingerprinting than Chrome but doesn't have nearly as many users.
@helioselene @ambiguous_yelp GrapheneOS supports using any Android browser app. There's nothing forcing people to use Vanadium. If you prefer using Brave because it has a significantly larger userbase to blend into than Vanadium along with additional anti-fingerprinting features then you can use Brave instead. It isn't as secure as Vanadium and has privacy disadvantages too. Brave on GrapheneOS is more secure than Brave outside of GrapheneOS due the protections. Same applies to other browsers.
@helioselene @ambiguous_yelp Nearly everyone cares enough about privacy for receiving standard privacy and security patches to be highly important to them even if they don't realize it. The same applies to receiving the standard Android privacy and security protections. Most Android OEMs fail to deliver a bare minimum level of privacy and security. Murena devices are horrible from a basic privacy and security perspective. Dismissing this by claiming it's about threat models is simply nonsense.
I am not denying it, I juste said (or at least meant) that even using grapheneOS was not enough to be safe in an absolute way. No system is "enough" in every case, especially for systems connected to the internet. So one should study their threat model and not just rely on the OS however hardened it be, and adapt their practice accordingly (such as not using vanadium [edit: esp. with non-default lang or tz] for many sites if they fear they can be fingerprinted).
@helioselene @ambiguous_yelp There's not really any browser you can use to avoid fingerprinting. Nothing mainstream does a good enough job and a non-mainstream option means you can be fingerprinted solely based on using a super niche browser. Vanadium does a good job avoiding telling apart Vanadium users and there are several improvements we can make including a way to pretend to have the UTC time zone which it could prompt about at startup or it could have a fingerprint review for settings.