GrapheneOSThis is an extreme misrepresentation of both what Gaël Duval said in this interview and our response to it. What he clearly said is that /e/ and Murena aren't providing security hardening which he claims is only useful for pedophiles, criminals and spies. Gaël Duval has repeatedly said this in his posts including ones where he directly says GrapheneOS is only useful for pedophiles, criminals and spies. We can show archives of numerous posts with him saying exactly that.
We shared a video of Gaël Duval once again making these claims because that's harder to dismiss than his written posts across platforms. He has made the same claims in both French and English. Multiple /e/ supporters participating in ongoing attacks on GrapheneOS with inaccurate claims have tried to dismiss this based on him not explicitly mentioning GrapheneOS in the video and by spinning what he said. That's fine, we can make another thread with a collection of his posts saying this elsewhere.
Duval has a history of claiming serious privacy and security protections only help pedophiles, criminals and spies. He has explicitly smeared GrapheneOS this way repeatedly, but also attacks privacy projects in general as he did there.
/e/ and Murena products have poor privacy and atrocious security. Here's information on that with links to coverage by third party experts:
We can make an expanded article with more info and more links to 3rd party experts included too.
2nd recent example of Duval portraying serious privacy/security protections as being for pedophiles:
https://www.clubic.com/actualite-604786-murena-e-os-interview.html
Translation:
> But above all, we must not confuse the issue: /e/OS allows its users to avoid the massive collection of personal data that takes place on smartphones currently on the market—it is not designed to help child sex offenders evade the law. In other words: /e/OS is not a system designed for enhanced security that would be useful only to specific individuals.
"On arrive à un point de bascule violent" : le fondateur de /e/OS alerte sur la souveraineté - Interview
Gaël Duval a cofondé Mandrake Linux en 1998. Près de trente ans plus tard, le fondateur de Murena et de /e/OS n'a pas changé de combat, mais le monde, lui, commence à rattraper ses convictions.
Duval makes many false claims about /e/ in this article.
He repeats his extraordinarily false claim that they ship the latest security patches each month across devices which they don't do on a single device let alone all of them. Shipping backports of AOSP patches is not providing all the security patches.
He once again misleads people about their speech-to-text service sending user data to OpenAI. Running it through their own servers first is not anonymizing it.
https://community.e.foundation/t/voice-to-text-feature-using-open-ai/70509
Voice to Text feature using Open AI
Thank you a lot for your positive and supporting comments about our new /e/OS Voice-to-text! Regarding its implementation in /e/OS, I’d like to explain a few things to explain why we have chosen an OpenAI STT API to implement it and how it’s going to evolve in the future: What we have learned from our experimentations with STT models that run locally on the smartphone for speech recognition: they work quite poorly, they make a lot of mistakes in voice recognition they are not able to mix la...
He downplays the large number of default enabled Google services added by /e/ with extensive privileged access. Contrary to his claims, it does use Google Play binaries both in apps using it and ones downloaded by microG which they enabled by default.
Murena previously claimed server side encryption was good enough for their audience and comparable to actual end-to-end encryption. They ended up leaking highly sensitive user data across accounts for their services:
https://community.e.foundation/t/e-foundation-ecloud-security-notice-june-15-2022/42420
E Foundation/ecloud Security Notice June 15, 2022
We have confirmed, based on a recent investigation, that limited user data was leaked on Sunday, May 29th 2022 impacting 26 of our cloud users. During an unexpected state of our services due to a service migration, we encountered some authentication conflicts. During this time window, these conflicts led to some users connecting to our services (379 users in total) to being wrongly authenticated and potentially seeing some other users’ files belonging to 26 impacted users, restricted to files t...
glimbusGlorbo@GrapheneOS Hello! With all due respect, I only followed this account because I was under the impression I would primarily receive gOS news and updates. As of late this conversation has dominated my feed. I encourage you to continue to do what you think is best with this account. Where should I go to just receive news on gOS updates in a more concise way? Thank you!
Johannes Leutenegger 🤔@glimbusGlorbo Get used to the drama, I am personally torn, if I like it or not. @GrapheneOS
HybridStaticAnimate@johleut @glimbusGlorbo @GrapheneOS Please dont try to downplay serious situations by calling it drama, its just mean.
@HybridStaticAnimate Mean? Gaël Duval claims, that only p*dophiles or criminals need security, this is just untrue. If it really was a statement against Graphene, I don't really know. @glimbusGlorbo @GrapheneOS