Benvenuto nel Poliverso

European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.

xatakandroid.com/sociedad/cada…

"Cada vez que vemos un Google Pixel pensamos que puede ser un narcotraficante". Es el móvil perfecto...

Los Google Pixel son los máximos representantes de Android, con permiso de Samsung. Es por ello que convencen a los usuarios entusiastas del sistema...

^{Pepu Ricca (Xataka Android)}

CoffeeLover ☕ likes this.

reshared this

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

There are ongoing coordinated attempts at misleading people about GrapheneOS and Signal in multiple European countries. A consistent pattern are completely unsubstantiated claims about exploits with no evidence. These are contradicted by actual evidence, leaks and their behavior.

reshared this

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

GrapheneOS is not immune to exploitation, but the fearmongering done in these ongoing attacks on it is very clearly fabricated. They feel threatened enough by GrapheneOS to engage in coordinated attempts at convincing people that it's unable to protect their privacy and security.

reshared this

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

GrapheneOS eliminates many classes of remotely exploitable vulnerabilities and makes the vast majority far harder to exploit. It even puts up a strong fight against attacks advanced forensic data extraction tools with physical access. See discuss.grapheneos.org/d/14344… for an example.

Cellebrite Premium July 2024 documentation - GrapheneOS Discussion Forum

GrapheneOS discussion forum

^{GrapheneOS Discussion Forum}

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

There's currently an example of one of these attacks on the project ongoing across Swedish forums and social media. This reached our forum at discuss.grapheneos.org/d/23535…. An account pretending to be just asking questions goes on to pretend to be an expert citing non-existent sources.

Unsubstantiated claims about Sweden exploiting GrapheneOS with no evidence - GrapheneOS Discussion Forum

GrapheneOS discussion forum

^{GrapheneOS Discussion Forum}

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

This same thing is currently ongoing across several Swedish forums and on social media. It's generally not in English which makes it inaccessible to the broader GrapheneOS and privacy community so they can get away with extraordinary, unsubstantiated claims much more easily.

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

GrapheneOS is not supposed to stop people installing malware and granting it invasive permission. It does provide alternatives to being coerced into granting invasive permissions by apps via our Storage Scopes, Contact Scopes and other permissions, but it's a user choice.

Oblomov reshared this.

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

GrapheneOS similarly not supposed to prevent authorized access to data by someone with the PIN/password and access to the device. Rather, we provide far stronger protection against unauthorized access via exploit protections, 2-factor fingerprint unlock, duress PIN/password, etc.

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

Our features page at grapheneos.org/features provides an overview of how GrapheneOS improves privacy, security and other areas compared to the most secure Android devices running the stock OS. It's not immune to exploitation and cannot be. Products making that claim are scams.

GrapheneOS features overview

Overview of GrapheneOS features differentiating it from the Android Open Source Project (AOSP).

^GrapheneOS

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

Not being immune to exploitation doesn't mean it can be successfully exploited in a given real world scenario. It's significantly harder to develop and deploy an exploit successfully. It can be exploited, but it doesn't mean it is happening especially at scale or consistently.

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

Having far from perfect security does not mean real world attacks including sophisticated ones will be successful in practice. Don't fall for security nihilism propaganda. We'll keep working on advancing security for general purpose computing devices. It will keep getting better.

in reply to GrapheneOS

Okuna

in reply to GrapheneOS • 2 mesi fa • •

a bank cio once told me: you don’t need the best security, the second worst is sufficient. Criminals always try to get the lowest hanging fruits. I believe the situation since then, 2006, changed

in reply to Okuna

GrapheneOS

in reply to Okuna • 2 mesi fa • •

@Okuna GrapheneOS does defend against sophisticated attacks. It doesn't need to be perfect to do so. It only needs to largely be ahead of those and keeping them not working at all or at least not working reliably most of the time for it to generally not work and therefore not be very appealing. By default, we generate user-facing crash reports for memory corruption detected by hardware memory tagging. Users can also enable it for other system crashes. This is a major deterrent against attacks.

@Okuna

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@Okuna We have much better exploit protections blocking many kinds of vulnerabilities from being exploited and making nearly all other remote / proximity vulnerabilities in the OS much harder to exploit. This combined with the risk of attackers burning their exploits through the user-facing crash reporting means they'd need to really want to target GrapheneOS enough to put lots of extra effort into development and risk losing both that and the baseline vulnerabilities/exploits if it goes wrong.

@Okuna

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

Here's an article from Citizen Lab on how the Spanish government used exploits against political opponents in Catalonia:

citizenlab.ca/2022/04/catalang…

Bear in mind even police using these will almost entirely be using them against people not convicted of a crime based on suspicion.

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru - The Citizen

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and membe…

^{John Scott-Railton (The Citizen Lab)}

reshared this

in reply to GrapheneOS

Light

in reply to GrapheneOS • 2 mesi fa • •

Which country would you say is the most safe and free?

in reply to GrapheneOS

Edward

in reply to GrapheneOS • 2 mesi fa • •

These authoritarians are horrible...

in reply to GrapheneOS

aleksana

in reply to GrapheneOS • 2 mesi fa • •

So almost all governments around the world think "If you are a law-abiding citizen, you should leave holes on your device"...

Unknown parent

GrapheneOS

Unknown parent • 2 mesi fa • •

@NebulaTide They started off asking questions about something they say they've seen posted elsewhere. By the end of their participation in the thread, they're acting as if they're an expert and confidently making extraordinarily, unsubstantiated claims which do not check out. They claim to have sources which they completely fail to provide, and resort to posting search results not saying what they said the sources say. We think they posted the thread on the Swedish forum despite their denials.

@Doerk

in reply to GrapheneOS

Disisdeguey🔻Pavlichenko🇵🇸

in reply to GrapheneOS • 2 mesi fa • •

NOW I want to get one and install #GraphenOS 😁

#GraphenOS

in reply to GrapheneOS

Feral Fire

in reply to GrapheneOS • 2 mesi fa • •

we see it in court in Ireland all the time.

GrapheneOS is always referred to as "the Encrochat system" by the Gardai.

in reply to Feral Fire

GrapheneOS

in reply to Feral Fire • 2 mesi fa • •

@dgold That's very strange since there's not only no connection but we were openly criticizing those companies. They engaged in false marketing for badly secured products while doing harm to the whole space through specifically trying to sell devices to criminals. Multiple of these companies did massive harm to the cause of privacy in Europe by helping authoritarians build their attacks on encryption and secure devices. Should be noted several either became or started as law enforcement stings.

@Feral Fire

in reply to GrapheneOS

Daniel Casanueva

in reply to GrapheneOS • 2 mesi fa • •

I read it as an endorsement!

in reply to GrapheneOS

Vash

in reply to GrapheneOS • 2 mesi fa • •

It is like saying "criminals use vans with tinted windows" ... There may be many more stereotypes: sun glasses, guitar cases ... Ridiculous

in reply to GrapheneOS

Arc<dyn fnrir> '; DO A FLIP; --

in reply to GrapheneOS • 2 mesi fa • •

The 'ghost' operating system. That's none other than a known ROM in the Android scene: GrapheneOS. This is the software installed by criminal gangs, a version of Android focused on maximum privacy that does not require the 'Google Apps'. This provides an encrypted communication system, exploited by criminal gangs.

(note: translated with Firefox)

looks more like an endorsement to me

also they'll be livid when they discover what OpenSSL is /j

in reply to Arc<dyn fnrir> '; DO A FLIP; --

Arc<dyn fnrir> '; DO A FLIP; --

in reply to Arc<dyn fnrir> '; DO A FLIP; -- • 2 mesi fa • •

uspol

Sensitive content

in reply to Arc<dyn fnrir> '; DO A FLIP; --

GrapheneOS

in reply to Arc<dyn fnrir> '; DO A FLIP; -- • 2 mesi fa • •

uspol

Sensitive content

@Arc<dyn fnrir> '; DO A FLIP; --

Unknown parent

GrapheneOS

Unknown parent • 2 mesi fa • •

@ElysianEve Our default of blocking new USB connections while locked at both a software and hardware (USB controller) level along with disabling USB data when there are no connections left is enough to prevent all real world exploits via USB. The option to fully disable it to the point that USB-PD and even slow charging are unavailable while booted into the normal OS mode adds an even greater protection against it.

We also have our substantial generic memory corruption exploit protections.

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@ElysianEve Hardware memory tagging on 8th/9th gen Pixels is a big deal and makes most memory corruption exploits much harder to pull off. Those are the vast majority of exploits which are used in practice, including nearly all remote and proximity (radio, USB, etc.) exploits for Android. We have hardware memory tagging enabled for the Linux kernel and the whole base OS with the exception of a few userspace processes. In userspace, it's our best in class implementation in hardened_malloc.

Unknown parent

GrapheneOS

Unknown parent • 2 mesi fa • •

@ElysianEve They're probably describing convincing people to install malware and grant it extensive privileges but are presenting it as if they're bypassing the security of the hardware and software through doing so. It's not really clear what they're talking about but they're probably not referring to actual sophisticated remote exploits. GrapheneOS does provide substantial protections against those and general ones for Android will almost certainly not work without tons of extra development.

Unknown parent

GrapheneOS

Unknown parent • 2 mesi fa • •

@ElysianEve We plan to add bookmark export/import to Vanadium along with other export/import features. It currently has most data excluded from OS backups since Chromium does due to Chromium having a sync implementation that's used by Chrome. We don't have an easy way to use that sync implementation and it probably doesn't make sense. Our plan is to add data export/import options and also make it work better with OS backups.

in reply to GrapheneOS

ActivityPub - Collegamento all'originale

frphank

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

Simplex Chat had a similar attack where Wired Magazine claimed Simplex was full of Nazis

in reply to frphank

GrapheneOS

in reply to frphank • 2 mesi fa • •

@47be0b2a89faaa66bc57f5c679203486da45660295cb3db3c2f38f4be8d8816e This has been an ongoing thing where dozens of newspapers, blogs and other tech sites have made similar claims about GrapheneOS.

One publication which people would think would be supportive of privacy took a quote of something we said and put it next to an unsubstantiated claim that GrapheneOS is supposedly heavily used by criminals in a way that clearly aimed to tie what we said to them claiming that in a very misleading way.

@frphank

in reply to GrapheneOS

lucasmz (en)

in reply to GrapheneOS • 2 mesi fa • •

Fucking pigs. They will always demonize people trying to protect themselves from their own abuse

in reply to lucasmz (en)

lucasmz (en)

in reply to lucasmz (en) • 2 mesi fa • •

It's always fckng Europe doing this shit? It's funny to me how they're like both one of the most involved in privacy but then we see the E2EE-demonizing shit.

in reply to lucasmz (en)

GrapheneOS

in reply to lucasmz (en) • 2 mesi fa • •

@lucasmz Here's in the Netherlands:

uitspraken.rechtspraak.nl/deta…

Translation:

> The Google Pixel phone should also be withdrawn from traffic. Although the police have not yet been able to investigate this phone, it is known that this type of phone is often used for encrypted communication to commit criminal acts. The uncontrolled possession of a Google Pixel phone is therefore, according to the public prosecutor, contrary to the public interest and the law.

This is due to GrapheneOS.

Rechtspraak.nl - Zoeken in uitspraken

Zoeken in uitspraken

^{uitspraken.rechtspraak.nl}

@lucasmz (en)

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@lucasmz This has been ongoing for a while. There aren't only ongoing attempts at forcing backdoors for end-to-end encryption and disk encryption in Europe but also attacks on secure devices too. There are significant ongoing attempts at misrepresenting GrapheneOS as being something for criminals while also simultaneously trying to sow doubt about it and discourage people using it. This is specifically happening in certain European countries and online platforms in those languages.

@lucasmz (en)

in reply to GrapheneOS

lucasmz (en)

in reply to GrapheneOS • 2 mesi fa • •

reality: black, lgbt and autistic people

in reply to GrapheneOS

Maki

in reply to GrapheneOS • 2 mesi fa • •

Fortunately it looks like the judge did not accept the opinion of the OvJ concerning the phone involved, unless I overlooked something in the verdict?

"De rechtbank kan niet vaststellen dat er een relatie bestaat tussen de in beslag genomen Google Pixel telefoon en het bewezenverklaarde feit. Het enkele feit, zoals door de officier van justitie gesteld, dat het hier om een telefoon gaat waarmee ook versleuteld en heimelijk kan worden gecommuniceerd om strafbare feiten" >

Questa voce è stata modificata (2 mesi fa)

in reply to Maki

GrapheneOS

in reply to Maki • 2 mesi fa • •

@RandamuMaki @lucasmz They didn't even demonstrate that it's even running GrapheneOS and may not even know that themselves, although it could be determined. It has been common for devices not running GrapheneOS to be claimed to have GrapheneOS. Companies sell phones claiming to have GrapheneOS which are not running our OS builds.

@Maki @lucasmz (en)

in reply to GrapheneOS

Maki

in reply to GrapheneOS • 2 mesi fa • •

@lucasmz As far as the verdict is concerned, the prosecutor (officier van justitie (OvJ)) did not prove that Pixel phones in particular are being used solely for criminal purposes. There was no indication that the defendant used it as such. The judge then ordered the phone to be returned to the defendant. It was clear the prosecutor tried to get a blanket ban on these phones, like they had previously with EncroChat ( en.wikipedia.org/wiki/EncroCha… ) but the verdict did not give them that.

discontinued encrypted mobile phone-based communications network and service provider, allegedly used to plan a number of criminal activities

^{Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)}

@lucasmz (en)

in reply to GrapheneOS

kravietz

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

How you could make "European authoritarians" out of Catalan police (!) and how objectively observed use case can be "misrepresentation" of the system "as if they're something for criminals" is well beyond me. Especially when you equate legitimate police surveillance of drug cartels with "mass surveillance police state these people want to impose on everyone". You're just shouting words without really understanding what you're describing - and the article is practically advertisement for Graphene, not "authoritarians enablers"

in reply to kravietz

GrapheneOS

in reply to kravietz • 2 mesi fa • •

@29614c5c75f1e0afc372486b59c98bab2b08aa379a38869f2d8a0fea433ef9f3 Misrepresenting GrapheneOS as being for criminals, fabricating data about how the OS is used and the proportion of criminals who supposedly use it and false claims about the security of GrapheneOS against exploits meant to deter people from using it are ongoing tactics by the Catalan, Dutch and other European law enforcement departments to try to cause harm to the GrapheneOS project and argue for regulation forcing backdoors.

@kravietz

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@29614c5c75f1e0afc372486b59c98bab2b08aa379a38869f2d8a0fea433ef9f3 Your fediverse instance was blocked due to you directly participating in engaging in harassment towards our team. You're evading that through using Nostr. Please respect the fact that we don't want to you to contact us unless you're going to significantly change your approach towards us and retract the past attacks on our team.

@kravietz

in reply to GrapheneOS

BitcoindollarBook

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

At the moment I use a de-googled Teracube with e/OS which is also open source. Can anyone pls explain the advantages of moving to Graphene and what to do to transition from e/OS to Graphene? Many Thanks

in reply to BitcoindollarBook

GrapheneOS

in reply to BitcoindollarBook • 2 mesi fa • •

@d1667293d5fb181c10fca4d5bb833a5d214248a8e27cbf94deb59950388e7004 /e/OS is not a safe operating system and is far worse than using an iPhone. /e/OS fails to keep up with basic privacy/security patches and is often months or even years behind on providing them. They set an inaccurate security patch level string and change the user interface to mislead users about this. /e/OS also doesn't keep the basic privacy/security model and features of the Android Open Source Project intact either.

@BitcoindollarBook

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@d1667293d5fb181c10fca4d5bb833a5d214248a8e27cbf94deb59950388e7004 There's a high quality third party comparison between Android-based operating systems at eylenburg.github.io/android_co…. That table includes 2 rows about security patch delays near the bottom where it shows the typical delay on devices where each OS has the least delay. /e/OS has substantially longer delays for full patches on most devices. They often just leave the firmware and drivers never updated on a lot of devices they support.

Comparison of Android-based Operating Systems

^{eylenburg.github.io}

@BitcoindollarBook

in reply to GrapheneOS

Akashi Hyogo

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

They are just retarded. Bitcoin went through same phase and look at it now.

in reply to Akashi Hyogo

everydaystakkin

in reply to Akashi Hyogo • 2 mesi fa da Mostr Bridge • •

the difference is bitcoin is actually self reliant. if google just stops allowing unlocking the bootloader, grapheneos (as it exists today) dies for newcomers

in reply to everydaystakkin

GrapheneOS

in reply to everydaystakkin • 2 mesi fa • •

@700fd80ae68e009ed3a97c942d266e35f8a4a226c709adc437af16ab8d05a793 @a1cde5f15a4bf8cdfb76175812d0d22943d678201dfc9d57edde9492a9fbc5be GrapheneOS is working with a major Android OEM to help them produce devices meeting our requirements which may be sold with GrapheneOS officially. We hope to have this launched in 2026 or 2027. Pixels are currently the only devices meeting our hardware security and other requirements which are listed at grapheneos.org/faq#future-devi… but there will be other options.

GrapheneOS Frequently Asked Questions

Answers to frequently asked questions about GrapheneOS.

^GrapheneOS

@everydaystakkin @Akashi Hyogo

in reply to GrapheneOS

SinedinZigan

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

Could you give some info which one it is?

in reply to SinedinZigan

GrapheneOS

in reply to SinedinZigan • 2 mesi fa • •

@a4316d3be46958184ad3e823ca028c5e5c276852f2f1b2e6b8438db7ba98df8b @700fd80ae68e009ed3a97c942d266e35f8a4a226c709adc437af16ab8d05a793 @a1cde5f15a4bf8cdfb76175812d0d22943d678201dfc9d57edde9492a9fbc5be No, we can't say that, but hopefully in around 6 months it can be made public.

@SinedinZigan @everydaystakkin @Akashi Hyogo

in reply to GrapheneOS

LeoWandersleb

in reply to GrapheneOS • 2 mesi fa da Mostr Bridge • •

It would really be nice if there were off-the-shelf options in all countries worldwide. In Chile I couldn't just buy a Pixel.

in reply to LeoWandersleb

GrapheneOS

in reply to LeoWandersleb • 2 mesi fa • •

@46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d @700fd80ae68e009ed3a97c942d266e35f8a4a226c709adc437af16ab8d05a793 @a1cde5f15a4bf8cdfb76175812d0d22943d678201dfc9d57edde9492a9fbc5be There are forwarding services to purchase a device in the US or elsewhere and have it shipped elsewhere. Th initial devices from this OEM supporting GrapheneOS will be flagship devices due to that being required to provide the security features right now. Not sure about how widely they'll launch.

@everydaystakkin @Akashi Hyogo @LeoWandersleb

in reply to GrapheneOS

GrapheneOS

in reply to GrapheneOS • 2 mesi fa • •

@46fcbe3065eaf1ae7811465924e48923363ff3f526bd6f73d7c184b16bd8ce4d @700fd80ae68e009ed3a97c942d266e35f8a4a226c709adc437af16ab8d05a793 @a1cde5f15a4bf8cdfb76175812d0d22943d678201dfc9d57edde9492a9fbc5be International shipping can likely be provided if they decide to sell devices with GrapheneOS though, which they seem likely to do rather than only meeting the requirements and providing official support for it.

@everydaystakkin @Akashi Hyogo @LeoWandersleb

in reply to GrapheneOS

privacy_guru

in reply to GrapheneOS • 2 mesi fa • •

I've also seen accusations like this in the US. I've read how law enforcement there will suspect you of criminal activity if you're in possession of a Pixel phone. Kind of ironic, since Google is a huge brand and those who install Graphene or other custom Android are a minority.

Unknown parent

GrapheneOS

Unknown parent • 2 mesi fa • •

@txalvita Unfortunately, dozens of other publications did the same thing. Some appear to have done it on their own and others based on their stories on this one or other similar stories. You can search for a few of the keywords and find many examples.

androidauthority.com/google-pi… is a major Android news site which at least allowed us to respond after they'd published the article.

0 publications contacted us for comment before publishing an article, which is typical. It's rare that we're contacted.

Cops in this country think everyone using a Google Pixel must be a drug dealer (Updated) - Android Authority

Pixel phones are criminals' top pick in Spain's Catalonia for their strong security and mod-friendly design.

^{Adamya Sharma (Android Authority)}

@the dude

⇧

GrapheneOS 2 mesi fa • •

GrapheneOS
2 mesi fa • •