No, I don't deny the fact the #GrapheneOS devs are really good specialists who know what they're doing. They surely are.

But if they truly believe in what they said and don't have a solid base for their claims, then it means they are pretty naive and don't even try to think outside the box. They don't doubt the dogmas imposed by authorities.

Yes, existing device certification standards explicitly require that IMEIs must be immutable and resistant to any possible way of tampering. But this just isn't true anymore, they are stored in NVRAM/EFS areas (sometimes encrypted but still rewriteable), they might even be populated in a different place than the factory that actually manufactures that hardware. That's normal OEM process nowadays, nothing crazy. What really happens afterwards (if the certification process even gets to this point, which I suspect it often doesn't, they are usually only interested in proper radio frequency ranges and output power) is that the vendor demonstrates that there's no way to edit those identifiers in the stock production OS config. That's it.

So, once again, do GOS devs have a **proof** that it can't be done, or is this just an assumption based on what the Big Brother told them?