Replying to Avatar Mike Dilger ☑️

RE: GrapheneOS

I made a thread and got some pushback and very mixed reactions. I replied to a lot of separate posts, but I thought I should state my main points together in a cohesive post.

TO BE CLEAR:

- I didn't say GrapheneOS is compromised or is a honey trap.

- I don't think there is a more secure operating system available for a smart phone on a technical level (except some that are so dysfunctional you won't want them anyways), so I don't expect people to ditch GrapheneOS in fear of Google hardware.

- I still might use GrapheneOS as my next phone, I'm undecided.

- My security model puts Google in the "untrusted" box, and google products and services are suspicious to me, DESPITE technical superiority or being more open with their hardware specifications.

- I wish there was an OS like GrapheneOS (or actually GrapheneOS) on hardware produced in a country I wasn't so concerned about, like maybe India (Lava) that seems more neutral to me, or at least not at all interested in my politicial dissident ideas (which are never about India). Then I wouldn't have to worry about this.

- Maybe you run a bitcoin wallet on your phone, and so every country is untrustworthy to you (anybody might want to steal your bitcoin). But that's not my security model.

- The fact that none of the privacy and security android phones support any hardware produced outside of the US orbit anymore is I think a fact worth considering.

- The odds that there is a security backdoor in the hardware or software is many orders of magnitude greater than the odds that someone breaks your cryptography. So our concern should be that much greater. But we nitpick the cryptography and in cases like this we say "Ah well, he has reasons. Must be secure."

- Technology is so ridiculously complex now that there is almost no way to have security and/or privacy on computers, especially on a smart phone.

- Reasons given for why only Google Pixel is supported might be honest. Or they may be post-facto. And not being the ones who made those decisions, we cannot know which case is the true one. If you let "reasons" assuage your fears, that's not very intelligent of you. In the case where someone intelligent sets up a honey pot, they are going to create lots of benign-sounding reasons why it's not a honey pot.

You are all free to consider me a paranoid nut job.

Here was the original thread: nostr:nevent1qqsqg4vc860mnve4mkqzn5a9887q9cmj0tes6h4xevjhus32ane67ycpypmhxue69uhkx6r0wf6hxtndd94k2erfd3nk2u3wvdhk6w35xs6z7qgwwaehxw309ahx7uewd3hkctcpypmhxue69uhkummnw3ezuetfde6kuer6wasku7nfvuh8xurpvdjj7wgmz87

Avatar
Mike Dilger ☑️ 1y ago

Here is an example I think everybody will understand.

When I release gossip, I build packages. The one built for MacOS is not digitally signed. But I gave a "reason". The reason is that Apple wants me to sign a contract to become an Apple developer and I didn't like the contract, so I didn't sign it, so I can't get Apple to mark the software as safe.

Now I know that reason is correct. But none of you do. You can't know for sure. You must postulate the case where Mike Dilger is actually malicious and he made that reason up, and his real goal is to sneak nasty code onto your Apple computer to steal your bitcoin or something. And he knows if he signed up with Apple that Apple might find his deceptive code and blow his cover. So he lies and says the "reason" is because he didn't like their contract.

That is a TOTALLY plausable worldview from any of you. From where I sit I know it is wrong. But I also know there is no way I could prove that to you. The best I can do is say: Don't use pre-compiled packages, even from me. Compile it from source.

Reply to this note

Please Login to reply.

Discussion

No replies yet.