Nostr Web Client

Robert Braxman has published another video spreading blatant misinformation about #GrapheneOS in order to promote his highly insecure products and services. In addition to many false technical claims and fabrications about our team, he's falsely claiming the project is dying.

We have a thread already debunking this recent line of attack on GrapheneOS at:

https://xcancel.com/GrapheneOS/status/1936420921931084075

GrapheneOS quickly provided the June security patches, was ported to Android 16 and is working with a major Android OEM. It's not dying and we haven't said or implied it is.

Braxman presents himself as a privacy and security expert but isn't one. He's a shady businessman selling unsafe snake oil products and services. His content is filled with outright fabrications and is heavily aimed at promoting his products. It misinforms rather than educating.

Reply to this note

Please Login to reply.

Discussion

Final 5mo ago

More privacy and security experts should address Braxman's inaccurate content along with the products and services he sells.

https://social.tchncs.de/@kuketzblog/114824455120563945

Braxman has repeatedly sold people fake end-to-end encryption messaging, etc. The companies working with him are scammers too.

Jon 5mo ago

What an asshole

freemymind 🇨🇭 5mo ago

Watch the video:

https://www.youtube.com/watch?v=VEl0Z7Y5x3o

The claims are just false. No aggressive push for his products. A very fair mentioning of different opensource projects including #GrapheneOS

elsat 5mo ago

Seems like this gent has a “competing” product to sell

Final 5mo ago

He does. He sells bottom of the barrel MediaTek devices running a poor fork of LineageOS. It comes with the usual hardware acceleration for neural networks which he would claim is a backdoor when it exists on other devices.

He doesn't understand AI or what it means for there to be hardware acceleration for them. His thought process is essentially that if a computer has something like a GPU able to accelerate neural networks, then it's a thinking machine watching you and reporting on you to the authorities, with no evidence or basis for it:

Almost everything he claims about whistleblowers and the intelligence community is directly contradicted by actual leaks from the whistleblowers he brings up.

🇵🇸 whoever loves Digit 5mo ago 💬 1

Tell us more about these contradictions because I don't believe you

🇵🇸 whoever loves Digit 5mo ago

Or don't, I'm not a cop

🇵🇸 whoever loves Digit 5mo ago

Digit would never do this

freemymind 🇨🇭 5mo ago

I have been following Braxman for a long time. For your mention I just watched the newest video of him released today.

Could not find offending information about GrapheneOS. Nor could I hear him heavily promoting his products. He is pointing out very clearly, that all AOSP-based OSs are good in getting less leakage of private data.

So my summary of this new video is to be very accurate and a great win for the privacy world. (Refer ing to this video: https://www.youtube.com/watch?v=VEl0Z7Y5x3o )

Very sad to attack other privacy advicates like this. I hope you will learn to lower this behaviour one day.

Final 5mo ago

We are talking about the video titled "Deep Dive Into Android: How GrapheneOS Is Locked Out", not the one you are referencing. The video is deliberately about us. It's full of countless inaccuracies.

The team has only ever posted about him when he persistently posts total nonsense. It leads to users contacting our channels asking for support terrified about the supposed fate of GrapheneOS or concerns about totally made up scenarios he has invented... It's far more of a disruption, not a promotion, on open source projects when he mentions them. He has this problem with us because we continuously have to debunk or correct his harmful content, which doesn't make him look good.

Here's a post about exactly that, which we published months ago, it also describes his horrendous security practices for the services he hosts, such as fake end to end encryption.

https://discuss.grapheneos.org/d/20165-response-to-dishonest-attacks-on-the-grapheneos-project-by-robert-braxman

I would never attack privacy advocates. I think someone who openly engages in bad faith like this is not one at all. It is using privacy and security online pop culture references for a low effort grift.

freemymind 🇨🇭 5mo ago

Thanks for clarifying about the video. Now when we talk about the same video. Can you tell me where he attacks the development team?

He mentions to be regularly attacked. But this is a very nicely phrased critique. Where nostr:nprofile1qyt8wumn8ghj7un9d3shjtnddaehgu3wwp6kytcqyp2x308wkaxwxh95zu7uext5hhdvn6y55a9l84z0nj5tw42xqhy768qv490 is texting very disrespectful and I feel there is flat out no legitimation for this behaviour. And not one critique. Only generally talking bad about braxman. Like he would be a child that has never learned to express itself.

Final 5mo ago

Braxman frequently diminishes the developer team as being a solo effort and/or governed by unwell individuals to try and make you not trust the team. He has also extended this to users of GrapheneOS in the past. In the video he attempts to picture the project being governed by a so-called "mentally unstable" founder who runs a 'negative cult" surrounding it. This founder has not been a lead developer for a long time, and the idea of a very talented person not having tolerance for charlatans in the information security community being grounds to describe them in that way is silly.

The project has existed for so long with stability. We have ten developers working on GrapheneOS as well. It diminishes giving proper credit...

When someone reported the fake E2EE in his messaging service. This is how he chose to react:

Here's him just completely making things up based on vibes and calling it out as a response from the former lead developer... not sure why he thinks one guy ghostwrites every single thing the community around the project says. I guess we don't exist it something.

Final 5mo ago 💬 1

If you want the technical rather than the people, then the video says:

- The "Linux level" source code is not available anymore (wrong, it's in AOSP source).

- That since hardening is done in the Linux kernel, we can't do that anymore (lie, it's more than the kernel, and wrong)

- GrapheneOS cannot do complete builds (wrong, you wouldn't have an OS to boot if so), and can only use outdated drivers (lie, we updated drivers to Android 16 release versions and will continue to)

- USB-C port control is "Linux level" (implying it doesn't work, this is wrong. Go update to Android 16 and use it.)

- Since the "Hardening claims of GrapheneOS are tied to modifying Linux source code for Android then that claim can no longer be possible moving forward" (lie) "...It would seem that those interested in Android hardening will have lost a choice" (nope)

- "Now the days of GrapheneOS for Pixels may be numbered." (Lie)

- "...They can keep going with the source code for Android 15, but going forward it becomes more difficult." (Wrong. AOSP 16 is open source.)

- "Community developers, though, who are interested in helping a larger pool of people can still be able to contribute to an Android hardening project, just on a different device." (We are literally doing this)

- So, the future is still open. If you want to port your AOSP project to a Brax3 or any future device we make then you are welcome and feel free to contact the team at braxtech dot net" (advertising his device, no)

freemymind 🇨🇭 5mo ago

> "- "Now the days of GrapheneOS for Pixels may be numbered." (Lie)"

Maby Brax is doing nothing but beliefs what nostr:nprofile1qyt8wumn8ghj7un9d3shjtnddaehgu3wwp6kytcqyp2x308wkaxwxh95zu7uext5hhdvn6y55a9l84z0nj5tw42xqhy768qv490 sais:

Final 5mo ago

The call for help here is not to do with Pixels but to do with the lead developer being conscripted to go to war. This person did at least 95% of crucial tasks. We did make it clear (and I did so on here too) that we were going to be able to complete the port very shortly after June 10 (when this was said) after we received additional help and support.

We had discussed our circumstances prior and timely. It's clear that situation doesn't exist now.

There were tons of time to reflect, and also this wasn't even mentioned in his video...

Final 5mo ago

(we are fortunate we are able to get some contact with this developer and is able to provide help but far less than before as well.)

freemymind 🇨🇭 5mo ago

So now the Android Partner program is working then? Since it was the clame without this the current releas will be the last. Or did this position change?

Final 5mo ago

With extra manpower we got the Android 16 port effort completed. We were also able to get some degree of early access. Team did think we were going to get it done, but in a worst case, we may have been unable to progress for a long time. A lot of reverse engineering efforts for the Android 16 betas before the releases paid off.

The lack of publishing of the device trees was unprecedented, but every project using Pixels was hit, not just us. It took a disappointingly long time to do this port.

Other Android distributions on other devices have to do these steps themselves too though.

In fact, GrapheneOS builds for Android 16 hit stable today, so everyone who keeps updates should be using it now or soon...

freemymind 🇨🇭 5mo ago

Thanks a lot for your great efforts. Happy to see the project as resilient as it is 🙌🥳

Final 5mo ago

More of that goes to all the 10 developers of GrapheneOS and the last minute help rather than me. I do really boring and mundane stuff for them.

Not really that cool or enigmatic like how other project members are. Count away the freedom tech / nostr / bitcoin / monero stuff and I'd be a really boring person for a lot of ppl I think

I'm fortunate to be surrounded by these people I do work with. I'll always be more vocal about GrapheneOS because of that. I stand up for them because most don't want to communicate outside of their role.

freemymind 🇨🇭 5mo ago

All good. Al long as everyone does its best, this is what counts. Its all about trying to improve personal potential and live to our potential. At which level we are does not play such an important role. Since this we can not directly influence.

freemymind 🇨🇭 5mo ago

The only damage that can be done is by furious developers representing the project. Personal unreasonal attacks will be seen as this and fade away like noise.

But lets keep the dignity and not distract us by attacking people. Attack problems and bring arguments. That is what lifts us all up. Haters gonna hate. Ignoring them takes away their power.

Final 5mo ago

For some developers, the projects are, almost literally, their life's work. For them, they defend it like they would defend themselves. When you see developers act that way, they often don't mean to be mean, rather it's because they're passionate. You could say otherwise if the person is an extremely deliberate bad faith actor. People like that are hard to come by and I envy them because I can't fully feel it yet.

I've jeopardized certain opportunities in life because of association to GrapheneOS before and I'm proud of that. I learned far more being in the club than I ever did outside.

I would like to assume I'm a calm person... I hope. I do keep a lot of mute lists (sorry everyone) and don't communicate beyond stuff to do with the project or privacy / security or something.

freemymind 🇨🇭 5mo ago

Yes maby I have mostly a problem with the communication of nostr:nprofile1qyt8wumn8ghj7un9d3shjtnddaehgu3wwp6kytcqyp2x308wkaxwxh95zu7uext5hhdvn6y55a9l84z0nj5tw42xqhy768qv490. I think you are communicating much more constructive.

But defending bad behavior is not really a support. It only damages the person with the behavior when one defends this behavior.

Final 5mo ago

That account is a Mastodon bridge. It's actually viewing posts on a completely different platform. Rest of team doesn't use Nostr so posts either don't appear, don't show context or such.

freemymind 🇨🇭 5mo ago

Could be. With the bridges I never know if it works or not. But I also sometimes got responses from him via the bridge.

Would it be possible to put your pubsec on the Github page of the project too, to proof you are part of the project? 😉

Final 5mo ago

The project account is run by multiple people, most not knowing what Nostr even is. It is also why we don't have NIP-05's because I keep this use mostly to myself and I don't evangelise it or get the wider team involved. I was using Nostr before I was getting involved with GrapheneOS.

It is pretty obvious the bridge isn't the best way to deal with it... having a project Nostr has been put on the drawing board before though. We don't even do Lightning donations yet -- this is my personal page, but I send my LN funds to the project wallets or to V4V by working on other content.

I argue I'm already verified without the git repo... as for proof I can be reached at f1nal:grapheneos.org on Matrix or on the forum. Being the official domain name for GrapheneOS is far more useful.

My forum account is at: https://discuss.grapheneos.org/u/final

freemymind 🇨🇭 5mo ago

I will come in to see. Would you recommend a matrix client? Or is Element still the state of the art?

Final 5mo ago

Matrix sucks. We use it because there isn't much of an alternative. We have had our communities get corrupted through state bugs which causes us to rebuild our channels.

I just use Element.

freemymind 🇨🇭 5mo ago

Maby when it comes out of alpha testing Whitenoise could be something. Or why not Simplex?

Final 5mo ago

They're more like instant messengers designed for one on ones or group chats rather than super large communities with tens of thousands of members in. Wouldn't fit the context. White Noise is also way too new.

Everything has to be bridged together with all the other platforms (IRC, Telegram, Matrix, Discord) and have suitable moderation features to protect against spam.

freemymind 🇨🇭 5mo ago

Ok. Than you do maby not like all of matrix but it is a good option for what the project needs I assume. I just contacted you on Matris from @surveillance_switzerland:matrix.org

freemymind 🇨🇭 5mo ago

Look no need to defend. For me there is no legitimation to use vocal violence. So it does not even depend in anything about the actions of whoever else. Because you and nostr:nprofile1qyt8wumn8ghj7un9d3shjtnddaehgu3wwp6kytcqyp2x308wkaxwxh95zu7uext5hhdvn6y55a9l84z0nj5tw42xqhy768qv490. are deciding what you type. So you have to accept that no one outside your brain is accountable for your offensive manner or wording. It is only ever the writer who is 100% accountable.

Final 5mo ago

I would only mention his words when it comes to talking about this work. I really don't like giving this attention.

Considering they have been persistent to do it a long time before we even choose to respond directly, they clearly don't care when we ignore. Apologies if that line of response makes you uncomfortable.

I am unsure what you mean by violence here, sorry. I don't consider making such a response as 'violent' when trying to drag us through the mud and scare our users does far more in comparison.

Hoshi 5mo ago 💬 1

nostr:npub17usj0jh86ged3pt34r5j6ejzfar9s2q5dl3l84tq8ymhfj2wz08sxmkf8w what is an „Android OEM“?