GrapheneOS 炮轰 Tuta Mail, 顺带轰炸了一番 /e/OS, 隐私解决方案们怎么都喜欢互损呢, 能不能先把蛋糕做大再说 :bili_doge:
Discussion
GrapheneOS 本身是一个 AOSP 的加固分支, 但在某些人和公司的营销下简化成了无敌的安全工具, 甚至强到可以反间谍反侦查, 暗示 "你只要用了 GrapheneOS 和某某产品你就安全和隐私天衣无缝了".
这些特性本来是 Android OEM 就能做到的事情, 但因为易用性或利益关系导致 OEM 根本不会有动力去做, 身为非营利组织的 GrapheneOS 只是借助自己的自由身份在技术层面补上了这些缺陷.
这也是 GrapheneOS 现在决定直接和 OEM 合作的原因, "注重软件的人应该自己生产硬件", 它也不例外.
Sadly ego always gets in the way no matter what causes they believe in.
I actually understand where they are coming from, because GrapheneOS doesn't have any public relations or marketing departments. They are just trying to explain all of this to users who are highly anxious about privacy, with a technical enthusiast's obsession. They are seen as excellent tools for de-googling and countering Big Tech, but they are very reluctant to accept such a "mission" or "expectation."
When you put it like that, that makes sense.
PR and marketing departments are for companies. GrapheneOS isn't a company and trying to have 'relations' for organisations making money shipping flawed products is for people who care more about the money than whatever they are developing. Maybe their community should learn to shame products more for having basic security deficiencies like the cyber security community does.
We never talk about GrapheneOS being "degoogled" on the docs beyond mentioning no Google apps and services are included by default. It's a sociopolitically charged buzzword used for marketing that belongs on Reddit. It has little technical merit nor does it assure something is actually safe or private to use...
Thank you for everything you've done. For a long time, I've been dismayed by the abnormal community surrounding Proton and Tuta's marketing tactics, and I don't want GrapheneOS to become another victim.
I use proton. Is there something I should know?
Proton's services function well enough; it was essentially designed as an alternative to Google Apps, though it remains another "walled garden". The real problem lies in the communities built around Proton, and even more so with the later entrant Tuta. These communities attract large numbers of anti-bigtech giant activists and extreme privacy enthusiasts. Proton and Tuta leverage these aspects for marketing and attention, while these communities actively spread anxiety to other areas. In contrast, Apple offers similar services without needing such flashy marketing tactics or viral communities to capture this niche market. Proton and Tuta also exaggerate the benefits of "encryption" while selectively ignoring vendor lock-in issues and the question of "where keys reside". Most of the time, they simply create a trust black box for users, much like Apple does. They further choose to open-source their client applications to earn the "open-source trust" label, continuing to leverage this extensively in their marketing.
Ultimately, my view is this: encrypted email is a lie, though this reflects inherent limitations of email itself. To deliver encrypted email, Proton and Tuta essentially reinvented a proprietary communication protocol that only functions within their own servers, creating yet another black box.
GrapheneOS 正在疯狂对线, 给我首页都刷屏了 :eveonecat_fight: