Stepping in of a sudden here, but we absolutely do try to resolve sticky situations. When all measures have been exhausted, there's nothing much else to do here. It's worse to have extreme content unchecked.
There is a lot of things that do happen that aren't talked about, a lot in fact, but this case is something very publicised and facilitated with someone who has a large audience who likely had been exposed to the project for the first time from such people. That's what makes it different here... Their (the other members) responses is absolutely not meant to be hostile.
The person it's targeted stepped down as lead developer and moved away from public communication was part of that response for de-escalation. He writes almost no code for all the major new features over several years, if not at all. There's a lot of misinterpretation that GrapheneOS is a one man work and it's really not true nor is it possible to be. People can't read between the lines by themselves and you can't just 'de-escalate' violent or unwell individuals... sympathy doesn't work here because we can't sympathise with acts that have no positive outcome.
There have been a serious escalation of attacks and barely any project affiliate wants to have a social presence. It's just me on Nostr here. And despite devs being paid and supported by us, many developers simply aren't comfortable and some prospective individuals didn't want to join the project in a more professional fashion due to concerns of their wellbeing.
When situations escalated mods would need to be on watch for hours and report attacks on our social channels including Child Sex Abuse Material or additional threats of violence. That's how I actually started out on representing GrapheneOS in fact.
That's a more interesting reply. But the real reply to the initial post should have been just like mine: "just old drama": minimize the damage. Don't bring everything back to people's minds and reactivate everything. Don't blame the other side: don't attack Rossman, even if you are right. The case is closed from your side. And should stay close.
But more importantly: never ask your users to fight for you. It's not their fight. It will never be. They have no idea what's really going on and who to believe on.
The downside to such a reply is that it can just be interpreted as avoiding the issue, being unprofessional or uncaring. Brave, as an example gets this issue as well, fortunately they don't receive anything as extreme beyond petty posts from Reddit. For us then it is a lose-lose and it's better to reply contextually and with the transparent approach than to ignore it when it comes to such people.
We have helped keep user's trust and restore trust this way, you may not agree with it but it is better overall... the people who seriously dislike this approach wouldn't be moved with anything we said or who said it. The amount of times people just disregard words including my own as being written by video subject just because they don't like them is strange but a frequent happening. We talk because we like to keep our arms open.
GrapheneOS has always worked like this because the modern GrapheneOS exists after a response to a hostile takeover attempt from an abusive company. Users expect us to take such major problems like this as it had been done. We just aren't willing to be let bad actors trample over us like this because this industry in general is full of bad actors and scammers. Having privacy and to be protected isn't just a right but a necessity for safety and wellbeing.
Our community and users represent our public image, they lead 90% of the public discussion around us. They shouldnt ever brigade or attack others, and we ban people off our platforms for doing this. But as those representatives they deserve an explanation to such situations too.
You are right, users deserve answers, but definitely not in the combative/defensive way it's being done. If this continues, this issue will haunt you forever. You will be in an a tiring fight against your own users. You will just lose dev after dev because attackers can see that it is working. They will just keep attacking in the exact same way.
You can make your stand while avoiding these issues. There is no reason to let this distract from the mission.
It absolutely doesn't mean to come across as combative, I think it would be totally wrong and out of line to be offended at someone finding this stuff for the first time or getting curious. Unfortunately such content being a top result with good SEO by being created by influencers leads the project having to put words out way more often than the project likes to. We get asked a lot, if we're being asked then answers are needed, else they wouldn't ask us.
We, and more specifically I would never let an issue like this distract from the objectives. A lot of the inflammatory responses do however disrupt work, but that's what community mods in the official chat rooms and forums are for. Distraction =/= disruption though. I do this for GrapheneOS because it means a lot to me and it has personally protected me in tough and hostile situations. I'm a forensics person, used Cellebrite and more -- but I love GrapheneOS and I'm absolutely okay with never being welcome in front of another forensic company's face.
Some of the work done to GrapheneOS after such content being made have been some of the most significant yet. Duress password feature, VM management improvements, USB port control feature to name a few. The former lead dev had little, and if being honest, no involvement in writing code for these features. I'd say that's pretty evident to keeping the mission going.
You might not feel it. This might not be a distraction for you. But it is for everyone else. I guarantee that this thread alone made users question the projects' motives enough to avoid installing.
And I was trying to pump you up... But now it's all lost.
Developing a highly private and secure mobile OS is the major motive, with a plus of providing security research and innovation. GrapheneOS as a project is anti-authoritarian, it's strictly focused on digital security and privacy. When it comes to security at a technical we are impartial about it. Too many people feed on conspiracies, what-if scenarios and pop culture to advertise security. I'm unwilling to do that.
Some communities choose to adopt GrapheneOS because they identify with it as a tool that helps them live a life of their ideal values, like Bitcoiners or Monero users do here. I and others don't put these labels on, that's their choice.
If they question or have doubts for GrapheneOS or think we're running some kind of conspiracy then I'm sorry they feel that way. That's not something I can resolve if dialogues don't work, and usually it doesn't regardless of what and who says it... It's just based on vibes by that point. The project organisation is clear about being upfront about things. This is not a business with a product to sell.
Thread collapsed
Thread collapsed
following on this, my comment shouldn't have meant to downplay his efforts if it ever appeared that way, he is an irreplaceable and extremely talented individual and i'm saying this personally. He has helped a lot with what people don't always see and is an amazing engineer. the vulnerability disclosures to Google being associated with him aren't frills.
Thread collapsed
Thread collapsed
Thread collapsed
Thread collapsed
Thread collapsed
