Solstice

joined 1 year ago
 

You can't have privacy without security

This tool does its best to determine where your system stands on each of the collectively named transient execution vulnerabilities (also sometimes called "speculative execution" vulnerabilities) that were made public since early 2018.

Check your distro is resilient to CVEs & provide guidance on how to mitigate them.

[โ€“] [email protected] 4 points 1 year ago

r/thehatedone 6 days ago by The_HatedOne

Daniel Micay steps down as the leader of GrapheneOS. My thoughts and why you should keep using it.

Daniel Micay, the founder and long-time lead developer of GrapheneOS, has recently stepped down from the position of lead developer and will also be stepping down as a director of the GrapheneOS foundation. These announcements coincided with a video made by Louis Rossman where he suggested he would be leaving GrapheneOS due to Daniel Micay's communication issues.

There are important takeaways that a lot of people are missing and some very damaging and outright manipulative 'privacy advice' that stemming from this situation that needs to be called out. So here we go.

Daniel Micay stepping down is a good thing I think this is very positive news both for Micay and the GrapheneOS project. Daniel Micay's security expertise and mobile engineering skills have been unmatched. In this regard, he is truly a world-class expert that was able to deliver the most secure operating system in the world and build up a team of talented developers that followed his vision. He did this from scratch, without the help from big investors or even big salaries. GrapheneOS has been funded by voluntary donations and it is that much more amazing that it became such a polished and easy-to-use product.

GrapheneOS today is full team of security experts and developers working to enhance privacy and security of everyone at zero cost to the end user. GrapheneOS is now a properly institutionalized entity. Having incorporated as a non-profit foundation, it's now broadly recognized not just in the infosec and privacy communities, but also in the broader technology sphere. It has received an endless amount of publicity and media attention and will be receiving even more in the future. This will be good both for talent acquisition and future fundraising campaigns. Daniel Micay deserves praise for his achievements in this regard and I will be grateful for delivering us the most important privacy project of my lifetime.

That being said, Daniel has been struggling with public communication and often ended up in up stirred up drama much of which probably could have been avoided if it was handled by a professional PR team, instead of Micay. There has been countless of examples of this and while it did highlight the negative aspects of toxicity in privacy communities, it also didn't serve to portray Micay as the best communicator either. I think it is positive news both for Micay and the GrapheneOS project that he is stepping down and will no longer play a role in public relations of the project. I hope Micay will find the recovery he is looking for and I wish the GrapheneOS project all the success it 100% deserves.

The Rossmann drama and why you should still use GrapheneOS

Louis Rossmann, a popular YouTube and a vocal advocate for the right to repair, has made several videos praising and recommending GrapheneOS. In his most recent video, however, Daniel Micay is seen pressuring Rossmann into deleting a comment he left underneath one of Techlore's videos on Daniel Micay and the GrapheneOS community. In no honest interpretation can someone argue that Rossmann would want to bully or harass Micay, yet that was Micay's insinuation in his pressure on Rossman. Many have jumped to making conclusions on Micay's mental health and the validity of the GrapheneOS project as a whole and this is where I think Rossmann overstepped in his logic. In Rossmann's conclusion, he lost trust in GrapheneOS if it is run by Micay because of his behavior. I understand why someone would make that assumption on the emotional level but it is completely illogical and removed from what's possible in reality.

GrapheneOS or anyone working on the project, cannot hijack your installation. They don't have access to the kind of data they'd need in order to discern individual users. GrapheneOS doesn't collect device identifiers, IMSI numbers or phone numbers. GrapheneOS doesn't require any user account like you'd need with the stock Android or the iPhone/iOS. The only relevant information collected by GrapheneOS is the IP address, which can be easily obfuscated with a VPN or Tor, both of which work 100% and have no issues connecting to GrapheneOS servers. GrapheneOS purges all IP logs within 10 days. The only other data point is the device model, .e.g. "Pixel 6". But that isn't narrow enough to discern individual users. In other words, GrapheneOS would never know who you are as a user of the system.

I am saying this, because a lot of people for so many years have tried to try to discredit GrapheneOS both as a project and as a product because of issues they have with Micay or other personalities. This is a completely illogical and asinine assumption. It has been made by Techlore, Rossmann and many others I find it very harmful to suggest objectively inferior privacy solutions because of personal feuds.

I get it that drama sucks. But let's keep our privacy recommendations based on merit rather our emotions and personal perceptions. GrapheneOS is objectively the most private and secure option out there. There really isn't any other operating system that comes close. Not CalyxOS, not LineageOS, not stock Android nor iOS. I have made a video on GrapheneOS security and I interviewed one of their developers. But if you want to hear it from a source I have 0 connections to, check out this comparision between GrapheneOS and CalyxOS. Whatever you think of Micay or anyone involved has zero value on the technical merit of GrapheneOS.

TL;DR GrapheneOS is a world-class team of security experts and developers who working for the non-profit to develop the most secure operating system in the world. Despite personal and emotional issues with some individuals, it is by every merit the most trusted, private and secure system and it is the only one that should be recommended for privacy conscious users. No amount of drama can change this reality. Only merit can.

[โ€“] [email protected] 0 points 1 year ago (2 children)

Hello ๐Ÿ‘‹ hoping Lemmy can be great.