
CopperheadOS Release: Android 9 - syck
https://copperhead.co/blog/2019/03/26/copperheados-pie-release
======
orblivion
Sorry guys. Between the CEO's doing whatever he did to lose the trust of the
CTO (whose credibility this whole thing rests on), and the CTO having zero
regard for his customers and having the gall to tell us to install a new OS
ourselves for our own safety after we paid him to offload the trouble of
handling security for us, you get no more of my business.

Obviously I'm an angry customer. But I want to be careful about what I post.
So I'll add that I'm open to being shown that I'm wrong about any part of
this.

~~~
TheCraiggers
>CTO having zero regard for his customers and having the gall to tell us to
install a new OS ourselves for our own safety

I would not call that 'zero regard'. I would personally label it as having the
utmost regard, as he was willing to stick his neck out there and do something
that would obviously have negative repercussions to his career, etc.

Were mistakes made? Yes, but that is normal. I personally haven't seen
anything him do technology-wise or security-trustworthiness-wise that I've
hated. Did he maybe trust the wrong guy or perhaps make some un-sound business
decisions? Apparently. But that's not why I'm interested in his project.

~~~
orblivion
He had the utmost regard for his craft, which I respect and gives him a lot of
credibility there. And as such I sympathized with him initially. I also resent
the idea of business interests leading to cutting corners in security
(assuming that's what happened here).

But I don't recall any apology from him (though I do recall one from the CEO).
It's been a while, but I don't recall him going out of his way to provide
hand-holding instructions on installing the next best thing available that he
recommends, which I would expect as a _customer_. Whatever happened, whose
ever "fault" it is, it's the responsibility of the company to serve the
customer, not throw your hands up and say "Well I guess I can't do this
anymore. You should do this instead now.".

Resentment aside, if he were working for a company in a technical capacity,
I'd trust that company more. But I wouldn't trust a company with him in an
executive position.

~~~
Crestwave
I'm not sure I get what you mean. If you're talking about Daniel Micay, if I
remember correctly, what happened was that the CEO basically betrayed him and
kicked him out of the company. He's not part of it anymore, and is now working
on [https://github.com/AndroidHardening](https://github.com/AndroidHardening).

------
ignoramous
Daniel Micay started
[https://github.com/AndroidHardening](https://github.com/AndroidHardening)
after moving on from the CopperheadOS debacle:
[https://news.ycombinator.com/item?id=17289536](https://news.ycombinator.com/item?id=17289536)

~~~
nextos
AndroidHardening is quite interesting.

I think that since AOSP is getting better, it's also more sustainable for a
single developer to maintain a smaller project rather than a full blown
distro.

It's a shame no other phones aside from Pixels are able to run AOSP without
significant limitations. Some Sony are quite capable to run AOSP, but there
are several hardware glitches [1]. Aside, hardware independent ROMs enabled by
Treble are also promising, but there are many pitfalls too [2].

Android would be a much more interesting ecosystem if a significant portion of
the phones were capable of running AOSP.

[1] [https://developer.sony.com/develop/open-devices/get-
started/...](https://developer.sony.com/develop/open-devices/get-
started/supported-devices-and-functionality/)

[2]
[https://github.com/phhusson/treble_experimentations/wiki](https://github.com/phhusson/treble_experimentations/wiki)

~~~
thinkmassive
What about all the Nexus devices? Don't those run AOSP without issues?

~~~
izacus
Nexus devices are all pretty old and unreliable right now.

------
FredFS456
Wait, this is still alive? I thought they died because of politics between the
two founders.

~~~
LukeShu
James Donaldson (the CEO) effectively kicked Daniel Micay (the then-CTO) out.

Daniel Micay destroyed the signing keys, so any existing users would need to
re-format their phone to an image that accepts new signing keys in order to
keep receiving updates.

In the opinion of many members of the community, without Daniel behind it, it
isn't really CopperheadOS.

In a technical sense (because of the change in signing keys), as far OTA
updates are concerned post-Daniel-CopperheadOS is a distinct operating system
from with-Daniel-CopperheadOS.

In a social sense (because of the forced change in engineering leadership), as
far as many humans are concerned post-Daniel-CopperheadOS is a distinct
institution from with-Daniel-CopperheadOS.

~~~
Foxboron
The good news is that Daniel has not stopped experimenting with hardened
android.

[https://github.com/AndroidHardening/](https://github.com/AndroidHardening/)

~~~
folkrav
I'm not familiar with what happened from beginning to end, but regardless of
the actual chain of events or if the CEO was right or wrong to kick him out,
I'm not sure how users can still trust Daniel after destroying signing keys.

~~~
LukeShu
He didn't destroy them out of malice. He destroyed them because (from his
point of view) they were about to be compromised. If users trust the key
because they trust updates coming from Daniel and if Daniel is about to lose
control of the key to someone else, then destroying the key before it becomes
compromised is the responsible and right thing to do.

~~~
huahe
> If users trust the key because they trust updates coming from Daniel and if
> Daniel is about to lose control of the key to someone else, then destroying
> the key before it becomes compromised is the responsible and right thing to
> do.

how can you possibly state that when the users have no control or say over
this decision?

~~~
LukeShu
_I_ state that by clearly stating the premise and assumptions in an if/then
format:

> _If_ users trust the key because they trust updates coming from Daniel ...,
> then

That's a big-ish "if"; I didn't weigh in on whether I think it's true. A
reasonable person could go either-way on that. If it is true, then Daniel was
justified, if it's not, then he wasn't.

> ... when the users have no control or say over this decision?

 _If_ we assume that people trusted Copperhead-the-organization because they
trusted Daniel and that Daniel's removal is a change-of-hands, then the
decisions is:

\- Do nothing (and stop receiving updates)

\- Start trusting the new engineering leadership of Copperhead-the-
organization

From that perspective, it makes sense that Daniel should destroy the key:
Making the active decision to start trusting the new Copperhead requires the
active technical step of installing the new key; making the inactive decision
doesn't require action.

 _If_ on the other hand we assume that Daniel was an implementation detail and
that people trust Copperhead-the-organization as an institution, then the
decision is:

\- Stop trusting Copperhead-the-organization (and stop receiving updates)

\- Do nothing

From that perspective, it makes sense that Daniel should not destroy the key:
Making the active decision of ceasing trust requires the active technical step
of disabling updates.

------
ken
Background / recent history of CopperheadOS:
[https://www.reddit.com/r/CopperheadOS/comments/9xeo6b/copper...](https://www.reddit.com/r/CopperheadOS/comments/9xeo6b/copperheados_dead/)

~~~
huahe
Who gets company news from reddit?

------
meruru
In light of all the controversy that's being discussed here, what should I
install today on my phone if I care about security?

~~~
Forbo
Daniel Micay recommends running AOSP on a Pixel 3, for what it's worth. This
was about four months ago...

[https://old.reddit.com/r/CopperheadOS/comments/9xeo6b/copper...](https://old.reddit.com/r/CopperheadOS/comments/9xeo6b/copperheados_dead/e9rq1sx/)

~~~
meruru
Interesting. I wonder how it compares with Lineage OS in that regard. I'm
currently using Lineage, but the attitude on IRC led me to believe the
community might not be as committed to privacy as I've come to expect from
FOSS projects (people getting mocked about being "freetards" and such), so
I've been looking for alternatives.

------
IloveHN84
It's a pity they support only Pixel devices. Would be interesting to see less
known phones supported (above all, Huawei ones)

~~~
milankragujevic
Huawei phones are effectively dead as a development platform because Huawei
stopped providing a way to unlock a phone's bootloader.

~~~
pragmaticlurker
but on xda-developers there's a plenty of custom roms just for Huawei/Honor
ones.

