Mostly the fact that GrapheneOS only works on Google Pixel hardware currently and vendor unlock status. It's the only available phone hardware that provides full bootloader unlock capabilities AND suitable security protections baked into the secure enclave and boot process, including things like rate limiting in hardware like password cracking attempts via external brute-force input means, lockdown of usb ports until boot unlocked with a pin, etc. Their website spells out all the reasons.
Other phone makers could if they wanted to do the same, but do not as an active choice, or at least somebody's choice above them.
Custom ROMs fail device integrity, which means you cannot use banking, financial, government, payments and telcom apps, not to mention all the games that refuse to work.
I don't understand "just load GrapheneOS" sentiments. It only runs on extremely specific flagship devices with explicit features that allow it that are out of financial and technical reach for >99.9% of population of Earth and it still fully relies on AOSP. It's an escape hatch for mice. Or is it really not that way?
There are threads on YC almost every week/month promoting that dodgy distro. Inside them are the comments with proper details from plenty of other YC users.
For the sake of avoiding repetition or bias, just do your own research. There is a search box at the end of the page.
It is tiresome to repeat every single time the arguments that so many other cyber experts have also mentioned including here on YC. This is quite the common knowledge by now.
Kindly use the search box on the bottom of the page.
In the time you've spent writing all these vague comments you could have just cleared up the confusion. I cared enough to read a comment you would write out, i really don't care enough to go research it
That's because there aren't really any. Yes, it's kinda maddening that the best hardware to de-Google your life is to give Google even more money and buy a Google phone, but, after having used that search box, all I could find are complaints that it's not very usable because they disabled so much shit in the name of security and privacy, but I saw nothing where it fails at the technical details in protecting privacy. There's some purist bit about the timing of updates and availability of source due to embargoes, but even they are being practical in that case. So no, unless I missed something, it's not common knowledge, and you're just pretending there is to make it seem like there is something there when there isn't.
That is the first red flaming flag, yet you dismiss it like nothing albeit so many cybersec experts point out the same thing (references you can search them on previous discussions)
The second is forgetting things like actively promoting the usage of US government developed and sponsored tech like signal and Tor.
Then let's look at that availability of source code, which for some "reason" doesn't come out. Lest but not least, don't even wonder about their financing sources and constant spamming on sites like this as if there aren't better options.
You can bot away and say none of this matters. It does matter, not everyone here is dumb and I'll keep complaining no matter how many times the other bots downvote what is obviously just another gov-sponsored operation.
It will be used as evidence that the person who has GrapheneOS on their phone is attempting to break the law. Telegram and Signal chats are often used as circumstantial evidence of malfeasance in Indian national security cases, so the jump to using GrapheneOS as evidence of malfesance is tiny.
India already considers communications they can't monitor illegal. Specifically, satellite communication devices. Not just the crazy expensive satellite phones, but the satellite texting devices a lot of us backcountry types have. And some have been arrested for having them. Yeah, terrorists have used such stuff, but to us it's 911 for when we are far from the cell grid.
> European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.
- If only criminals want privacy, privacy becomes suspicious
- If more people use an open OS, it's more profitable for commercial entities to not put in extra effort to block these devices due to the FUD going around about them being insecure
So if someone suggests that using open source software is increasingly being seen as suspicious, the #1 thing to do is start using it
