Response to dishonest attacks on the GrapheneOS project by Robert Braxman
Xtreix Fully agree. Unfortunately, trying to combat misinformation is a losing battle. It's quick and easy to think up misinformation and spread it around. It takes time to produce well-researched and verified information. By the time you've refuted the misinformation, they're already on to the next thing.
I don't know what the solution is. This is all to say I feel for the GOS team. I'm sure it sucks hard to put so much work into something and have someone else tear into it for no good reason.
ejns You did well enough in this thread that I unfollowed Braxman on YouTube.
Who are considered as reliable security & privacy experts?
- Edited
ejns Well, Mark Twain said that while lies can go around the world, truth is busy tying its shoes, so yes, it's complicated, especially as long as it's been going on. That said, I don't want to think that it's a losing battle, at least keep trying, get well informed and don't fall for scams.
drtweakllc Who are considered as reliable security & privacy experts?
In no particular order, I can mention Daniel Micay, Bruce Schneier, Brian Krebs, Moxie, Jason A. Donenfeld, Tavis Ormandy, Madaidan, Josh from Side of Burritos, Wladimir Palant, David Weston etc.
Here some good sources :
https://github.com/beerisgood
https://netrunner.academy/
https://palant.info/
I think such misinformation about GOS warrants either the first or both actions below:
- No comment
- Lawsuit
If a fictional living person Bob is delusional to a point of accusing someone that they killed Bob, while Bob is very much alive and making such insane accusations, then there is no need to respond to Bob due to the rest of people recognizing Bob is wrong. The same way GOS does not need to defend itself against ridiculous accusations because insanity of such accusations is too obvious. Be pro-active, not re-active.
- Edited
GrapheneOS "It provides on-device machine learning models usable by applications to classify content as being spam, scams, malware, etc. This allows apps to check content locally without sharing it with a service and mark it with warnings for users."
Everyone has been saying its actually 1984 big brother digital data harvesting that checks all your nudes and uploads it to your Google Drive.
As much as I dislike data harvesting and similar practices, its also scary how much people lie on the practice... I feel like everyone is trying to sell you your privacy even when their products solve an issue that doesn't exist
- Edited
GrapheneOS "That would greatly violate people's privacy in multiple ways and false positives would still exist."
Thank you for bringing this up! I work with a chat service that uses PhotoDNA to scan user uploaded photos. As far as I understand, because of false positives, if our image scanner ever catches something, we need to verify the report by hand before sending it to the NCMEC.
It makes no sense for the NCMEC to push PhotoDNA onto everyone's devices for offline scanning reports.
NCMEC is fairly closed off all things considered. As I said, working with them requires me to work with a separate child abuse prevention organization. I really doubt they would want millions of reports from offline devices with an API that could easily be exploitable.
This is why I imagine reports only start coming in AFTER its been uploaded to a google service like Drive or YouTube.
GrapheneOS reading up on brax.me
"Hope that the server doesn't store the encryption key."
Are they really saying that the 'end to end' encrypted chat uses a key exchange that exposes the private key to the server....alright then
Very bad shit, I agree. Thank you GOS <3
- Edited
Well I 100% agree that Robert Braxman is a scam artist but damn you lossed me in the last part.
null Don't know what you're referring to.
Sad that the team must make Statements for such clowns. Cant believe that people really believe the BS.
It doesn't have to be the intention of marketing their own product as a disguise; it could be intended to be the face or the influencer of online privacy, so whatever happens, people go to his channel for whatever purpose it may be.
GrapheneOS I guess it's Daniel speaking for GrapheneOS.
We the people who support and love the GrapheneOS project understand that you are tired of all this harassment.
Some people don't like the truth because it can reveal all the lies they're spreading around them.
As of today, GrapheneOS is the only serious hardening project based on AOSP after the retirement of the one-man behind DivestOS.
Michael Bazzell a former FBI agent believe that GrapheneOS is the optimal operating system for a mobile device, so do I.
In the Android support matrix from the leak of April 2024, Cellebrite the world leader in mobile phone data extraction specifically mentionned GrapheneOS and we know what it means.
You don't need to give a response to Braxman. Use your precious time to focus on GrapheneOS and the people you love.
By waisting your time with them, you are also worsening your health time after time and you don't want that, you don't need it.
Xtreix In no particular order, I can mention Daniel Micay, Bruce Schneier, Brian Krebs, Moxie, Jason A. Donenfeld, Tavis Ormandy, Madaidan, Josh from Side of Burritos, Wladimir Palant, David Weston etc.
What do we think about Nadim Kobeissi? I feel like legit but he has been critical of Signal: https://xcancel.com/kaepora/status/1810613043685888399#m
The people who are getting worked up about the possible detrimental effects this kind of "reaction" posts can have to
the image of GrapheneOS: well yes the ones responding will get tired and yes they can spend their time in better ways.
But guess why they are the ones who have to write these responses time and again for all the misinformation going on?
Guess?
It is because we, the peanut gallery aren't doing anything ourselves except wring our hands when the team actually posts a rebuttal.
"Daniel Daniel - Legal action, your health... yada-yada" is not helping anyone. Certainly not him.
It has been our experience that leaving people to spread their misinformation doesn't help. If Mr. Braxman is seen
as having the last word in any public space of discourse(or rather that cesspool called X) then your imagined gains
in mental health and developer productivity actually don't exist. It means just more people consume their discourse
and move on. Or worse bring those same talking points to our various community media. People like you who already
probably are using GrapheneOS are different from those who aren't. Hell, I can't really tell whether i would have fallen for
Mr. Braxmans lies years back. It is easy to forget our own naivety and imagine everyone knows the best. It is also easy to
be complacent and forget that Mr. Braxman still posts video 'cause[drum rolls....]
people still consume them.
He has 560k subscribers, upwards of 30k views on his latest videos. That's more views than subscribers to the very sober, professional YouTube channel Side Of Burritos run by a friend of GrapheneOS.
That is an awful lot of impact for someone like Mr. Braxman.
If you really want the project to stop posting these, then I suggest to those of you who can do your due diligence
and take them misinformation posts apart in your own time. It does not help when the man has to do all these posts and
we watch and patronizingly give him advise on the problem while not doing much.
that_guy I didn't know Nadim Kobeissi and I honestly don't really have an opinion on the debate because I don't use the desktop version of Signal and don't recommend it.
Now, I'd say Molly and SimpleX are doing better, for me the days when Signal was necessarily number 1 are over, but it's still a very solid choice especially for the general public.
I watched his video "Client Side Scanning" and it's terrible the harm he create on the privacy community.
People literally telling him thank you for a lie and how they are excited to buy his brax phone in the comments lol
All his marketing is on how big tech companies are bad and evil in everything they do. It's exactly what most of the people want to hear.
I don't think there is much to do right now to prevent him to spread fake news. If 500k subscribers want to swallow his words depiste the false information he's providing then it's up to them.
While you are angry because of him attacking the seriousness of the project and spreading fake news, he's enjoying his YouTube money and soon will sell his insecure phone to hundreds people if not thousands. This dude only care about making money, nothing less, nothing more.
That's why I'm telling you, it's not worth it. Let people find the truth themselves.If they want it, they will find it.