cross-posted from: https://programming.dev/post/41272884
GrapheneOS is being heavily targeted by the French state because we provide highly secure devices and won’t include backdoors for law enforcement access. They’re conflating us with companies selling closed source products using portions of our code. Both French state media and corporate media are publishing many stories attacking the GrapheneOS project based on false and unsubstantiated claims from French law enforcement. They’ve made a clear threat to seize our servers and arrest our developers if we do not cooperate by adding backdoors. Due to this, we’re leaving France and leaving French service providers including OVH. We need substantial help from the community to push back against this across platforms. People malicious towards us are also using it as an opportunity to spread libel/harassment content targeting our team, raid our chat rooms and much more. /e/ and iodéOS are both based in France, and are both actively attacking GrapheneOS. /e/ receives substantial government funding. Both are extremely non-private and secure which is why France is targeting us while those get government funding. We need a lot more help than usual and we’re sending our the first ever notification to everyone on the server because this is a particularly bad situation. If people help us, it will enable us to focus more on development again including releasing experimental Pixel 10 releases very soon.
You must log in or # to comment.
I see a wall of text like this, with no links or other sources, hmmmm…
That’s how I remember the main dev from almost 10 years ago, that’s why I stopped following them.
99% of posts I see from graphene are rambling about how nothing else is secure, and how shit everything else is.
They need to learn that different threat models exist. And that for many people, repairability and supporting local companies / not supporting megacorps (Google) is more important than perfect security, while still wanting privacy.
99% of posts I see from graphene are rambling about how nothing else is secure, and how shit everything else is.
💯
Which sounds bad, but tbh it is kinda true. Most alternative “ROMs” have major security flaws like no verified boot support because the install method is weird and the devs dont ship the keys for whatever reason
Yes. But again, top security is not a priority for many. Actual security would be using a full disk encrypted linux device and storing it in your asscrack every time you don’t use it anyway.
This is ironic but still
- Android phones are encrypted? And Pixels have secure elements, making brute forcing impossible
- disk encryption doesnt matter shit as physical attacks are like 10% of them
- your device is decrypted all the time
- desktop linux is a total security mess (I am using it daily and try to improve it but it is hard)
The thing is, GrapheneOS is not just top secure.
It is also reliable and has basic security features.
CalyxOS is dead (and has had a very bad track record), LineageOS and iodeOS have a weird install method that prevents bootloader locking.
Dont yet know details about iodeOS and /e/OS.
/e/OS had proprietary AI integrations tho.
They really dont fulfill basic requirements.
It runs. This is the only requirement.
Normally I’d see this as problematic, but GrapheneOS has done such a good job of eroding any trust in them when it comes to their public behaviour. I just can’t trust them without evidence.
But their OS is currently the best phone OS out there. And I exclusively use it on any phone I buy.
I’m out of the loop. What did they do to erode your trust in their public behavior?
And how does that relate to their current claims and issues? Are you saying they may be lying or falsifying? Otherwise I don’t see how it wouldn’t be relevant to their project as well.
The short version is Daniel Micay believes that the world is out to get him and everyone is in on the conspiracy. Be that partners like murena, hosting providers or unaffiliated people like Techlore or Louis Rossmann.
Now that being said, GrapheneOS is maybe, the best mobile operating system there currently is. But people are afraid of it because of his erratic behaviour.
Techlore and Louis Rossman actively recommend against GrapheneOS, afaik purely for nontechnical reasons.
That is factually a bad thing for the users as GrapheneOS is by far the best free software and privacy friendly Android variant
The vague way this is always repeated doesnt help credibility though and the Person on the GrapheneOS side who is currently using the social media accounts is massively spreading FUD
GrapheneOS aside, I would recommend against listening to Louis Rossmann because of his involvement in FUTO and rubbing shoulders with fascists.
https://drewdevault.com/2025/10/22/2025-10-22-Whats-up-with-FUTO.html
I’m not that well versed on anything Graphene, nor any related drama.
Trust is somewhat non-technical, personal, subjective and dependent on your threat model. You can greatly improve trust via technical means and processes, as well as distribute and communicate trust via technical means. In the end, you still need to trust one or more physical people.
Personally, my biggest issue with any software I use is future maintenance. Can I be certain this will keep working as I want it for the duration I want? Will I get security updates? There, the trust comes from the people and funding involved, seldom technology.
Yes for sure.
The thing is, GrapheneOS has a pretty stable development team. Their software is very reliable and trustworthy.
They were the the first to introduce a ton of things that improve user experience and make it more reliable (like the web installer).
GrapheneOS was also way more reliable over time, there was no downtime at all (except from maybe the CopperheadOS drama back then), unlike any alternative there basically.
So yeah this situation is just bad and it is insane how much good work a single person can do, but also how much a single person can mess up.
I mean, I can see both sides of the argument. It really is good software. It is incredible software, in fact. But people are turned off by the constant toxic and ridiculous behaviour of the project lead.
It is excellent from a technical perspective but their social media presence can still erode trust as the people that run this excellent project could also crash it.
You have to know, this is with 90% certainty all Daniel Micay.
There are more people in the team who are also on social media and they are fine and reasonable people.
What is his role in the project? Could he cause damage single handedly?
He was creator and lead, now he is not anymore but he is still heavily involved.
He created many things that are core parts. But the team has more than 10 people afaik
I believe this is purely Daniel Micay again. Other members of the team dont talk like that.
They really need to get a policy for who can handle these very real and important situations
So you only buy Pixels?
Had to. But they’ve partnered with another OEM to port GrapheneOS to their devices. So better hardware will come eventually.
What is the other OEM?
They haven’t said which one yet. But that GrapheneOS should come to their devices in Q4 2026. Take that for what you will. I will use my phone until it breaks and cannot be repaired anymore anyway.
Unlikely, different hardware with more independence will come. Pixels will likely be more secure than the first iteration of that phone. They are working with them to get basic security like a secure element going.
Agreed, I will pushback against bs laws ONLY if they affect me.
I doubt that iodé or Murena are attacking GrapheneOS. They have awful PR and communications and a history of acting like a suggestion or a minor critique is some sort of attack.
https://mastodon.social/@gael/115587915257025086
(Gaël Duval is a rather well-known member of the open source community)
It is “subreddit drama” and pity marketing…
However, Graphene is the more secure and hardened device. Other alternatives don’t really make the same promises and are just alternatives or “degoogled” ROMs.
Read the thread. Sounds like some Graphene bullshit again. Please don’t donate because of this.
Donated again!
Maybe they are full of bullshit, maybe they aren’t. Google/Apple are way worse than this…
Okay, I don’t think we will see less of this behavior, if you’re actively rewarding it, but sure, you do you.
🥱 Wake us up when they provide proof.
What’s the deal with iodéOS? Using it for some time…
Assume they are just mixed in without very good scientific practice
They work with the charlatan Braxman, thats basically it.
Thought so. I know there are better ROMs but for now, I’m not willing to buy a pixel for the ‘extra security’. Maybe when my current phone breaks.
vanilla LineageOS might be a good compromise
Vanilla LineageOS is not amazing. It connects to Google for some things, the apps are nice, generally pretty privacy friendly by itself but not amazing.
Also why cant they use a normal install method that allows bootloader relocking? Their method is fundamentally incapable of that afaik, as they dont support that even on Pixels
Venéz en Suisse! Vous soyéz les bienvenus! On es proche, et on parle Français
