I read some of those discussions and I did not understand most of the arguments from the GrapheneOS developers. They are simply too technical, unclear for non-professional like me and the developers are often going to personal attacks. On the other hand, @amosbatto’s writing style is pretty clear and he always provides a lot of references to backup his claims. He also accepts it when he’s wrong. I never saw the latter from the GrapheneOS team. By the way, this is not our first discussion on this topic.
You mean that place where almost everyone doesn’t understand how Librem 5 works / delivered, spreads falsehoods about it, searches every tiny opportunity to destroy the image of Purism (even when these are totally misplaced and wrong claims)? All such posts get upvoted, but only people who defend Purism get banned.
By the way, the Pine64 subreddit was also quite hateful they say, so Pine64 created their own official subreddit.
I have no idea how proprietary drivers can be recompiled by the GrapheneOS team, could you provide some details? Even if it’s technically possible, this is irrelevant, because the actually important thing is upstreaming, otherwise support gets impossibly tedious very quickly. Only Purism is doing it on a big scale AFAIK, and soon LIbrem 5 will work on the mainline Linux kernel.
This is a deal breaker for me. I do not want to buy and reconfigure a phone every couple of years. I care about the nature and about my time and freedom to run what I want (e.g. mainline kernel). Also, it’s suspicious to me that GrapheneOS developers come into every Librem 5 discussion with claims that it’s not a secure phone. It’s disingenuous, because it depends on your threat model.
You are certainly entitled to your opinion, but you should tolerate that others have different opinions.
Consider my threat model: I assume that my smartphone’s software might be compromised. I need to attend some private meeting and talk to sensitive people, and I want to be sure that it’s a private talk. I also want to be able to call emergency if needed. With Librem 5, I can just use the kill switches.
I expect to use the smart card to access my email without leaking the password; can I do it on GrapheneOS?
I expect to run the same software as I do on my desktop, without learning or relying on new tools. I want to be sure that the manufacturer of my hardware is on my side, not trying to put me into a walled garden for their profit. You can read more reasons in @amosbatto’s FAQ. I agree with all those points. If you have any arguments against them, I would be interested to see them (and not arguments against @amosbatto).
With GrapheneOS I have to trust the hardware from China or software from Samsung and Google. You should understand that these companies and country have a huge incentive to track me, because this is how they earn their profits. Purism doesn’t. Follow the money.
In summary, my my criteria for the phone are the following: lifetime support, mainline kernel, desktop software, FSF endorsement, control by me, no walled gardens or planned obsolescence and so on.
This is disingenuous. I can’t run GrapheneOS on a Librem 5 because GrapheneOS chose not to support it. I would be fine with less security without IOMMU but with more freedom. Why do I have to follow your own threat model? The GrapheneOS promotes hardware that I cannot trust and intentionally excludes hardware which I prefer. For this reason alone I will never use this OS.
Having said that, I agree with
and I did recommend GrapheneOS to some people whose threat model is more in line with it.
@raenrfm
To save people from the danger that Purism is?