The OP's account is now deleted, but: 
this post was submitted on 15 Sep 2025
20 points (68.5% liked)
Android
20239 readers
217 users here now
The new home of /r/Android on Lemmy and the Fediverse!
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
πUniversal Link: !android@lemdro.id
π‘Content Philosophy:
Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.
Support, technical, or app related questions belong in: !askandroid@lemdro.id
For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id
π¬Matrix Chat
π°Our communities below
Rules
-
Stay on topic: All posts should be related to the Android OS or ecosystem.
-
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
-
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
-
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
-
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
-
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
-
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
-
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
-
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
-
No affiliate links: Posting affiliate links is not allowed.
Quick Links
Our Communities
- !askandroid@lemdro.id
- !androidmemes@lemdro.id
- !techkit@lemdro.id
- !google@lemdro.id
- !nothing@lemdro.id
- !googlepixel@lemdro.id
- !xiaomi@lemdro.id
- !sony@lemdro.id
- !samsung@lemdro.id
- !galaxywatch@lemdro.id
- !oneplus@lemdro.id
- !motorola@lemdro.id
- !meta@lemdro.id
- !apple@lemdro.id
- !microsoft@lemdro.id
- !chatgpt@lemdro.id
- !bing@lemdro.id
- !reddit@lemdro.id
Lemmy App List
Chat and More
founded 2 years ago
MODERATORS
GrapheneOS astroturfing has been happening on Lemmy too, recently. It all feels very similar to their unprovoked war against CalyxOS a few years ago.
GrapheneOS astroturfing
Someone related to the GOS project was caught red-handed calling for this just a few years ago. Both Louis Rossmann and Techlore did videos on the whole situation with Micay and the drama surrounding him, including that bit (I forget which video showed that particular bit), and brought receipts.
I have no doubt in my mind that GOS is a solid OS, being created by someone so obviously paranoid. But that paranoia is causing a lot of other issues and infighting within the ROM community.
All that stuff was being sent around in the .ml Privacy community again recently, including their favourite conspiracy theory involving Techlore, Louis Rossmann and Nicholas Merrill (founder of Calyx Institute and CalyxOS). According to the GrapheneOS cult, Techlore and Rossmann are paid employees of Merrill's and have been attacking GrapheneOS on his behalf. Zero evidence, of course. Just the usual "source: trust me bro" you expect from GrapheneOS.
And as usual, a lot of it was orchestrated in the comments by a moderator of the GrapheneOS community here. Guess what the thread was about? Yes, another attack on the security and privacy of /e/OS. It's all so predictable.
Graphene is the most secure Android OS, hands down. Nation State actor tools like Cellebrite (and others) have difficulty or an impossible experience trying to Crack it. No saying it can't be done or ain't done already, but they claim an inability to do so.
That ranks pretty high and counters the FUD.
I wonder what motivates it, are they being paid off by some other organizations?
I think it's more likely that people involved with GrapheneOS are just very passionate/obsessed with security, and take an almost evangelist approach to discourse in this space that is completely devoid of any kind of nuance. Anything that is not as secure as GrapheneOS is extremely bad and a danger to the movement, from their perspective. They're not even necessarily wrong on the individual facts a lot of the time, but their approach is always hyper-aggressive with very high modality language that makes things seem worse than they are. For whatever reason, many of the people associated with the project seem to be completely lacking in social skills and are incapable of having a two-way conversation. They also have a massive victim complex and are constantly accusing anyone who is even remotely critical of them of being part of some big corporate conspiracy, so even an one-off exchange between someone associated with another project and a GrapheneOS team member can quickly spiral into a gigantic fake drama (as happened with CalyxOS several years ago).
As a GrapheneOS user that's my take too. The paranoid security-obsessed developer who is focused on making the best software to the point of being rude and isolationist is not the kind of person I'd want to hang out with but kind of is the person I want doing security work for the device I have all my personal info on. Sure it would be nicer if they weren't so abrasive but I'd rather they channel an angry Linus Torvalds than some slick weasel-wordy Steve Jobs.
As a GrapheneOS user I agree. Maybe Linus can recommend the GrapheneOS devs get anger management
They are apparently looking to partner with an OEM to build them their own devices, I wonder if that would mean they can hire a full time media person who can do all the public communications so the security guys can focus on what they do best.
That would be excellent tbh
And I think what people really want to avoid is the pre-installed operating system. That has all kinds of stuff in it and no one except the manufacturer knows what's inside. And Google's Play services are deeply embedded into the system and will leak lots of personal data and metadata or outright copy them to Google's servers. For the regular user that means Google has all your pictures, 24/7 location data, your contacts... None of that is E2EE either. We don't know what happens wit the data from all your contactless payments... It's really a privacy nightmare. And I'd say security isn't great either if 2 parties already have pretty much complete access to the device out of the box. They can wipe it, remote install or remove apps... Everything. They do offer secure boot, though...
Source? Trust me bro
I mean /e/ isn't fantastic but its better than stock as long as you don't use their built in open ai stt.
This. It's weird how a particular GrapheneOS supporter keeps arguing how awful /e/ and CalyxOS are/were, and how microG is the worst thing ever. But then offers only native Google or nothing for Play Services (sandboxed mind you). The very first fallacy you learn in Cybersecurity is that if it can't do what someone needs, it's not secure because it's not viable. Having nothing for Play Services is often not an option for many people. And when Google itself is one of your threat actors, literally the world's worst solution that provides the barest modicum of protection against Google is by definition more secure. Just allow Sandboxing MicroG as an option already for those of us with a bigger threat surface from Google than from Cellebrite-using nation-state actors.
Full disclosure: I've looked at using their absolutely excellent build tools to create a fork with MicroG allowed. But it turns out to be non-trivial to add the signature spoofing permission to the system and grant it to only MicroG, and conflicts with the custom Google Play config that allows Sandboxing.
Thank you for writing my thoughts into words in such a beautiful and understandable way. I've been trying to figure out how to say exactly this for months. As someone who was using CalyxOS until the hiatus, ive found it hard to find a proper home on any other ROM.
I've done something similar trying to get root on Graphene OS, since I'm more far more concerned about corporations than nation-state actors. It can be done, but isn't worth the trouble, especially since it doesn't completely work and GOS updates may break it. Long story short, GOS wasn't for me.
For anyone else who might be interested in trying to root GOS, take a look here: https://github.com/schnatterer/rooted-graphene I believe this to be likely the most comprehensive source for getting started.
I replied to the wrong comment π€
Doesn't rooting GOS feel counter intuitive? If you're looking for security rooting GOS circumvents its security policy. May as well download some other OS at that point?
Yes, that's right, so I did. I wanted to have a go to see what it was about, though, and I found that root was more important for me than the security that GOS purports to offer.
And when Google itself is one of your threat actors, literally the worldβs worst solution that provides the barest modicum of protection against Google is by definition more secure.
This was what I learned.