Real title: Graphene OS teams criticizes fairphone for the low quality support of /e/os
Not Fairphone, but /e/, which is a separate company that develops a ROM of their own. I guess the lack of a TPM is a Fairphone design choice that GrapheneOS also doesn’t like but the article describes why that’s hardly a Fairphone only issue.
Maybe Fairphone should criticize Graphene OS for the non existent support of Fairphone devices.
Seriously I’d get a Fairphone with GrapheneOS in a heartbeat should it become available.
for the non existent support of Fairphone devices.
There is a good reason they dont do that. The Fairphone is a real piece of shit from a security (or even a consumer) standpoint, especially because no single phone from the got more than 2 Android versions, and even then they are just months to Years behind(ert) on security updates. The Grapheneos team has a sctrict set of minimums a phone should provide in order not to mislead users by branding an insecure OS with a name associated with security.
GrapheneOS only used Pixel until now was because they a) didn’t have to reverse engeneer that shit and b) it had a few rare security features.
And now that they have to work a lot more to make their OS work, it is a really stupid idea to demand support for an inferior product which they would rule out by default.
But for now, Ill just keep wondering when the EU will Sue Fairphone into bankruptcy for not even obeying the minimum support period
The regulations enforcing a minimum support period won’t go into full effect until 2027. Besides that, new Android versions aren’t obligated as long as security updates are provided (which Fairphone does provide).
The missing hardware support means Graphene won’t work on any device not made by Google (although they seem to invent new requirements every time Google releases a new Pixel so I don’t know why they don’t just say "we don’t want to support other brands), but Fairphone is one of the more open companies when it comes to ROMs.
Fairphone doesn’t have the right hardware support. There’s a good comparison chart here if you aren’t in the market for a new device right now:
No different to any previous Fairphone, or indeed the majority of Android phones on the market from any manufacturer other than Google. Fairphone is in an unfortunate situation in a way, because its devices have (in recent history) been more open than that of any other manufacturer other than Google, which means there is a thriving custom ROM scene that includes privacy-focused competitors to GrapheneOS, yet its devices have also never met the requirements for the GrapheneOS team and so routinely get “slammed” by its developers who have to respond to requests/questions every time a new Fairphone releases. Clickbait Android “news” sites then run these developer replies taken from social media or forums as “news” and people who don’t bother to read beyond the headline/don’t know anything about the topic (AKA the majority) come away with the completely misguided impression that Fairphone is not just “not as private and secure as a Pixel with GrapheneOS” but is actually “bAd fOr pRiVaCy aNd sEcUriTy” compared to all devices on the market. Devices from most manufacturers lag well behind Pixel update times, most don’t even maintain a monthly update schedule, yet you will never see negative news articles about how these other devices are insecure/lacking in privacy. Only Fairphone gets hit with this comparison because only Fairphone has even attempted to compete in that space.
The problem is that it would take a ton of effort for fairphone to comply with grapheneOS because they need a separate TPM chip and custom firmware and (likely) a lot of android integration stuff for it that Google has a habit of keeping to themselves for a competitive edge (e.g. new android material designs exclusive to pixels for X years, GCam, etc…)
I have also heard that the Graphene team can be a bit toxic, so those things combined with the fact that they would probably get <1% of their sales with a preinstalled Graphene option makes it likely not worth it for them.
I would also love to get a fairphone and run Graphene on it, but I just don’t see it happening.
As a non-native speaker, I had no idea what this headline is supposed to say. Here is what it is about:
The team behind the GrapheneOS platform has criticized the Fairphone Gen 6 for apparent security issues.
As a native speaker, thanks for clarifying.
As a native speaker, I also didn’t really get the headline at first
I’d normally interpret “taking the knife to something” as roughly the same as “making cuts”
But graphene doesn’t make the fairphones and doesn’t support them, so nowhere to really make cuts
I feel like maybe they got the message that people are getting tired of headlines over using terms like “slammed” and wanted to do something different but chose a pretty terrible alternative.
At least we all know what “slammed” means now.
I thought it meant that they started investigated porting GrapheneOS to Fairphone. That they meant a surgical knife and getting to work.
Yeah, I tend to over-interpret and am non-native too, how could you tell?
I am a native speaker and this was close to my first interpretation. The headline is just bad.
gOS threat model is “everything everywhere all at once” - nation state actors et al - and from that standpoint, yeah, eOS and lOS and whoever else is lacking.
but the vast majority of users have a threat model that can be boiled down to two things:
- a lost/stolen device doesn’t compromise me - the fucker can’t get at my stuff and/or impersonate me, and
- free from apple’s/google’s reign - I control what stuff runs on my phone
both easily accomplished with lineageOS and derivatives running on a $50 phone. if you truly want to spend four digits annually on Newest & Best, you do you, I’m good.
Most Android phones from brands smaller than Samsung and Google fail the first requirement. Most Android phones are years behind the most basic iPhone in terms of security, mostly because of manufacturers cheaping out and a race to the bottom even in phones more expensive than a second hand car.
Graphene’s thread model is “a (corrupt) cop can’t see my location history and every account I’ve ever logged into by plugging my phone into a USB device” and most brands fail horribly at it. Only Pixels with GrapheneOS are safe as of the latest article about it, with iPhones and Pixels coming in second.
LineageOS is even worse, unless you manage to lock the bootloader without bricking your phone post install. Any time you lose sight of your phone for any moment (i.e. at an airport) you should reflash your entire OS if you care about basic privacy. I don’t know why relocking the bootloader seems to be such a challenge for device manufacturers, but it’s proving to be a rather niche requirement despite being the most basic security feature you could implement.
Most people don’t really care about security and offline privacy of their devices, that’s why most people don’t need GrapheneOS. However, that doesn’t mean that GrapheneOS is wrong to point out the shitty status quo of Android phones. The sad state of affairs right now is that if you care about offline privacy, you need to fiddle with a Pixel to install GrapheneOS or buy an iPhone and put it into lockdown mode (which Android still lacks).
I bought a refurb Pixel 7 on eBay for like ~$150 and put Graphene on it. It’s not like you have to spend four digits unless you want to.
That’s a crazy good deal
e/OS is just particularly egregious. This isn’t about GrapheneOS being paranoid, it’s Murena not delivering the most basic level of security patches, then hiding it.
I’ve got the top end latest Pixel model and it did not cost me 4 digits. Bought one used, so Google never got my money. Immediately put grapheneOS on it, this phone in its pre-gOS spyware form never had access to my actual data in the first place. Or even a real network.
Same old broken record as with previous Fairphones.
Their holier-than-thou attitude towards security backed them into the corner of being virtually unable to run GrapheneOS on any platform other than Google’s own Pixel phones, and now Google is pulling the rug from under them.
The GrapheneOS people were tedious when Micay was there, and they haven’t really changed.
I don’t really mind that GrapheneOS excludes other manufacturers/devices based on their extremely strict requirements, it’s good to have a tighter option for those who want it. Their team has always been unnecessarily antagonistic/hostile towards other projects in this space, though. The way they communicate publicly is always so extreme and deliberately lacking in context so that everything is framed as “GrapheneOS = good, competitors = bad”. They won’t acknowledge differing threat models to their own and treat everyone else as a bad actor or a clueless moron, which has led to this very weird cult mentality among the userbase. So many people shill the absolute fuck out of this project online yet have never put any thought into what their personal threat model is or what features they actually want in a custom OS. They don’t even know why they installed GrapheneOS, they just read comments from other people on social media or watched a YouTube video and blindly followed along.
The way they communicate publicly is always so extreme and deliberately lacking in context so that everything is framed as “GrapheneOS = good, competitors = bad”.
To be fair part of your this is sensationalist “reporting” as above where single tweets (or parts of conversations, etc.) are taken and reported on without offering context.
So many people shill the absolute fuck out of this project online yet have never put any thought into what their personal threat model is or what features they actually want in a custom OS. They don’t even know why they installed GrapheneOS, they just read comments from other people on social media or watched a YouTube video and blindly followed along.
Yeah, that tends to happen. Not everyone has the knowledge or the capacity to (learn what a threat model is and) create a threat model and then make calls based on that. But that is not unique to Graphene, that happens everywhere (Streamer promoting/judging video games, Pop stars promoting/judging politicians, etc).
But in this specific case I would argue that is more of a good thing - even if some people don’t understand the fine details and they just heard “more security, more control, more features” . The increased userbase gives Graphene more leverage and in a just world big companies and countries would maybe rethink their approach to data collection.
Personally I also hope that Graphene and Fairphone talk with each other instead about each other, because together they could create a fantastic device.
Personally I also hope that Graphene and Fairphone talk with each other instead about each other, because together they could create a fantastic device.
This isn’t even an issue from Fairphone’s perspective. It’s devices are supported by every other privacy-based ROM out there and its primary focus is on shipping and supporting devices with “stock” Android. As I said above, there is nothing actually wrong with Fairphone devices from a security perspective compared to the majority of its competitors, and even those issues that do exist are fringe cases that consumers do not care about.
The only reason this discussion about “GrapheneOS on Fairphone” keeps resurfacing is because of the cult-like behaviour I described elsewhere in this thread, where GrapheneOS is so widely recommended without context that people new to this space think it is the only solution to stock Android’s privacy issues. So they keep pestering the GrapheneOS team, asking for something that has been resolutely denied on multiple occasions previously, provoking a response that inevitably gets recirculated on social media and run as content on “news” sites. And then we get comments lile yours that frame GrapheneOS on Fairphone as an achievable and realistic thing that could happen with better communication, even though neither party is interested in pursuing that.
This isn’t even an issue from Fairphone’s perspective. […] and even those issues that do exist are fringe cases that consumers do not care about.
There are no issues but those that exist are not important?
there is nothing actually wrong with Fairphone devices from a security perspective compared to the majority of its competitors
Update speed is a major issue and Fairphone is not great at it either. Yeah, it is not the worst offender, but that does not mean that it is good.
people new to this space think it is the only solution to stock Android’s privacy issues
The other solution is not to use Android, but that brings a lot of new problems. That being said, which other rom is on equal footing with Graphene? I am not aware of one. Even if you differentiate between privacy and security: most degoogled roms still connect to google servers - for SUPL, connectivy checks, NTP, etc and that is unnecessary. For security we can basically just reduce it to update time which is atrocious in all of Android Roms with the exception of GrapheneOS. e/os/, the other preinstalled option for fairphone, is especially bad when it comes to this with updates lagging weeks to months behind in critical security updates. It also advertises as “fully degoogled” which simply is not true when it still connects to google servers.
And then we get comments lile yours that frame GrapheneOS on Fairphone as an achievable and realistic thing that could happen with better communication, even though neither party is interested in pursuing that.
So? I’m aware that my hypothetical idea is not the reality. But what hinders it from becoming the reality? As far as I am aware the humans behind each organization have mouths and ears, no?
There are no issues but those that exist are not important?
I’m not sure if you just didn’t read my reply properly or if you’re engaging in bad faith here but you’ve just stitched the first sentence of a paragraph and half of the last sentence of a paragraph together as if they’re related when they clearly aren’t. One is referring to the non-existent issue (from Fairphone’s perspective as clearly stated) of lack of GrapheneOS support, in direct response to you. The other is referring to the perceived security issues with Fairphone devices referenced in the article, and this is clearly stated in the first half of the same sentence which you decided to cut for some reason.
Update speed is a major issue and Fairphone is not great at it either. Yeah, it is not the worst offender, but that does not mean that it is good.
Nice strawman but I never said it was good. Again, respond in full instead of cherrypicking half a sentence. “Slow” updates compared to a Pixel is obviously not a problem considering Google has a minority market share and many people do not even bother to update their phone regularly. It is a fringe issue that is irrelevant to most.
That being said, which other rom is on equal footing with Graphene?
It doesn’t matter whether they’re equal to GrapheneOS. Like I said, if you are new to this space and don’t know anything then you think you need GrapheneOS because an influencer told you “iTs tHe bEsT oNe” and you looked at a comparison chart where it had the most green rows in its column. In reality many of its unique features and differences are well beyond the requirements of most people simply looking to reduce the amount of information big tech holds on them. Threat modelling exists for a reason but unfortunately many people burn out and return to big tech because they listen to bad advice from morons instead of thinking for themselves.
These projects don’t need to be identical to each other, and in fact it’s actually very healthy for the ecosystem and movement if they have differing feature sets and goals. Your utopian dream of GrapheneOS having a market monopoly is a terrible idea because it assumes the people in control are mentally stable and that nothing will ever go wrong, which we already know is a completely unrealistic assumption to have because Micay exists and Google just made custom ROM development much harder for Pixels.
So? I’m aware that my hypothetical idea is not the reality. But what hinders it from becoming the reality? As far as I am aware the humans behind each organization have mouths and ears, no?
Fairphone has zero interest in GrapheneOS and vice versa. Pretending that the only hindrance to this fictional collaboration is a lack of communication is delusional.
Same old story, GrapheneOS’s self-rightousness has caused them grief before (plenty of times actually), and this is just another example of it. Compare and contrast with something like CalyxOS, or even just Vanilla LineageOS, and it’s night and day for being able to support more devices and be less reliant on Google. And I say that as a guy who loves his Pixel 6 Pro with CalyxOS.
GOS is a great idea, and I’m glad it exists, but ultimately they are their own worst enemies about a lot of things. Micay obviously wasn’t the whole issue there either (though he certainly bears a lot of responsibility for what made Graphene and its community so toxic for several years too…).
Yeah, and I have a hard time trusting a “de-google” os that requires I buy a phone directly from google. I want to be free from google entirely, and that includes not buying their hardware.
as someone who originally chose Calyx out of the perceived toxicity of the community, I really could not have said it better myself.
So what do people run on their fairphone? Graphene has been the only non mainstream commercial mobile os I’ve heard of even on lemmy.
I run CalyxOS on my Fairphone4 and have zero issues.
Aside from /e/OS which was mentioned in the article, Fairphones are also typically supported by LineageOS, iodéOS and CalyxOS.
I run stock, because it’s my work phone. LineageOS would be an option, but I prefer GrapheneOS, which currently limits me to Pixels.
Not necessarily agree with the tone of the headline, but happy they are finally taken into consideration when talking security.
At least they didn’t say “slammed”…? ¯\_(ツ)_/¯
LOL yeah.
I used e/OS for a very short time a few years ago then learned about some of their security practices. This isn’t a new problem with that version of Android.
care to share what those practices are?
Rtfa?
I did, you said a few years ago. IE not the Fairphone 6.
unless you’re a time traveling scumbag?
What I remember most was having to make an e/OS account a la google in order to be able to use the ROM, and some of the third party apps it shipped with were of dubious origin, mainly Chinese IIRC. I’d heard other sources talking about it being behind on patches then as well. Overall, it gave me the ick, especially the account bullshit, and I continued with Lineage.
Not sure why you feel the need to call me a scumbag.
ryfc.
Honestly I’m with the GrapheneOS team on this one pixels (A series mostly) are relatively cheap and you can easily find them second hand for even a cheaper price so I don’t think you gonna save anything by the repairable Fairphone and on top of all this they lag behind security updates too just more reason to avoid them. Ofcourse that’s just my opinion
