Every GrapheneOS proponent I've seen has claimed that other devices are inferior to Pixel security wise, and that's why they're not supported. That always sounded a bit odd to me and certainly seems to have a bit more nuance based on your comment. Thank you for adding some clarity here.
Graphene doesn't really try to stop you. They just don't spend their own efforts on making it possible. It is OSS so, your free to spend your efforts where you want to.
It would require a significant commitment of limited resources to broadly support insecure devices with very little upside, and to do so would constitute gross mismanagement of the project.
Meanwhile, others are completely free to fork numerous GrapheneOS improvements or benefit from their upstream improvements (as some have, including Google).
I never mentioned any commitment except accepting pull requests, did I? Qubes can do that and doesn't require a fork. Are you saying they have much more resources?
The problem with laptops is that UEFI is a shadow operating system that keeps running after boot, with a bunch of security vulnerabilities. Furthermore all Intel / AMD chips have a microprocessor state called SMF which if you trigger it basically gives you carte blanche to do whatever you want.
"Trusted Boot" is a meme on x86. If you really want something like that you need to do what Oxide Computer is doing and rip out UEFI for good and implement your own secure boot chain.
Qubes is great but at the end of the day cannot protect against evil maid attacks to the level that pixel or apple phones can. Its great at making sure a browser exploit cannot steal your banking credentials you have open in a different virtual machine but cannot overcome the limitations of the platforms it builds off of.
So I understand why the GrapheneOS folks do what they do.
See also: "X86 considered harmful" by the founder of Qubes OS (posted in 2015!)
As one who has lived out of both operating systems for years, I struggle with the way you invariably make value judgments about GrapheneOS every time it comes up in a thread, based on your (justifiable) appreciation for Qubes OS. The same thing happens in reverse on the GrapheneOS forums, by the way.
Both lines of thinking are faulty, and attempting to directly extrapolate from one project to the other (in either direction) mostly only conveys a lack of understanding of both projects, even (especially?) one's favored project.
Joanna Rutkowska herself admitted that the difficult nature of trying to contain the PC hardware stack made it ultimately feel like she lost the war. Qubes OS is inherently vastly more vulnerable than GrapheneOS, in large part precisely because of their different approaches to hardware. Some of this has been mitigated by developments made since she stepped back from the project, but some of it will always remain. How to deal with this inherent conflict is not a simple matter and the two projects have taken two distinctly different approaches.
In the cases of both projects, I think they made justifiable decisions in their approaches. I use and contribute to both projects.
If you've been using Qubes OS long enough, you'll remember a time when trying to run it on anything that wasn't essentially identical to the ThinkPads used by Qubes OS devs often presented a major challenge.
GrapheneOS is a fundamentally different project in scope, and each project has a subset of users which seem unable to do anything but evaluate the other project based on the criteria set by the one they like.
"The goal of the project is not to slightly improve some aspects of insecure devices and supporting a broad set of devices would be directly counter to the values of the project. A lot of the low-level work also ends up being fairly tied to the hardware."
GrapheneOS achieves significantly more security on the hardware level than Qubes OS, in very large part specifically due to the nature of the project. It's also an infinitely simpler OS to get up and running with, on both current-gen flagship hardware and current-gen value-prop hardware available in just about any store which sells cell phones.
In addition to all that, by the nature of the respective code bases it presents a significantly smaller attack surface than a computer running Qubes OS.
Securing a single device type with excellent hardware security is simply much more viable a project than securing a broad range of devices with hardware security that is, at best, pretty terrible.
Repeatedly criticizing one project without significant familiarity with both is not just pointless, it's counterproductive to aims of FOSS privacy and security.
> In addition to all that, by the nature of the respective code bases it presents a significantly smaller attack surface than a computer running Qubes OS.
I critisize precisely because I don't understand what you're talking about.
The last relevant VM escape was in 2006, discovered by Rutkowska herself. Since then, nothing could access my secrets in an offline vault VM. I would appreciate a clarification, how GrapheneOS can be more secure without reliable virtualization.
AFAIK Xen security relies on 100k LoC. And this is in addition to the virtualization. How many LoC does GrapheneOS require to provide its security? How can it have less attack surface than Xen? Developers replying to me here never provided an understandable reasoning, only keep repeating that it's "very, very secure", without even mentioning any threat model.
Doesn't GrapheneOS rely on closed Google's hardware to provide its security? I would never trust Google with that. How can I not critisize such approach?
Server rendered HTML, htmlf endpoints and JQuery load was always the sweet spot for me - McMaster Carr[0] does the same thing behind the scenes and utterly destroys every "modern" webapp in existence today. Why did everything have to become so hard?
Not sure why you're being down voted but the answer is yes, it is the same Peter Thiel who gives lectures on Greta Thunberg being the literal anti-christ and if the down voters think you might be exaggerating or misleading them I encourage them to search this up.
Edit - I searched to refresh myself, ok he didn't say she was the literal antichrist. He said she's literally a legionnaire for the literal antichrist. I cannot stress enough that he was very clear that he was not using these terms figuratively, I mean "literal" in the literal sense of the term.
Yeah, he definitely has gone off the rails lately with all the talk about the antichrist being a literal existing being with emissaries on earth. I haven't been watching his stuff but the little I've seen was unhinged.
for which Gretta is the litteral, antidote, as she has NO money, or such vanishingly small personal funds as to be of no account, yet hiches rides on sailboats to show up and berate parliments in there well worn lairs, her speach to the british parliment bieng a clear sign that she wont back down , and much worse, has such impecable manners that she mistook there talking and joking to be a technical mallfunction with her microphone.
And now after her capture by the ZGF (zionist genocide force), and stare down with there chief torturer/jailer, she has vanished from all major media.
So that Gretta and that Peter, are in fact
polar oposites in almost every sense.
I don’t have a strong opinion on Thunberg herself, but no, truths aren’t always in the middle. Thiel is clearly a complete fruitcake, so it does not make sense to triangulate based on any position that he holds.
Oh completely. I think you missed my point. Divisive narratives are almost entirely always wrong. The truth generally sits way away from the fruitcakes somewhere in the middle.
The problem these days is we give fruitcakes a stage. Or they buy one.
Right, but if you are using Thiel as a point of reference, you’re going to find a midpoint between sanity and insanity, which isn’t the truth. Say what you will about Thunberg, but she is not insane in the way that Thiel is.
Compared to Thiel Thunberg is the voice of reason. Actually, she is the voice of reason compared to a lot of wealthy and powerful people. And that's why they're scared shitless of her: you can't really argue with someone who has nothing to lose and speaks truth to power like that.
Thunberg has issues, sure. She's pretty open about them too. But that has zero bearing on her various positions and they are as solid as they are ethically clean. As always, there are people that would love to 'shoot the messenger' and in many cases this appears as a rather literal proposition. So far it hasn't happened but I'm afraid that one of these days it will. We need her. Far, far more than we need Thiel.
Again, you're suggesting an equivalence between someone who has strong views and someone who's simply disconnected from reality. Thunberg is right to be concerned about the environment. You could argue that she's too concerned (maybe). Thiel is not right to be worried about the antichrist and Armageddon.
We don't need to find some kind of mythical middle ground between people who are too worried about the antichrist and people who aren't sufficiently worried about the antichrist. Rather, we should just set eschatological eccentrics aside when it comes to orienting our political outlook.
It’s not the environmental campaigning that’s the issue. I am very much aligned with that. In fact I’ve done a fair bit of that myself and you’ll occasionally find me at demonstrations. I think most people are well aligned with that.
It’s the deep dive into geopolitics which is now being used to discredit her that is the problem. There’s things you don’t touch with a pole and she’s been all over them. That’s why the media have shut up about her. There isn’t universal support or consensus there. She did a lot of damage to the environmental cause getting involved.
That makes her a pariah on all causes.
The mid ground is a rational scientific approach and consistent pressure and staying within the rails that are your primary cause.
> She did a lot of damage to the environmental cause getting involved.
No she didn't. She pointed out there is hypocrisy on both sides of these arguments. Environmental causes are not immune to being hijacked and there has been plenty of that.
Garry is a good person and smearing people over their church is a disgusting thing to do.
I am now going to sit here and listen to this talk because I guarantee it's not saying what you think it's saying. And I don't want to listen to it. It's not a topic that interests me. But I guarantee you are completely distorting what was stated in that topic for maximum effect, entirely motivated by left-wing politics.
I imagine you are not done listening to them yet as the total over 8 hrs. But my research is showing that OPs are largely correct. Theil gave several talks to his church where he did in fact say these things.
In your post you state you are ‘not sure’, but also that that the poster is ‘wrong’.
> My thesis is that in the 17th, 18th century, the antichrist would have been a Dr Strangelove, a scientist who did all this sort of evil crazy science. In the 21st century, the antichrist is a luddite who wants to stop all science. It’s someone like Greta or Eliezer.
Sure, he eventually goes on to say stuff like..
> One of the ways these things always get reported is, I denounce Greta as an antichrist. And I want to be very clear: Greta is, I mean she’s maybe sort of a type or a shadow of an antichrist of a sort that would be tempting. But I don’t want to flatter her too much. So with Greta, you shouldn’t take her as the antichrist for sure. With AOC, you can choose whether or not you want to believe this disclaimer that I just gave
But I don’t think this is the win that you might think it is. The dude is a loon.
You are wrong. Thiel's talks are as insane as we're saying. Also, it's not "disgusting" to tar people for belonging to a known toxic community of lunatics. It's completely rational. Cut the fake outrage. Idiotic religious beliefs don't have the same sacred value to most of us as they do to you.
Going by your comment history any criticism of Thiel and the administration is just left wing politics, but hard to hear you over the sound of drowning yourself with kool-aid.
Weird that you seem to support this administration that Thiel is very much associated with but find it offensive when there's a very clear association between Thiel and Garry. He's just going to this specific church to pray or whatever? Paying no mind to the anti-christ talk happening next door. I do hope this is the last breaths of religion in the western world, it needs to die.
I've been on HN for well over 10 years. I literally volunteered for Obama's 2008 and 2012 campaigns, and my comments in that time period clearly show my politics. I taught free web scraping workshops at the Center for American Progress to journalists back then. None of my policy preferences have changed. What's changed is the frothing at the mouth radicalism and moralizing of the team I used to support.
I'm not religious, and hate religious radicals, but ideologues act identically, just with secular idols. I didn't see that until I watched what the leftist ideologies did to the quality of life in two places I used to live in:
SF and Boulder.
I'm a 2012 Democrat, which makes me a fascist to a 2026 Democrat.
You have made a false claim. What is your evidence that I am religious, let alone a religious radical?
I mean, if we're going to make accusations based on perceived political tribal allegiances, I can say to you with equal certainty that you're a neo-Marxist.
Of course I don't know that. And you don't know anything about me.
"yes I'm right. Not sure why you are being downvoted. Do your own research"
Does research and now admits that he wasn't right, and understands why he and others were being down voted and hopefully learns from this and moves on.
Kudos for the edit and honesty: it's rare to see learning actually happen in fiery threads! I've been in your shoes and learning and change is possible.
If someone is saying that there are literal actuql existing legionnaires of the literal actual existing antichrist, and X person is one of them, it's not the "X person is one of them" part that I have an issue with.
Maybe you can help me out, I listened to him talk about this and I couldn't make head-nor-tail of what he was trying to say. It feels like he's so tied up in concepts and metaphors and similes and allegories it's impossible to tell specifically what he is asserting to be true. If you could explain to me like I was five I'd be grateful. Not looking for an argument.
>
Well, she openly supports islamo-supremacists and facists as long as they have the right skin color.
yea... I'm gonna call bullshit on that.
> are not just busy hating jews,
ah there we go. the standard strawmen dogwhistle. we stopped bying it sometime after you all called doctors without boreders, amnesty international and the ICC antisemetic. let me guess, you support zionism and the genocide in palestine? I bet in backrooms you refer to them as human animals too right?
You must misunderstand what Anti-christ behaviour looks like. Antichrist behaviour is having one of your agents organize a worldwide cabal of child rapists and baby-organ eaters just so one day they can all be blackmailed into enabling the mass industrial holocausting of tens of thousands of other children in an open air prison - dropping thermobaric bombs onto schools so as to gas the victims of your demonic holocaust upon them .... oh wait turn them into a fine mist... and then attempting to shapeshift into members of a historically oppressed abrahamic monotheistic (antichrist followers - zs - are literal false-idol worshippers) faith so innocent anti-zionist Jewish people get framed for your demonic babybloodletting.
reply