"European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone"
State employees in their official capacity making inaccurate claims to media about GrapheneOS to smear it as being for criminals and as the users as largely being criminals is a state sponsored attack on the GrapheneOS project.
I have never been to Spain, and I have only slight familiarity with issues in Barcelona and greater Catalonia, but this gives me pause:
"There’s a bitter irony here, too, as GrapheneOS recently pointed out in a tweet. The Spanish region of Catalonia was at the center of the massive Pegasus spyware scandal in 2019.
"Pegasus, a sophisticated surveillance tool sold exclusively to governments, was reportedly used to hack phones belonging to Members of the European Parliament and eavesdrop on their communications. Yet, police in this very region are now scrutinizing savvy Pixel and GrapheneOS users for hardening their devices against unlawful surveillance and other attack vectors."
johnisgood · 5h ago
And at the same time:
> GrapheneOS is not immune to exploitation, but the fearmongering done in these ongoing attacks on it is very clearly fabricated. They feel threatened enough by GrapheneOS to engage in coordinated attempts at convincing people that it's unable to protect their privacy and security.
So... they (cops and friends) are saying that GrapheneOS is for criminals, AND that it does not work at protecting anyone's privacy and is not for security. Amazing.
Fridges are for criminals too. The very good ones can keep the severed body parts cold for longer, thus preventing spoilage and reports of foul odours from downstairs neighbours. Will Frigidaire and Bosch stop selling this criminal technology to criminals?
TheNewsIsHere · 3h ago
I think the best way to prevent the sale of crime fridges to criminals would be to have national governments integrate the entirety of data that each nation has, from every level, on every citizen. Then we can create an API which market participants like Frigidaire and Bosch can use to query whether a purchase should be permitted based on the purchaser.
/s, if not obvious. Strange times.
sharperguy · 4h ago
A better analogy would be a balaclava. Lots of legitimate uses but it's uncommon to see people wearing them day to day and is very popular with criminals. But we don't imagine we could ban balaclavas to prevent crime.
fifticon · 4h ago
It depends on what you mean by 'ban'.
In the country where I live (Denmark), they are very much banned, unless you can demonstrate your legitimate current use case for them.
In particular, you are not allowed to wear them in public places where people gather or gather in groups.
And 'beating up cops anonymously' is not an approved use case :-)
The rule as I understand it, also covers [sic] extreme religious dress rules for women.
Actually, the Irish government considered exactly that! I'm not sure if they moved forward with it though.
And Southend in England tried to do the same (but failed...)
johnisgood · 4h ago
UK should have an answer to that (see: knives). :D
They really are absurd.
Arch-TK · 4h ago
The local police forces can start offering a service where they will cause a controlled leak of the refrigerant in your fridge to reduce its efficiency therefore making it less useful for refrigerating body parts.
I wonder if they are going to do anything about at least a thousand number of other items that may be used to cause bodily harm to a person. What about something related, such as forks?! Bags?
paulryanrogers · 4h ago
Can I take a moment to say how jealous I am that the UK's mass attack problem is largely about knives and not guns?
Here in the land of more-guns-than-humans it feels so much more bleak.
graemep · 2h ago
Even better, the US has a higher knife murder rate than the UK does.
On the other hand IIRC it has a lower rate of at least some types of violent assault.
One possible explanation is the healthcare system - fast treatment makes a big difference to the chances of surviving an attack (and are one reason murder rates have fallen over the years, and why developed countries have much lower murder rates). Does anything in the US system delay treatment significantly?
DrScientist · 4h ago
Back to the parental comment - it's been decided there isn't really a good reason to have most guns and so they are strictly controlled - I mean what's the legit reason for having an assault rifle?
Now if the government thinks there isn't really a good reason to have a phone they can't hack ( because they are the good guys right.... and in theory need court orders etc - so there is legal oversight ) then they will see such phones in the same light and consider banning.
This is at the core of the argument - and why governments ask for a special backdoor - as they accept a generally secure phone ( to stop your neighbour snooping ) is a good thing, but they are used to being able to tap phones and open letters if a judge gives them permission.
Obviously the ironic thing is most phones probably already do have special backdoors - but only for the country where the makers reside - and that countries government doesn't want other governments to know or have acccess.
And in the case of fridges - there is no argument there that they aren't legit reasons to own.
In the case of knives - zombie knives don't really have legit use, whereas kitchen knives do.
subscribed · 3h ago
Zombie knives yeah, but you can get into serious trouble for the multitool with locking blade if you forgot to take it our from your backpack after a camping trip.
This is very much absurd.
graemep · 2h ago
So are the laws on swords. You can have a straight sword but not a curved one, unless its either an antique or craft made using traditional methods.
The police quite often destroy antiques handed in by people who know about the bans but not the exceptions.
I have a multitool I bought long before the ban, that is now illegal to carry routinely. I bought one with a significantly longer blade for my daughter which is perfectly legal to carry.
WarOnPrivacy · 2h ago
> I mean what's the legit reason for having an assault rifle?
If I understand the proponents correctly: Ostensibly it is to defend one's property and people from a tyrannical government.
Just for an exercise, let's say you believe that. And let's say that day is here. The tyrannical government has arrived and has necessitated your use of assault rifles.
The people you're shooting, what are they wearing? They're almost certainly wearing uniforms; police and/or military.
From the proponents' standpoint, the reason to have assault rifles is to kill police and soldiers.
fifticon · 4h ago
I can think of a country where they should probably ban windows, given how many people fall out of them.
ARandomerDude · 3h ago
“Give me liberty or give me death.”
The ultimate point of gun ownership isn’t sporting or even self defense, though they are useful for both. The real reason America is armed is so that if our government ever gets too tyrannical, we can do something about it.
Some people may not like that today but if you go back and read what people wrote circa 1775 and forward, this is the clear rationale.
gishglish · 3h ago
> The real reason America is armed is so that if our government ever gets too tyrannical
It’s been doing that for at least two decades, yet I’m still waiting for you people to get on with it.
ARandomerDude · 3h ago
I don’t know who the “you people” in that comment refers to. I actually hope we never have another civil war. Historically, you’re much more likely to end up with the French Revolution, the current situation in Syria, etc. than a fresh, bright future. Many would die and everyone would suffer. Those who long for war (foreign or domestic) are evil, foolish, or both.
But my opinion doesn’t change the rationale for the 2nd Amendment.
zdragnar · 3h ago
An elected official doing things you don't like isn't a reason to kill them.
That way lies fascism and anarchotyrrany.
graemep · 2h ago
What if the elected official is a fascist? It happened in Germany.
6510 · 2h ago
If that were true there would never be a reason to kill anyone.
WarOnPrivacy · 2h ago
> The real reason America is armed is so that if our government ever gets too tyrannical, we can do something about it.
The something is killing police and soldiers. That's the quiet part.
Unless the tyrannical government has presented itself at the compound in a force of plumbers and actuaries.
ourmandave · 2h ago
Yeah, they even threw in a thing about well regulated militias, but left in a comma that got interpreted as "any toon can own as many guns as they want."
johnisgood · 4h ago
Yeah, but knives have a wide range of use, whereas guns do not.
You cannot buy a kitchen knife because people MAY use it cause harm.
It is like forbidding the use of roads because it MAY be used to <insert illegal activity here>. Uses (usage?) of roads are even more broad than uses of knives.
I think it is easier to argue in favor of knives (or against the prohibition of ... of knives) than guns, for this reason alone.
BirAdam · 3h ago
A gun can stop an attacker whether human, ursine, or large feline.
A gun can be used for recreational shooting.
A gun can just be an historical collectors' piece.
A gun can be used in researching bullet proof vests and other equipment for a startup looking to sell to law enforcement/military.
There are many reasons for gun ownership. Ultimately, the reason should be that the individual is free to do as he/she chooses so long as he/she doesn't initiate a violent interaction.
The most often cited reason for banning firearms is the prevention of school shootings. For some reason, everyone is focused on the gun and not the fact that students wish to do violence at schools. What is it about the modern educational system that students wish to perpetrate violence in the schools to other students and teachers? Why isn't the mental health of the American youth at the center of this conversation?
johnisgood · 3h ago
I do not disagree. It should be focusing on the fact that a student wanted to cause violence. It could have been done through a gun, a knife, a fork, and a thousand different items. In fact, a fist may suffice. Or an item that is readily available at schools. Any item. That said, guns are especially good at "harm as many as possible". Just like bombs are.
bradleyy · 3h ago
According to the CDC, guns are used to prevent at least 500,000 violent acts per year in the USA.
Why is "wide range of use" being used as the metric rather than "societal good"?
While there are downsides, there's more to it.
johnisgood · 3h ago
I was not arguing against guns though. I just tried to say that it is a bit more absurd to ban knives to prevent violence.
olddustytrail · 4h ago
> You cannot buy a kitchen knife because people MAY use it cause harm.
Yes I can. I have knives I bought recently in my kitchen.
How could you possibly believe that people in the UK can't buy knives? Do you realise how foolish that sounds?
johnisgood · 4h ago
> Do you realise how foolish that sounds?
The irony.
Just as foolish as these ways are to prevent violence.
These criminals might switch to forks, better get your Government get one step ahead of them.
And no, you cannot buy kitchen knives if you are under a certain age, it is ought to prevent a lot of crimes, I am sure.
No spray, no airgun, no folding mace, absolutely nothing can be used in self defense.
Except for the alarm.
johnisgood · 2h ago
Criminals are not known for telling the truth, however.
olddustytrail · 3h ago
I see, so when you said "You cannot buy a kitchen knife" it's in the same way as if you live in the USA "You can't drive a car".
johnisgood · 3h ago
Not quite, because they prohibited this purchase to prevent "knife crime".
subscribed · 3h ago
What do you mean? I cna buy kitchen knives in IKEA or literally any supermarket or online shop.
Care to explain?
johnisgood · 2h ago
I think you've lost the plot. I did say "under age", in fact, I was called out for not having been specific in my initial message, to which I said that the two are not comparable because the prohibition of selling knives for people underaged happened at the time they were starting to fight "knife crime".
DrScientist · 4h ago
You can buy a kitchen knife - just not if you are under age. Not it's perfectly legal for an adult to buy one for a budding cook - all the age ban does is put a 'responsible' adult in the loop.
You also can't carry one in public without reasonable cause - which in the end is decided by a judge.
t_mahmood · 2h ago
It's like my bank's application, your mobile with all the latest security update is prohibited, because the bootloader is unlocked. But your 6-year-old mobile that received its last security update 3/4 years ago is fine!
qualeed · 5h ago
I think people are misinterpreting your comment? Or I am.
What I think you are saying is:
The police are arguing both sides (in typical fashion). On one side, the police say that GrapheneOS is for criminals because of its privacy, etc. However the police are also trying to convince people that GrapheneOS is not private or secure, in an attempt to sway people from using it.
johnisgood · 5h ago
Yes, the police are arguing both sides, according to what I have read[1], and that they are not doing it in English but in other languages, e.g. Swedish. I am not sure why I am getting down-voted though.
>I am not sure why I am getting down-voted though.
My guess is the ambiguous use of "they", interpreting "they" as GrapheneOS instead of the police.
That makes it seem like you are criticizing GrapheneOS rather than the police.
johnisgood · 4h ago
I edited my comment. I thought it was obvious because it was the police claiming the former, and connected the two with an "AND". I was not criticizing GrapheneOS. Thanks!
antonvs · 2h ago
It was obvious, people just have terrible reading comprehension, and they also don't read to the end of a comment if something near the beginning triggers them.
johnisgood · 1h ago
I came to the same conclusion based on some of the comments addressed to me. It is like they did not even bother reading the comment to which I replied, or the last 2 comments.
KingOfCoders · 5h ago
"being criminals is a state sponsored attack on the GrapheneOS project."
Yes, I know, age of hyperbole, but a state sponsored attack on the project is mass arrests, blocking of funds etc.
Graphene does their PR, the police does their PR. Both have different views on the world.
BolexNOLA · 4h ago
That's a very high bar for "state sponsored attack." I'd say the various internet ID verification laws being rolled out qualify as a state sponsored attack on our privacy/individual rights writ large.
KingOfCoders · 1h ago
And that's a very low bar for "state sponsored attack". Essentially everything you disagree with that the state does is a "state sponsored attack." This muddies the waters and when there is a "state sponsored attack" on a group of people, everyone is numb and we're out of words.
BolexNOLA · 32m ago
“Attack” doesn’t exclusively mean physical assault/restraining people. It’s called a “DDoS attack” after all. You’re creating a strict and narrow definition that most of the world does not subscribe to.
If I say “stop attacking me” during a heated argument no one thinks you’re physically assaulting me. That would be ridiculous.
ponorin · 4h ago
GrapheneOS lost me on PR. For every updates they post on their social media there's guaranteed to be a rant about how other projects are doing things Wrong. They talk down on any and every security- and privacy-related projects (or open-source projects in general) if they align even slightly out of line according to their idea of security and privacy, regardless of their own merit. Dig even deeper they also like throwing around the word "slander" and "attack" without backing it up. In fact I am certain I will be greeted with a friendly wall of text by somebody from GOS in this very thread sooner rather than later.
GrapheneOS is the most secure, arguably most private, hell the most feature-complete, user-friendly custom ROM (but they also hate the word "custom ROM") out there. I've imported a Pixel, because it wasn't available in my country, just to use GOS. So it is deeply frustrating that they are doing things the way they do. Hubris is their longest-standing, "wontfix"-labelled vulnerability.
craftkiller · 3h ago
FWIW I think its good to elaborate on how other projects are doing things incorrectly (though I agree the GOS people could use some diplomacy and decorum). For example, with the fairphones for the longest time the only answer you could get on why grapheneos doesn't support it is that the phone is not secure. That answer doesn't leave me informed, all it leaves me with is "someone on the internet told me it wasn't secure". For the newest fairphone 6 they actually elaborated and covered things like the lack of a secure element. That leaves me informed, so now I can look up what a secure element is, why I want it, and then make an informed decision for my next cellphone purchase.
subscribed · 2h ago
I looked it up (as in spent a last few weeks going through the forum and PRs) and when they say "slander", it's backed up.
When they say other projects are insecure, this is for example because of the claims /e/OS based on the utterly insecure hardware and two major versions of AOSP, unpatched, is touting itself as a leading project in the privacy landscape.
I don't think they talk down any security - related project and I've never seen the generalised "they talk down on (...) open-source projects in general" - this is what I would myself call slander, because tbh it's dogs bollocks.
"Slander" or "attack" is said when there are baseless accusations (like above about attacking, quote, "any and every security-- and privacy-related project") because they don't have outlets or big money behind them which would simply state the facts and call out the accusations.
If you have examples of theese words "thrown" without basis (ie without sustained prior attacks on GOS), I'm sure every interested person would like to see it.
If you wanted to show the examples of the innumerable privacy- or security-related projects that are _attacked_ by GOS, please share examples.
There are multiple so-called privacy and security related projects which are known for the sustained and baseless bad messages, and these don't get a pass, because it's clear it's intentional and in the bad faith.
Valuable projects and services are promoted and recommended based on merit and not favours (eg: they can argue based on facts why installing apps from accrescent or Google play store is generally safer than from the F-droid).
They don't hate the "custom ROM", they explain why it's a misnomer - and you using it here after saying they hate it (and either not knowing or not caring why it's wrong) is clearly an act in the bad faith :)
I struggle to see an attempt in the factual reporting in your post. The only thing I could connect over is their attitude in certain situations, but..... the rest of your post is just.... incorrect?
johnisgood · 6h ago
I cannot say I am surprised. You care about your privacy -> you are a criminal. "If you are not a criminal, you have nothing to hide.". sighs.
I wish people realized that privacy and civil liberties exist regardless of guilt. Rights like freedom of speech, due process, and privacy aren't just for people doing something wrong. They're foundational protections that exist to prevent abuse (by cops, too).
zeta0134 · 6h ago
I maintain that if the NSA ever really needs to know something, if I somehow possess critical knowledge in a legitimate matter of national security, they are welcome to visit. (They'll have to settle for coffee, I'm not much of a tea drinker.) In this way, I really do have nothing to hide. But I do insist on knowing about it in the moment.
Outside of that very narrow context, they may kindly deal with my communications being secured by default, because if there is a path they can use to decrypt my data, the criminals can also find, exploit, and use that same path. Rather easily, as it turns out. (See: various data breaches, password leaks, company after company getting caught with unsecured S3 buckets containing encryption keys, etc etc.) It's not the law I'm hiding from, but those individuals who would steal every one of my digital assets given the opportunity.
In the specific context of Android, the thing I'm trying to dodge isn't even legal snooping or criminal activity, but specifically marketing. Google is terribly interested in my browsing habits, and so having my smartphone not run their services at all is an excellent way to reduce that flow of information from my device to a third party that I don't particularly trust.
simpaticoder · 5h ago
Avoiding marketing surveillance is both reasonable and increasingly sought after; consider how many mainstream services now offer paid options just to reduce data collection by advertisers.
Modern surveillance states operate on the premise that every individual, out of billions worldwide, could become a potential threat. To manage this, governments have developed and deployed mass surveillance technologies that far exceed the scope of traditional law enforcement. This environment results in routine circumvention—both legal and extra-legal—of civil liberties and privacy protections, such as the 4th amendment, in the name of national security.
We saw this play out dramatically with the Snowden revelations, which exposed systemic, warrantless collection of communications by agencies such as the NSA. Surveillance is not conducted only for clear national emergencies. It is often routine, preemptive, and opportunistic—and the scale is massive, not targeted only at 'bad actors'.
This reality creates a profound power imbalance. Those who control surveillance infrastructure possess the ability—and in some cases, the legal clearance—to act against individuals or groups for reasons ranging from strategic interests to petty personal motives. There have been numerous documented cases of abuse of surveillance powers by insiders seeking to settle personal scores and, internationally, governments using this capability to quash dissent (for example, China’s censorship and criminalization of government criticism)
Once the technology and precedent for ubiquitous surveillance are in place, the distinction between legitimate and illegitimate use blurs dangerously. The potential for abuse is inherent, especially when oversight is weak or accountability is lacking, which is everywhere.
While companies like Google pose significant privacy concerns and “opting out” of their ecosystems is prudent for reducing commercial data exploitation, the larger threat comes from the normalization of universal, warrantless surveillance by state actors.
potato3732842 · 4h ago
>Modern surveillance states operate on the premise that every individual, out of billions worldwide, could become a potential threat.
Because these states are so extractive of their populace and engage in so much evil that any given person constitutes a potential threat. They're worried that anyone could just wake up one day and decide to be the next uncle Ted or whatever.
kristianc · 5h ago
One of life's bizarre contradictions that it's largely down to Google that some of the most egregious and shady third party techniques for tracking and fingerprinting devices that dominated the 2010s no longer work.
soulofmischief · 6h ago
Not just criminals. Your own government can be co-opted and suddenly things like IRS records for honest taxpayers become weaponized deportation lists.
BLKNSLVR · 6h ago
Don't forget supply chain attacks opening doors and windows all over the shop.
gosub100 · 4h ago
I think what this is really about is the ability to manipulate elections. Panopticon surveillance means it will inevitably dig up dirt on a presidential or other candidate somewhere down the line. Then once they have a shot at winning, pull them aside and say "do what we say and you can maybe win, or we can force your loss now when the story breaks about how you used the n word once in 8th grade"
4bpp · 4h ago
I would go further and say that even if these things are for criminals, that is okay; and allowing some amount of criminal activity is necessitated by the basic humility of conceding that we might not have figured out the best set of rules for humanity to live under.
It might be appealing to fantasise about catching all the criminals and stopping all their dastardly deeds, but where would we be now if our governments had this capability 30 years ago? ...90? ...270? Would we be happier today if the last 1000 years had passed completely free of theft, murder, pederasty, and also free of blasphemy, heresy and challenges to the divine right of kings?
Today, we are grateful for the actions of many a disgusting criminal that would have been condemned by any respectable and well-adjusted member of society (including you, had you lived then) at the time. Who knows which ones of today's criminals we will be thanking 30 years into the future?
FergusArgyll · 5h ago
If I am not a criminal you should not need to tap my phone
osigurdson · 6h ago
>> You care about your privacy -> you are a criminal
Seriously, punch anyone in the face that says this. Western democracies are worth preserving.
bigstrat2003 · 5h ago
The course you suggest would itself damage the social fabric of democracy. Not really a good idea, though it might be cathartic.
I wanted to reply to him "that would definitely make me a criminal".
lo_zamoyski · 5h ago
It's not a specifically "democratic" thing. It's a moral question, and good monarchies that are grounded in a strong moral tradition and a respect for subsidiarity can be much better at resisting the ebb and flow of mass sentiment manipulated by the media. The war on terror showed us how easily fear can be deployed to get the masses to hurt themselves, and revolutions show how envy and grievance can be deployed in a similar fashion.
lo_zamoyski · 5h ago
The idea that privacy is only for those doing something evil is so brain damaged, I cannot understand how anyone took that seriously.
No, privacy is for protecting good things from evil people. And frankly, it's more than that. Privacy is necessary even when no evil intent exists in either the observer or the observed. It is necessary for various relationships to flourish and for human beings to flourish. It isn't good for your neighbors to watch you making love with your wife, or for you to watch them doing so. Social boundaries are important. Failing to respect them is to claim an authority you do not have.
It's similar to the principle of subsidiarity: you want the right people involved in the right things at the right times. Removing privacy smushes everything together, and I claim that this flattening effect is one of the reasons for the mental illness that's catalyzed by social media.
silveraxe93 · 5h ago
Everyone is commenting as if this is an attack on privacy. Read the article, I might have missed it, but I saw literally nothing on this.
The main point is that police are profiling people using Pixel phones. Nothing about making it illegal, or trying to remove encryption.
Look, I literally have a Pixel phone running Mullvad. I care about privacy. But everyone here is reading the headline and arguing against a strawman.
This should be a discussion on how valid it is for police to profile people. Or maybe if it's actually true that drug dealers are using GrapheneOS.
Europe _is_ attacking encryption and privacy. But this is not it.
Aurornis · 5h ago
> The main point is that police are profiling people using Pixel phones. Nothing about making it illegal, or trying to remove encryption.
I had to click through several links to get to this part.
It’s an off-hand comment from a single police person who was trying to make some point.
The android news sites are getting a lot of mileage out of that single comment from a single person.
whoami730 · 5h ago
It is about running a false campaign to say using Graphene OS is the same as being a criminal.
Aurornis · 5h ago
The original quote was a comment from one police representative about Pixel phones being the preferred choice of narco traffickers in their region.
All of the extrapolation about people using GrapheneOS globally feels like journalists trying to squeeze as much hype as they can get out of this one sound bite from one police rep in one area.
dmix · 4h ago
Critiquing police for doing fishing expeditions, where they cast a broad net in hopes to catch criminals among a large batch of regular people has long been a thing.
DrScientist · 4h ago
> This should be a discussion on how valid it is for police to profile people.
Exactly - though in this case I'm not sure what that means - if they 'feel more alert and suspicious' - that's just going on in their head ( pretty difficult to control that ). If on the other hand it means you are constantly getting stopped and searched that's another issue - but then you could argue that's then argument about the stop and search rules in whatever country.
ie what counts as reasonable grounds for the police to take concrete action.
constantcrying · 4h ago
>The main point is that police are profiling people using Pixel phones. Nothing about making it illegal, or trying to remove encryption.
How can you think that profiling people based on their phones is not harmful to privacy?
In most western countries surveillance requires prior evidence of wrongdoing, if your phone brand or phone OS can be used as evidence that you might be engaging in criminal activity, that is of course a danger to privacy. It should be normal that people use Software and Hardware that respects their privacy and desiring privacy should never, by itself, be allowed to be evidence of criminal intentions.
graemep · 2h ago
> In most western countries surveillance requires prior evidence of wrongdoing
Less and less so. Take a look at the way the laws are going in the UK and the EU.
pessimizer · 4h ago
> This should be a discussion on how valid it is for police to profile people. Or maybe if it's actually true that drug dealers are using GrapheneOS.
Why can't it be a discussion about how valid it is for police to use the desire for privacy as a basis for profiling? Is that not allowed?
Are you saying that we're required to either talk about:
1) whether the police should profile anyone at all for any reason (why not this particular reason again?), or
2) whether Spanish criminals desire privacy, and therefore more often choose GrapheneOS than other groups of people (is this controversial? Is it worth discussing? Can't we just take the Spanish police's word for such an unsurprising data point?)
Those are our only two choices? If so, than the conclusion is foregone. Police will be allowed to profile criminals and suspicious people, and criminals will attempt to refuse monitoring and searches.
I'd rather talk about whether refusing to be monitored or searched can be allowed to become official grounds for state suspicion, though. Even without your support.
pyuser583 · 3h ago
It seems they're profiling based on specific local conditions. Not many folks are installing graphene in their area, but there are lots of criminal gangs that do.
The situation would be different in, say, Silicon Valley. But they're dealing with the world they're in.
walterbell · 5h ago
Is disparagement of GrapheneOS good or bad for privacy?
silveraxe93 · 5h ago
Arguments shouldn't be soldiers[1]. In fact, this I'd say this is harmful to privacy.
If you start caring more about how it supports your side rather than the truth, you're playing politics. And in that battlefield you'll lose to eurocrats.
The anti-privacy movement in Europe is really concerning.
In particular as general population don't really care about it, we are going toward some major shifts.
I'm wondering though how this radical turn was initiated and if some lobbies are pulling the strings behind the scene...
dobremeno · 5h ago
Not just in Europe, in the US too - Roman Storm is on trial as of last week for building a privacy tool that ended up getting used by criminals.
Not much good coverage on it out there apart from the great work by The Rage journalists.
omdv · 3h ago
will save a google search for some:
- “privacy tool” == cryptocurrency mixer
- “ended up getting used by criminals” == claimed to help launder $1b
Let’s just say it is in a different category than Alexandra Elbakyan.
dobremeno · 2h ago
It's just a neutral tool, open for everyone to use. There's plenty of people that used the tool for completely legitimate reasons, simply wanting to protect their privacy just like GrapheneOS users.
Why is the creator of this tool being held responsible for how others use it? That's like dragging Henry Ford to court the moment a car driver runs someone over.
buuuuutee · 5h ago
Roman Storm helped North Korea launder billions. That’s a bit different than average person just wanting a phone detached from the hivemind.
dobremeno · 2h ago
That's like saying Adi Shamir helps drug cartels, Tim Berners-Lee helps facilitate online fraud or that Henry Ford helped kill millions of people on the road.
All these people created tools that could be used by anyone. Encryption, the Internet, cars. All have legitimate uses cases just like Tornado Cash does.
To me, not wanting to have all of your public blockchain transactions linked to you is actually quite similar to wanting a phone detached from the hivemind - all you want is a bit of privacy.
0points · 6h ago
> In particular as general population don't really care about it
> if some lobbies are pulling the strings
Sure looks like it. Many people don't understand the consequences of the ChatControl proposition (backdoors for governments into all messaging apps) [1].
Politicians insists it is only about protecting kids from predators online, but see for example Sweden:
* Police and secret police will have this access for swedish citizens.
* Secret police have an agreement with NSA about data sharing (see Snowden).
* NSA will end up storing all my DM:s.
* Another country also have an agreement with NSA about data sharing.
* This other country will find out about my sexual orientation or political beliefs the moment I board a plane to their country.
All of this will be outside of control from my country or the laws of my country (Sweden), that is supposed to protect my free speech [2] and anti discrimination laws [3].
> Research by several newspapers led to allegations of questionable connections between Johansson and her staff and companies that would benefit financially from her proposal, including Thorn and WeProtect.
> Johansson rejected the accusations as being untrue, true but not illegal and as not even being accusations.
> Her claim to have given data protection organizations the same access as to the backers of her proposal was rejected as untrue by several organizations and members of the EU parliament. Johansson reacted to growing rejection of her proposal by ordering commercial advertisement on Twitter paid for with EU funds. The advertisement was criticized as being misleading and illegal according to the EU's rules for targeted advertisement. [4]
> This other country will find out about my sexual orientation or political beliefs the moment I board a plane to their country.
That is literally going to put people's lives at risk. Crazy.
edg5000 · 6h ago
Agreed. Although to be the devil's advocate for a moment: Governments can currently easily tap email, and phone tapping is more feasible at scale due to machine transcription. So the apps gave use a temporary safe haven, which may get compromised by Chat Control. And before email we had mail, handled directly by the government, although reading mail is more difficult without leaving traces.
0points · 5h ago
> And before email we had mail, handled directly by the government, although reading mail is more difficult without leaving traces.
At least in my country, there has been serious laws protecting the users from police opening letters (1962:700; Postlagens tystnadsplikt). This was changed in January 2023 because people exploited it to send drugs thru post office [1].
Of course without any protests in Sweden because again people don't realize their rights to privacy are taken away from them.
I'm increasingly annoyed by the extent at which our state (Sweden, EU) is willing to sacrifice our rights to hinder the usage of recreational drugs by a minority of the population. How can it be that alcohol is endorsed so widely, given that we know many of the drugs we are being sacrificed to stop are safer, less addictive and less potent [1]? It's perhaps cynical to ask, but are we protecting the citizens, or the alcohol industry?
Sweden is a nanny state. Can't buy booze on Sundays and the government shop's are only open 5 hours on Saturday.
Yet I can go to certain neighborhoods in Stockholm and get pretty much every thing under the sun and that's open 24/7.
JoshTriplett · 5h ago
The devil doesn't need an advocate here. "Temporary safe haven" is the kind of phrasing the advocates of anti-privacy policies use to argue that this "temporary" state of affairs should be destroyed.
bee_rider · 5h ago
> And before email we had mail, handled directly by the government, although reading mail is more difficult without leaving traces.
This is the source of some massive disconnects between people and their governments, I think. They had some permission, which we basically agreed on as a society, when their tampering was obvious and/or limited in scale (just due to practical constraints). We gave our consent to be governed with those constraints in mind.
Nowadays they are continuing without those implicit constraints and they don’t want to have the conversation about implementing new explicit constraints. This isn’t the deal we agreed to, really, it is just what they can get away with without permission. You can rule over a populace without their permission, of course—it’s just very different from the sort of pleasant (albeit never perfect) relationship that willing populations and their elected officials have had recently.
PeppySteppy · 5h ago
You are misleading by using "secret police" when what you are are looking for is the "security police".
Secret police definition [1]
> Secret police (or political police) are police, intelligence, or security agencies that engage in covert operations against a government's political, ideological, or social opponents and dissidents. Secret police organizations are characteristic of authoritarian and totalitarian regimes.
Security police definition [2]
> In some countries, security police is the name given to the secret security and intelligence services charged with protecting the state at the highest level, including responsibilities such as personal protection of the head of state, counter-espionage, and anti-terrorism.
Specific example for Swedish 'Security Police'.[3] if you look up any EU agency with similar roles it will be found that they are all security, not secret.
Okay, I was not aware of this distinction. Thanks for correcting me!
FWIW, the distinction is not as clear cut to me. In the 1970s, the ruling government body (social democrats) passed on information in order to make registers of political opponents in the far left and far right to SÄPO.
The Nixon watergate scandal was also similar to your first definition there.
jajko · 5h ago
One can't rely on some sort of 'decency' of a given country and hope for the best, that ship has long sailed.
You mention Sweden, I can easily also name Switzerland, the land of generally very decent, moral and polite people. Yet sometimes curtains falls off a bit and one can see how various police departments will do everything possible to track and follow people. Police are generally very nice but I've also seen some unprovoked brutality and generally less-than-stellar behavior by various authorities that should know and do better.
Protect what you can, while you can. No state is your friend, its not normally an outright enemy but rather a party focused on its own interests, your rights or needs be damned.
0points · 5h ago
Yea, I started using ProtonVPN specifically because they are placed in Switzerland.
Switzerland is not in EU, not in 12-eyes, not in any of that shit.
I'm sure they are up to no good, too but at least the distance between them and NSA is farther, I hope.
lo_zamoyski · 5h ago
> Police are generally very nice but I've also seen some unprovoked brutality
The so-called israelization[0] of the police. Certainly you see that in the US. If you compare the local police, say, 50 years ago with their counterparts today, you definitely notice a strong militarization. That may be appropriate for special units handling dangerous cases, but it should not characterize the rank and file that handle petty crime or public disorder.
> No state is your friend, its not normally an outright enemy but rather a party focused on its own interests
The state is the only recourse of the common man against powerful private interests. In this case (surveillance, etc), private interest has been used as a way to get around the legal limitations of government. Companies like Google and Facebook can track people with greater ease than the government can.
I have in the past often advocated for more training for police, so I have to say this is an eye opener for sure. Thanks for posting this.
The question I have is, why?? I assume some Israelis or people with ties to Israel who wanted Israel to have influence over the US police. (But why?)
I doubt it was a big thing like “gee, you know what Israel can export? Police brutality!” “Hey that’s a great idea!”
But that’s kind of how it comes across.
rdm_blackhole · 5h ago
Also to add to this discussion, to me, it makes zero sense that you would deploy such a system that could be weaponized by a rogue government to hunt down political opponents.
One could argue that they may very well think that this sort of thing could never happen, that the center will always prevail etc... but then again I remember seeing this video compilation of a lot of very confident people in the US saying that Trump would never be president a few months before the 2016 election, let alone be elected for a second term.
So that makes me think, how can they so confident that "the good guys" will always be in charge?
Because from where I am standing there is a massive chance that Reform will win in the UK and that the National Rally will win in France in 2027.
Nobody can say that they did not know.
Ray20 · 4h ago
>how can they so confident that "the good guys" will always be in charge?
They implement such systems precisely to always be in charge.
rdm_blackhole · 5h ago
Of course lobbies are pulling the strings. That is a given.
But the more nefarious issue is that countries that use to uphold human rights and the rights to privacy for their citizens up until 10 to 15 years ago have made a complete U-turn.
And before someone says that this is due to the far-right getting into power, this has really nothing to do with it.
It simply is blatant attempt at muzzling the population. The worst part is that you still have European governments who feel the need to give lessons of democracy to China et al.
I could see how Hungary would want to get this passed because they are well on their way to authoritarianism but this proposal coming from the EU who is supposedly politically in the center, that makes zero sense.
graemep · 2h ago
> The worst part is that you still have European governments who feel the need to give lessons of democracy to China et al.
They need to highlight that we are nothing like as bad a China. We look good in comparison.
> this proposal coming from the EU who is supposedly politically in the center
Is it? Its the only country in the world with a constitutional commitment to privatisation (its in the treaties, which are the constitution, and came close to being called a constitution).
rdm_blackhole · 1h ago
> Its the only country in the world
The EU is not a country. It may very well be in 50 years from now but not presently.
> > this proposal coming from the EU who is supposedly politically in the center
I said `supposedly`.
> They need to highlight that we are nothing like as bad a China. We look good in comparison.
Not if they go through with this proposal. You can't claim to be a bastion of democracy and want/need to spy on your citizens 24/7. These 2 notions are just not compatible.
graemep · 1h ago
> The EU is not a country. It may very well be in 50 years from now but not presently.
Semantics. its near enough to being one to compare to countries in terms of law, policy and constitution.
> I said `supposedly`.
Depends what you mean by supposedly, I suppose! Its intent is clearly not centrist.
> Not if they go through with this proposal.
Still far better than China. No prison for holding the wrong views, or following the wrong religion, or having the wrong culture. No genocide. Having elections.
I am not happy with where the west is going, but comparing with China its still far better (against a low base).
MurkyLabs · 5h ago
I use grapheneOS, it's the reason I bought a pixel but not for nefarious reasons but rather I don't like how much control Google has (it's ironic I had to buy a google phone) on android phones even from other manufacturers and the targeted marketing and information that I would be giving out. I also don't like that Android implimented the feature where you couldn't access the Android>Data folder for 'security reasons' and have to plug it into a computer to access any of those sub folders, it's my phone let me do what I want with it. Graphene lets me access any of those folders without issue
nicman23 · 5h ago
the fact that they refuse to consider other phones ie fairphone or nothing phones that have the bootloader relockable is the reason that i do not use graphene.
it seems like a great os but i am not giving google money to get away from google.
subscribed · 2h ago
Fairphone is dangerously insecure. Nothing phone is not much better.
It's not only the design of the hardware, but also patches for vulnerabilities and delivering updates for several years.
You're suggesting it's ideological (which is completely untrue), while the fact is: pixels are at the very moment the only Android hardware secure enough to even care about hardening: https://grapheneos.org/faq#future-devices
(there's little sense in securing the OS if the hardware doesn't allow disconnecting the USB or there is no secure element throttling PIN attempts, right?)
StrLght · 2h ago
They don't refuse other manufacturers, it's quite the opposite -- GrapheneOS provides list of requirements for future device support. AFAIK Fairphone and Nothing don't fit more than a few requirements from this list.
Oh, I forgot to add and can't edit my comment, so: they are talking with another OEM about the potential alternative hardware for the future GOS.
I hope it's something good. But in reality it's probably Samsung which is the only other vendor bothered enough to add a basic secure element. Maybe they will upgrade it?
umbra07 · 1h ago
Do you have a source for this?
dmix · 4h ago
You're welcome to donate money to them so they can hire developers who can support multiple phones.
nicman23 · 3h ago
they flat out said they would not
beeforpork · 5h ago
> One could say the same thing about matchboxes being used for arson and cash being used for money laundering, but no one’s calling on regulators to outlaw either.
Matchboxes -- OK. But cash is certainly a target. It is also relatively easy to push, as using a card is so much easier! Look at Sweden and presumably other countries where cash is basically gone. And no (loud) protests from privacy advocates that it is even hard to get cash today. I will just use an app to lend you 10 EUR for the beer.
Also throughout the world, using cash is only possible legally up to a given amount (a few thousand EURs ATM, but still) -- because large sums of cash are suspicious. Of course large amounts of money are suspicious because only criminals would even want to pay large amounts of money, right? Like, pay for a car or a vacation, or pay rent or taxes.
Speaking of which, in many countries, it is basically impossible to pay taxes in cash, although technically, it should be allowed. Like in Germany. Or pay for a bus ticket in cash. But some poor souls don't have a bank account. Hmm...
Some countries deanonymize cash by embedding RFID chips (e.g., Australia).
Of course it is not done for surveillance, but only for good goals.
perihelions · 5h ago
This is all based off a one-line quote, by one police officer, interviewed anonymously in one newspaper in its "society" column. I don't want to go against the feeding frenzy, but, I think this one's a bit over-interpreted.
> "Cada vegada que veiem un Google Pixel pensem que pot ser un narcotraficant"
(You'd have to navigate through four layers of links to find this: two layers of androidauthority linking to itself, then through xatakandroid, then finally you get to the primary source, the Catalan-language daily Ara. Though, for reasons, it's linking to a Spanish-language machine translation of the Catalan original—the "es." subdomain, which says Traducción no verificada at the top. So, we're five levels removed from the primary source, which is one sentence, which has gone through two rounds of machine translation (ca -> es -> en)).
fkyoureadthedoc · 5h ago
Sorry I'd rather just read the title and then start arguing against my fantasy
Twey · 6h ago
I tried to read this article on digital privacy but after five minutes spent unticking boxes allowing my usage data to be sent to an augean list of data collectors I gave up and left.
gruez · 6h ago
> Please don't complain about tangential annoyances—e.g. article or website formats, name collisions, or back-button breakage. They're too common to be interesting.
An article being inaccessible or illegible counts as tangential?
bowsamic · 3h ago
Yes
wat10000 · 6h ago
Not to mention it's directly related to the subject of the article.
gruez · 6h ago
That might be true but it's been done to death because it's applicable basically every time commercial coverage of a privacy-related topic. It has the vibe of "we should improve society somewhat. yet you participate in it. curious!". Not to mention in publications with proper editorial independence, the "business side" (ie. the side that's responsible for adding the ads/trackers) is firewalled from the side writing the articles, so there isn't even really a contradiction.
wat10000 · 2h ago
It's more like, "you complain that people throw sand in your eyes, yet you also throw sand in people's eyes, curious." This is not "yet you participate in society." Unlike participating in society, these behaviors are entirely optional and they can stop any time they want, they just prefer not to. Editorial independency doesn't absolve them. It just means that they're doing the right thing in one area but not another.
gruez · 6h ago
It sounds like it's readable, but it seems like OP is being obtuse and/or a masochist and wants to uncheck every cookie consent box instead of using private browsing (which effectively blocks all cookies).
soulofmischief · 6h ago
OP shouldn't have to use private browsing, that's the entire point of the regulation, and that does not prevent cookies from being used during a session anyway.
gruez · 5h ago
What neferious use is of a cookie when it's only used on one page?
soulofmischief · 3h ago
Potential behavioral fingerprinting via cross-analysis of sessions. The more important point is that OP should not have to change their habits if a company is maliciously complying with regulation; the regulation should be tightened.
gruez · 1h ago
>Potential behavioral fingerprinting via cross-analysis of sessions
Isn't that going to happen regardless of cookie preferences, because the whole point of fingerprinting is to avoid cookies?
viridian · 5h ago
The hypocrisy in the context of the content of the article is, in its self, interesting. It's not tangential by any means.
fmsf · 6h ago
When this happens I disable JS for the website permanently and reload, sometimes it is not live loaded and the article is readable.
kstrauser · 5h ago
Bless the hearts of webmasters who allow reader mode to function normally.
dotancohen · 5h ago
No webmaster allows reader mode to function normally. There are, however, webmasters who don't try to prevent reader mode from functioning normally.
kstrauser · 4h ago
Potato, potato.
Here, "allow" means "doesn't actively work to counter".
dmix · 4h ago
Those are just placebo buttons.
BLKNSLVR · 6h ago
I installed GrapheneOS just recently and I'm in the process of migrating all my various apps to it.
I like my privacy and I'm also incredibly boring if anyone cares to track my interests and activities. I choose privacy to save the authorities wasting any more of their precious time and resources on little ol' me. And to minimise the value any vampiric tech company may be able to squeeze out of me.
In my limited, but specific, experience, the police will latch on to anything that makes an individual stand out from the vanilla drones as "evidence enough". So be warned. If you're feeling rebellious though, GrapheneOS will scratch a certain itch.
teroshan · 6h ago
You also do it to protect your friend and family, by for example sandboxing your contacts to prevent them from being shared with the messaging app you need to use to keep in touch with a specific group.
nelblu · 5h ago
Happy GrapheneOS user here since 3+ years now. What's next now? People can't fucking use Linux because Microsoft or Apple can't spy on it?
Aachen · 5h ago
Next, as countries are requiring more and more age verification online, the EU accidentally outlaws GrapheneOS by introducing an age verification system that requires an OS certified by Google or Apple. https://chaos.social/@luc/114860815364169550
You're free to run GrapheneOS or Windows or whatever, so long as you also have a device that is attested to be untampered by Google Play or Apple's equivalent
Graphene replied in that thread (just ctrl+f for them), saying "Unfortunately, the EU is adopting the Play Integrity API enforcing having a Google Mobile Services device instead. We've repeatedly raised this issue with the EU Commission and many apps including ones tied to this specific project. We've never been given reasoning why they can't use the hardware attestation API instead."
I'm personally not so keen on that lesser DRM requirement either, since it's just another level of gatekeeping: ok now it's not only Google/Apple but also a few OSes that meet ?some? requirements, but e.g. GrapheneOS also doesn't unilaterally let me access data on my device, maintaining that full access is dangerous and cannot be allowed -- yeah, I'll agree data is safer when I can't even access it myself, seeing how much malware goes around for NT/Linux distributions where you can have root, but I'd still much rather live in a world where I'm the root on my systems. But anyway, that's maybe another discussion, the broader point is that even GrapheneOS can't talk sense into the EU with their lesser-but-still-DRM option
subscribed · 2h ago
You can fairly easily build and flash a rooted version of GOS yourself.
They just don't support it because it's an immense risk (in my opinion as well).
The other thing, reliable backup is slowly in the making. As I understand there's not enough devs to work on it right now.
Aachen · 22m ago
> You can fairly easily build and flash a rooted version of GOS yourself.
This won't be signed with the right attestation key because I'm not them.
My understanding is that attestation is tied to the distribution's private key, so this government software wouldn't trust my version of the OS, assuming the govt could be made to understand Android's attestation framework is a vendor-neutral way to achieve the same goal (whatever goal that may be). With a rooted GOS, I'd still need another device, tied to my government identity, of which I can't verify what it's doing, much less control it
krunck · 6h ago
In a true democracy where government serves the people, the people would be opaque to the government and the government would be transparent(nothing to hide) to the people. As we can't impose transparency on government, we can at least obtain opacity for ourselves.
jraph · 5h ago
I do like that the government has entities that thwart attacks, and I'm not sure full transparency for these entities works well for everything.
Of course, I don't want this to be used as an argument to mass spy on the people.
lokar · 6h ago
Throughout history one of the most popular things people want government to do is oppress and police other people.
zetanor · 5h ago
If the will of the people is to be trampled, then the people is to be trampled. True democracy is not mass democracy.
hollywood_court · 5h ago
Agreed. It's wild to realize that the current US administration campaigned on the promise that they would provide transparency regarding certain matters. Yet now they're doing everything they can to combat transparency for those same matters.
skhameneh · 2h ago
When I see articles like this, I'm conflicted with a number of thoughts. There's a strong factor of engagement baiting and engaging with it spreads the messaging.
GrapheneOS is a great project that allows people to have some control over their devices. This is important for receiving patches when manufacturers have abandoned them for whatever reasons. I've used GrapheneOS to revitalize old devices with some success. Additionally, having the option for privacy is fundamental to security and I would argue is important to help maintain democracy. I do not like seeing these attacks on those trying to maintain control of their own devices. There are processes for checking areas of concern and when a cellular device is connected to a network, it's up to those external parties to follow the proper procedures in place.
I suppose as a write my comment my level of tolerance for bullshit continues to be pressed. Because there is too much bullshit to adequately deconstruct here.
nyc_data_geek1 · 5h ago
Good enough for protecting the privacy of criminals, good enough for the rest of us. Seems like a solid ad campaign for Pixel+Graphene
account-5 · 5h ago
I like my privacy. I'm not using grapheneOS yet because I've not bought one of the limited number of devices it can run on.
But honestly, of course criminals are gonna use these devices with grapheneOS, for the same reasons any one interested in their privacy would. And if the police notice a trend towards it why wouldn't they state so and look to use that as an indicator. Why is there a probkem with this?
gchamonlive · 4h ago
That got me interested in it for the privacy claims, but unfortunately it only supports Pixel phones. The reasons are technical and fair. It's just unfortunate that Pixel isn't sold or supported in many countries in the world. I live in Brazil and even in Mercado Libre where it's supposed to support the entire Mercosul market, I can't find a single Pixel 8 for purchase. It's sad we're excluded from accessing this amazing project.
chasil · 4h ago
I think that you could get similar privacy capability with LineageOS if you do not install Google Play (via MindTheGapps).
This will reduce functionality of the device. You will not get Graphene's fine-grained permission control, and you will also not have Google Play Services (so many apps will not run).
raron · 2h ago
AFAIK Nitrokey sells Pixel phones with GrapheneOS preinstalled worldwide.
gchamonlive · 2h ago
It's not a matter of just purchasing. I can very well import from Amazon or AliExpress. Problem is support post sale and finding accessories like screen covers and cases. It's a lot of hassle for a device less feature-packed than you regular Samsung phones.
mrbluecoat · 6h ago
Proudly reading this on a Google Pixel 8 with GrapheneOS
stavros · 5h ago
Does Google Pay work? Paying with my phone is just too convenient.
npteljes · 5h ago
It looks like it doesn't. You might find alternative solutions like this user here*, but there is no guarantee any of it to work indefinitely on GrapheneOS. It's essentially a modified aftermarket firmware, and so, many security related features don't work out of the box, for example, the SafetyNet that many banking apps need.
"Many" safety features don't work? My understanding is that Google unsafetynet is the *only* thing that doesn't work because it's by-design trying to detect if the OS has been modified (or completely reinstalled in this case) by the user. It's like you would install a fresh Windows and now it says your device is no longer secure because you used your access to install something at the OS level and the warranty seal is broken. It's obviously bullshit but the impact on app support is how they keep the majority of people afraid of doing this. Any developer that adds "Google Safetynet" is imo complicit in this
Conversely, there are many safety features in GrapheneOS that don't exist on stock, and they're not the security-through-obscurity type that safetynet employs. As noted in the docs, they often find security issues just by people trying to use an app with these default-enabled extra checks: https://grapheneos.org/usage#bugs-uncovered-by-security-feat...
npteljes · 4h ago
From the user's perspective though, however safe is GrapheneOS, the banking app won't work, Google Pay won't work, Google Play asks a good bunch of questions and might work only some of the time, and the bootloader cannot verify the OS, it will say that there is something unknown on the device, on every restart and powerup.
I know what I'm doing so I don't mind these at all, but they need to be considered when planning with GrapheneOS.
leumon · 5h ago
No, but curve pay or paypal pay work (or any other app not relying on google pay)
sksrbWgbfK · 5h ago
No. It's the only feature that will never work sadly. But everything else is OK.
jmm5 · 5h ago
That and satellite communication.
doublerabbit · 5h ago
I'm unsure how paying with your phone is any more convenient. Sure the wallet requires you to open your wallet, but is that too much effort? I'd rather just pay in cash.
Pocket > Phone > Double Tap pay button -> Tap
Pocket > Open Wallet > Take card out -> Tap
I suppose it's may be more convenient carrying just your phone and not your wallet but I prefer both. Or does America not have tappable Chip&Pin yet?
stavros · 5h ago
I don't carry a wallet and I'm not in the US, and I use NFC whenever I do carry a card.
doublerabbit · 5h ago
Apologizes for the assumption. I have yet to find anywhere here in Scotland that uses NFC practically other than billboards.
daveoc64 · 2h ago
I can't think of a single retailer in the UK that takes card payments, but doesn't support contactless (including Google Pay and Apple Pay).
Ignoring very small shops that don't take cards at all.
doublerabbit · 7m ago
Are the tap&pay NFC? -- I thought it was different tech under the hood.
What I meant is that I've not seen any other use for NFC apart from bus station adverts?
stavros · 5h ago
Really? Even in England everything is just tap. I have an Android phone, so my flow is "take phone out of pocket -> tap" (because it's already unlocked by fingerprint by the time it comes out). That's basically the same as with the wallet, I just don't carry the wallet.
whoami730 · 5h ago
Cash = change/smaller denomination issues
tempodox · 4h ago
Criminals also go to department stores. And to hairdressers. And they drink water. There is no end to deeply suspect activities criminals engage in!
tzs · 1m ago
Do criminals do those things much more frequently than non-criminals?
In Spain 86% of phone buyers buy from the top 5 brands. Pixel is not among those. Only 1.7% buy Pixel phones. Police say that they have observed that among criminals the percent with Pixels is much higher.
Suppose police have a dead store clerk and only 3 people who could have possibly done it, and those people are 1 Pixel owner, 1 Samsung Galaxy owner, and 1 Apple iPhone owner. Given that criminals are buying Pixels at a rate higher than the general population does, and assuming they are not buying Galaxies and iPhones at a higher rate, can the police use that in statistically valid way to help their investigation?
The answer is yes.
Let (c) = the probability that a random phone owner in Spain is a criminal.
Let (p) = the probability that a random phone owner owns a pixel, which is 0.017 in Spain.
Let (p|c) = the probability that someone owns a Pixel given that they are a phone owning criminal. Police say that this is higher than 0.017, but they do not give a number. I'd expect they wouldn't really notice if it was only a little higher. I'd guess it would need to be at least 0.05 for them to notice, so let's go with that. If someone finds a better number it is easy to adjust in the following calculations.
Let (c|p) = the probability that someone is a criminal given they have a Pixel.
Bayes' Theorem tells us that (p|c)(c) = (c|p)(p).
Rearrange that to get (c|p) = (p|c) (c) / (p). Plugging in 0.05 for (p|c) and 0.017 for (p) gives:
(c|p) = 2.9 (c)
In our case with 3 people to investigate, one with a Pixel and two without, if we are sure that one of them must be the criminal the probability that it will be the Pixel owner is 59.2%. It is 20.4% for the Galaxy owner and 20.4% for the iPhone owner [1]. If the police don't have the resources to investigate all 3 in parallel they should check out the Pixel owner first.
[1] Actually, I don't think that is quite right. I think that because I added the condition that we are sure it must be one of them the distribution will change slightly. It still should be close though.
AgentMatrixAI · 4h ago
So they are profiling people using Pixel phones with GrapheneOS....because its good at what it does? Am I reading this right?
Havoc · 5h ago
The core issue here is that privacy concerned looks the same to police regardless of motivations - criminal or principled.
That does sweep up innocents in the net. But at same time if police see a strong correlation with criminals then focus on it from their side seems logical too. Forcing them to intentionally be blind to that sort of correlation seems insane too.
Tricky
can16358p · 4h ago
Criminals use knives to stab people.
By the same logic, anyone who has a knife in their kitchen is a suspect.
Henchman21 · 2h ago
Why do we keep using a thing that exists to subvert the interests of the average person?
throaway920181 · 5h ago
This is ridiculous ignorance and akin to Canada's near ban on the Flipper Zero. We might as well ban cars because they can be used to transport drugs and dead bodies.
I have run Graphene on my phone for some time. I'm not doing anything illegal with my phone or using it for nefarious purposes. I'm just not comfortable with Google (or any entity) having so much data about me.
natch · 6h ago
This trope of "I have nothing to hide" is really tired.
People, it's fine to have things to hide. You can write a blog post and admit you have things to hide. Everyone has things to hide.
For one thing, you can care about hiding the private information that friends have shared with you. Nobody should assume that all their friends and contacts will be super happy about having some stranger at a border paw through their private emails, chats, and photos. Yes, you do have things to hide. It's called basic human privacy.
Please stop saying "I have nothing to hide" unless you're some sort of sociopath who is willing to give up the private addresses, emails, phone numbers, and details of all your friends, family members, and contacts.
jmuguy · 6h ago
I agree, its funny to see the trope from someone advocating GrapheneOS. Like its pretty typical to see from regular internet users who seemingly stopped caring a long time ago that FAANG has essentially their entire life in various databases. We all have private lives, or at least we should, that's just a normal part of being a human.
bilekas · 6h ago
You're taking it too literally, it's to signify, you're not doing anything illegal, you're not doing something you WANT to hide from law enforcement.
Nothing to do with your private pictures or shopping habits. Those are things you want to keep private.
Hiding and Privacy are not the same.
Atreiden · 5h ago
> you're not doing something you WANT to hide from law enforcement.
Why should law enforcement have the privilege to know arbitrary information, especially deeply personal information, about law-abiding individuals?
It is a core requirement of democracy to be able to conceal information from the arm of the state. Political retribution and targeting of ones opponents is not just hypothetical, it's happening now, in America, right now.
Why should law enforcement get to search my phone to find out that I'm critical of the administration? This is information about me that is completely allowed under law, but can be used to discriminate against me.
The definition of legal also changes over time. Giving someone an Uber ride in Texas to an out-of-state abortion center is now a crime. Definitely wouldn't want information on my Uber ride history to be freely available to Texas police. Even if I've never given such a ride, my entire ride history, and possibly my life as a whole, is now subject to deep, targeted scrutiny. Facts would not protect me here, as even if I have done nothing wrong my life could be irrevocably altered. Corruption exists. People make mistakes. Sometimes they have hidden agendas that supersede our shared values of common decency.
bilekas · 4h ago
> Why should law enforcement have the privilege to know arbitrary information, especially deeply personal information, about law-abiding individuals?
They don't and that's called privacy. Seems I didn't make my point clear that saying "I don't have anything to hide" is perfectly fine when applying to anything criminal.
It's NOT the same as saying "I don't care about privacy".
If you commit a crime and hide that, that's a crime.
If you give out your address, that's not a crime and yes stupid to do, but you're not going to prison for it.
Highlighting that people conflate hiding things with privacy and they're just not the same.
natch · 2h ago
Perhaps you should acquaint yourself with Venn diagrams. The area of overlap between the two concepts is called having something to hide.
You can quibble with the word "hide" but it came from the original post, and it serves just fine. You're free to write your own post that doesn't use that phrasing.
stavros · 5h ago
He isn't. It's literally used in bad faith in its literal sense ("if you have nothing to hide, why can't I see your phone?"). Of course, the same argument would never be accepted by the very law enforcement officer who's making it.
The response to that is, yes, I do have things to hide, none of your business.
johnisgood · 5h ago
I have private photos on my phone, photos that I do want to keep private, photos that I want to keep "hidden".
stronglikedan · 4h ago
And I say cops are criminals, and we are both right, and both wrong, at the same time.
throw0101b · 4h ago
"A policeman's job is only easy in a police state."
Just saying "Catalunian" or even "Spanish" instead of only "cops" may get the article less clicks but it would've gone a long way at least pretending to be a worthwhile read. This is a very narrow case in point for basically advocating for a specific product not a class of products. That smells like a sales pitch to me.
immibis · 5h ago
This is the best possible advertisement in these computer-savvy circles. I guess my next phone will be a Pixel with Graphene. I won't do anything illegal on it. If even the police hate it, it must be very safe from hackers.
akomtu · 2h ago
Governments are a lot like abusive parents: they see people as difficult kids that must be managed. They believe that what they do helps them become good adults, but in reality they just love to control and abuse people. Rejecting this abusive parenting or simply setting personal boundaries makes them really angry and suspicious, and get you labelled a criminal. In the future, when thought-reading brain implants will be a thing, you will be labelled a criminal for not having one, for hiding your thoughts or even for refusing to have your thoughts managed by that device.
tonyhart7 · 3h ago
says a lot about android in general
they literally planted an backdoor that federal agency can force google to give out information
allthedatas · 5h ago
Cops say low speed limits and speeding tickets are for your safety and not just another tax.
Cops say guns are only for bad guys.
Cops say 3d printers and bitcoin are for terrorists
Cops say a lot of dumb things because they are generally (and necessarily) not that bright, but also because they are lazy and frequently corrupt.
duxup · 5h ago
The claim seems plausible as far as capable criminals go.
FollowingTheDao · 6h ago
This is just a continuation of “well a lot of people who commit crimes have dark skin, so let’s profile all people with dark skin.”
But in reality, I think this is a scare piece meant to drive people away from using graphing OS.
No comments yet
dmitrygr · 2h ago
Criminals also drink water and breathe air. Quick, ban those.
ChrisArchitect · 5h ago
Related context:
Cops in [Spain] think everyone using a Google Pixel must be a drug dealer
If you outlaw privacy-focused operating systems then only outlaws will use privacy-focused operating systems.
colechristensen · 4h ago
Impressions from grapheneOS users? Alternatives? I have an old but essentially never used Pixel 3a I'd like to set up with something as a backup.
EDIT: sad, Pixel 3a no longer supported, too old
subscribed · 2h ago
I'd say Pixel 7 if you want patches and releases for a couple more years.
colechristensen · 1h ago
Thanks, but my motivations were more "what should I do with this perfectly good old phone" LineageOS has been ok during a quick try
potato3732842 · 4h ago
They spew assertions like this not so that people believe them but so that they can reference them when establishing probably cause, applying for warrants, etc.
2OEH8eoCRo0 · 5h ago
I don't trust Graphene but I want to. Who are the devs and who are their sponsors? I worry about supply chain attacks. Why should I trust their supply chain and anon devs?
kytazo · 5h ago
You don't trust the devs, you trust the public code
2OEH8eoCRo0 · 5h ago
Unless you build it yourself you do trust the devs. You aren't running public code on your phone you're running compiled binaries. Compiled by who? How securely? Who has keys?
It's also a leap of faith to assume that public code is any safer.
Aachen · 4h ago
You're not wrong that one needs to have some trust in the devs of open source code, but if you are this level of paranoid then having the code available is essential to your threat model because it allows you to build it yourself so you know what you're running. Nobody can audit everything, but if enough people are involved in the development, they would all have to collude (or the malicious one has to hope they get lucky) since each one of them has a chance to spot when one of the developers were to be malicious
busterarm · 4h ago
Well, the prior lead dev of the project did have some very strong personality quirks and odd behavior in conflicts with a lot of people. So much so that he was encouraged to leave the project and did so.
That incident and a few prior ones of his had me remove GrapheneOS from my phone. There's clearly a new lead contributor to the project from the git repo, but the leadership of the project is completely opaque and thus not something that I want to run on my phone.
I just fixed my habits so that I don't really do anything much with my phone. I mostly receive calls and text and do OTP. I use Aegis for that and back that up in the cloud. I wipe my phone basically monthly and I'm back up and running with all my apps/contacts/configs inside of 5 minutes.
2OEH8eoCRo0 · 4h ago
My point is if I don't trust Google why should I trust anons and anime characters more?
I was hoping someone could give me more than "it's public."
Aachen · 25m ago
Sorry, it is what it is
kytazo · 3h ago
Graphene builds are verifiable, go build them yourself if you feel like.
Public code is definitely safer than binary blobs.
canadiantim · 6h ago
I get the feeling this is likely a better setup than the linux phones
carbon3489 · 6h ago
Yeah. They have a duress password feature which cleans up the device.
Now.. if only you can use it like a linux computer and be able to make full system backups, it would be a lot easier to use that feature. The lack of proper backup facilities make it untenable for holding any critical data.
fsflover · 6h ago
It depends on your goals and threat model. If you consider dependence on Google hardware as a threat, it's not better.
pabs3 · 6h ago
GrapheneOS is based on the Linux kernel just like Android.
BigSquelch · 6h ago
It's an android fork.
metalman · 5h ago
each and every technology has and will be used in the commision of the very worst possible crimes.
anything can and is bieng weaponised.
any rational society would simply use our vast data sets to determine which specific preventable harm is effecting the most humans and can be elliminated for the lowest cost and effort.....do that, and then start working on the now new greatest harm ellimination.
but in spite of asking and trying to figure this out myself, I can find no effort to actualy just gather that data and work from there
.....everything is just another "cause".....for debate
"European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone"
https://grapheneos.social/@GrapheneOS/114784469162979608
State employees in their official capacity making inaccurate claims to media about GrapheneOS to smear it as being for criminals and as the users as largely being criminals is a state sponsored attack on the GrapheneOS project.
https://grapheneos.social/@GrapheneOS/114813613250805804
"There’s a bitter irony here, too, as GrapheneOS recently pointed out in a tweet. The Spanish region of Catalonia was at the center of the massive Pegasus spyware scandal in 2019.
"Pegasus, a sophisticated surveillance tool sold exclusively to governments, was reportedly used to hack phones belonging to Members of the European Parliament and eavesdrop on their communications. Yet, police in this very region are now scrutinizing savvy Pixel and GrapheneOS users for hardening their devices against unlawful surveillance and other attack vectors."
> GrapheneOS is not immune to exploitation, but the fearmongering done in these ongoing attacks on it is very clearly fabricated. They feel threatened enough by GrapheneOS to engage in coordinated attempts at convincing people that it's unable to protect their privacy and security.
So... they (cops and friends) are saying that GrapheneOS is for criminals, AND that it does not work at protecting anyone's privacy and is not for security. Amazing.
See: https://grapheneos.social/@GrapheneOS/114784553445461948 and the rest.
/s, if not obvious. Strange times.
Here is the relevant section from our current laws: https://danskelove.dk/straffeloven/134b
Not literally, but there was some criminally bad warfare going on: https://en.wikipedia.org/wiki/Battle_of_Balaclava
[0] https://en.wikipedia.org/wiki/Battle_of_Jersey
https://politi.dk/lov-og-information/tildaekningsforbud
(Trigger warning: danish)
And Southend in England tried to do the same (but failed...)
They really are absurd.
https://kentandmedwayvru.co.uk/project/pointless/
I wonder if they are going to do anything about at least a thousand number of other items that may be used to cause bodily harm to a person. What about something related, such as forks?! Bags?
Here in the land of more-guns-than-humans it feels so much more bleak.
On the other hand IIRC it has a lower rate of at least some types of violent assault.
One possible explanation is the healthcare system - fast treatment makes a big difference to the chances of surviving an attack (and are one reason murder rates have fallen over the years, and why developed countries have much lower murder rates). Does anything in the US system delay treatment significantly?
Now if the government thinks there isn't really a good reason to have a phone they can't hack ( because they are the good guys right.... and in theory need court orders etc - so there is legal oversight ) then they will see such phones in the same light and consider banning.
This is at the core of the argument - and why governments ask for a special backdoor - as they accept a generally secure phone ( to stop your neighbour snooping ) is a good thing, but they are used to being able to tap phones and open letters if a judge gives them permission.
Obviously the ironic thing is most phones probably already do have special backdoors - but only for the country where the makers reside - and that countries government doesn't want other governments to know or have acccess.
And in the case of fridges - there is no argument there that they aren't legit reasons to own.
In the case of knives - zombie knives don't really have legit use, whereas kitchen knives do.
This is very much absurd.
The police quite often destroy antiques handed in by people who know about the bans but not the exceptions.
I have a multitool I bought long before the ban, that is now illegal to carry routinely. I bought one with a significantly longer blade for my daughter which is perfectly legal to carry.
If I understand the proponents correctly: Ostensibly it is to defend one's property and people from a tyrannical government.
Just for an exercise, let's say you believe that. And let's say that day is here. The tyrannical government has arrived and has necessitated your use of assault rifles.
The people you're shooting, what are they wearing? They're almost certainly wearing uniforms; police and/or military.
From the proponents' standpoint, the reason to have assault rifles is to kill police and soldiers.
The ultimate point of gun ownership isn’t sporting or even self defense, though they are useful for both. The real reason America is armed is so that if our government ever gets too tyrannical, we can do something about it.
Some people may not like that today but if you go back and read what people wrote circa 1775 and forward, this is the clear rationale.
It’s been doing that for at least two decades, yet I’m still waiting for you people to get on with it.
But my opinion doesn’t change the rationale for the 2nd Amendment.
That way lies fascism and anarchotyrrany.
The something is killing police and soldiers. That's the quiet part.
Unless the tyrannical government has presented itself at the compound in a force of plumbers and actuaries.
You cannot buy a kitchen knife because people MAY use it cause harm.
It is like forbidding the use of roads because it MAY be used to <insert illegal activity here>. Uses (usage?) of roads are even more broad than uses of knives.
I think it is easier to argue in favor of knives (or against the prohibition of ... of knives) than guns, for this reason alone.
A gun can be used for recreational shooting.
A gun can just be an historical collectors' piece.
A gun can be used in researching bullet proof vests and other equipment for a startup looking to sell to law enforcement/military.
There are many reasons for gun ownership. Ultimately, the reason should be that the individual is free to do as he/she chooses so long as he/she doesn't initiate a violent interaction.
The most often cited reason for banning firearms is the prevention of school shootings. For some reason, everyone is focused on the gun and not the fact that students wish to do violence at schools. What is it about the modern educational system that students wish to perpetrate violence in the schools to other students and teachers? Why isn't the mental health of the American youth at the center of this conversation?
Why is "wide range of use" being used as the metric rather than "societal good"?
While there are downsides, there's more to it.
Yes I can. I have knives I bought recently in my kitchen.
How could you possibly believe that people in the UK can't buy knives? Do you realise how foolish that sounds?
The irony.
Just as foolish as these ways are to prevent violence.
These criminals might switch to forks, better get your Government get one step ahead of them.
And no, you cannot buy kitchen knives if you are under a certain age, it is ought to prevent a lot of crimes, I am sure.
No spray, no airgun, no folding mace, absolutely nothing can be used in self defense.
Except for the alarm.
Care to explain?
You also can't carry one in public without reasonable cause - which in the end is decided by a judge.
What I think you are saying is:
The police are arguing both sides (in typical fashion). On one side, the police say that GrapheneOS is for criminals because of its privacy, etc. However the police are also trying to convince people that GrapheneOS is not private or secure, in an attempt to sway people from using it.
[1] https://grapheneos.social/@GrapheneOS/114784488424006190 and so forth.
My guess is the ambiguous use of "they", interpreting "they" as GrapheneOS instead of the police.
That makes it seem like you are criticizing GrapheneOS rather than the police.
Yes, I know, age of hyperbole, but a state sponsored attack on the project is mass arrests, blocking of funds etc.
Graphene does their PR, the police does their PR. Both have different views on the world.
If I say “stop attacking me” during a heated argument no one thinks you’re physically assaulting me. That would be ridiculous.
GrapheneOS is the most secure, arguably most private, hell the most feature-complete, user-friendly custom ROM (but they also hate the word "custom ROM") out there. I've imported a Pixel, because it wasn't available in my country, just to use GOS. So it is deeply frustrating that they are doing things the way they do. Hubris is their longest-standing, "wontfix"-labelled vulnerability.
When they say other projects are insecure, this is for example because of the claims /e/OS based on the utterly insecure hardware and two major versions of AOSP, unpatched, is touting itself as a leading project in the privacy landscape.
I don't think they talk down any security - related project and I've never seen the generalised "they talk down on (...) open-source projects in general" - this is what I would myself call slander, because tbh it's dogs bollocks.
"Slander" or "attack" is said when there are baseless accusations (like above about attacking, quote, "any and every security-- and privacy-related project") because they don't have outlets or big money behind them which would simply state the facts and call out the accusations.
If you have examples of theese words "thrown" without basis (ie without sustained prior attacks on GOS), I'm sure every interested person would like to see it. If you wanted to show the examples of the innumerable privacy- or security-related projects that are _attacked_ by GOS, please share examples.
There are multiple so-called privacy and security related projects which are known for the sustained and baseless bad messages, and these don't get a pass, because it's clear it's intentional and in the bad faith.
Valuable projects and services are promoted and recommended based on merit and not favours (eg: they can argue based on facts why installing apps from accrescent or Google play store is generally safer than from the F-droid).
They don't hate the "custom ROM", they explain why it's a misnomer - and you using it here after saying they hate it (and either not knowing or not caring why it's wrong) is clearly an act in the bad faith :)
I struggle to see an attempt in the factual reporting in your post. The only thing I could connect over is their attitude in certain situations, but..... the rest of your post is just.... incorrect?
I wish people realized that privacy and civil liberties exist regardless of guilt. Rights like freedom of speech, due process, and privacy aren't just for people doing something wrong. They're foundational protections that exist to prevent abuse (by cops, too).
Outside of that very narrow context, they may kindly deal with my communications being secured by default, because if there is a path they can use to decrypt my data, the criminals can also find, exploit, and use that same path. Rather easily, as it turns out. (See: various data breaches, password leaks, company after company getting caught with unsecured S3 buckets containing encryption keys, etc etc.) It's not the law I'm hiding from, but those individuals who would steal every one of my digital assets given the opportunity.
In the specific context of Android, the thing I'm trying to dodge isn't even legal snooping or criminal activity, but specifically marketing. Google is terribly interested in my browsing habits, and so having my smartphone not run their services at all is an excellent way to reduce that flow of information from my device to a third party that I don't particularly trust.
Modern surveillance states operate on the premise that every individual, out of billions worldwide, could become a potential threat. To manage this, governments have developed and deployed mass surveillance technologies that far exceed the scope of traditional law enforcement. This environment results in routine circumvention—both legal and extra-legal—of civil liberties and privacy protections, such as the 4th amendment, in the name of national security.
We saw this play out dramatically with the Snowden revelations, which exposed systemic, warrantless collection of communications by agencies such as the NSA. Surveillance is not conducted only for clear national emergencies. It is often routine, preemptive, and opportunistic—and the scale is massive, not targeted only at 'bad actors'.
This reality creates a profound power imbalance. Those who control surveillance infrastructure possess the ability—and in some cases, the legal clearance—to act against individuals or groups for reasons ranging from strategic interests to petty personal motives. There have been numerous documented cases of abuse of surveillance powers by insiders seeking to settle personal scores and, internationally, governments using this capability to quash dissent (for example, China’s censorship and criminalization of government criticism)
Once the technology and precedent for ubiquitous surveillance are in place, the distinction between legitimate and illegitimate use blurs dangerously. The potential for abuse is inherent, especially when oversight is weak or accountability is lacking, which is everywhere.
While companies like Google pose significant privacy concerns and “opting out” of their ecosystems is prudent for reducing commercial data exploitation, the larger threat comes from the normalization of universal, warrantless surveillance by state actors.
Because these states are so extractive of their populace and engage in so much evil that any given person constitutes a potential threat. They're worried that anyone could just wake up one day and decide to be the next uncle Ted or whatever.
It might be appealing to fantasise about catching all the criminals and stopping all their dastardly deeds, but where would we be now if our governments had this capability 30 years ago? ...90? ...270? Would we be happier today if the last 1000 years had passed completely free of theft, murder, pederasty, and also free of blasphemy, heresy and challenges to the divine right of kings? Today, we are grateful for the actions of many a disgusting criminal that would have been condemned by any respectable and well-adjusted member of society (including you, had you lived then) at the time. Who knows which ones of today's criminals we will be thanking 30 years into the future?
Seriously, punch anyone in the face that says this. Western democracies are worth preserving.
No, privacy is for protecting good things from evil people. And frankly, it's more than that. Privacy is necessary even when no evil intent exists in either the observer or the observed. It is necessary for various relationships to flourish and for human beings to flourish. It isn't good for your neighbors to watch you making love with your wife, or for you to watch them doing so. Social boundaries are important. Failing to respect them is to claim an authority you do not have.
It's similar to the principle of subsidiarity: you want the right people involved in the right things at the right times. Removing privacy smushes everything together, and I claim that this flattening effect is one of the reasons for the mental illness that's catalyzed by social media.
Look, I literally have a Pixel phone running Mullvad. I care about privacy. But everyone here is reading the headline and arguing against a strawman.
This should be a discussion on how valid it is for police to profile people. Or maybe if it's actually true that drug dealers are using GrapheneOS. Europe _is_ attacking encryption and privacy. But this is not it.
I had to click through several links to get to this part.
It’s an off-hand comment from a single police person who was trying to make some point.
The android news sites are getting a lot of mileage out of that single comment from a single person.
All of the extrapolation about people using GrapheneOS globally feels like journalists trying to squeeze as much hype as they can get out of this one sound bite from one police rep in one area.
Exactly - though in this case I'm not sure what that means - if they 'feel more alert and suspicious' - that's just going on in their head ( pretty difficult to control that ). If on the other hand it means you are constantly getting stopped and searched that's another issue - but then you could argue that's then argument about the stop and search rules in whatever country.
ie what counts as reasonable grounds for the police to take concrete action.
How can you think that profiling people based on their phones is not harmful to privacy?
In most western countries surveillance requires prior evidence of wrongdoing, if your phone brand or phone OS can be used as evidence that you might be engaging in criminal activity, that is of course a danger to privacy. It should be normal that people use Software and Hardware that respects their privacy and desiring privacy should never, by itself, be allowed to be evidence of criminal intentions.
Less and less so. Take a look at the way the laws are going in the UK and the EU.
Why can't it be a discussion about how valid it is for police to use the desire for privacy as a basis for profiling? Is that not allowed?
Are you saying that we're required to either talk about:
1) whether the police should profile anyone at all for any reason (why not this particular reason again?), or
2) whether Spanish criminals desire privacy, and therefore more often choose GrapheneOS than other groups of people (is this controversial? Is it worth discussing? Can't we just take the Spanish police's word for such an unsurprising data point?)
Those are our only two choices? If so, than the conclusion is foregone. Police will be allowed to profile criminals and suspicious people, and criminals will attempt to refuse monitoring and searches.
I'd rather talk about whether refusing to be monitored or searched can be allowed to become official grounds for state suspicion, though. Even without your support.
The situation would be different in, say, Silicon Valley. But they're dealing with the world they're in.
If you start caring more about how it supports your side rather than the truth, you're playing politics. And in that battlefield you'll lose to eurocrats.
- [1] https://www.lesswrong.com/w/arguments-as-soldiers
Not much good coverage on it out there apart from the great work by The Rage journalists.
Let’s just say it is in a different category than Alexandra Elbakyan.
Why is the creator of this tool being held responsible for how others use it? That's like dragging Henry Ford to court the moment a car driver runs someone over.
All these people created tools that could be used by anyone. Encryption, the Internet, cars. All have legitimate uses cases just like Tornado Cash does.
To me, not wanting to have all of your public blockchain transactions linked to you is actually quite similar to wanting a phone detached from the hivemind - all you want is a bit of privacy.
> if some lobbies are pulling the strings
Sure looks like it. Many people don't understand the consequences of the ChatControl proposition (backdoors for governments into all messaging apps) [1].
Politicians insists it is only about protecting kids from predators online, but see for example Sweden:
* Police and secret police will have this access for swedish citizens.
* Secret police have an agreement with NSA about data sharing (see Snowden).
* NSA will end up storing all my DM:s.
* Another country also have an agreement with NSA about data sharing.
* This other country will find out about my sexual orientation or political beliefs the moment I board a plane to their country.
All of this will be outside of control from my country or the laws of my country (Sweden), that is supposed to protect my free speech [2] and anti discrimination laws [3].
1: https://en.wikipedia.org/wiki/Regulation_to_Prevent_and_Comb...
2: https://www.riksdagen.se/sv/dokument-och-lagar/dokument/sven...
3: https://www.riksdagen.se/sv/dokument-och-lagar/dokument/sven...
F*k Ylva Johansson:
> Research by several newspapers led to allegations of questionable connections between Johansson and her staff and companies that would benefit financially from her proposal, including Thorn and WeProtect.
> Johansson rejected the accusations as being untrue, true but not illegal and as not even being accusations.
> Her claim to have given data protection organizations the same access as to the backers of her proposal was rejected as untrue by several organizations and members of the EU parliament. Johansson reacted to growing rejection of her proposal by ordering commercial advertisement on Twitter paid for with EU funds. The advertisement was criticized as being misleading and illegal according to the EU's rules for targeted advertisement. [4]
4: https://en.wikipedia.org/wiki/Ylva_Johansson#Surveillance_of...
That is literally going to put people's lives at risk. Crazy.
At least in my country, there has been serious laws protecting the users from police opening letters (1962:700; Postlagens tystnadsplikt). This was changed in January 2023 because people exploited it to send drugs thru post office [1].
Of course without any protests in Sweden because again people don't realize their rights to privacy are taken away from them.
1: https://www.svenskhandel.se/nyheter/nyhet/lagandring-ger-moj...
1: https://commons.m.wikimedia.org/wiki/File:Rational_harm_asse...
Yet I can go to certain neighborhoods in Stockholm and get pretty much every thing under the sun and that's open 24/7.
This is the source of some massive disconnects between people and their governments, I think. They had some permission, which we basically agreed on as a society, when their tampering was obvious and/or limited in scale (just due to practical constraints). We gave our consent to be governed with those constraints in mind.
Nowadays they are continuing without those implicit constraints and they don’t want to have the conversation about implementing new explicit constraints. This isn’t the deal we agreed to, really, it is just what they can get away with without permission. You can rule over a populace without their permission, of course—it’s just very different from the sort of pleasant (albeit never perfect) relationship that willing populations and their elected officials have had recently.
Secret police definition [1]
> Secret police (or political police) are police, intelligence, or security agencies that engage in covert operations against a government's political, ideological, or social opponents and dissidents. Secret police organizations are characteristic of authoritarian and totalitarian regimes.
Security police definition [2]
> In some countries, security police is the name given to the secret security and intelligence services charged with protecting the state at the highest level, including responsibilities such as personal protection of the head of state, counter-espionage, and anti-terrorism.
Specific example for Swedish 'Security Police'.[3] if you look up any EU agency with similar roles it will be found that they are all security, not secret.
1: https://en.wikipedia.org/wiki/Secret_police
2: https://en.wikipedia.org/wiki/Security_police
3: https://en.wikipedia.org/wiki/Swedish_Security_Service
FWIW, the distinction is not as clear cut to me. In the 1970s, the ruling government body (social democrats) passed on information in order to make registers of political opponents in the far left and far right to SÄPO.
More of that part here: https://sv.wikipedia.org/wiki/S%C3%A4kerhetspolisen#%C3%96ve...
The Nixon watergate scandal was also similar to your first definition there.
You mention Sweden, I can easily also name Switzerland, the land of generally very decent, moral and polite people. Yet sometimes curtains falls off a bit and one can see how various police departments will do everything possible to track and follow people. Police are generally very nice but I've also seen some unprovoked brutality and generally less-than-stellar behavior by various authorities that should know and do better.
Protect what you can, while you can. No state is your friend, its not normally an outright enemy but rather a party focused on its own interests, your rights or needs be damned.
Switzerland is not in EU, not in 12-eyes, not in any of that shit.
I'm sure they are up to no good, too but at least the distance between them and NSA is farther, I hope.
The so-called israelization[0] of the police. Certainly you see that in the US. If you compare the local police, say, 50 years ago with their counterparts today, you definitely notice a strong militarization. That may be appropriate for special units handling dangerous cases, but it should not characterize the rank and file that handle petty crime or public disorder.
> No state is your friend, its not normally an outright enemy but rather a party focused on its own interests
The state is the only recourse of the common man against powerful private interests. In this case (surveillance, etc), private interest has been used as a way to get around the legal limitations of government. Companies like Google and Facebook can track people with greater ease than the government can.
[0] https://www.amnestyusa.org/blog/with-whom-are-many-u-s-polic...
The question I have is, why?? I assume some Israelis or people with ties to Israel who wanted Israel to have influence over the US police. (But why?)
I doubt it was a big thing like “gee, you know what Israel can export? Police brutality!” “Hey that’s a great idea!”
But that’s kind of how it comes across.
One could argue that they may very well think that this sort of thing could never happen, that the center will always prevail etc... but then again I remember seeing this video compilation of a lot of very confident people in the US saying that Trump would never be president a few months before the 2016 election, let alone be elected for a second term.
So that makes me think, how can they so confident that "the good guys" will always be in charge?
Because from where I am standing there is a massive chance that Reform will win in the UK and that the National Rally will win in France in 2027.
Nobody can say that they did not know.
They implement such systems precisely to always be in charge.
But the more nefarious issue is that countries that use to uphold human rights and the rights to privacy for their citizens up until 10 to 15 years ago have made a complete U-turn.
And before someone says that this is due to the far-right getting into power, this has really nothing to do with it.
It simply is blatant attempt at muzzling the population. The worst part is that you still have European governments who feel the need to give lessons of democracy to China et al.
I could see how Hungary would want to get this passed because they are well on their way to authoritarianism but this proposal coming from the EU who is supposedly politically in the center, that makes zero sense.
They need to highlight that we are nothing like as bad a China. We look good in comparison.
> this proposal coming from the EU who is supposedly politically in the center
Is it? Its the only country in the world with a constitutional commitment to privatisation (its in the treaties, which are the constitution, and came close to being called a constitution).
The EU is not a country. It may very well be in 50 years from now but not presently.
> > this proposal coming from the EU who is supposedly politically in the center
I said `supposedly`.
> They need to highlight that we are nothing like as bad a China. We look good in comparison.
Not if they go through with this proposal. You can't claim to be a bastion of democracy and want/need to spy on your citizens 24/7. These 2 notions are just not compatible.
Semantics. its near enough to being one to compare to countries in terms of law, policy and constitution.
> I said `supposedly`.
Depends what you mean by supposedly, I suppose! Its intent is clearly not centrist.
> Not if they go through with this proposal.
Still far better than China. No prison for holding the wrong views, or following the wrong religion, or having the wrong culture. No genocide. Having elections.
I am not happy with where the west is going, but comparing with China its still far better (against a low base).
it seems like a great os but i am not giving google money to get away from google.
It's not only the design of the hardware, but also patches for vulnerabilities and delivering updates for several years.
You're suggesting it's ideological (which is completely untrue), while the fact is: pixels are at the very moment the only Android hardware secure enough to even care about hardening: https://grapheneos.org/faq#future-devices
(there's little sense in securing the OS if the hardware doesn't allow disconnecting the USB or there is no secure element throttling PIN attempts, right?)
https://grapheneos.org/faq#future-devices
I hope it's something good. But in reality it's probably Samsung which is the only other vendor bothered enough to add a basic secure element. Maybe they will upgrade it?
Matchboxes -- OK. But cash is certainly a target. It is also relatively easy to push, as using a card is so much easier! Look at Sweden and presumably other countries where cash is basically gone. And no (loud) protests from privacy advocates that it is even hard to get cash today. I will just use an app to lend you 10 EUR for the beer.
Also throughout the world, using cash is only possible legally up to a given amount (a few thousand EURs ATM, but still) -- because large sums of cash are suspicious. Of course large amounts of money are suspicious because only criminals would even want to pay large amounts of money, right? Like, pay for a car or a vacation, or pay rent or taxes.
Speaking of which, in many countries, it is basically impossible to pay taxes in cash, although technically, it should be allowed. Like in Germany. Or pay for a bus ticket in cash. But some poor souls don't have a bank account. Hmm...
Some countries deanonymize cash by embedding RFID chips (e.g., Australia).
Of course it is not done for surveillance, but only for good goals.
https://es.ara.cat/sociedad/sucesos/guerra-tecnologica-movil... ("Guerra tecnológica: el móvil de los narcos contra los troyanos de la policía")
or https://www.ara.cat/societat/successos/guerra-tecnologica-mo... ("Guerra tecnològica: el mòbil dels narcos contra els troians de la policia")
> "Cada vegada que veiem un Google Pixel pensem que pot ser un narcotraficant"
(You'd have to navigate through four layers of links to find this: two layers of androidauthority linking to itself, then through xatakandroid, then finally you get to the primary source, the Catalan-language daily Ara. Though, for reasons, it's linking to a Spanish-language machine translation of the Catalan original—the "es." subdomain, which says Traducción no verificada at the top. So, we're five levels removed from the primary source, which is one sentence, which has gone through two rounds of machine translation (ca -> es -> en)).
https://news.ycombinator.com/newsguidelines.html
Isn't that going to happen regardless of cookie preferences, because the whole point of fingerprinting is to avoid cookies?
Here, "allow" means "doesn't actively work to counter".
I like my privacy and I'm also incredibly boring if anyone cares to track my interests and activities. I choose privacy to save the authorities wasting any more of their precious time and resources on little ol' me. And to minimise the value any vampiric tech company may be able to squeeze out of me.
In my limited, but specific, experience, the police will latch on to anything that makes an individual stand out from the vanilla drones as "evidence enough". So be warned. If you're feeling rebellious though, GrapheneOS will scratch a certain itch.
You're free to run GrapheneOS or Windows or whatever, so long as you also have a device that is attested to be untampered by Google Play or Apple's equivalent
Graphene replied in that thread (just ctrl+f for them), saying "Unfortunately, the EU is adopting the Play Integrity API enforcing having a Google Mobile Services device instead. We've repeatedly raised this issue with the EU Commission and many apps including ones tied to this specific project. We've never been given reasoning why they can't use the hardware attestation API instead."
I'm personally not so keen on that lesser DRM requirement either, since it's just another level of gatekeeping: ok now it's not only Google/Apple but also a few OSes that meet ?some? requirements, but e.g. GrapheneOS also doesn't unilaterally let me access data on my device, maintaining that full access is dangerous and cannot be allowed -- yeah, I'll agree data is safer when I can't even access it myself, seeing how much malware goes around for NT/Linux distributions where you can have root, but I'd still much rather live in a world where I'm the root on my systems. But anyway, that's maybe another discussion, the broader point is that even GrapheneOS can't talk sense into the EU with their lesser-but-still-DRM option
They just don't support it because it's an immense risk (in my opinion as well).
The other thing, reliable backup is slowly in the making. As I understand there's not enough devs to work on it right now.
This won't be signed with the right attestation key because I'm not them.
My understanding is that attestation is tied to the distribution's private key, so this government software wouldn't trust my version of the OS, assuming the govt could be made to understand Android's attestation framework is a vendor-neutral way to achieve the same goal (whatever goal that may be). With a rooted GOS, I'd still need another device, tied to my government identity, of which I can't verify what it's doing, much less control it
Of course, I don't want this to be used as an argument to mass spy on the people.
GrapheneOS is a great project that allows people to have some control over their devices. This is important for receiving patches when manufacturers have abandoned them for whatever reasons. I've used GrapheneOS to revitalize old devices with some success. Additionally, having the option for privacy is fundamental to security and I would argue is important to help maintain democracy. I do not like seeing these attacks on those trying to maintain control of their own devices. There are processes for checking areas of concern and when a cellular device is connected to a network, it's up to those external parties to follow the proper procedures in place.
I suppose as a write my comment my level of tolerance for bullshit continues to be pressed. Because there is too much bullshit to adequately deconstruct here.
But honestly, of course criminals are gonna use these devices with grapheneOS, for the same reasons any one interested in their privacy would. And if the police notice a trend towards it why wouldn't they state so and look to use that as an indicator. Why is there a probkem with this?
This will reduce functionality of the device. You will not get Graphene's fine-grained permission control, and you will also not have Google Play Services (so many apps will not run).
*: https://www.reddit.com/r/GrapheneOS/comments/1jujvee/finally...
Conversely, there are many safety features in GrapheneOS that don't exist on stock, and they're not the security-through-obscurity type that safetynet employs. As noted in the docs, they often find security issues just by people trying to use an app with these default-enabled extra checks: https://grapheneos.org/usage#bugs-uncovered-by-security-feat...
I know what I'm doing so I don't mind these at all, but they need to be considered when planning with GrapheneOS.
Pocket > Phone > Double Tap pay button -> Tap
Pocket > Open Wallet > Take card out -> Tap
I suppose it's may be more convenient carrying just your phone and not your wallet but I prefer both. Or does America not have tappable Chip&Pin yet?
Ignoring very small shops that don't take cards at all.
What I meant is that I've not seen any other use for NFC apart from bus station adverts?
In Spain 86% of phone buyers buy from the top 5 brands. Pixel is not among those. Only 1.7% buy Pixel phones. Police say that they have observed that among criminals the percent with Pixels is much higher.
Suppose police have a dead store clerk and only 3 people who could have possibly done it, and those people are 1 Pixel owner, 1 Samsung Galaxy owner, and 1 Apple iPhone owner. Given that criminals are buying Pixels at a rate higher than the general population does, and assuming they are not buying Galaxies and iPhones at a higher rate, can the police use that in statistically valid way to help their investigation?
The answer is yes.
Let (c) = the probability that a random phone owner in Spain is a criminal.
Let (p) = the probability that a random phone owner owns a pixel, which is 0.017 in Spain.
Let (p|c) = the probability that someone owns a Pixel given that they are a phone owning criminal. Police say that this is higher than 0.017, but they do not give a number. I'd expect they wouldn't really notice if it was only a little higher. I'd guess it would need to be at least 0.05 for them to notice, so let's go with that. If someone finds a better number it is easy to adjust in the following calculations.
Let (c|p) = the probability that someone is a criminal given they have a Pixel.
Bayes' Theorem tells us that (p|c)(c) = (c|p)(p).
Rearrange that to get (c|p) = (p|c) (c) / (p). Plugging in 0.05 for (p|c) and 0.017 for (p) gives:
(c|p) = 2.9 (c)
In our case with 3 people to investigate, one with a Pixel and two without, if we are sure that one of them must be the criminal the probability that it will be the Pixel owner is 59.2%. It is 20.4% for the Galaxy owner and 20.4% for the iPhone owner [1]. If the police don't have the resources to investigate all 3 in parallel they should check out the Pixel owner first.
[1] Actually, I don't think that is quite right. I think that because I added the condition that we are sure it must be one of them the distribution will change slightly. It still should be close though.
That does sweep up innocents in the net. But at same time if police see a strong correlation with criminals then focus on it from their side seems logical too. Forcing them to intentionally be blind to that sort of correlation seems insane too.
Tricky
By the same logic, anyone who has a knife in their kitchen is a suspect.
I have run Graphene on my phone for some time. I'm not doing anything illegal with my phone or using it for nefarious purposes. I'm just not comfortable with Google (or any entity) having so much data about me.
People, it's fine to have things to hide. You can write a blog post and admit you have things to hide. Everyone has things to hide.
For one thing, you can care about hiding the private information that friends have shared with you. Nobody should assume that all their friends and contacts will be super happy about having some stranger at a border paw through their private emails, chats, and photos. Yes, you do have things to hide. It's called basic human privacy.
Please stop saying "I have nothing to hide" unless you're some sort of sociopath who is willing to give up the private addresses, emails, phone numbers, and details of all your friends, family members, and contacts.
Nothing to do with your private pictures or shopping habits. Those are things you want to keep private.
Hiding and Privacy are not the same.
Why should law enforcement have the privilege to know arbitrary information, especially deeply personal information, about law-abiding individuals?
It is a core requirement of democracy to be able to conceal information from the arm of the state. Political retribution and targeting of ones opponents is not just hypothetical, it's happening now, in America, right now.
Why should law enforcement get to search my phone to find out that I'm critical of the administration? This is information about me that is completely allowed under law, but can be used to discriminate against me.
The definition of legal also changes over time. Giving someone an Uber ride in Texas to an out-of-state abortion center is now a crime. Definitely wouldn't want information on my Uber ride history to be freely available to Texas police. Even if I've never given such a ride, my entire ride history, and possibly my life as a whole, is now subject to deep, targeted scrutiny. Facts would not protect me here, as even if I have done nothing wrong my life could be irrevocably altered. Corruption exists. People make mistakes. Sometimes they have hidden agendas that supersede our shared values of common decency.
They don't and that's called privacy. Seems I didn't make my point clear that saying "I don't have anything to hide" is perfectly fine when applying to anything criminal.
It's NOT the same as saying "I don't care about privacy".
If you commit a crime and hide that, that's a crime.
If you give out your address, that's not a crime and yes stupid to do, but you're not going to prison for it.
Highlighting that people conflate hiding things with privacy and they're just not the same.
You can quibble with the word "hide" but it came from the original post, and it serves just fine. You're free to write your own post that doesn't use that phrasing.
The response to that is, yes, I do have things to hide, none of your business.
* Touch of Evil, https://www.imdb.com/title/tt0052311/quotes/?item=qt0321627
* https://en.wikipedia.org/wiki/Touch_of_Evil
they literally planted an backdoor that federal agency can force google to give out information
Cops say guns are only for bad guys.
Cops say 3d printers and bitcoin are for terrorists
Cops say a lot of dumb things because they are generally (and necessarily) not that bright, but also because they are lazy and frequently corrupt.
But in reality, I think this is a scare piece meant to drive people away from using graphing OS.
No comments yet
Cops in [Spain] think everyone using a Google Pixel must be a drug dealer
https://news.ycombinator.com/item?id=44473694
EDIT: sad, Pixel 3a no longer supported, too old
It's also a leap of faith to assume that public code is any safer.
That incident and a few prior ones of his had me remove GrapheneOS from my phone. There's clearly a new lead contributor to the project from the git repo, but the leadership of the project is completely opaque and thus not something that I want to run on my phone.
I just fixed my habits so that I don't really do anything much with my phone. I mostly receive calls and text and do OTP. I use Aegis for that and back that up in the cloud. I wipe my phone basically monthly and I'm back up and running with all my apps/contacts/configs inside of 5 minutes.
I was hoping someone could give me more than "it's public."
Public code is definitely safer than binary blobs.