Here's a post where the @vollaficationist clearly refers to themselves as being part of Volla and shares internal information which would only be known to someone working at Volla
-
Here they're attacking us for supporting secure devices and working with a major Android OEM towards a serious alternative to Pixels. Volla's devices aren't designed or made by them but rather made for them by an ODM. Their devices are bottom of the barrel MediaTek hardware with atrocious security. Those don't meet our standards. That's why we don't do it.
Vollaficationist (@vollaficationist@mastodon.social)
@celeduc @GrapheneOS@grapheneos.social @guilg@piaille.fr @EUCommission@ec.social-network.europa.eu Volla develops not only devices or OS, or AI and more. It's also developing a new ecosystem as well as an infrastructure. Full decoupling. A fully, autonomous communications system. GOS is a hundred thousand miles from this, right. They do googlag-ware and now even Moto, lol.
Mastodon (mastodon.social)
As an example of what they're doing, Volla is partnered with the hide.me VPN company and bundles their software.
@GrapheneOS you're answering to and giving visibility to a troll account. Honestly you're better off writing well reviewed blog posts instead of losing time on social media.
-
@GrapheneOS you're answering to and giving visibility to a troll account. Honestly you're better off writing well reviewed blog posts instead of losing time on social media.
@Aissen This account belongs to a Volla employee, not a troll. We know who owns the account.
-
Here they're attacking us for supporting secure devices and working with a major Android OEM towards a serious alternative to Pixels. Volla's devices aren't designed or made by them but rather made for them by an ODM. Their devices are bottom of the barrel MediaTek hardware with atrocious security. Those don't meet our standards. That's why we don't do it.
Vollaficationist (@vollaficationist@mastodon.social)
@celeduc @GrapheneOS@grapheneos.social @guilg@piaille.fr @EUCommission@ec.social-network.europa.eu Volla develops not only devices or OS, or AI and more. It's also developing a new ecosystem as well as an infrastructure. Full decoupling. A fully, autonomous communications system. GOS is a hundred thousand miles from this, right. They do googlag-ware and now even Moto, lol.
Mastodon (mastodon.social)
As an example of what they're doing, Volla is partnered with the hide.me VPN company and bundles their software.
Here are a series of posts from the Volla employee running @vollaficationist where they misrepresent their hardware as open source, inaccurately claim it's the most private/secure option with no basis and misrepresent white labelled devices from an ODM as being something far more:
https://mastodon.social/@vollaficationist/114828788734572857
https://mastodon.social/@vollaficationist/114828811907163145
https://mastodon.social/@vollaficationist/114829672784072518
https://mastodon.social/@vollaficationist/114840452085799582
https://mastodon.social/@vollaficationist/114845015249347866
https://mastodon.social/@vollaficationist/114851316858791155
https://mastodon.social/@vollaficationist/114851330429465362
https://mastodon.social/@vollaficationist/114851686998902978
https://mastodon.social/@vollaficationist/114851697197013603 -
Here are a series of posts from the Volla employee running @vollaficationist where they misrepresent their hardware as open source, inaccurately claim it's the most private/secure option with no basis and misrepresent white labelled devices from an ODM as being something far more:
https://mastodon.social/@vollaficationist/114828788734572857
https://mastodon.social/@vollaficationist/114828811907163145
https://mastodon.social/@vollaficationist/114829672784072518
https://mastodon.social/@vollaficationist/114840452085799582
https://mastodon.social/@vollaficationist/114845015249347866
https://mastodon.social/@vollaficationist/114851316858791155
https://mastodon.social/@vollaficationist/114851330429465362
https://mastodon.social/@vollaficationist/114851686998902978
https://mastodon.social/@vollaficationist/114851697197013603RE: https://mastodon.social/@vollaficationist/116250746129876535
In several of these threads, Volla is trying to mislead people about what they can obtain elsewhere including with GrapheneOS to promote their products. This account was originally pretending to be a Volla supporter but recently switched to speaking on behalf of Volla and posting information only known to Volla internally including https://grapheneos.social/@vollaficationist@mastodon.social/116250746180349726. It very clearly belongs to Volla and is an example of how we've seen them doing marketing across platforms including jabs at GrapheneOS.
-
RE: https://mastodon.social/@vollaficationist/116250746129876535
In several of these threads, Volla is trying to mislead people about what they can obtain elsewhere including with GrapheneOS to promote their products. This account was originally pretending to be a Volla supporter but recently switched to speaking on behalf of Volla and posting information only known to Volla internally including https://grapheneos.social/@vollaficationist@mastodon.social/116250746180349726. It very clearly belongs to Volla and is an example of how we've seen them doing marketing across platforms including jabs at GrapheneOS.
This is how these companies market their products. They mislead people into buying their products rather than using much more private and secure options.
iodé and Murena have been doing this on a much larger scale than Volla with much more underhanded tactics. They've heavily pushed the false narrative that GrapheneOS isn't usable by regular people, isn't compatible with enough apps and many other inaccurate claims. In reality, it has far broader app compatibility and is much more usable.
-
RE: https://mastodon.social/@vollaficationist/116250746129876535
In several of these threads, Volla is trying to mislead people about what they can obtain elsewhere including with GrapheneOS to promote their products. This account was originally pretending to be a Volla supporter but recently switched to speaking on behalf of Volla and posting information only known to Volla internally including https://grapheneos.social/@vollaficationist@mastodon.social/116250746180349726. It very clearly belongs to Volla and is an example of how we've seen them doing marketing across platforms including jabs at GrapheneOS.
@GrapheneOS But . . . but . . . they called it "googlag!"
GOOGLAG! Like, 83 times.
How is that not compelling rhetoric!?
-
This is how these companies market their products. They mislead people into buying their products rather than using much more private and secure options.
iodé and Murena have been doing this on a much larger scale than Volla with much more underhanded tactics. They've heavily pushed the false narrative that GrapheneOS isn't usable by regular people, isn't compatible with enough apps and many other inaccurate claims. In reality, it has far broader app compatibility and is much more usable.
Volla, Murena and iodé have come together to form the Unified Attestation initiative which will permit using their products while disallowing using alternatives not participating in it. This is fundamentally an anti-competitive system. These companies are consistently not honest about what they provide with users and are playing the same game with Unified Attestation pretending that it's an open system bringing people freedom when in reality it's designed to crush competition and openness.
-
Volla, Murena and iodé have come together to form the Unified Attestation initiative which will permit using their products while disallowing using alternatives not participating in it. This is fundamentally an anti-competitive system. These companies are consistently not honest about what they provide with users and are playing the same game with Unified Attestation pretending that it's an open system bringing people freedom when in reality it's designed to crush competition and openness.
Unified Attestation will only permit using the devices and operating systems participating in it. If GrapheneOS participated in it and was initially permitted, we would always be under the threat of the companies involved disallowing it. These companies and their governments could use this to exert pressure on GrapheneOS to do what they want. They can come up with arbitrary requirements for what's needed to obtain and preserve certification including requirements incompatible with our approach.
-
Unified Attestation will only permit using the devices and operating systems participating in it. If GrapheneOS participated in it and was initially permitted, we would always be under the threat of the companies involved disallowing it. These companies and their governments could use this to exert pressure on GrapheneOS to do what they want. They can come up with arbitrary requirements for what's needed to obtain and preserve certification including requirements incompatible with our approach.
For example, any system like this is likely to end up requiring approving each release before it would be compatible with apps checking for certified devices. This means releases would be arbitrarily delayed for certification prior to users being able to receive them without losing compatibility with any apps adopting it. The companies involved can put arbitrary requirements in place which are fine with them but not with us. Governments can also begin to exert control over this system.
-
For example, any system like this is likely to end up requiring approving each release before it would be compatible with apps checking for certified devices. This means releases would be arbitrarily delayed for certification prior to users being able to receive them without losing compatibility with any apps adopting it. The companies involved can put arbitrary requirements in place which are fine with them but not with us. Governments can also begin to exert control over this system.
European governments would be able to block certifying GrapheneOS because we won't implement age verification, invasive client side AI scanning and other systems they're trying to impose on devices and operating systems. They can make it into a requirement to integrate these for certification. Volla, Murena and iodé are not privacy/security hardened operating systems. They do not try to protect users against authoritarian surveillance including via exploits. They do not share our goals/values.
-
European governments would be able to block certifying GrapheneOS because we won't implement age verification, invasive client side AI scanning and other systems they're trying to impose on devices and operating systems. They can make it into a requirement to integrate these for certification. Volla, Murena and iodé are not privacy/security hardened operating systems. They do not try to protect users against authoritarian surveillance including via exploits. They do not share our goals/values.
These companies MUST NOT be allowed to successfully seize control over the compatibility of European banking/government apps with mobile devices via Unified Attestation. These companies have a view of privacy based around protecting people from Google and the US government rather than privacy from corporations and governments as a whole. They even market themselves as providing so-called digital sovereignty by giving European governments access and control instead of the American government.
-
These companies MUST NOT be allowed to successfully seize control over the compatibility of European banking/government apps with mobile devices via Unified Attestation. These companies have a view of privacy based around protecting people from Google and the US government rather than privacy from corporations and governments as a whole. They even market themselves as providing so-called digital sovereignty by giving European governments access and control instead of the American government.
GrapheneOS is based in Canada but we don't promote it based around it being based in Canada. We're willing to move our non-profit and operations elsewhere in the future if Canada ever passes laws incompatible with our goals. It's based in Canada because it was practical rather than as a core value or approach of GrapheneOS. If Canada goes down the same path as the EU and starts passing laws we cannot accept, then we'll leave Canada rather than ruining GrapheneOS. They won't do that with the EU.
-
GrapheneOS is based in Canada but we don't promote it based around it being based in Canada. We're willing to move our non-profit and operations elsewhere in the future if Canada ever passes laws incompatible with our goals. It's based in Canada because it was practical rather than as a core value or approach of GrapheneOS. If Canada goes down the same path as the EU and starts passing laws we cannot accept, then we'll leave Canada rather than ruining GrapheneOS. They won't do that with the EU.
GrapheneOS exists for the purpose of creating highly private and secure devices which are highly usable and compatible with all of the apps people want to use. GrapheneOS doesn't exist to provide a Canadian smartphone OS and eventually hardware. It's based in Canada because it was a pragmatic decision and we believe it's currently a better location for privacy projects than the US or EU. If that significantly changes, we're open to creating a non-profit elsewhere and moving our operations there.
-
GrapheneOS exists for the purpose of creating highly private and secure devices which are highly usable and compatible with all of the apps people want to use. GrapheneOS doesn't exist to provide a Canadian smartphone OS and eventually hardware. It's based in Canada because it was a pragmatic decision and we believe it's currently a better location for privacy projects than the US or EU. If that significantly changes, we're open to creating a non-profit elsewhere and moving our operations there.
GrapheneOS will fight against attempts by the Canadian government to take control over what people are allowed to use on their devices rather than building a system to enable it. Volla is building a system governments will be able to use to control which hardware and software people are allowed to use. The only usage of attestation should be to protect users as our Auditor app does, not to control what they can use as a growing subset of banking and government apps are doing. That should stop.
-
GrapheneOS will fight against attempts by the Canadian government to take control over what people are allowed to use on their devices rather than building a system to enable it. Volla is building a system governments will be able to use to control which hardware and software people are allowed to use. The only usage of attestation should be to protect users as our Auditor app does, not to control what they can use as a growing subset of banking and government apps are doing. That should stop.
We'll put our support behind a ban on root-based attestation as long as pinning-based attestation is still allowed. Pinning-based attestation doesn't have the same issues with being used to restrict competition and user choice. Our Auditor app is primarily based around pinning-based attestation with little faith put in the initial root-based attestation. A single leaked key from the least secure devices can be used to bypass root-based attestation. It's absolutely not a serious security feature.
-
R relay@relay.infosec.exchange shared this topic
-
GrapheneOS will fight against attempts by the Canadian government to take control over what people are allowed to use on their devices rather than building a system to enable it. Volla is building a system governments will be able to use to control which hardware and software people are allowed to use. The only usage of attestation should be to protect users as our Auditor app does, not to control what they can use as a growing subset of banking and government apps are doing. That should stop.
@GrapheneOS that's the fight
-
GrapheneOS is based in Canada but we don't promote it based around it being based in Canada. We're willing to move our non-profit and operations elsewhere in the future if Canada ever passes laws incompatible with our goals. It's based in Canada because it was practical rather than as a core value or approach of GrapheneOS. If Canada goes down the same path as the EU and starts passing laws we cannot accept, then we'll leave Canada rather than ruining GrapheneOS. They won't do that with the EU.
@GrapheneOS Where would you consider moving to? Nowadays it seems like you can't be save anywhere at all.
-
This is how these companies market their products. They mislead people into buying their products rather than using much more private and secure options.
iodé and Murena have been doing this on a much larger scale than Volla with much more underhanded tactics. They've heavily pushed the false narrative that GrapheneOS isn't usable by regular people, isn't compatible with enough apps and many other inaccurate claims. In reality, it has far broader app compatibility and is much more usable.
@GrapheneOS I must support the point made: I have tried both Murena's /e/OS on a Fairphone and GrapheneOS on a Pixel. The former may look more appealing/engaging at first, but I found the latter much more convenient after time.
-
GrapheneOS is based in Canada but we don't promote it based around it being based in Canada. We're willing to move our non-profit and operations elsewhere in the future if Canada ever passes laws incompatible with our goals. It's based in Canada because it was practical rather than as a core value or approach of GrapheneOS. If Canada goes down the same path as the EU and starts passing laws we cannot accept, then we'll leave Canada rather than ruining GrapheneOS. They won't do that with the EU.
@GrapheneOS Which laws have been passed that are incompatible with the project? I always heard client-side scanning being in the making and optional scanning has recently been disapproved for renewal, right? And isn't age verification on OS level an introduction by Californian lawmakers?
I am genuinely curious, and well aware, that European lawmakers are flirting with surveillance... except for themselves, of course.
-
We'll put our support behind a ban on root-based attestation as long as pinning-based attestation is still allowed. Pinning-based attestation doesn't have the same issues with being used to restrict competition and user choice. Our Auditor app is primarily based around pinning-based attestation with little faith put in the initial root-based attestation. A single leaked key from the least secure devices can be used to bypass root-based attestation. It's absolutely not a serious security feature.
Here's an archive preserving all of the posts from this account clearly run Volla:
It has the whole history of how it was used to promote it pretending to be a supporter with inaccurate marketing to the current outrageous conspiracy theory attacks.
