Gaël Duval is the founder and president of the /e/ foundation along with the CEO of Murena.
-
For years, Gaël Duval has spearheaded a campaign to misrepresent GrapheneOS as not being usable, not compatible with apps and only useful to a tiny minority of people. He has repeatedly claimed GrapheneOS is for pedophiles, criminals and spies while claiming /e/ is for everyone.
as a non-expert my first conclusion is that someone like Duval is working for state agencies if he's working to diminish security for us mere mortals
-
/e/ is far weaker in all of these areas compared to the standard Android Open Source Project on secure hardware. It doesn't keep up with standards updates and protections. It adds tons of low security attack surface and privacy invasive services. It's not in the same space as us.
-
GrapheneOS and iOS are both heavily focused on privacy and security. Both are gradually adding much stronger protections against apps/sites scraping data, coercion users into giving data via alternatives with case-by-case consent and increasingly strong exploit protections.
@GrapheneOS to be fair they don't promise security, only privacy. at least in their foreword on their website here.
I don't think it's by accident that they don't even use the word secure, or security, on the whole page.
/e/OS - e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data
ECOSYSTEMKEY FEATURESGET /E/OSNEED HELP /e/OS is a complete, fully “deGoogled”, mobile ecosystem /e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy. /e/OS has received academic recognition from researchers at…
(e.foundation)
I've seen claims before where they claim it's better than GrapheneOS. But in what regard? Maybe degoogling and having alternatives pre-installed? GrapheneOS is probably more involved to get the same apps. That's the only way /e/ is better in my opinion
-
Gaël Duval is the founder and president of the /e/ foundation along with the CEO of Murena. Duval and his organizations have consistently taken a stance against protecting users from exploits. In this video, he once again claims protecting against exploits is for only useful pedophiles and spies.
Translation to English:
> There's the attack surface, on that front we're not security specialists here, so I couldn't answer you precisely, but from the discussions I've had, it seems that everything
@GrapheneOS *sigh* once again the pedo* argument. Right in line with right wing folks in the EU chat surveillance is necessary because you know ....
-
@GrapheneOS to be fair they don't promise security, only privacy. at least in their foreword on their website here.
I don't think it's by accident that they don't even use the word secure, or security, on the whole page.
/e/OS - e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data
ECOSYSTEMKEY FEATURESGET /E/OSNEED HELP /e/OS is a complete, fully “deGoogled”, mobile ecosystem /e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy. /e/OS has received academic recognition from researchers at…
(e.foundation)
I've seen claims before where they claim it's better than GrapheneOS. But in what regard? Maybe degoogling and having alternatives pre-installed? GrapheneOS is probably more involved to get the same apps. That's the only way /e/ is better in my opinion
@GrapheneOS but I'm fine with not even comparing them. grapheneos is an OS and /e/ is a ROM
-
/e/ is far weaker in all of these areas compared to the standard Android Open Source Project on secure hardware. It doesn't keep up with standards updates and protections. It adds tons of low security attack surface and privacy invasive services. It's not in the same space as us.
/e/ and Murena devices are far worse for privacy and security than an iPhone. It's trivial to break into their devices remotely or extract data from them compared to an iPhone. They have weaker privacy protections from apps too. Their main approach to privacy is a DNS blocklist.
-
/e/ and Murena devices are far worse for privacy and security than an iPhone. It's trivial to break into their devices remotely or extract data from them compared to an iPhone. They have weaker privacy protections from apps too. Their main approach to privacy is a DNS blocklist.
Their DNS blocklist can only block domains not used for useful functionality to avoid ruining usability. Meanwhile, the most privacy invasive behavior by apps is rarely ever split out into separate domains. Even for those, apps and websites can trivially evade DNS blocklists.
-
Their DNS blocklist can only block domains not used for useful functionality to avoid ruining usability. Meanwhile, the most privacy invasive behavior by apps is rarely ever split out into separate domains. Even for those, apps and websites can trivially evade DNS blocklists.
It's common for apps and websites to do everything through their own servers. That's best practice to avoid leaking API keys. It's increasingly common for invasive libraries to use hard-wired IPs and/or DNS-over-HTTPS to evade blocking. DNS filtering is increasingly less useful.
-
It's common for apps and websites to do everything through their own servers. That's best practice to avoid leaking API keys. It's increasingly common for invasive libraries to use hard-wired IPs and/or DNS-over-HTTPS to evade blocking. DNS filtering is increasingly less useful.
Murena is a for-profit company owned by shareholders including Gaël Duval. /e/ has a non-profit organization which is also led by Gaël Duval. /e/ includes paid services from Murena. /e/ very clearly exists to build products for Murena to sell in order to enrich the shareholders.
-
/e/ and Murena devices are far worse for privacy and security than an iPhone. It's trivial to break into their devices remotely or extract data from them compared to an iPhone. They have weaker privacy protections from apps too. Their main approach to privacy is a DNS blocklist.
@GrapheneOS So just the basic stuff you can already get from a pi-hole, DDG app tracking protection etc.
-
It's common for apps and websites to do everything through their own servers. That's best practice to avoid leaking API keys. It's increasingly common for invasive libraries to use hard-wired IPs and/or DNS-over-HTTPS to evade blocking. DNS filtering is increasingly less useful.
@GrapheneOS What's a more solid solution for blocking ads/trackers than DNS filtering?
-
@GrapheneOS to be fair they don't promise security, only privacy. at least in their foreword on their website here.
I don't think it's by accident that they don't even use the word secure, or security, on the whole page.
/e/OS - e Foundation - deGoogled unGoogled smartphone operating systems and online services - your data is your data
ECOSYSTEMKEY FEATURESGET /E/OSNEED HELP /e/OS is a complete, fully “deGoogled”, mobile ecosystem /e/OS is an open-source mobile operating system paired with carefully selected applications. They form a privacy-enabled internal system for your smartphone. And it’s not just claims: open-source means auditable privacy. /e/OS has received academic recognition from researchers at…
(e.foundation)
I've seen claims before where they claim it's better than GrapheneOS. But in what regard? Maybe degoogling and having alternatives pre-installed? GrapheneOS is probably more involved to get the same apps. That's the only way /e/ is better in my opinion
They dont provide privacy. So a promise is already broken. But beyond that, privacy cannot exist without security. They arent mutually exclusive, they are intertwined. To ignore security means you are not a privacy project.
E/ is not better at degoogling. GrapheneOS does not connect to any google servers, run any google play code, have any privilege google services, etc. Sandboxed google play is sandboxed and must be installed by the user. All default connections are to first party servers hosted by GOS. It is not more involved to get the same apps, google or otherwise.
-
For years, Gaël Duval has spearheaded a campaign to misrepresent GrapheneOS as not being usable, not compatible with apps and only useful to a tiny minority of people. He has repeatedly claimed GrapheneOS is for pedophiles, criminals and spies while claiming /e/ is for everyone.
@GrapheneOS I don't think you should attack frontally others like that whenever
Reminding security is privacy is good.
Responding to attacks is good (which is not the case *here*)I understand its CEO and the Murena company might have attack the GrapheneOS project in the past, and responding to that was normal too.
But I don't see attacking /e/OS like that often as a positive feedback in general. A simple reminder could have been enough.
️ on the GrapheneOS project btw -
@GrapheneOS but I'm fine with not even comparing them. grapheneos is an OS and /e/ is a ROM
@codebam @GrapheneOS They are both operating systems. ROM is an inaccurate term.
-
Murena is a for-profit company owned by shareholders including Gaël Duval. /e/ has a non-profit organization which is also led by Gaël Duval. /e/ includes paid services from Murena. /e/ very clearly exists to build products for Murena to sell in order to enrich the shareholders.
Despite being done for profit, /e/ receives millions of euros in funding from the EU on an ongoing basis. /e/ and Murena use extraordinarily inaccurate marketing to not only promote their products/services but also to mislead people about GrapheneOS and scare them away from it.
-
@GrapheneOS I don't think you should attack frontally others like that whenever
Reminding security is privacy is good.
Responding to attacks is good (which is not the case *here*)I understand its CEO and the Murena company might have attack the GrapheneOS project in the past, and responding to that was normal too.
But I don't see attacking /e/OS like that often as a positive feedback in general. A simple reminder could have been enough.
️ on the GrapheneOS project btw@GrapheneOS I prefer seeing post about GrapheneOS or Android security from your account than continous attacks on other projects (even if they are legitimatel), but that's my personal opinion
-
@GrapheneOS What's a more solid solution for blocking ads/trackers than DNS filtering?
@tedstechtips @GrapheneOS
Probably a local MitM (e.g. AdGuard), but that increases attack surface a lot -
@codebam @GrapheneOS They are both operating systems. ROM is an inaccurate term.
@HybridStaticAnimate @GrapheneOS well it is a ROM in the sense that you flash it with TWRP, or you can
-
@HybridStaticAnimate @GrapheneOS well it is a ROM in the sense that you flash it with TWRP, or you can
@HybridStaticAnimate @GrapheneOS GrapheneOS is a factory image and is used with a locked bootloader
-
@HybridStaticAnimate @GrapheneOS well it is a ROM in the sense that you flash it with TWRP, or you can
@codebam @GrapheneOS This does not make something a ROM. ROM is an inaccurate term.
