Rossmann made a thread on Kiwi Farms because Kiwi Farms members support him, and they support harassing his targets.
Rossmann has an account on Kiwi Farms for the purpose of engaging with his supporters on the site. He acts friendly with them and they choose to actively support him.
Rossmanns thread on the site is in support of him, not a harassment thread against him.
>Rossmann has an account on Kiwi Farms for the purpose of engaging with his supporters on the site. He acts friendly with them and they choose to actively support him
Once again. Okay and? Kiwifarms is a legal site in the us. He is engaging in no harassment or doxxing of anyone just talking to people that talk about him. Does micay talking on twitter with other people mean he supports musk or anything else anybody does on the platform?
If all your points are just "guilt by association" then just say that.
It's beyond guilt-by-platform-use. I just started looking into this today, but the primary dox thread thanks Rossman for information he provided, so I'm not entirely sure about your claim. When Rossman does weigh in on that site he seems fairly unbothered by the fact that people on there are posting every private detail they can unearth of Micay's and calling for Micay's violent murder, at least from what I've seen in my cursory glance.
He's also made highly-viewed videos theatrically (and ridiculously) expressing technically unfounded concerns about the project, laid the blame at Micay's feet, and went on to make verifiably false claims about the project, about himself, about his own relation to it (from everything I can find about it), and appears to have no problem stoking any of it.
I had long appreciated Rossman's work on right-to-repair, but when that video came out I found it pretty beneath his potential. He scored cheap points from his considerably bully pulpit for his own benefit.
KiwiFarms is a platform created for the purpose of cyber bullying, harassment and encouraging self-harm. This is very different from a general purpose social media platform that happens to have people signing up that misbehave. The whole point around KiwiFarms is that it's a place to be the most terrible version of yourself and the promise that it won't be moderated. It says a lot about Rossman that he believes it's worth engaging with such people there. Yes, reasonable and ethical people would indeed choose to not be associated with KiwiFarms.
It's beyond guilt-by-platform-use. I just started looking into this today, but the primary dox thread thanks Rossman for information he provided, so I'm not entirely sure about your claim. When Rossman does weigh in on that site he seems fairly unbothered by the fact that people on there are posting every private detail they can unearth of Micay's and calling for Micay's violent murder, at least from what I've seen in my cursory glance.
He's also made highly-viewed videos theatrically (and ridiculously) expressing technically unfounded concerns about the project, laid the blame at Micay's feet, and went on to make verifiably false claims about the project, about himself, about his own relation to it (from everything I can find about it), and appears to have no problem stoking any of it.
I had long appreciated Rossman's work on right-to-repair, but when that video came out I found it pretty beneath his potential. He scored cheap points from his considerably bully pulpit for his own benefit.
Reducing that to mere guilt by association hardly captures it.
None of this is accurate. Community backlash was not what forced them to step down. The attacks, including attempted murder, was what led them to handing the lead developer position to another trusted project member.
Attacks against GOS have not been quiet for years, attacks have still been ongoing during that time.
Micay was distressed due to ongoing circumstances. Rossmann choice to publicly blast what was supposed to be a private discussion, lied to his own viewers, twisted what was happening, etc. Also note Rossmann has an identity verified kiwifarms account.
GrapheneOS has plenty of evidence and they post it alongside their claims. They post it carefully though, and are willing to provide it to people upon request.
At the time of writing, I scrolled 4 posts down and found one. GrapheneOS are security researchers, so they often are a first party source. As for the attacks, they have plenty of evidence for their claims. They avoid giving any attacks more publicity, but they usually provide evidence if you ask.
Please provide a link to this post you found, so I can tell which one you think is a citation to a source. If you want some examples of recent posts that should have a source but don't, here they are:
You have been saying this sort of stuff on the Qubes forum and a bunch of other places for awhile now.
Hardware kill switches are nice-to-have, but they are significantly less important than the OS actually protecting the mic. With your Librem/PinePhone, you cannot even reasonably expect your calls with end-to-end encrypted apps like Signal and Element to be protected. Any app with access to the PulseAudio socket (which happens to be anything that you want to have audio playback with) can snoop on your mic at any moment in time. This does not even require an OS compromise.
This has been pointed out to you repeatedly and yet you choose to ignore it, and instead you just do character assassination whenever a post regarding GrapheneOS or Daniel Micay shows up because what Micay says goes against your favorite ideological products...
> Any app with access to the PulseAudio socket (which happens to be anything that you want to have audio playback with) can snoop on your mic at any moment in time.
I said multiple times that I exclusively run trusted apps on the phone. I use Qubes for untrusted staff. Do you understand that threat models can vary?
> Hardware kill switches are nice-to-have, but they are significantly less important than the OS actually protecting the mic.
I never said they were more important. I only said they could reliably protect in sensitive cases.
> instead you just do character assassination
I choose to dispute false information. I don't care about any personalities. And I would be happy to be proven wrong, too.
> I said multiple times that I exclusively run trusted apps on the phone. I use Qubes for untrusted staff. Do you understand that threat models can vary?
By that logic, you might as well just not have the killswitch at all. Everything is magically "trusted", right?
Yes, I do understand that threat models can vary. Please give an example of a threat model where it makes more sense to use a phone which cannot protect any private calls over a functioning phone that has real protection.
If you are going to say "oh, when you never talk on the phone at all" then you might as well just remove the mic. It's not hard.
As usual, there is nothing that GrapheneOS or Micay says regarding the Librem or Pinephone that is inaccurate. You are just saying stuff that doesn't even remotely make any sense. Perhaps you are being deliberately disingenuous. Perhaps you are just so blinded by an ideology that you cannot see that what you say is just nonsense. I wouldn't know.
> I choose to dispute false information. I don't care about any personalities.
> Their microphone kill switch also doesn't prevent audio recording
It doesn't prevent audio recording in the super paranoid "oh, the whole phone has been compromised" scenario because it is bypassable via the sensors.
In fact, it doesn't even protect the phone in normal operation, because apps with device=all can access the sensors without the whole phone being compromised.
It doesn't prevent audio recording with any normal usage either because the OS is incapable of protecting private conversations thanks to the PulseAudio socket. "Exploiting" this is significantly easier than any of the stuff involving the sensors.
And what good is the phone when 3 switches are off? You think that people buy a phone with a "mic killswitch" expects to have to turn off practically everything including internet to make sure that their mics aren't snooped on?
Does that really sound like a functioning "killswitch"?
On a long enough timeline he'll probably cite this comment chain as proof you were unable to respond to his concerns, like everyone else who's ever tried.
Oh he's already done that when I explained to him how stuff like PureBoot has circular logic and doesn't actually work on Qubes forum already.
Unfortunately he will just ignore every single counter argument ever made and blindly believe these companies because their marketing material has "freedom" and "FOSS" in it.
On Qubes forum, you had replies from far more knowledgeable people than me. You never could answer to them. You only talk about the lack of security of Pureboot and never showed the code breaking it. "Talk is cheap, show me the code".
I did reply to them plenty of times. Here you go doing the exact same thing again - ignoring 100% of what's being said, then claiming "no one can respond".
> You only talk about the lack of security of Pureboot and never showed the code breaking it.
If you think a piece of code is needed to understand why it's a joke, then I don't even understand what is wrong with you. LMAO. The whole thing is conceptually botched, and they pretty much admitted as much.
1. Boot block performs measurements of itself, its settings and everything down the chain for attestation.
2. There's nothing protecting the boot block.
3. A malicious boot block can lie about measurements.
4. If the goal is to defend against an attacker who tampers with the BIOS chip - then it fails at doing so miserably because an attacker can just use a boot block that lies about the measurements.
Seriously, what good is showing you the code if you don't even conceptually understand how the thing works?
You know, there is a famous saying: A farmer does not need to know how to lay eggs to know whether an egg is good or bad. In our case, the egg is already rotten from the get-go. This is not a "Ohhh something has such bad code I can attack it using XYZ method, wait and see!" situation. This is a situation where "Your logic doesn't even make any sense to begin with."
Perhaps, just perhaps, you can benefit from just spending 5 minutes thinking a bit about how the whole thing actually works at a very high level and read what I said above.
Thank you for your kind advice, but I prefer to trust a developer of Heads and many Qubes contributors instead of a loud Internet commenter criticizing everything and everyone.
Everything Micay said in that linked thread was and remains correct. You again fail to address what was incorrect in his comment. Going on to later ask people "what is correct about it?" is rhetorically disingenuous at best.
But as you consistently slide any adjacent topic you can into a discussion about the Librem 5 (no matter how tortured a segue), let's go with that and revisit it.
I looked at your puri.sm link, and it mostly served to lower my estimation of the Librem 5's kill switch system. You can't disable the sensors in a trustworthy way without disengaging every kill switch at the same time, entering it into their Lockdown Mode. At that point it's just a still insufficiently air-gapped, highly underpowered Linux device which remains poorly secured against other side-channel attacks. The speaker which, by everything I could find, is still functional, the OS remains poorly secured against software attacks, it lacks proper hardware security, and so on.
It fails in terms of human factors, too. Joe Consumer thinks flipping off the mic switch prevents audio recording, but it doesn't in multiple regards. Even putting it into Lockdown Mode doesn't disable the speaker, which can be used to record audio despite your insistence that the device is fully secured when all switches off. Speakers can also be used to exfil data over short distances, demonstrated to work through walls.
Poor misinformed Joe Consumer is also still left with the same issues the other commenter has already identified in terms of the difficulty of securing any Linux computer.
But that's okay, because you only run trusted software. Until one of those trusted pieces of software include a compromised library, which happens often. You are, at that point, relying on the OS and its relationship to its hardware, which, flawed switch system aside, is highly insufficient. The device offers very little protection at that point. You know all this because you run Qubes OS, but hand-wave that away by appealing to trusted software as soon as the Librem 5 becomes the subject.
If I was modeling threats around protecting sensitive files on the device, not falling victim to attacks that could record audio and/or exfil data or otherwise leak, I'd still go with GrapheneOS on a Pixel 8 or later.
The Librem 5 wins for anyone who just wants a phone which runs Linux (which is a great thing and I wish we had more options which did that), but the security theater of that device is just goofy from top to bottom, as are its more vocal and less reasoned supporters. If one's threat model is, one sometimes wants to be able to turn off all radios and sensors, leaving the speaker functioning, with an otherwise poorly secured device, then, great. It's the device for you. But it's a threat model which will be practically beneficial to very few people, if any.
If your holy grail is having the radios off without other hardware or software considerations, great, you've found the phone for you. It's a brilliantly marketed device for well meaning but poorly informed people with underdeveloped threat models, and, I guess, for someone in your situation who's happy to make all of the above compromises to be able to physically disconnect radios.
Do you always enter Lockdown Mode before typing anything sensitive, due to the attack vector they highlighted about deriving typed data via sensor data? ('No, because I only run trusted software.' See above.) You literally can't disable the sensors without disabling all radios. They acknowledge that sensors are an attack vector worth addressing, yet don't put sensors on a discrete circuit. Like I said, great marketing. Otherwise pretty goofy.
Would I complain if the upcoming Motorola GrapheneOS phone had physical hardware switches? Sure, I'd take an additional layer of containment if all of the fundamentals are addressed properly.
But your argument is like bolting the world's best seat belts onto a motorcycle, and never missing an opportunity to tell the world about your belts, wonderful though they truly are.
Not entirely sure if the chip they are using (WM8962) can be reconfigured as a mic or not... it probably can't. But yes, the speaker is still active even when the mic is toggle off.
Everything else is pretty much the argument though - who buys a phone with a microphone killswitch so good that for it to actually function you must also flip the other killswitches to kill both wifi and cellular connection? A microphone killswitch so impeccable that in order for you to not be snooped on you also have to give up texting and browsing the internet. Truely impressive stuff.
Man, if this entirely thread of people calling out how ridiculous the implementation is and the killswitch not actually working in practice isn't enough to convince you, nothing ever will.
I don't even feel like arguing against the absurdity of your arguments anymore. This is my last attempt at dumping it down a notch:
A "microphone killswitch" is supposed to protect the user against having their convos being snooped on when it's toggled and still be able to use the phone in a meaningful manner. A "microphone killswitch" that doesn't really function on its own and requires turning the entire device into a brick is non-fuctional for all practical purposes.
I might as well just invent a "microphone killswitch" that requires people to pull out the battery to make sure that they are not snooped on at that point.
> A "microphone killswitch" is supposed to protect the user against having their convos being snooped on when it's toggled and still be able to use the phone in a meaningful manner
LOL, it's hard to imagine a more ridiculous and self-contradicting statement than this.
1. It's just physically impossible to defend from tracking, when the phone has networking connections on. Not even on all-mighty GrapheneOS.
2. I am using a phone with the kill switches off in a meaningful manner all the time. It is a full computer running a desktop OS and can run any apps, including listening to music from a microSD card, reading saved text/pdf files, showing presentations with original LibreOffice, programming in any language with standard tools, and so on.
3. Even though the phone in the lockdown mode (with all three kill switches off) has no connections, if I'm ever in emergency and need some help, I can turn the phone functionality back on and call for the help I need. Obviously, privacy in such case would be secondary after health.
4. Unlike for GrapheneOS, there is no way to hack my kill switches for any money. I can be 100% certain that they work as intended, even if a state actor is against me. Yes, everything else might be compromised in such case but not the tracking and listening to me when I need true location and microphone privacy.
>> Their microphone kill switch also doesn't prevent audio recording
More dangerous advice. The microphone kill switch prevents audio recording via the mic, not via the sensors or speaker. A Librem 5 user needing to secure against audio attacks would need to switch all kill switches off, not just the mic one (by Librem 5's own estimation), but would still be vulnerable to the speaker.
The effect of your participation in threads about projects you claim to care about is harmful. Please do better.
Librem 5 speakers cannot be used for recording, according to the developers. Yes, all kill switches protect you from the sensors.
This is indeed a misunderstanding, again. Reliable protection is possible - this is all I wanted to say. Not everybody means "all sensors" when they say "microphone". I took the phrase literally.
> Their entire post regarding pinephones is accurate.
I never mentioned Pinephones, although I do believe that the attack on them is still too harsh. Their security is about as good as the one for Linux. And it's not exactly "atrocious". Especially if you only use software from the official repositories. Let's agree that it should be improved though. (I prefer Qubes OS myself.)
> Hardware kill switches need to be correctly implemented.
Are you saying they aren't for Librem 5?
> A kill switch cutting off mics and not sensors or speakers is incomplete and privacy theater.
I explained in the link above that cutting all sensors is exactly what happens if you choose it.
> Not to mention kill switches assume the device is already compromised
This is not accurate. Kill switches imply that even if the device is compromised (which you can never 100% verify, even on GrapheneOS), your location etc is still private, when you need it.
GrapheneOS has never concealed this information, it has been publicly accessible on the GrapheneOS website for years, as an article describing the projects history. https://grapheneos.org/history/
Deleting signing keys under threat of a hostile takeover is the responsible thing to do.
Maybe true, but but the flip side is that sometimes what is called an attack is actually criticism. That's how it appears to a lot of us from the outside.
GrapheneOS wants to post more positive things, rather than just defensive replies. But they have very little choice in the matter. If the inhumane levels of attacks werent happening, they would have more time to discuss future features, how they choose to approach features, etc. But ignoring the attacks only make it worse. The suggestions to ignore it, even if genuine, arent helpful.
It may be the case that Daniel and the project are so under siege that they need to take a hostile attitude toward some of the people they interact with as a matter of self preservation. They may have no other option. But taking this posture while also being fair to all of the people around them (i.e. some people who aren't actually attacking them) may be difficult or even impossible. I can see this behavior in myself sometimes. I just don't have the energy to be fair. "F U".
I wouldn't want to see friendly corporate slop either. I appreciate how down to nuts and bolts the communiques are on Mastodon and how deadly serious they take everything. That part of the communication style makes me trust them more.
I think a good step in the right direction might be acknowledging that being defensive necessarily leads to erring on the side of assuming bad faith rather than good, which leads to some mis-judgements. So far you said that GrapheneOS is open to all criticisms, which (though I haven't followed the space very recently so my memory on specifics is hazy) just does not seem to match my interpretation. I think that if we were having this conversation on Twitter or Mastodon, Daniel would have blocked me by now (if he hadn't already blocked me years ago).
People can accidentally be spreading attacks with loaded/presumptuous statements even when their intentions are pure. Unfortunately, pure intentions can still cause harm that needs to be countered.
Take your reply as an example, the GrapheneOS accounts are managed by multiple people, so the fixation on one specific project member may not even be accurate to the discussion. Having ones character attacked is immensely harmful on its own, but being attacked for something one may not even be doing is also immensely harmful.
The unfortunate reality is that people tend to believe the first thing they read, and without something countering it, will roll with it, intentionally or otherwise. So countering misinfo efficiently and quickly is vital.
GrapheneOS needs to defend themselves. There would be more time for other types of posts other than defensive ones if they did not have to defend themselves.
Rossmann has an account on Kiwi Farms for the purpose of engaging with his supporters on the site. He acts friendly with them and they choose to actively support him.
Rossmanns thread on the site is in support of him, not a harassment thread against him.
reply