This one’s been particularly hard to sit out because the executive and managerial class are absolutely mainlining this stuff and pushing it hard on the rest of the organization, and so whether or not I want to keep up, I need to, because my job is to actually make stuff work and this stuff is a borderline existential risk to the quality of the systems I’m responsible for and rely on.
Graphene is not a consumer brand and they do not intend to be a consumer brand. They do one thing: make as secure a phone OS as they can. That’s it. If you’re expecting them to do anything in a friendly way, it ain’t gonna happen, that’s not who they are or what they do. That will absolutely limit their scope and reach, but it also allows them to focus on the one thing they’re trying to do without making compromises.
For contrast, Signal is a very secure messenger which also wants to be user friendly so as to get the largest user base they can, which leads to all kinds of compromises - everything that’s come out that looks like a vulnerability in Signal originates in some feature or capability added to make the product more user friendly. Graphene will not make those trades.
Neither approach is de facto right - they spring from fundamentally different philosophies on how to maximize user safety, and both have been extremely successful in their missions, but you’ve gotta recognize what you’re looking at when you look at Graphene.
> They do one thing: make as secure a phone OS as they can. That’s it. If you’re expecting them to do anything in a friendly way, it ain’t gonna happen, that’s not who they are or what they do.
These things are not mutually exclusive:
You can make a great technical product while being friendly. You can make a great technical product while not being friendly.
You can make a compromised or flawed technical product while being friendly. You can make a compromised or flawed technical product while being unfriendly.
This comes up pretty often in other HN threads, unrelated to Graphene. There's this weird personality type who insists that they aren't legally obligated to be friendly or nice or pleasant, therefore it's fine for them to be unfriendly or jerks or unpleasant.
GrapheneOS needs to defend themselves. There would be more time for other types of posts other than defensive ones if they did not have to defend themselves.
As a community organizer for systems programmers: welcome to my world! I've finally made some headway after a decade, helped by the mass layoff apocalypse. (Turns out social skills help you stay solvent.)
Actually, you can't make a great product if you've alienated your allies, because all successes are intrinsically social, from the iPhone to Python to even the processor itself.
Going it alone is that nineties libertarian romanticism, a persistent self-destructive tendency that in present market conditions is unsustainable
If they were doing that one thing, they would not have posted this. It's fine not to market to consumers, but this raises additional concerns about the founder's judgement. Someone else claimed that they deleted update signing keys for copperhead devices. That's seriously concerning if true; possibly bad enough to switch away from grapheneOS.
He deleted the signing keys because it looked like the other owner of Copperhead OS wanted to make the signing keys available to government agencies and/or criminal organizations. He deleted the signing keys to protect their users against malicious updates, which is the right thing to do and should increase trust in him and the project.
It's worth actually reading the linked post. Relevant segment:
In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.
The keys had been in continuous use by Micay, in his personal capacity, since before the incorporation of Copperhead. However, more importantly, any party with the keys could mark malicious software as “authentic”, and thereby infiltrate devices using CopperheadOS.
Micay was unwilling to participate in that kind of security breach. Since Donaldson had control over certain infrastructure for the open source project, he would be able to incorporate (or hire others to incorporate) the privacy-damaging features described above for all future releases of CopperheadOS. Micay therefore deleted the keys permanently and severed ties with Copperhead and Donaldson.
Is it that Donaldson wanted to pursue deals with criminals or he wanted to backdoor an OS for a defense contractor or that he was a government spy? From the article it seems like none. Claims need receipts or they are blind assertions.
Me? I was a CopperheadOS user from the 2021 rebuild era before GrapheneOS existed in its state. All I've seen from GrapheneOS and Micay are claims without evidence and over-moderation of points they don't agree with.
Ah, thanks for setting me straight. That's reassuring. I think I would still have more respect and trust for GrapheneOS if they either didn't respond, or struck a more neutral tone; but that's more subjective.
GrapheneOS has never concealed this information, it has been publicly accessible on the GrapheneOS website for years, as an article describing the projects history. https://grapheneos.org/history/
Deleting signing keys under threat of a hostile takeover is the responsible thing to do.
It's not just about being friendly. If they have a bubble around them of employees, true believers, and people just afraid of speaking out that chills free expression of criticism, the truth has trouble getting out, which hurts trust.
Maybe true, but but the flip side is that sometimes what is called an attack is actually criticism. That's how it appears to a lot of us from the outside.
GrapheneOS wants to post more positive things, rather than just defensive replies. But they have very little choice in the matter. If the inhumane levels of attacks werent happening, they would have more time to discuss future features, how they choose to approach features, etc. But ignoring the attacks only make it worse. The suggestions to ignore it, even if genuine, arent helpful.
It may be the case that Daniel and the project are so under siege that they need to take a hostile attitude toward some of the people they interact with as a matter of self preservation. They may have no other option. But taking this posture while also being fair to all of the people around them (i.e. some people who aren't actually attacking them) may be difficult or even impossible. I can see this behavior in myself sometimes. I just don't have the energy to be fair. "F U".
I wouldn't want to see friendly corporate slop either. I appreciate how down to nuts and bolts the communiques are on Mastodon and how deadly serious they take everything. That part of the communication style makes me trust them more.
I think a good step in the right direction might be acknowledging that being defensive necessarily leads to erring on the side of assuming bad faith rather than good, which leads to some mis-judgements. So far you said that GrapheneOS is open to all criticisms, which (though I haven't followed the space very recently so my memory on specifics is hazy) just does not seem to match my interpretation. I think that if we were having this conversation on Twitter or Mastodon, Daniel would have blocked me by now (if he hadn't already blocked me years ago).
People can accidentally be spreading attacks with loaded/presumptuous statements even when their intentions are pure. Unfortunately, pure intentions can still cause harm that needs to be countered.
Take your reply as an example, the GrapheneOS accounts are managed by multiple people, so the fixation on one specific project member may not even be accurate to the discussion. Having ones character attacked is immensely harmful on its own, but being attacked for something one may not even be doing is also immensely harmful.
The unfortunate reality is that people tend to believe the first thing they read, and without something countering it, will roll with it, intentionally or otherwise. So countering misinfo efficiently and quickly is vital.
All the stuff about members of our team not being stable is ridiculous and only works in favor of people or organizations that don't like us or want to damage GrapheneOS.
GrapheneOS has multiple people helping out. Many developers as well as people who help out with non-development work. It's a big claim to say that the whole team is unstable.
I'd suggest reading the article again. Considering the situation, the party about deleting the keys should be a good sign for anyone reading it. It shows that the project's leadership cares about doing things the right way. Members of the team are similarly dedicated to helping build and support an OS that improves people's privacy and device security, not to scam users by making a flashy product and rake in cash. Or, in Donaldson's case, work with shady companies and even possibly criminals.
Privacy and security projects like GrapheneOS are important considering the political landscape these days. People really need to stop repeating inaccurate claims about us, like that we're criminals, unstable, crazy, etc.
> A wealthy nation-state with a sufficiently motivated voter base could certainly build up a meaningful competitor to TSMC over the course of, say, a decade or two (or three...).
TBH I think the bigger problem for how we teach kids are twofold:
1. There's a right answer to every problem in school
2. If you got it wrong, that's bad, and you did bad.
The pattern I've seen from younger people these days is a learned helplessness, where there's no room for them to be creative in school, and any attempt to do so runs the risk of failing an assignment, getting a B, missing out on Harvard, and spending the rest of their lives poor in a ditch, or so they're told.
One place I've seen people get caught here is when they don't actually have the information they need to solve the problem - when they don't understand the problem space well enough, or they don't know the boundaries of the systems or technologies they're using well enough, or there's unanswered questions. At that point, I've seen people dig into research projects and 15 page design document discussions that would all be obviated by a day or two of just doing the thing and seeing what happens.
My understanding is that was the actual point of "move fast and break things" - gain knowledge by trying stuff to help you make better decisions, even if you make a mistake and need to roll back or fix it. The art to this is figuring out how to contain the negative consequences of whatever you're testing, but by all means, experiment early to gather information.
I've stated it to mentees as "don't be afraid to start a fire as long as you know where the fire extinguishers are" - it's OK to fail in the service of learning so long as you fail in a contained way.
Fun fact: Neanderthals actually had larger brains than Homo Sapiens! Modern humans are thought to have outcompeted them by working better together in larger groups, but in terms of actual individual intelligence, Neanderthals may have had us beat. Similarly, humans have been undergoing a process of self-domestication over the last couple millenia that have resulted in physiological changes that include a smaller brain size - again, our advantage over our wilder forebearers remains that we're better in larger social groups than they were and are better at shared symbolic reasoning and synchronized activity, not necessarily that our brains are more capable.
(No, none of this changes that if you make an LLM larp a caveman it's gonna act stupid, you're right about that.)
Bigger brain does not automatically mean more intelligence, but we have reasons to suspect that homo neanderthalensis may have been more intelligent than contemporary homo sapiens other than bigger brains.
You can't draw conclusions on individuals, but at a species level bigger brain, especially compared to body size, strongly correlates with intelligence
This is the other side of the coin of Uber violating state and local regulations for the better part of a decade to get their business off the ground or HSBC laundering money for the cartels.
A weird part about the modern world is that a cell phone is incredibly cheap compared to shelter, food, or just about anything else. You’d be surprised how many homeless folks have phones.
Astronauts are, as a group, extremely risk loving. Every single person who signs up to go into space knows what they’re signing up for - they’ve spent their entire life working for the opportunity to be put in a tin can and shot into orbit atop a million pounds of explosives. There’s a very valid critique that NASA has become far too risk averse - we owe it to the astronauts to give them the best possible chance to complete the mission and make it back safely, but every single person who signs up for a space mission wants to take that risk, and we don’t do anyone any favors by pretending that space can be safe, that accidents are avoidable, or that the astronauts themselves don’t know what they’re signing up for. A mission that fails should not be considered a failure unless it fails because we didn’t try hard enough.
My father, who flew combat missions for the Navy in Vietnam and then became a test pilot, told me after the loss of Columbia that if he had had a chance to make that flight and spend 7 days in Earth orbit, even knowing that he'd burn up on reentry, he'd have done it.
1) Eventually you will die, no matter what. It can be the most mundane thing. Slipping on a ketchup splatter can cause great damage for example.
2) It's a profession where you intentionally kill people, so, that changes the calculation for your own risk.
3) It's a unique opportunity.
(and potentially)
4) Gives a sense of living / be in history books for his family.
So you have a possibility of a guaranteed exciting life for a death that you anyway will have, but doing something you love, it's not too bad.
This is one of the things that’s deeply challenging for biology and biochemistry - it’s extremely resistant to the sort of reductionism that works so well for other fields. It’s rare to find a single compound, a single species, or a single pathway that’s responsible enough for an effect to show up in studies of the sort of power that one can muster without a ton of time and money, and as soon as you try to capture synergistic effects, you hit a combinatorial wall quickly. In microbiology, for instance, colonies of different bacterial species are the norm, not the exception, and metabolic pathways that span multiple species are common to the point that trying to isolate a given species’ contribution can miss the effect entirely.
> metabolic pathways that span multiple species are common to the point that trying to isolate a given species’ contribution can miss the effect entirely.
So, a metabolic pathway is the set of steps by which an organism converts one molecule into another - this can be by splitting a molecule into pieces, by adding or removing an atom or small group of atoms, or by combining two different molecules into a larger or more complex one. By way of a very, very simple pathway, your body breaks down ethanol (alcohol, C2H5OH) by first removing a hydrogen (and causing the oxygen to double-bond to the carbon) to create Acetaldehyde, CH3CH=O, and then oxidizing that by swapping the H remaining on the second carbon for an OH to create Acetic Acid, the primary component in vinegar. So, when we say your body metabolizes ethanol into acetic acid, we're talking about a two step metabolic pathway.
Bacteria can stash intermediate pathway results outside of their cell wall for various reasons (sometimes the chemical environment is more amenable outside the cell than inside, sometimes buildup of the intermediates can disrupt other processes, sometimes that's just how it happens - biology is weird), and very often what you'll see is that a multi-step metabolic pathway can span across multiple different organisms - so, species 1 takes up a starting material, performs a handful of modifications, and then excrete the results outside the cell wall, and then another species will take up that substance and perform additional modifications on it, and this can run through several species before reaching the terminal state in the pathway (including the first species again). This works because each bacteria can have different enzymes and different internal chemistry which can affect how easy or likely a reaction is.
Nitrogen fixing is a notable example of this - it's not just one species in the roots of legumes responsible for taking N2 and converting it into ammonia, there's 6 or 7 that take part in that pathway.
I think author is saying that you ingest compound A, microbe 1 eats A and secretes B, microbe 2 eats B and releases C. C happens to do <positive thing>. You could imagine parallel pathways where maybe microbe 2 only works if it is in the presence of microbe 3.
Meaning everything is a mess to try and disentangle.
reply