Fascinating read. I know nothing about any of this neither the parties involved nor Copperhead though I had heard of Graphene. To that end, I wish the response included a pre-amble for those like me who were not familiar with what was going on. I guess I could probably read the Wired article though. Still. good read and I loved the Q and A at the end.
> Donaldson, now 42, is a self-taught hacker who never finished school, was briefly unhoused, and spent most of his twenties in a “positive hardcore punk band.” “It’s cool being smart,” he told me. “But if you can’t pay your bills, you’re a dumbass.”
> The domain “Copperhead.co” was registered by Donaldson in 2014 and incorporated in 2015 under both Donaldson’s and Micay’s names. The idea was that shares would be split equally, with Donaldson as CEO and Micay as de facto chief technology officer. Their flagship product
It sounds to me like some "business" characters I know well. They "handle the business" while someone else does 99% of the actual work, then ask to split 50/50. This didn't work out for Donaldson, and now he spends his time harassing Micay? Is that the gist or am I misreading?
> They "handle the business" while someone else does 99% of the actual work, then ask to split 50/50.
As a response, Micay decided to destroy the update signing keys for all the CopperheadOS devices out in the wild. Resulting in financial damages to Donaldson.
Hardly a level-headed response, even if you disagree about the financial share of something.
So what? Causing someone financial damages isn't illegal. Your boss causes you financial damages when they fire you. Your competitor causes you financial damages when they offer a discount.
If Micay was a 50% owner, sounds like he didn't do anything illegal. Immature maybe, which simply puts him at parity with the other party involved.
Yeah, that’s the issue. I don’t want people who behave immaturely, impulsively, or vindictively, having a key role in something as important as my phone os. I want stability, maturity, and thoughtfulness.
Mental health and wellness issues in high tech research and development are everywhere. I would suggest that you focus on the product and what it can/cannot do for you.
Suggest away. It’s still a factor in my decision making, because if I can’t trust the developers to behave well, i can’t trust the product to continue to do what it says it can do for me.
Destroying the signing keys in the midst of a hostile takeover is the responsible thing to do. Its for the safety of their users. Thats a commendable trait to have.
Same, which is why I'm glad he deleted the signing key in this case. It was the only right play given the situation. I'd have done the same and I'd expect anyone with integrity to do likewise.
Understandable wishes, but you might have to put something from yourself into it if this is a pressing concern. Or you will be left to your own corporate devices.
The GOS (GrapheneOS) lead had responded to criticisms like yours that he gladly retreats inside his tech role if others would take it upon them to refute the claims from rivals. So if you are that balanced, normal person, you could take that work out of his hands. Or help fund a full time PR person.
«In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.»
Micay is rightfully paranoia, just having a GOS phone makes some government agencies quite mad. There are many ways a project like GOS could die, disinformation could certainly kill it. Other projects don't help the case if they throw mud at it. Rather, they should focus on their real technical shortcomings, but such articles aren't written somehow. https://eylenburg.github.io/android_comparison.htm
EDIT
> Should I make my own fork?
You could contact him to offer your help where he falls short.
The leadership is great. Persistent, patient and friendly.
They were able to improve. I don't think many of the often negative and ad-hominem critics would be able to endure such a pressure as they had in the past.
That is what CopperheadOS, and now GrapheneOS, provides. Its a level of "battle tested" that most OS and app devs never have the opportunity to have. Deleting the signing keys during a hostile takeover attempt rather than submitting to pressure or greed is an amazing quality that is rare to find.
So what exactly would you have done? Risk the key being taken over by a shady entity? Does the alternative really scream "mature, stable, and thoughtful" to you?
It looks like a very mature action to me: It certainly avoided the compromission of an OS that aims to be secure after all. It is not some windows OS with encryption keys sent to the cloud, so if security is compromised I fully expect targeted devices to break.
Things aren't only bad if they're illegal. There's plenty of bad things one can do that are perfectly legal, and plenty of good things one can do that are totally illegal.
IMO its a lovely paradox that no one can argue against such a deletion. Either the party choosing deletion is reasonable so there are grounds for deletion or unreasonable and they are the grounds for deletion.
> Hardly a level-headed response, even if you disagree about the financial share of something
According to the linked responses, the keys were not deleted because of disagreement over financial share, but over how the keys were to be used (in particular, in potentially dangerous security-wise ways), for which he did not want personal responsibility over (the keys belonged and used by him even before that project)
That is a perfectly level-headed response. Signing keys must be protected. In the event of a hostile takeover, where a malicious party seeks to compromise the privacy and security of your userbase, destroying the keys is a sensible decision. Failure to do so, and successful compromise of the keys, will let the malicious party push whatever update they want, and it will be accepted due to being signed correctly.
It was not a disagreement about shares, it was a hostile takeover. Someone who never owned the project sought to steal it.
Exactly. It was a bold and necessary move to defend the users and the project. Some users got bricked OSes, but had he handed over the keys it would have put those users at risk and would have destroyed the credibility of the project.
Also, and as from what I understood from the GOS response he was not an employee of the company and had the ownership of his OS, and CopperOS would have been able to use their own signing keys but they never did which is strange, so even legally it looks like a "level-headed" response.
Hey! On a quick introductory note, I'm the community manager and the person who was interviewed. Please, read questions 17, 25 and 26 and our respective answers to them in the linked forum thread. In particular the following parts that I'm pasting here for convenience:
Question 17: Did your and Donaldson values begin to diverge? Was Donaldson more concerned with making money than you were?
Answer: [...] In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.
The keys had been in continuous use by Micay, in his personal capacity, since before the incorporation of Copperhead. However, more importantly, any party with the keys could mark malicious software as “authentic”, and thereby infiltrate devices using CopperheadOS.
Micay was unwilling to participate in that kind of security breach. Since Donaldson had control over certain infrastructure for the open source project, he would be able to incorporate (or hire others to incorporate) the privacy-damaging features described above for all future releases of CopperheadOS. Micay therefore deleted the keys permanently and severed ties with Copperhead and Donaldson.
Question 25: Did things between you and Donaldson devolve when he approached you about a compliance audit? Did he tell you that he needed to know how the signing keys were stored?
From Wired:
We understand that Daniel's recollection was not that James wanted to know more information about how the signing keys were stored, but that he wanted direct access to them.
Question 26: Did you suspect his request was tied to a deal he was brokering with a large defense contractor? Did you believe this would put the entirety of CopperheadOS’ user base at risk?
Answer: Yes and yes.
The large defense contractor in question was Raytheon. The decision to destroy the signing keys was not based on a financial disagreement, but an existential one. Every single CopperheadOS user back then would have been compromised otherwise. It's of course a big deal given the implications, but it acted as a last resort for Daniel to stop a hostile takeover attempt fueled by greed, which he ultimately took because there was no other way out.
I love GrapheneOS and I use it daily for more than 2 years. However, and as Louis Rossmann pointed out in one of his videos, they really need to work on the "defensiveness" and "rants" of their communication. Even when they are 99% right most of the time, they sometimes don't come as mature and professional.
Personally, I like that they come across as a little paranoid. That's exactly the attitude I want in the people protecting my privacy and security. I hope the developers lie awake at night, unable to fall asleep because terrified that someone somewhere is plotting to attack and exploit them
There's healthy paranoia and there's treating even casual commentary/criticism from anyone as an existential threat & coordinated attack...and responding to that with sustained, coordinated attack campaigns online. That's what Micay's history is.
Based on how discourse in the US has been perverted by inches and millions of mosquito bites they may not be wrong. Stamping out bad information fast and hard seems to be the only way to combat mass coordinated disinformation. Being polite just lets people play the "both sides have merit" game.
> ...responding to that with sustained, coordinated attack campaigns online. That's what Micay's history is.
For the rest, in general, I'm tempted to give grapheneOS the benefit of the doubt. Running any FOSS project is hard, running it against the (implicit) wishes of OEMs/Google (who throw in things like Play Integrity) is even harder, and doing it when 3 letter agencies at the US govt actively hate you is harder still.
Being paranoid in responses to FUD campaigns isn't ideal, but save coordinated attacks, I'd say fairly understandable.
Well, they have had to deal with multiple swattings, constant misinformation from some competitors (e.g. Murena's CEO doing interviews with various media where they insinuate that security-hardened systems like GrapheneOS are only for criminals and secret agents, complete with 'think of the children'-style arguments), and some local/national governments boosting the narrative that GrapheneOS is for criminals.
So I can understand why they are as defensive as they are.
This is false. Commentary and criticism is not treated as a coordinated attack. Coordinated attacks are treated as coordinated attacks. Criticism is often used as an excuse to try and hide attacks, and many people unfortunately cannot tell the difference.
There's no coordinated attacks on anyone or projects by GrapheneOS. They respond to misinformation, that's about it.
There have been many attacks on privacy/security projects, not just GOS, recently. If you keep up with the GOS forum you can see posts saying GOS was hacked without evidence. Other claims that GOS is only used by criminals. Theyre not true. Misinformation that aims to destroy the reputation of the project should be responded to.
While I understand you are trying to be positive about this, I don't think it's good to want our team portrayed like this, sorry. Paranoid people are people who'd easily be influenced into doing harmful behaviors because it believes it will stop their problems. Making a response to inaccuracies and bad journalism platforming an extremely malicious actor isn't a symptom of that. We don't have people with severe mental illness on the team. That would be irresponsible and mental illness is not something to romanticise in my opinion.
There is a very broad spectrum between "completely average and neurotypical" and "severe mental illness". E.g. "slightly atypical personality". The world would be a boring place if everyone was exactly the same
I agree for sure everyone should be different and have a diversity of how peoples brains work. The same type of think puts us into a bubble. We are definitely atypical because we are developing something quite atypical as well. Coming as a project member I just sometimes see comments that call us stuff like 'schizos' or 'paranoid' even when it is intending to be positive. I guess somehow they believe someone with a severe mental issue is more likely to an adversary of the government or whatever enemy they perceive? I don't know the justification behind it. I just find that odd, we're quite ordinary people actually. I don't think it does good for mental health awareness and for people who actually have these issues to backseat diagnose how people's minds supposedly work.
It's a personality type / disorder (pick your poison). There's no hope for change. Programming seems to attract such people, because they are fixated on being right and proving that they are right. I know a few more examples. My common sense policy is - if the software these types produce works for me, I will be using it, but I will never allow myself to be dependent on it. That kind of person will gladly burn their own house to the ground, with everyone in it, if that's what's required to prove their truths or maintain some kind of intellectual purity.
One common personality disorder I see a lot is psychologizing your interlocutors to invalidate them, thus insulating you from having to think you're wrong about something
One common personality disorder I see is being extremely defensive when encountering any discussion of human psychology. This comes from a deep psychological fragility.
Ok, but what I'd be wrong about here? I'm not even claiming that the person in the article is that way. I don't know enough about them. I have noticed a certain trend, however, and that's what I was noting.
Rossmann is a way bigger ranter than GrapheneOS people. Have you seen some of his videos lol.
Rossmann wanted to work with GOS and they didn't want him. So Rossmann made that video to make Daniel look bad for revenge probably. Saying he was leaving GOS was a lie, not that GOS can push malicious updates which was also a huge lie. Even after pointing that out that part wasn't corrected because Louis doesn't care about accuracy, he only cares about making Daniel/GOS look bad. He used his big following to punish Daniel. Now he works with Nick from Calyx after he got pushed out and are doing business together.
The more you learn about the story, the more you see the Copperhead stuff was just the beginning and those involved held grudges and pushed their grudges onto more people who bought their lies and it continued. Privacy-focused OSes that pretend to compete with GrapheneOS suck. GrapheneOS is led by someone with integrity, unlike some other projects.
Rossmann publicly blasted a private discussion, twisting what was going on, and then lied to his own viewers. Such a claim from an identity verified kiwifarms account holder holds no weight.
Defending oneself isnt an unreasonable thing to do. GrapheneOS is entirely funded by donations and receives a lot of donations to this day. Them defending themselves is not an existential risk, the attacks against them are.
GrapheneOSs posts are made to combat misinformation. Drawing public attention from those who may be misled and put at risk is how one combats misinfo. Its not ranting and its not somehow unreasonable to defend oneself.
I have been a GrapheneOS user for several years, and I choose to dedicate my time supporting the project. Supporting an open source project is not 'astroturfing'.
I am an active chatroom member, and many people see me there on a regular basis. I choose to volunteer my time, and am not paid or compensated in any form.
Astroturfing is the deceptive practice of hiding the sponsors of an orchestrated message or organization to make it appear as though it originates from, and is supported by, unsolicited grassroots participants.
They are pretty much the opposite of an astroturfer, they mentioned several times in the comments that they are an active supporter/community member of GrapheneOS. So, they are not hiding and they are grassroots participants.
Please avoid personal attacks on HN, even more so when they are incorrect.
My gut feel is that Micay is genuine, and obviously also very defensive.
At least some of the defensiveness is warranted. Maybe most of it. Regardless, it comes across in most GrapheneOS communications, and it's sometimes counterproductive.
A related issue, which I'm sure Micay can appreciate, is that users of GrapheneOS tend to be cautious, and increasingly will want to know why the project should be trusted, now that it is popular and on a lot of radars of adversaries.
(For example, hypothetical scenario that's plausible, given the incentives: State actor (e.g., RU, US, CN) or organized crime group long-con starts with a public harassment campaign of Micay. Followed by sleeper volunteers taking more control of the project, initially under the pretext of helping insulate Micay from harassment, and taking some of the load off. Later maybe even impersonating Micay. Now the threat actor has backdoors to a large number of especially privacy/security-conscious parties, including communications, 2FA, location, cryptocurrency wallets, internal networks where those people work, etc.)
I think it probably hasn't been compromised like that, but it's an obvious real possibility, and IMHO, until GrapheneOS is more transparent, some natural users of GrapheneOS are going to consider iPhone relatively "the devil you know".
Again, I think Micay is genuine, and I'm a fan of the project and appreciate it. And I hope the project understands that's compatible with critical thinking about infosec, and doesn't take personal offense at that.
(Source: Am long-time GrapheneOS user, and have donated.)
I agree that this is an issue, but it is impossible to prove a negative. The same could be said for Apple's or other manufacturer's signing keys. Who guarantees that the US government hasn't required access to the iOS signing keys? Or China in exchange for access to the Chinese market? They probably wouldn't even want to reveal that the signing keys were leaked if they were allowed to, since it would undermine their security story.
With a non-profit project of highly principled security experts, there is at least a high probability that they'd rather blow up the project than compromise. People elsewhere in the thread criticize Micay because he deleted the CopperheadOS keys, but to me it increases trust in the GrapheneOS project, since he clearly puts the security of his users over money, fear, and whatnot.
In the end trust arises from running a project or company long-term without evidence that you somehow compromised security.
I wonder in general how this situation could be improved. Second or third independent reproducible build + confirmation signing?
All of the defensiveness is warranted. They speak neutrally and objectively.
The project is not going to relinquish control to any 3rd party. Not even the Motorola partnership is given control over the GOS project. The hypothetical you describe is not possible by design.
The GOS project takes no issue with critical thinking, and encourages it. But that is often used as an excuse to handwave attacks. There is a very big difference between criticism/critical thinking and attacking them.
Note that there are more individuals in the project than Micay. Multiple people handle multiple responsibilities, its not one person.
> The GOS project takes no issue with critical thinking, and encourages it. But that is often used as an excuse to handwave attacks. There is a very big difference between criticism/critical thinking and attacking them.
Responding to attacks so defensively is almost alway a bad look for organizations. They could really use a PR person with a more measured voice that corrects facts and projects confidence, and does not convey victimhood, insecurity or defensiveness. Take a look at the tone of press releases issued by companies when some tech press bozo writes a hit piece on them, for good examples of dealing with people attacking you.
I would not use those words to describe the approach they take. They make the effort to speak neutrally and objectively, but the issues they are making light of are often exactly as extreme and common as they describe. Many people have voiced appreciation that they decide against a "corporate-speak" approach. The GrapheneOS accounts are meant to be accounts that let project members speak to users, rather than take on a corporate appearance.
I'm sure you realize that confident assurances of a random new pseudonymous account on a Web site isn't sufficient for anything of importance.
Is there an authoritative source of information about how a takeover like that isn't possible by design, which people can verify, analyze, hold parties accountable for the pieces that require it, etc.?
I am a GrapheneOS user and community member, and I am active in the chat rooms. I made this account to assist with misinformation.
As for how such a thing would not be possible;
-GrapheneOS updates do not trust the network, so any compromise of update servers for OS and app updates would not be able to push malicious updates. Only those who hold the signing keys are capable of pushing updates that will be accepted.
-Multiple people review the code that gets included in the OS. There is not one point of failure when it comes to social engineering.
-GOS supports reproducible builds, so the code that is published can be verified to be the code that is built for the official builds.
So in other words, you would need to convince multiple people who are consciously protecting against this, and who have a proven track record of burning the keys if the privacy and security of their users are in jeopardy. On top of that, you need to conceal this from every developer, moderator, and community member who would raise the alarm at the slightest indication of compromise.
Have you considered that the smooth-talking "mature" and "professional" people are more likely to sell your data to advertisers at the first opportunity?
Louis Rossmann caused a lot of harm to GOS and blasted them publicly for trying to raise issues privately. That is disgusting behaviour. He then lied to his own viewers about no longer using GrapheneOS, lied about fears of a targeted update despite that not being possible, among a lot of other things. Note he also has an identity verified kiwifarms account.
GOS only defends themselves from attacks. Its not that they are misinterpreting what is an attack, there are really just that many attacks. It leaves little room for much else than defense. Nobody should have to deal with the inhumane level of attacks.
I don't care about messaging or professionalism in marketing. I'm perfectly happy with the way GrapheneOS is being managed right now, including their lengthy technical rebuttals to any attempts of attacking the project to dilute its quality or reach.
So what if they're defensive and cringe in their rants? Are you so indoctrinated into believing performative aloofness is "professional" that you can't see clearly?
I gathered you were being facetious, but I do not appreciate being called a sockpuppet.
I am a GOS community member and I have been for several years. I am active in the GrapheneOS chatrooms, and I choose to volunteer my time assisting others.
Eh, just tell your truth as you know it and don’t get too caught up on what people make of it.
I get to be “entertained”
because it’s not my first day on the internet, nor involved in a project or page that’s come with death threats doxing , ddosing, vendettas, vindictiveness, mutually assured destruction and or prolonged public outrage.
Maybe someone wants a broom or has some magical thinking that they’re going to profit off someone’s work. In my case, they stole everything I wrote and went “we don’t need you now.” And oh look, they failed.
That’s just how fucking people are in this society anymore. That part isn’t funny.
So it’s that kind of (unfortunately) knowing chuckle.
If you guys over at GoS insist on putting on a messy public spectacle, fine, but if you’re telling me how to react to it? Get bent lol.
Just read the article again and I'd suggest also reading responses we sent to fact checkers (many answers didn't even show up in the article). James' side of the story is riddled with lies. So, if you read the article with that in mind, you can see that Copperhead got steered in the wrong direction by James. Daniel has been the owner of the open source project from the beginning and Copperhead was never in control of it. It was right to move forward without James. Nothing paranoid about that. It's more a move by someone who is dedicated to doing things right.
See the attacks on GrapheneOS and even other privacy projects trying to make them look like they are designed for criminals. Even French law enforcement took part. We have shared these details publicly and even with links to articles with quotes. There was even news about authorities in Spain assuming anyone with a Pixel was likely a criminal.
Months ago, we saw tons of reports of organizations reporting hacking GrapheneOS without any evidence or links to court cases. We never claim that GrapheneOS isn't hackable, but we still haven't seen any credible evidence showing forensics companies were able to hack it.
These are just a few examples of how GrapheneOS is being attacked. Again, we're not the only ones.
It's also important to note that GrapheneOS has many project members. GrapheneOS isn't a one man show.
Our responses to these things are not out of paranoia. We want our users to know what's going on, so we keep them informed. What's wrong with that?
I'm sure it's exhausting producing an awesome product, only to get crapped on by governments and corporations that hate privacy and drama-farming Twitter randos, but debunking bad-faith bullshit is nothing if not rational in a world where reputation matters.
Unlikely the case, Telegram is the app that Russian government is most focused on blocking right now, it's almost impossible to use without proxy or VPN.
Not saying Durov is perfect but video you linked is about guy who has all his assets in Russia while Durov has none.
The man looks on photos like he genuinely loves his long-term girlfriend and the three kids he has with her. Kids are stupid tho. They climb on everything and fall out of windows frequently.
Durov is about as anti-Putin and russia in general as one can get. He go fucked hard in russia and has been going extremely hard against the censorship in russia. TG is one of the few chat apps that can avoid russia's suppression measures, when everything else working over internet fails.
Half of Russian military uses it in the field. I do not care what story that guy is spreading around about his affiliations or lack of with Russia. Zero trust. Never touching Telegram.
Durov has been going hard against censorship because the pressure on Russians to switch to MAX might consign his own app to oblivion. But to call Durov “anti-Russia” when Telegram development and servers remained in Russia, is to ascribe to him a dissident status that he doesn’t actually deserve.
(Durov himself is known to regularly visit Russia, while denying he ever visits Russia. Telegram opened a Dubai office claiming that it was now a Dubai-headquartered company, but that was a mere legal formality; no one was actually there at that office, and journalists visiting it found that not even the building staff knew anything about Telegram. In practice, the company continues to exist out of Russia.)
Do you have a source for any of this? Wikipedia and news that I can find support that he fled Russia after government conflicts. It’s also well known that he keeps his and the dev team’s location secret, so anybody going knocking on incorporation addresses in Dubai then feigning surprise is acting in bad faith.
This was all over the news a couple of years ago when Russian entry/exit records were leaked. Doing a Google search for “durov visited russia frequently” will get you plenty of reportage.
"so anybody going knocking on incorporation addresses in Dubai" The point is that Telegram has repeatedly countered claims that it is a Russian app with "Actually, Telegram is a Dubai company”. People reasonably interpret that as more than a mere incorporation address, and it isn’t being emphasized enough that development is still largely done from Russia, and servers are also located there.
Being attacked? That doesn't mean anything. Either you know the security domains in and out or you can't make an educated guess how secure it really is.
Some of us embrace our humanity and have an ethical and moral need to engage with the world we want to live in rather than the world dominant economic forces would prefer us to engage in.
There are a lot of judgemental comments here criticising Daniel's character, responses and handling of what was likely a very trying and stressful period in their life.
Barely any comments about the linked thread which is about Wired publishing an article that was extremely poorly researched after having misled GrapheneOS about the intention and content of what would be published. This seems like the sort of thing that should earn a disclaimer on future Wired articles as worthless and get them removed from RSS feeds/have subscriptions cancelled. Complete lack of integrity and respect for standards. Why did they not interview anyone else involved in the project or around at the time?
Frankly insane and speaks to the entitlement of many users that they are against Micay and GOS on this primarily because their online comms are abrasive; I'm used to this having seen the same from many in the Minecraft and Skyrim mods communities, but it still stands saying: You are not owed ANYTHING from a free software developer. They can say anything they want to you and revoke the software at any point or anything they wish - they are providing the software for purely no reason but they want to. If Micay wants to be rude on main he has absolutely every right to do so; if you don't like it, don't use his software. He's not a steward or paragon of virtue just because he has a popular software project, and it's extremely easy to stand on a soapbox and say "If I was in that position, I'd be so much better!" To all the detractors in this thread, I beg you: go make software and give back instead.
P.S. I avoided making any statements about what I personally think about Micay and the GOS team's behaviour above because I don't use it and have never looked into it before reading this article, but from looking at the comments, the WIRED article, the forum thread linked in this post, and some cursory research, it just seems like they are a popular software project that is at odds with many powerful actors with obvious motivations against their existence and popularity - if they are constantly combative online instead of being friendly, don't you think part or all of it may be because they have to defend themselves against attacks instead of having the freedom to be friendly like say SQLite/FFMPEG/Rust/other free software projects? I'm admittedly new to HN but this entitlement and refusal to empathise with the people giving you free shit seems insanely out of character
Conversely, projects aren’t owed any users. If the people behind a project want it to be used, at some point they may realize why other organizations tend to avoid posting rants from their founders as public communications.
It seems very plausible to me that there is a vested interest in seeding drama and chaos into the reputation of GOS. Why wouldn’t there be? Especially when it seems there’s an easy way to trigger Micay, and there are cottage industries online specializing in exactly this sort of thing.
I get the sense a lot of people care about this project and care about defending it but good luck against the propaganda and bullshit like this that comes along with it.
I really enjoy GOS and used it as a daily driver for ~3 years
uberman | 10 days ago
[OP] ChrisArchitect | 10 days ago
They Built a Legendary Privacy Tool. Now They're Sworn Enemies https://www.wired.com/story/they-built-privacy-tool-graphene... (https://archive.ph/pbJu9)
Avamander | 10 days ago
qingcharles | 10 days ago
gslepak | 10 days ago
> The domain “Copperhead.co” was registered by Donaldson in 2014 and incorporated in 2015 under both Donaldson’s and Micay’s names. The idea was that shares would be split equally, with Donaldson as CEO and Micay as de facto chief technology officer. Their flagship product
It sounds to me like some "business" characters I know well. They "handle the business" while someone else does 99% of the actual work, then ask to split 50/50. This didn't work out for Donaldson, and now he spends his time harassing Micay? Is that the gist or am I misreading?
Avamander | 10 days ago
As a response, Micay decided to destroy the update signing keys for all the CopperheadOS devices out in the wild. Resulting in financial damages to Donaldson.
Hardly a level-headed response, even if you disagree about the financial share of something.
margalabargala | 10 days ago
So what? Causing someone financial damages isn't illegal. Your boss causes you financial damages when they fire you. Your competitor causes you financial damages when they offer a discount.
If Micay was a 50% owner, sounds like he didn't do anything illegal. Immature maybe, which simply puts him at parity with the other party involved.
kennywinker | 10 days ago
Yeah, that’s the issue. I don’t want people who behave immaturely, impulsively, or vindictively, having a key role in something as important as my phone os. I want stability, maturity, and thoughtfulness.
cf100clunk | 10 days ago
kennywinker | 10 days ago
HybridStatAnim8 | 10 days ago
latable | 10 days ago
aphorism | 9 days ago
goodpoint | 10 days ago
HybridStatAnim8 | 10 days ago
exceptione | 10 days ago
kennywinker | 10 days ago
exceptione | 10 days ago
«In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.»
Micay is rightfully paranoia, just having a GOS phone makes some government agencies quite mad. There are many ways a project like GOS could die, disinformation could certainly kill it. Other projects don't help the case if they throw mud at it. Rather, they should focus on their real technical shortcomings, but such articles aren't written somehow. https://eylenburg.github.io/android_comparison.htm
EDIT
You could contact him to offer your help where he falls short.kennywinker | 9 days ago
chappi42 | 10 days ago
They were able to improve. I don't think many of the often negative and ad-hominem critics would be able to endure such a pressure as they had in the past.
rigonkulous | 10 days ago
HybridStatAnim8 | 10 days ago
goodpoint | 10 days ago
TommyTran732 | 10 days ago
latable | 10 days ago
ryanmcbride | 10 days ago
abnercoimbre | 10 days ago
margalabargala | 9 days ago
If you prevent your grandparent from getting scammed, you've caused financial damages to the scammer.
HybridStatAnim8 | 10 days ago
ForHackernews | 10 days ago
torvoborvo | 10 days ago
DANmode | 10 days ago
Intelligence wanted in, and Donaldson seemingly would have been happy to oblige.
next_xibalba | 10 days ago
DANmode | 10 days ago
Reddit and IRC/etc logs from the period are illuminating, too.
freehorse | 10 days ago
According to the linked responses, the keys were not deleted because of disagreement over financial share, but over how the keys were to be used (in particular, in potentially dangerous security-wise ways), for which he did not want personal responsibility over (the keys belonged and used by him even before that project)
HybridStatAnim8 | 10 days ago
It was not a disagreement about shares, it was a hostile takeover. Someone who never owned the project sought to steal it.
latable | 10 days ago
TommyTran732 | 10 days ago
CopperheadOS was always's Micay's project and used his own signing key. The key never belonged to Copperhead the company afaik.
spring-onion | 10 days ago
Question 17: Did your and Donaldson values begin to diverge? Was Donaldson more concerned with making money than you were?
Answer: [...] In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.
The keys had been in continuous use by Micay, in his personal capacity, since before the incorporation of Copperhead. However, more importantly, any party with the keys could mark malicious software as “authentic”, and thereby infiltrate devices using CopperheadOS.
Micay was unwilling to participate in that kind of security breach. Since Donaldson had control over certain infrastructure for the open source project, he would be able to incorporate (or hire others to incorporate) the privacy-damaging features described above for all future releases of CopperheadOS. Micay therefore deleted the keys permanently and severed ties with Copperhead and Donaldson.
Question 25: Did things between you and Donaldson devolve when he approached you about a compliance audit? Did he tell you that he needed to know how the signing keys were stored?
From Wired:
We understand that Daniel's recollection was not that James wanted to know more information about how the signing keys were stored, but that he wanted direct access to them.
Question 26: Did you suspect his request was tied to a deal he was brokering with a large defense contractor? Did you believe this would put the entirety of CopperheadOS’ user base at risk?
Answer: Yes and yes.
The large defense contractor in question was Raytheon. The decision to destroy the signing keys was not based on a financial disagreement, but an existential one. Every single CopperheadOS user back then would have been compromised otherwise. It's of course a big deal given the implications, but it acted as a last resort for Daniel to stop a hostile takeover attempt fueled by greed, which he ultimately took because there was no other way out.
Avamander | 10 days ago
Or is it just that Raytheon went against what he thought CopperheadOS stood for?
spring-onion | 9 days ago
joemazerino | 10 days ago
Cortex5936 | 10 days ago
Georgelemental | 10 days ago
busterarm | 10 days ago
That's not healthy for any project.
Cider9986 | 10 days ago
TehCorwiz | 10 days ago
user_7832 | 10 days ago
> ...responding to that with sustained, coordinated attack campaigns online. That's what Micay's history is.
For the rest, in general, I'm tempted to give grapheneOS the benefit of the doubt. Running any FOSS project is hard, running it against the (implicit) wishes of OEMs/Google (who throw in things like Play Integrity) is even harder, and doing it when 3 letter agencies at the US govt actively hate you is harder still.
Being paranoid in responses to FUD campaigns isn't ideal, but save coordinated attacks, I'd say fairly understandable.
microtonal | 10 days ago
So I can understand why they are as defensive as they are.
HybridStatAnim8 | 10 days ago
singing_tartly | 10 days ago
There's no coordinated attacks on anyone or projects by GrapheneOS. They respond to misinformation, that's about it.
There have been many attacks on privacy/security projects, not just GOS, recently. If you keep up with the GOS forum you can see posts saying GOS was hacked without evidence. Other claims that GOS is only used by criminals. Theyre not true. Misinformation that aims to destroy the reputation of the project should be responded to.
uqers | 10 days ago
tokai | 10 days ago
kibibu | 10 days ago
Cider9986 | 10 days ago
finalst | 10 days ago
Georgelemental | 9 days ago
finalst | 9 days ago
neonstatic | 10 days ago
1attice | 10 days ago
Classic OCPD behaviour
throw4847285 | 10 days ago
Classic OAD (Obvious Asshole Disorder)
1attice | 10 days ago
u8080 | 10 days ago
You just have paranoidal schizophrenia and attributing imaginable things to random people you don't like.
neonstatic | 10 days ago
toaste_ | 10 days ago
joyous_limes | 10 days ago
Rossmann wanted to work with GOS and they didn't want him. So Rossmann made that video to make Daniel look bad for revenge probably. Saying he was leaving GOS was a lie, not that GOS can push malicious updates which was also a huge lie. Even after pointing that out that part wasn't corrected because Louis doesn't care about accuracy, he only cares about making Daniel/GOS look bad. He used his big following to punish Daniel. Now he works with Nick from Calyx after he got pushed out and are doing business together.
The more you learn about the story, the more you see the Copperhead stuff was just the beginning and those involved held grudges and pushed their grudges onto more people who bought their lies and it continued. Privacy-focused OSes that pretend to compete with GrapheneOS suck. GrapheneOS is led by someone with integrity, unlike some other projects.
HybridStatAnim8 | 10 days ago
akimbostrawman | 10 days ago
https://news.ycombinator.com/item?id=47853847
mvkel | 10 days ago
HybridStatAnim8 | 10 days ago
balamatom | 10 days ago
mvkel | 9 days ago
"I can't believe you wrote this terrible code. You clearly don’t understand how concurrency works. Do it again."
Technically right, but when you run out of people who actually want to work with you, you'll be writing the code yourself.
aphorism | 9 days ago
Matl | 10 days ago
Not that I disagree but Louis Rossmann giving someone advice to tone down the rants is ironic.
busterarm | 10 days ago
Micay rants are most often on other peoples' platforms and he deliberately tries to draw as much public attention as he can muster.
HybridStatAnim8 | 10 days ago
busterarm | 10 days ago
You're not a community member, you're an astroturfer.
HybridStatAnim8 | 10 days ago
I am an active chatroom member, and many people see me there on a regular basis. I choose to volunteer my time, and am not paid or compensated in any form.
microtonal | 9 days ago
Astroturfing is the deceptive practice of hiding the sponsors of an orchestrated message or organization to make it appear as though it originates from, and is supported by, unsolicited grassroots participants.
https://en.wikipedia.org/wiki/Astroturfing
They are pretty much the opposite of an astroturfer, they mentioned several times in the comments that they are an active supporter/community member of GrapheneOS. So, they are not hiding and they are grassroots participants.
Please avoid personal attacks on HN, even more so when they are incorrect.
neilv | 10 days ago
At least some of the defensiveness is warranted. Maybe most of it. Regardless, it comes across in most GrapheneOS communications, and it's sometimes counterproductive.
A related issue, which I'm sure Micay can appreciate, is that users of GrapheneOS tend to be cautious, and increasingly will want to know why the project should be trusted, now that it is popular and on a lot of radars of adversaries.
(For example, hypothetical scenario that's plausible, given the incentives: State actor (e.g., RU, US, CN) or organized crime group long-con starts with a public harassment campaign of Micay. Followed by sleeper volunteers taking more control of the project, initially under the pretext of helping insulate Micay from harassment, and taking some of the load off. Later maybe even impersonating Micay. Now the threat actor has backdoors to a large number of especially privacy/security-conscious parties, including communications, 2FA, location, cryptocurrency wallets, internal networks where those people work, etc.)
I think it probably hasn't been compromised like that, but it's an obvious real possibility, and IMHO, until GrapheneOS is more transparent, some natural users of GrapheneOS are going to consider iPhone relatively "the devil you know".
Again, I think Micay is genuine, and I'm a fan of the project and appreciate it. And I hope the project understands that's compatible with critical thinking about infosec, and doesn't take personal offense at that.
(Source: Am long-time GrapheneOS user, and have donated.)
microtonal | 10 days ago
With a non-profit project of highly principled security experts, there is at least a high probability that they'd rather blow up the project than compromise. People elsewhere in the thread criticize Micay because he deleted the CopperheadOS keys, but to me it increases trust in the GrapheneOS project, since he clearly puts the security of his users over money, fear, and whatnot.
In the end trust arises from running a project or company long-term without evidence that you somehow compromised security.
I wonder in general how this situation could be improved. Second or third independent reproducible build + confirmation signing?
HybridStatAnim8 | 10 days ago
The project is not going to relinquish control to any 3rd party. Not even the Motorola partnership is given control over the GOS project. The hypothetical you describe is not possible by design.
The GOS project takes no issue with critical thinking, and encourages it. But that is often used as an excuse to handwave attacks. There is a very big difference between criticism/critical thinking and attacking them.
Note that there are more individuals in the project than Micay. Multiple people handle multiple responsibilities, its not one person.
ryandrake | 10 days ago
Responding to attacks so defensively is almost alway a bad look for organizations. They could really use a PR person with a more measured voice that corrects facts and projects confidence, and does not convey victimhood, insecurity or defensiveness. Take a look at the tone of press releases issued by companies when some tech press bozo writes a hit piece on them, for good examples of dealing with people attacking you.
HybridStatAnim8 | 10 days ago
neilv | 10 days ago
Is there an authoritative source of information about how a takeover like that isn't possible by design, which people can verify, analyze, hold parties accountable for the pieces that require it, etc.?
HybridStatAnim8 | 10 days ago
As for how such a thing would not be possible;
-GrapheneOS updates do not trust the network, so any compromise of update servers for OS and app updates would not be able to push malicious updates. Only those who hold the signing keys are capable of pushing updates that will be accepted.
-Multiple people review the code that gets included in the OS. There is not one point of failure when it comes to social engineering.
-GOS supports reproducible builds, so the code that is published can be verified to be the code that is built for the official builds.
So in other words, you would need to convince multiple people who are consciously protecting against this, and who have a proven track record of burning the keys if the privacy and security of their users are in jeopardy. On top of that, you need to conceal this from every developer, moderator, and community member who would raise the alarm at the slightest indication of compromise.
wyldfire | 10 days ago
Cider9986 | 10 days ago
dooglius | 10 days ago
HybridStatAnim8 | 10 days ago
GOS only defends themselves from attacks. Its not that they are misinterpreting what is an attack, there are really just that many attacks. It leaves little room for much else than defense. Nobody should have to deal with the inhumane level of attacks.
jasonvorhe | 9 days ago
aphorism | 9 days ago
ForHackernews | 10 days ago
R1shy | 10 days ago
HybridStatAnim8 | 10 days ago
razingeden | 10 days ago
(I’m aware I’m interacting with a sock account that only indulges in defenses of GrapheneOS on HN and im being facetious.)
Every once in awhile there’s a group or a project that was just asking to be burned down with everyone inside, I wasn’t there so…
I’m a grapheneOS user and I , personally (?) kind of find the guys public melties entertaining. It’s also a really damn good mobile OS.
HybridStatAnim8 | 10 days ago
I am a GOS community member and I have been for several years. I am active in the GrapheneOS chatrooms, and I choose to volunteer my time assisting others.
razingeden | 10 days ago
I get to be “entertained” because it’s not my first day on the internet, nor involved in a project or page that’s come with death threats doxing , ddosing, vendettas, vindictiveness, mutually assured destruction and or prolonged public outrage.
Maybe someone wants a broom or has some magical thinking that they’re going to profit off someone’s work. In my case, they stole everything I wrote and went “we don’t need you now.” And oh look, they failed.
That’s just how fucking people are in this society anymore. That part isn’t funny.
So it’s that kind of (unfortunately) knowing chuckle.
If you guys over at GoS insist on putting on a messy public spectacle, fine, but if you’re telling me how to react to it? Get bent lol.
HybridStatAnim8 | 10 days ago
other8026 | 10 days ago
See the attacks on GrapheneOS and even other privacy projects trying to make them look like they are designed for criminals. Even French law enforcement took part. We have shared these details publicly and even with links to articles with quotes. There was even news about authorities in Spain assuming anyone with a Pixel was likely a criminal.
Months ago, we saw tons of reports of organizations reporting hacking GrapheneOS without any evidence or links to court cases. We never claim that GrapheneOS isn't hackable, but we still haven't seen any credible evidence showing forensics companies were able to hack it.
These are just a few examples of how GrapheneOS is being attacked. Again, we're not the only ones.
It's also important to note that GrapheneOS has many project members. GrapheneOS isn't a one man show.
Our responses to these things are not out of paranoia. We want our users to know what's going on, so we keep them informed. What's wrong with that?
aphorism | 9 days ago
maxo133 | 10 days ago
I'm more concerned that Signal incorporated in US is having easy life.
user_7832 | 10 days ago
To add - ironically, it was Durov (Telegram founder) who got arrested in Paris.
neonstatic | 10 days ago
kelvinjps10 | 10 days ago
Jamesbeam | 10 days ago
https://www.youtube.com/watch?v=48Kk7kobMQY
sandmn | 9 days ago
Not saying Durov is perfect but video you linked is about guy who has all his assets in Russia while Durov has none.
Jamesbeam | 9 days ago
https://curia.europa.eu/site/upload/docs/application/pdf/202...
https://www.ft.com/content/36a37387-cb71-4851-a56f-de2571d52...
Also, I disagree with Durov having no assets in Putin’s direct reach.
https://istories.media/en/news/2024/08/27/pavel-durov-has-vi...
The man looks on photos like he genuinely loves his long-term girlfriend and the three kids he has with her. Kids are stupid tho. They climb on everything and fall out of windows frequently.
yaro330 | 10 days ago
neonstatic | 10 days ago
TFNA | 10 days ago
(Durov himself is known to regularly visit Russia, while denying he ever visits Russia. Telegram opened a Dubai office claiming that it was now a Dubai-headquartered company, but that was a mere legal formality; no one was actually there at that office, and journalists visiting it found that not even the building staff knew anything about Telegram. In practice, the company continues to exist out of Russia.)
kqp | 10 days ago
TFNA | 10 days ago
"so anybody going knocking on incorporation addresses in Dubai" The point is that Telegram has repeatedly countered claims that it is a Russian app with "Actually, Telegram is a Dubai company”. People reasonably interpret that as more than a mere incorporation address, and it isn’t being emphasized enough that development is still largely done from Russia, and servers are also located there.
u8080 | 10 days ago
lofaszvanitt | 9 days ago
aphorism | 9 days ago
Accacin | 10 days ago
This Micay guy spends so much time and does something hugely beneficial and we're arguing about how he responds to criticism?
I'd rather direct and blunt rather than the weasel words and lies most companies put out.
HybridStatAnim8 | 10 days ago
aphorism | 9 days ago
Pxtl | 10 days ago
rarez | 10 days ago
ysnp | 10 days ago
Barely any comments about the linked thread which is about Wired publishing an article that was extremely poorly researched after having misled GrapheneOS about the intention and content of what would be published. This seems like the sort of thing that should earn a disclaimer on future Wired articles as worthless and get them removed from RSS feeds/have subscriptions cancelled. Complete lack of integrity and respect for standards. Why did they not interview anyone else involved in the project or around at the time?
rrvsh | 10 days ago
P.S. I avoided making any statements about what I personally think about Micay and the GOS team's behaviour above because I don't use it and have never looked into it before reading this article, but from looking at the comments, the WIRED article, the forum thread linked in this post, and some cursory research, it just seems like they are a popular software project that is at odds with many powerful actors with obvious motivations against their existence and popularity - if they are constantly combative online instead of being friendly, don't you think part or all of it may be because they have to defend themselves against attacks instead of having the freedom to be friendly like say SQLite/FFMPEG/Rust/other free software projects? I'm admittedly new to HN but this entitlement and refusal to empathise with the people giving you free shit seems insanely out of character
antonvs | 9 days ago
DANmode | 9 days ago
antonvs | 9 days ago
mapotofu | 9 days ago
I get the sense a lot of people care about this project and care about defending it but good luck against the propaganda and bullshit like this that comes along with it.
I really enjoy GOS and used it as a daily driver for ~3 years
DANmode | 9 days ago