Back Up Forward

Censorship, the suppression of words, images, or ideas that are "offensive," happens whenever some people succeed in imposing their personal political or moral values on others. Censorship can be carried out by the government as well as private pressure groups.

What Is Censorship?
American Civil Liberties Union

Chapter 21

In which risen points out personal attacks; "TAJ was already banned" and "risen had their write permission removed", SkewedZeppelin asks "can we please all stop talking about GrapheneOS here", and strcat then talks at length about GrapheneOS requirements for working with an OEM for a secure phone.

risen:
SkewedZeppelin:
> strcat you cannot deny you came here immediately confrontational to risen instead of even reaching out to me first

You clearly know where the biggest problems are. I wish you good luck, as I walk to the door and prepare for update install. Thanks!
Dec 10 04:02

strcat:
so, for example, the Sensors permission toggle, as a little example partially used by DivestOS (it has some more newer capabilities like an access notice / default disable toggle not covered on our features page added recently): is that real? does it exist?
Dec 10 04:03

SkewedZeppelin: I'm not talking to risen, risen is attacking me, this is how it goes, if I reply you'll say it's both of us that are the problem, but it is not

SkewedZeppelin: I'm not talking to risen, risen is attacking me, this is how it goes, if I reply you'll say it's both of us that are the problem, but it is not the case
Dec 10 04:04

Luminant:
For those of us who want to use this chat to discuss DOS, yes, both of you are the problem. Your stance may be more well researched, but it still distracts from this channel's goals and I'd advise both of you to stop letting this get under your skin to the point that you both need to have the last word
Dec 10 04:06

strcat:
> <@luminant:plus.st> For those of us who want to use this chat to discuss DOS, yes, both of you are the problem. Your stance may be more well researched, but it still distracts from this channel's goals and I'd advise both of you to stop letting this get under your skin to the point that you both need to have the last word

DivestOS has a serious problem if it's providing a platform for spreading misinformation about GrapheneOS and libel + harassment targeting me
Dec 10 04:07

where is DivestOS going to get hardening changes when it's forbidden from using ours?
Dec 10 04:08

because that is the point this is at and I'm sick and tired of the abuse directed towards me, which SkewedZeppelin is enabling, and as I said I intend to talk about that publicly

I suggest looking at what I linked above
Dec 10 04:09

TAJ runs a misinformation subreddit and a network of sockpuppet accounts across platforms used to engage in blatant harassment, bullying, doxxing and spreading misinformation about open source projects and communities

do you think that's not true? because then I can provide more evidence, which is easy enough, as I don't even have to use an archive, all I have to do is look at the current page of recent reddit comments

DivestOS uses a substantial amount of code from GrapheneOS and we've provided help
Dec 10 04:10

and I thought we were on good terms, but yet this whole time, a platform has been provided to someone to attack me with false claims for many months without being told to stop or challenged about it
Dec 10 04:11

this is not limited to what I think about risen if he's going to be permitted to keep doing it, or if someone far worse is going to be allowed to do it here

and trying to claim the victim of harassment and libel is the problem is thoroughly unethical
Dec 10 04:12

I would not be here if DivestOS had not provided a platform to attack myself and GrapheneOS, and if SkewedZeppelin had not said what he did right before he joined, and I did reach out via DM which I didn't have a way of knowing wasn't received
Dec 10 04:19

SkewedZeppelin:
How do you see this being solved going forward?
Dec 10 04:21

> when it's forbidden from using ours?
> and as I said I intend to talk about that publicly

needless threats

strcat:
I don't, if you are going to provide a platform for people to attack GrapheneOS and myself with false and baseless claims, even to the point you got involved yourself, and are going to claim that I'm the problem when people are targeting myself and GrapheneOS this way using a platform you're giving them
Dec 10 04:22

wj25czxj47bu6q:
We all need to de-escalate here
Dec 10 04:24

strcat:
> <@_xmpp_SkewedZeppelin=2fdivestos-mobile=40conference.konvers.me:matrix.org> > when it's forbidden from using ours?
> > and as I said I intend to talk about that publicly
>
> needless threats

I'm actively determining what should be published about these attacks being made on GrapheneOS so it's more describing what I'm already in the process of doing than something that may / will happen in the future

> <@wj25czxj47bu6q:matrix.org> We all need to de-escalate here

if it's not clear, when people engage in underhanded attacks and abuse directed towards me, they can look forward to a lifetime of consequences and will never have peace again

SkewedZeppelin:
> you got involved yourself

I haven't attacked GrapheneOS and have repeatedly done the opposite, bolstering support for the project

strcat:
> <@_xmpp_SkewedZeppelin=2fdivestos-mobile=40conference.konvers.me:matrix.org> > you got involved yourself
>
> I haven't attacked GrapheneOS and have repeatedly done the opposite, bolstering support for the project

before I joined the room, you were attacking us claiming we don't do work on security anymore and only focus on sandboxed Google Play

90% of why I was even looking at the room was because of people telling me about risen's attacks here

but that is actually a major part in why I joined when I did

to post a response to that
Dec 10 04:25

SkewedZeppelin:
> security anymore

I later clarified this in that it is a mature project

strcat:
and I did try to DM you and as far as I knew you were ignoring me which I then realized wasn't the case
Dec 10 04:26

SkewedZeppelin:
and it was not a negative

strcat:
> <@_xmpp_SkewedZeppelin=2fdivestos-mobile=40conference.konvers.me:matrix.org> > security anymore
>
> I later clarified this in that it is a mature project

we've been adding new security and privacy features all the time

wj25czxj47bu6q:
> <@strcat:grapheneos.org> if it's not clear, when people engage in underhanded attacks and abuse directed towards me, they can look forward to a lifetime of consequences and will never have peace again

I know. I'm not your enemy. I'm trying to help everyone move past this in a reasonable way.

> <@_xmpp_SkewedZeppelin=2fdivestos-mobile=40conference.konvers.me:matrix.org> How do you see this being solved going forward?

To be honest, banning people is more effective than you think

SkewedZeppelin:
strcat the primary focus of this chat room has not and never has been attacking or providing a platform to attack you or GrapheneOS
Dec 10 04:28

strcat:
> <@strcat:grapheneos.org> if it's not clear, when people engage in underhanded attacks and abuse directed towards me, they can look forward to a lifetime of consequences and will never have peace again

GrapheneOS community raised > US$300k for legal fees to counter the attacks by Copperhead, which has not been used (I used my own existing money for the legal fees so far), and I think most people would agree nearly all of this is just derived from that initial takeover attempt in 2018 followed by the investment in attacks across platforms which other continued to this date

> <@_xmpp_SkewedZeppelin=2fdivestos-mobile=40conference.konvers.me:matrix.org> strcat the primary focus of this chat room has not and never has been attacking or providing a platform to attack you or GrapheneOS

it has never been the primary focus

SkewedZeppelin:
and I've repeatedly corrected misinformation for this and otherwise

strcat:
but risen has been here doing it

over and over and over

and now TAJ, someone doing far worse, is here doing it

SkewedZeppelin:
TAJ was already banned
Dec 10 04:29

strcat:
risen could just stop doing it, and could talk to me, and we could come to an understanding

that doesn't apply to TAJ

wj25czxj47bu6q:
I have even caught people returning on anonymous alt accounts months later by the contents of their messages. That is basically the most sophisticated ban evasion someone can do, and they will still be caught again. Unless they change their tune, in which case good for everyone.

Tommy:
both of the TAJ accounts are here

they are not banned Tad

both the XMPP and the Matrix one
Dec 10 04:30

strcat:
SkewedZeppelin: what I want is to be able to post useful information here and to collaborate, and to be able to share changes in both directions, and to not have people repeatedly attacking myself and GrapheneOS with baseless and false claims here

but it is really just 1 person who was doing it
Dec 10 04:31

wj25czxj47bu6q:
> <@strcat:grapheneos.org> GrapheneOS community raised > US$300k for legal fees to counter the attacks by Copperhead, which has not been used (I used my own existing money for the legal fees so far), and I think most people would agree nearly all of this is just derived from that initial takeover attempt in 2018 followed by the investment in attacks across platforms which other continued to this date

Honestly I don't think garden-variety trolls care about company history even if they know about it. They are just out to stir up drama, and it's easy when a group of people is already stirring up GOS drama.
Dec 10 04:32

strcat:
and then very rarely, a second person who has known them here for much longer claiming they aren't doing it

Luminant:
Many immature people attack those they can get a reaction out of.

strcat:
> <@wj25czxj47bu6q:matrix.org> Honestly I don't think garden-variety trolls care about company history even if they know about it. They are just out to stir up drama, and it's easy when a group of people is already stirring up GOS drama.

risen has repeatedly brought it up and lied about the history of GrapheneOS

> <@luminant:plus.st> Many immature people attack those they can get a reaction out of.

risen wasn't getting any reaction since he was doing it for months or even years without it being countered

clearly, ignoring it does not work, especially since he was successfully misleading some people here
Dec 10 04:33

and TAJ has built a large following of people duped by his completely blatant misinformation about all kinds of topics, is ignoring that working?

many of those people are now running sockpuppet accounts on Reddit trying to harm GrapheneOS across subreddits

leaving it and allowing it to get worse isn't solving it

and FYI what TAJ does is a direct attack on DivestOS too as I made clear above
Dec 10 04:35

and he **does** talk about DivestOS

Luminant:
I feel that since this room is relatively small, and comprised mainly of those with intermediate + knowledge of privacy and Gos being basically the gold standard for using android, spending this much effort combating non-backed-up claims is not that neccecary

strcat:
I decided that this was one place where I didn't want people being brainwashed with endless false claims about GrapheneOS

because there are a bunch of places that happened, and I decided to take a stand here and not put up with it
Dec 10 04:36

wj25czxj47bu6q:
> <@strcat:grapheneos.org> risen has repeatedly brought it up and lied about the history of GrapheneOS

I must have missed that. Still, they are just latching on to anything they can; it doesn't actually matter whether that history existed or not.
Dec 10 04:36

strcat:
we saw this happen in other communities where the earliest example is James Donaldson posting lies about he in the Samourai Wallet Telegram rooms for years culminating in a massive amount of harassment and misinformation from that community on a regular basis, where several members openly brag about running 'psy ops' against GrapheneOS (which I linked days/weeks ago here)
Dec 10 04:37

if I had gone there and countered it, it would not have happened and this actually would have avoided substantial harm

because when he started, they supported GrapheneOS and myself there

after 2-3 years of ignoring it, much different situation
Dec 10 04:38

you can post a completely blatantly false claim which gets refuted but 10% of people are going to believe the blatantly false claim, it is just how things are
Dec 10 04:40

you can post a completely blatantly false claim which gets refuted but 10%+ of people are going to believe the blatantly false claim to an extent, it is just how things are

grintea:
strcat: While tad may have been too lax in his moderation, that also doesn't mean it's productive to engage obvious trolls spreading misinformation for so long. It makes the experience worse for everybody else in the group, especially since the group isn't even focused on graphene. For any big project there will always be trolls, but when your project is good (graphene is very good), it can stand on its own and the users know that all the misinformation is just bullshit. There are graphene haters in other rooms I'm in too, and their ramblings don't change my perception on the project at all. However, what *does* change my perception on the project is when users and others start shitting up rooms engaging with these obvious trolls for days. And I'm sure that many people in this room feel the same. There will always be idiots and trolls, but your project has proven over many years that it's a quality project that can stand on its own. There's no need to engage with every single troll vying for your attention -- it's a futile effort and even more will pop up if they know that you're likely to engage them.

those are just my thoughts as another graphene user and someone who wants to see the project continue to succeed
Dec 10 04:44

just a "this is obviously wrong" is enough and if they continue about their shitty ramblings, people will learn to ignore them and the project will speak for itself
Dec 10 04:45

no need for a multi day dissertation that fouls the room for all other participants
Dec 10 04:46

wj25czxj47bu6q:
Anyways, I implore you strcat as a huge fan of your work to please please drop consideration for banning DivestOS using your patches. I completely sympathize with the horrible position you are in, but the DivestOS project is not attacking you and even puts your work on a pedestal.

Your issue with moderation in this room is completely reasonable and justified. Once upon a time (and somewhat still today) I too was extremely lenient with moderation before slowly becoming jaded enough to get more aggressive. I trust that Tad will sort things out in due time as he figures out what works and doesn't work in this community specifically. But I implore you to not take it out on the project itself or especially its users who have nothing to do with this.
Dec 10 04:47

strcat:
not going to make any license change that bans DivestOS using our patches but we don't have to be helpful and openly collaborative or welcome our changes being used
Dec 10 04:48

...

> <@grintea:nltrix.net> strcat: While tad may have been too lax in his moderation, that also doesn't mean it's productive to engage obvious trolls spreading misinformation for so long. It makes the experience worse for everybody else in the group, especially since the group isn't even focused on graphene. For any big project there will always be trolls, but when your project is good (graphene is very good), it can stand on its own and the users know that all the misinformation is just bullshit. There are graphene haters in other rooms I'm in too, and their ramblings don't change my perception on the project at all. However, what *does* change my perception on the project is when users and others start shitting up rooms engaging with these obvious trolls for days. And I'm sure that many people in this room feel the same. There will always be idiots and trolls, but your project has proven over many years that it's a quality project that can stand on its own. There's no need to engage with every single troll vying for your attention -- it's a futile effort and even more will pop up if they know that you're likely to engage them.

I'm the only GrapheneOS developer here and I didn't talk about it in our rooms so no one else came here because of me
Dec 10 04:50

the attacks on GrapheneOS across platforms have caused substantial funding, partnership and contribution issues for us

several of our developers were harassed into no longer being active
Dec 10 04:51

...

GrapheneOS main room was bricked by bugs in the state resolution protocol for the Matrix protocol which is incomplete and has undocumented issues

they are working on it internally and don't document the remaining issues because they could be exploited

they are working on it internally and don't document the remaining issues because they could be exploited to brick rooms
Dec 10 05:04
...

Mastodon has a bloated, buggy implementation too but what it does is far less complex and inherently not as demanding
Dec 10 05:19

...

despite the implementation being awful I was fairly positive about Matrix as a whole until our room recently got bricked and now I can't be
Dec 10 05:20

...

all the GrapheneOS servers are Arch Linux and using 5.15 LTS (linux-its package) and nginx stable branch (regular nginx package, which is a similar LTS with new branch every year)

I just use the Arch synapse package and when they fall behind more than a few days I rebuild it with new ver
Dec 10 05:23

...

and also Hetzner has issues with reliability and doesn't give you automatic serial console access, you have to request it and they go attach it for a while

we would like to move the Matrix server to a Hetzner dedicated server if we had more money to do that
Dec 10 05:44

...

if only other services were that cheap...

I could happily add 2 more backup DC locations and it wouldn't make any real difference since it's basically free

https://github.com/GrapheneOS/matrix.grapheneos.org/blob/main/remote-backup

https://github.com/GrapheneOS/grapheneos.social/blob/main/remote-backup

https://github.com/GrapheneOS/attestation.app/blob/main/remote-backup

https://github.com/GrapheneOS/discuss.grapheneos.org/blob/main/remote-backup
Dec 10 06:19

I recently stopped using floating IPs since they are making them $1.5/month other than for mail.grapheneos.org which needs an IPv4 address with good long term reputation

do wish we had cheaper hosting

it's a major issue (lack of cheap hosting, lack of cheap dev build servers to give ssh access to contributors)
Dec 10 06:27

Google gives us $2000 USD / month credit on GCP and hilariously that's about comparable to spending $80/month at Hetzner (not a joke) in terms of dev builds which is all we use it for (I don't use it myself)

Google gives us $2000 USD / month credit on GCP and hilariously that's about comparable to spending $100/month at Hetzner (not a joke) in terms of dev builds which is all we use it for (I don't use it myself)
Dec 10 06:28

hetzner's cloud VPS with dedicated CPUs aren't that much more expensive than their dedicated servers, maybe 2x, but it's billed in a fine-grained way so you can use it for 8 hours and kill it

hetzner's cloud VPS with dedicated CPUs aren't that much more expensive than their dedicated servers, maybe 2x-4x, but it's billed in a fine-grained way so you can use it for 8 hours and kill it
Dec 10 06:39

if you only used it around 1/4 of the time it'd be cheaper to use their cloud VPS if you managed killing it well

and you can snapshot and restore from snapshot

and put your main data on block storage drive you attach to the new one

we were using this approach pre-GCP-credit for contributors without good workstations but I just ended up giving them money for workstations
Dec 10 06:40

Baba:
> when? I have been here for months and they haven't said anything like that
You are blind than if you didnt notice what risen haf said and saying
Dec 10 06:48

...

risen:
SkewedZeppelin: How many times does strcat get to insult me before you will stop it?
Dec 10 18:26

...

risen:
> SkewedZeppelin: I'm not talking to risen, risen is attacking me, this is how it goes, if I reply you'll say it's both of us that are the problem, but it is not the case

SZ recommends Gos. I didn't like some of what I'd seen about the project previously, and said so. I tried Gos and did not like it, and said so. I've now had interaction with Gos leader and associates; I do not like it. It is not an attack of anyone to say I don't like something SZ recommends.
Dec 10 19:12

SkewedZeppelin:
that statement is completely fair criticism

but can we please all stop talking about GrapheneOS here

it is not the topic

s/criticism/opinion/
Dec 10 19:14

has anyone had any (new) issues with the recent 14/15/16/17/18 updates?

risen:
One last response please.

> risen has repeatedly brought it up and lied about the history of GrapheneOS

*This is ^* a personal attack. It is untrue.
Dec 10 19:16

> has anyone had any (new) issues with the recent 14/15/16/17/18 updates?
14&18 work great for me. A little confusion on which alpha or beta version of F-Droid to test, but that is only coincidental.
Dec 10 19:19

strcat:
> <@_xmpp_risen=2fdivestos-mobile=40conference.konvers.me:matrix.org> SkewedZeppelin: How many times does strcat get to insult me before you will stop it?

SkewedZeppelin: 12 hours after I last posted and far longer since this was last a topic
Dec 10 21:32

> <@_xmpp_risen=2fdivestos-mobile=40conference.konvers.me:matrix.org> > SkewedZeppelin: I'm not talking to risen, risen is attacking me, this is how it goes, if I reply you'll say it's both of us that are the problem, but it is not the case
> SZ recommends Gos. I didn't like some of what I'd seen about the project previously, and said so. I tried Gos and did not like it, and said so. I've now had interaction with Gos leader and associates; I do not like it. It is not an attack of anyone to say I don't like something SZ recommends.

and again

> <@_xmpp_risen=2fdivestos-mobile=40conference.konvers.me:matrix.org> One last response please.
>
> > risen has repeatedly brought it up and lied about the history of GrapheneOS
>
> *This is ^* a personal attack. It is untrue.

risen lying again

again, 90% of what he's doing here is making baseless and false attacks on GrapheneOS, throughout the day
Dec 10 21:33

dlnb:
Wrong channel*
Dec 10 21:38

SkewedZeppelin:
> One last response please.

risen had their write permission removed

14.1 RC#1 December ASB builds have started

after they finish I plan to start 20.0
Dec 10 21:44

...

hotdog:
can anyone send me risen's XMPP address?
Dec 11 04:02

SkewedZeppelin:
hotdog, I will not disclose anyone's xmpp address per privacy policy
Dec 11 04:03

hotdog:
mmm... can no longer find him in room in Dino to send DM, guess he left, that's why I asked
Dec 11 04:05

thecast:
I think SZ said earlier that PMs are disabled in here anyway
Dec 11 04:53

badromance:
strcat: is the new fxtec shipping in dec relockable? did they refuse to send u/devs a free device?
Dec 11 05:54

strcat:
don't know about it, and no reason they would send us a device
Dec 11 05:55

badromance:
strcat: what if someone from gos asked? cant hurt?
Dec 11 06:04

strcat:
we'd first have to know if it meets the requirements
Dec 11 06:05

badromance:
strcat: where r the fuľy detailed reqs? or is it just that one pg on gos site?
Dec 11 06:08

strcat:
there's not a fully enumerated list of requirements on the web site

and it doesn't really work that way
Dec 11 06:09

we need a secure element providing the StrongBox keystore with the expected features, Weaver, insider attack resistance and so on but that doesn't mean simply having that is enough, it needs to be a good implementation

and it's a lot more than that
Dec 11 06:10

badromance:
strcat: r u intentionally keeping it semipublic?
Dec 11 06:17

or semiprivate even
Dec 11 06:18

strcat:
no

it is not as simple as you seem to think it is

and it changes over time

https://grapheneos.social/@GrapheneOS/109484290154201406

here's a thread about a security feature currently exclusive to Pixel 6 and Pixel 7 which we use
Dec 11 06:23

we are likely the ONLY users of this feature, the stock OS doesn't use it, and I doubt anyone else does since we reported bugs that made it unusable until this month's patch

also *we proposed the feature*
Dec 11 06:24

we of course could not have considered this a requirement before because it wasn't available as a working feature until this month

do we consider it a requirement now? no

would we be interested in supporting phones with 2 dozen features like this missing? not really

things get better over time, and so our expectations get higher
Dec 11 06:25

problem: Pixels are getting better at security faster than other vendors, and other vendors tend to have really obvious major dealbreakers like not even shipping the full monthly mandatory + recommended patches on time

our expectation is we have to work directly with an OEM that's very interested in making a secure phone, has the resources (money, talented engineers) to do it and we push them to do the right things based on our experience with it
Dec 11 06:26

otherwise there isn't going to be a non-Pixel meeting our requirements, because we are willing to make SOME sacrifices like not having that particular feature, but there is a limit to the sacrifices we are willing to make
Dec 11 06:27

if the phone is just missing a few non-critical security features, has proper security updates and all the basics, we could make some sacrifices simply to have a non-Pixel phone to make people happy

but we're not supporting a phone without the basics

lack of proper monthly security updates (both mandatory + recommended patches) -> dealbreaker
Dec 11 06:28

lack of verified boot + attestation for alternate OS, which actually works (i.e. not OnePlus/Oppo attempt) -> dealbreaker

lack of 4 year security support guarantee -> dealbreaker

(Pixels are 5)

anyway just those 3 things I listed, it rules out every non-Pixel phone

> <@strcat:grapheneos.org> lack of proper monthly security updates (both mandatory + recommended patches) -> dealbreaker

these 3

not even including stuff like secure element, and the secure element implementing the same AOSP APIs as Pixels
Dec 11 06:30

simply the security update point probably rules out almost everything, vendors tend to mostly just ship mandatory patches, and late

SkewedZeppelin:
that fxtec was supposed to ship like two years ago?
Dec 11 06:33

soc is from 2020
Dec 11 06:34

strcat:
from our perspective that's a no go just based on it not being possible to have 4 year security support or the expected SoC security features
Dec 11 06:36

we could support a well made Snapdragon device implementing the expected/recommended security features with a current generation SoC launched any time during the time that's the current SoC

and they have to make stuff usable by an alternate OS and provide proper alternate OS support for AOSP and for the hardware security features
Dec 11 06:37

...

...

...

...

Back Up Forward

Copyright 2022