Olivia
Online
Muhammad
@TheVancedGamer
Joined August 2024
7 Following
31 Followers
72 Posts
@CKvikant @GrapheneOS Not really, the same dev can host their own signing service for the same security, but with verifiability too
It's kind of funny how @GrapheneOS wants to let everybody know about the "dangers" of "closed source operating systems" yet they themselves ship precompiled, presigned applications that are included in their OS and are NOT reproducible, the most you can do is compile them out of tree and include them manually.
And even then, this is still a MAJOR security risk as their precompiled apps have permissions that you really don't want apps to be granted implicitly.
I've attached a photo of all the permissions available to the Messaging app, which is included in GrapheneOS at build-time as a prebuilt application. I should mention this, the aforementioned Messaging application has no form of reproducible builds, meaning the only way to update these apps is for some developer to manually build this application on their build PC, sign it and then push it to a git repo. Imagine the security implications of that. (You can unzip the app yourself to check the manifest too.)
https://t.co/jkexmKeNz6
This is the module included into GrapheneOS. Meanwhile the actual messaging app is at https://t.co/1nwBxnWQx8. For reasons beyond me, GrapheneOS devs thought it fit to remove the Android blueprints from it, therefore making this app unbuildable inside the Android source itself.
https://t.co/T9INpRDHeZ
The inclusion of said prebuilt Messaging app.
It's not just this app either. The included App Store, the Camera app, hell, even the Auditor. All of these apps are presigned and precompiled, and granted implicit permissions to do whatever. Why not compile them in-tree? WHY go out of your way to make them unbuildable by removing the blueprints? It's not about adding one yourself and doing it yourself, that's completely besides the point. The point is, why is some OS claiming to be security focused, yet has the ability to infect devices with a theoretical malware spread with these prebuilt apps? Why are these apps not built in-tree in the first place!? There is literally no excuse, every other app is compiled in-tree except these GrapheneOS inclusions.
How does it feel to trust a random person with an app that can theoretically upload all your data to a remote server without your knowledge? Further more, besides doing such things, GrapheneOS devs have the _nerve_ to go forth and cement their beliefs on others? When they themselves don't commit to their standards? If this isn't an absolute form of hypocrisy, I really don't know what is.
Maybe this post will instill some form of awareness in die-hard GOS fans. Maybe I'll get to deal with insane backlash. Who knows. At least I'm putting it out there. Maybe one day we'll get to know that this entire project was a honeypot.
@c1ph3rn0m4d @GrapheneOS Vanilla Android doesn't shove untraceable artifacts into a build, instead it uses a proper CI system at https://t.co/wuSo8jrego to do that. Maybe check your evidence before making such claims. :)
@__extern_inline @GrapheneOS It doesn't really take a genius to realize that a bad actor within GOS could also sign said app and push it to the git repo. Of course it would eventually get caught because of reproducible builds, but it would spread regardless.
Honestly this should be concerning for @Moto @Moto_Support, a project can't battle a simple criticism. If a project won't implement a simple verification method for apps, and instead offloads it all to the user, how can you expect them to act under good faith all the time? This same project that advertises itself as one of the most secure operating systems, won't implement a verification step like every other project does.
Upon further criticism, they said that "it's standard for Android to push prebuilt apps in a git repo and include them". But is it really standard when it's one person uploading the apps manually into a repo, with no real trace of origin? Sure, the apps might be reproducible now, but will it remain the case? How can you know that the app was built without tampering? Every other project implements some form of publicly available verification. Even Google has https://t.co/o5D6xK4Gat, yet apparently that doesn't comply with their non-existent standards.
This same project was previously criticizing /e/ OS for using prebuilt apps, but it's fine when it's themselves? A really huge case of superiority complex. If they won't agree to publishing origins of their built apps, who knows what else they're hiding.
@__extern_inline @GrapheneOS CI logs might not, but SHA256/512 hashes will. How are you gonna disprove hashed source trees and hashed artifacts?
@__extern_inline @GrapheneOS So was I, there isn't any Android "standard" that mandates pushing prebuilts into a git repo without any traceable source. In fact it's quite the opposite when even Google has a fully end-to-end CI with artifacts being delivered.
Someone mentioned on the post that Google also has prebuilts and kernels built and packaged into the OS out of tree. Which is kind of hilarious as https://t.co/o5D6xK4Gat exists, which does exactly what I've been complaining about. You can trace the origins of all artifacts used in an AOSP build, you can verify that they're untampered and you can also see what code was used to compile it. Meanwhile Graphene keeps countering with "others can verify it for themselves". Which sounds really fishy.
e.g. https://t.co/1gREm6if3l has the compiled kernels used in Android. You can also check every other artifact out yourself.
you know the last point makes me really laugh. because unlike Graphene, Google has a completely public CI with verifiable artifacts at https://t.co/o5D6xK4Gat, and for the kernel, they also have https://t.co/1gREm6if3l. Maybe you should try opening it and see that Google does in fact have CI for everything, including kernels. :D
@GrapheneOS yknow even with current reproducible builds, I kind of want to see some sort of proof of origin. it's entirely possible that these apps could be hijacked and delivered to specific entities.
@__extern_inline @GrapheneOS doesn't build for me, and besides, that's a debug build, and unreproducible for every run :D
@__extern_inline @GrapheneOS the app doesn't even compile right now, it depends on in-tree modules while being out-of-tree
@GrapheneOS @TrueAmPatriot86 https://t.co/17v7BH55xR
Where is the signed tag that proves that this app was compiled from a clean tree?
@TrueAmPatriot86 @GrapheneOS So every GOS user is meant to compile the app and verify it themselves?
@GrapheneOS @watch_rome_burn @forbiddenADA Then prove it that every release put into the git repos so far was compiled without any changes to the source. Thats really all that I ask for.
@GrapheneOS @watch_rome_burn @forbiddenADA Then make said stored apps verifiable. Make it so that i can check whether the app in the repo was compiled from the same code that's published, without having to trust someone.
@GrapheneOS @watch_rome_burn @forbiddenADA I only said verify the apps that you build out of tree, if you want to move them out of tree that's fine, but make it verifiable, unlike right now where it's uploaded by some random guy
@GrapheneOS @TrueAmPatriot86 didnt say a web interface, a publicly viewable CI can provide you with hashed source data to verify with the public repository, and hashed artifacts to make sure it wasn't edited. Not really that inaccurate
@GrapheneOS @TrueAmPatriot86 HOW do you keep deflecting this simple question that i ask. Show me that your apps are built from the same tree that you say they are, with absolutely no variations in the output code.
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers