Hans-Christoph Steiner
Follow

Dear tech media, could we please stop using GrapheneOS as the judge on what's secure? I respect very much what GrapheneOS has built, but their stance that free software is not important to security is very short sighted. They literally are willing to call binary blobs secure because someone told them they are? They have no other standard to go on, since they can't inspect them.

theregister.com/2025/10/15/fsf

· Web · 5 · 11 · 21
Marcial 🇨🇷🇻🇪  

@eighthave One of the biggest tells of security isn’t in the codebase, its behavior. You could write malware into an open-source piece of software and have it be so obtuse that it goes unnoticed for years, as with what happened with the XZ utils. That was only caught because a program BEHAVED oddly, and a Microsoft employee noticed.

Whatever proprietary software Graphene is using, I’m sure they’ve ensured its behavior matches the security standard they uphold.

1
Hans-Christoph Steiner  

@moshimotsu there is a very good reason why security audits are done on source code. Yes, observing behavior is important. Then when one has the source code, one can follow up and confirm the exact behavior. With a binary blob, that is not feasible.

0
🎃Jester-Abyss-ephEmeral-333🎃™  
@eighthave what do you suggest as an alternative so something that is both secure and fsf-approved? @rms likely would recommend not ever using a phone.
1
Hans-Christoph Steiner  

@jae @rms That's exactly what the FSF Librephone project is trying to build: a phone that RMS would recommend. They are going to take LineageOS, find the device they can most easily replace all the binary blobs, and start working on that one.

1
🎃Jester-Abyss-ephEmeral-333🎃™  
@eighthave @rms that seems reasonable albeit a lofty goal with a lot of r&d. the correspondence ive had prior im still not sure rms would ever use a cell phone of his own. maybe he will chime in this thread. last time we talked we were discussing alternative systems focused mainly around pocsag pager which ive ran for years now.
0
atopia  

@eighthave @rasumi As @GrapheneOS points out, stubbornly preferring the outdated version of proprietary firmware to updated binary blobs is indeed pretty unreasonable and Rob Savoye mentioning Secure Boot doesn't exactly inspire confidence in the endeavor either.

0
Fossman  

@eighthave @thomasclaburn : )

0
Else, Someone  

@eighthave

I retweeted this yestertday, but then smb pointed out that...

> They literally are willing to call binary blobs secure because someone told them they are?

...this never really happened? At least I followed the links and the stance they express in the thread is nothing of the sort, just a neutral "out of scope" dismissal.

I share the sentiment otderwise, IMO @signalapp and Moxie have done a lot of harm in this regard, sort of reenacting Telegram's denial policy but wrt gservices

1
Hans-Christoph Steiner  

@nobody @signalapp It happened because GrapheneOS claims to do everything for security, but then, dismisses projects that aim to replace binary blobs with free software. So perhaps they did not literally say what I wrote, but that's my synopsis of their logic, as far as I can follow it. I know of no standard to audit binary blobs with any reliability. Moxie was also never a believer in free software, his hand was forced by OTF to make Signal free. It was a requirement to receive funding.

1
Else, Someone  

@eighthave
The post said "we don't care for getting fsf approval", nothing about librephone
@signalapp

0
Sign in to participate in the conversation
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml