| ▲ | bernoufakis 2 days ago |
| To put it simply, the (at the time) lead developer of GOS and Rossmann had some disagreements. At the time, Rossmann was mainly using GOS, but due to what he perceived as hostile behavior from GOS toward him through their communication, he opted to stop using GOS (at least on his main device, as he claims). His rationale was that the behavior of said lead developer was not "rational" and "scary", and since the developer has not only edit access to GOS code but also update publishing infrastructure, Rossmann's data or himself could be targeted through malicious code pushed via an update, for example.
While GOS is opensource and malicious code or exploits could be detected by the community, he himself did not have confidence to audit the source code to make sure it was safe, hence his decision to stop using. By risk factor, I think the grandparent suggests that something similar could happen to someone else using GOS, the risk factor being essentially at the mercy of GOS developer, would they wish to harm said user. |
|
| ▲ | other8026 2 days ago | parent | next [-] |
| > Rossmann's data or himself could be targeted through malicious code pushed via an update, for example. While GOS is opensource and malicious code or exploits could be detected by the community, he himself did not have confidence to audit the source code to make sure it was safe, hence his decision to stop using. This isn't even possible given how updates on GrapheneOS work. The update client doesn't send identifiers to the update server, and the update server only hosts static files. Rossmann either doesn't understand this, or he made it up to get more views, or possibly to entertain fellow Kiwi Farms members. To be honest, I don't think that he didn't understand that he couldn't be targeted. He continued using GrapheneOS for months after the video. As I understand it, it was clear in a few videos months after the initial video was published. |
| |
| ▲ | bernoufakis a day ago | parent [-] | | > This isn't even possible given how updates on GrapheneOS work. The update client doesn't send identifiers to the update server, and the update server only hosts static files. > Rossmann either doesn't understand this, or he made it up to get more views, or possibly to entertain fellow Kiwi Farms members. Expecting a layman to know that is not reasonable. The argument is not about the GOS updates work in practice.
It is about the "perpection", from Rossmann's perspective that the lead dev of the OS is hostile against him.
Humans are not purely rational machines, and given the choice of either 1) spend hours auditing source code and updates pipelines (every release ?) and 2) stop using it for critical purpose, the latter is the easier choice, especially for a busy person like him. > To be honest, I don't think that he didn't understand that he couldn't be targeted. He continued using GrapheneOS for months after the video. As I understand it, it was clear in a few videos months after the initial video was published. For all we know, he is using it on his secondary device where he has removed what he deems critical.
Again, Rossmann NEVER said "don't use Graphene OS", or "Graphene OS lack security" or anything of the sort.
If anything, even after that video, he kept recommending GOS whenever he talked about privacy. His argument is that he did not feel safe knowing using software from a hostile developer; and that he can't be bothered / not qualified to audit the code well enough to make it worth it (which is reasonable if you ask me, and I dare say most people). Edit:
> Rossmann either doesn't understand this
Again, I agree with you here. He does not understand. He trusted the developer(s) to know what they are doing, but they broke that trust by being unreasonable, to say the least.
He is under no obligation to understand.
As for what you stated after that, I won't comment on it as I don't read minds, and pretty sure neither do you. | | |
| ▲ | other8026 13 hours ago | parent [-] | | There are a couple of comments in response to my own saying basically the same thing, so I'll do the same... Rossmann shouldn't be excused for making his harassment video about Daniel because he doesn't understand how things work. Anyone who bothers to think about it for a moment would understand that someone who had been swatted 3 times by a crazy person spamming community chat rooms with illegal content would be extremely upset. Someone tried to _murder him_ and was trying to destroy the project, and then this video comes out leaking a private chat, and Rossmann portrays him as crazy? Rossmann knew what was happening and then his first thought was to start recording? How is that justifiable? You confessed you are a Rossmann fan in another comment, but even a fan should be able to see what had gone on here... > Expecting a layman to know that is not reasonable. And you are defending the inaccuracy in his video saying he's afraid of being targeted when it's not even possible, and your excuse for him is that he doesn't understand. There is no excuse for his video in the first place, but to also add this falsehood that he even can be targeted is extremely damaging for a project prioritizing privacy and security. And yet even though I'm sure he knows this now, as far as I know he hasn't retracted what he said. I don't think he cares about accuracy. Among other things, he's a YouTuber and he got views and attention, so I guess he got what he wanted at the expense of someone else during an extremely trying time. I don't think that's justifiable, I think it's scummy. > If anything, even after that video, he kept recommending GOS whenever he talked about privacy. Doesn't excuse what he did. |
|
|
|
| ▲ | gtsop 2 days ago | parent | prev [-] |
| So rossmann literally feared of a patch that was like this getting into graphene if (user is rossmann) { // do bad things
}makes me think who is paranoid here. |
| |
| ▲ | fph 2 days ago | parent | next [-] | | Note that this patch would have to be sent out to all users though, since I don't think there is an authentication mechanism that lets them send out different upgrades to different users. And if your whole business is a secure OS, it's a very risky proposition: you get caught doing this once, and your reputation is gone forever. | |
| ▲ | bernoufakis 2 days ago | parent | prev [-] | | Your example is a strawman, as a determined enough actor, especially a security expert(s) like GOS developers could pull it off and get such patch / exploit.
The probability is not zero.
It will probably not be obvious to spot, would be spread over multiple files of code that don't necessarily relate to each other at first glance, as many documented CVE illustrated (one that comes to mind given HN context is the XZ utils backdoor from last year for e.g.) Rossmann himself has no confidence to audit the code, so why take the risk ?
Good enough reason to be "paranoid", or at least feel uneasy about it if you ask me. | | |
| ▲ | gtsop 2 days ago | parent [-] | | Is it really a strawman? At some point, the code would need to identify rossmann. Please elaborate on the techniques required to do it and how it could be obfuscated. GOS doesn't use an account, so the code would have to perform very targeted heuristics in order to verify this is Luis' phone. It would have to compare his sim number against a known one, or dig into application data to find his logins and compare them against known emails. So the only way to not write `if (user is rossmann)` would be to send various diagnostics over the wire, to a service that contains these identifiers and perform the comparison onlinr, meaning he would introduce an imense security whole into everyone's phone, and everyone would see there is a home calling. So it's either a patch of if user == rossmann, or a home calling patch. | | |
| ▲ | bernoufakis a day ago | parent [-] | | > Is it really a strawman? At some point, the code would need to identify rossmann. Please elaborate on the techniques required to do it and how it could be obfuscated. I don't have to elaborate techniques. If a determined (and potentially mentally unstable) developer decides to leverage their full control over the OS to make it happen can. I don't have to elaborate on the techniques which might or might not exist yet.
Stuxnet only targeted specific Iranian systems, a needle in a hay stack, was spread did not harm random devices across the globe, and stayed mostly undetected. And this was done without "developer access" to the software itself.
Is it hard ? Yes. Is it likely (especially given the knowledge of how GOS works) ? Perhaps not. Is it impossible ? Definitely not. When the lead dev of the OS you use daily threatens to "publicly expose you" as a user, I won't blame said user to stop using the software. And even less, to provide such data point regarding the behavior of that developer. | | |
| ▲ | other8026 13 hours ago | parent [-] | | > mentally unstable It's not appropriate for you to be saying these things. > Stuxnet only targeted specific Iranian systems, a needle in a hay stack, was spread did not harm random devices across the globe, and stayed mostly undetected. And this was done without "developer access" to the software itself. Is it hard ? Yes. Is it likely (especially given the knowledge of how GOS works) ? Perhaps not. Is it impossible ? Definitely not. This makes no sense. GrapheneOS is an open source project and anyone can look at the changes made by the project. Even the OS is reproducible and people do check that, apparently, so GrapheneOS would be caught if they were making changes. Like I even found this repository just now after a quick search https://github.com/lucasbeiler/reproducible-builds-grapheneo... GrapheneOS isn't just some random OS that nobody has heard of. There are lots of eyes on it, so sneaking some backdoor into the OS would be very difficult and extremely stupid. One misstep and the project would be gone. Do you really think Rossmann is worth that? I don't. > When the lead dev of the OS you use daily threatens to "publicly expose you" as a user, I won't blame said user to stop using the software. And even less, to provide such data point regarding the behavior of that developer. I've already pointed out in other comments that he had no good reason to fear a targeted update. It's just not possible. He should know that by now, but as far as I know he has never retracted that part of his video. |
|
|
|
|
