> fsflover

Thanks for the clarification. Free software ideology is not like a religion, where people believe in a god. Every Stallman's essay explains a very practical reason for following his ideas. FLOSS protects you from the enshittification, walled gardens, backdoors (to a degree) and similar things.

GrapheneOS have put themselves in Google's walled garden in terms of the supported devices and now Google can easily make them less secure or even kill them completely at will.

This is like saying "you clearly have an ideological bias that favors democracy/ or freedom even if it goes against reason". Sometimes a tyranny is more efficient at forcing people to do a particular thing, e.g., produce weapons. It doesn't mean that choosing it can be reasonable sometimes.

> All SoCs are a black box and all of them are made by untrustable companies

You clearly can't understand that different people have different threat models. This is a huge problem of GrapheneOS developers: they never accept this possibility and force the single threat model upon everyone. This reminds me of Apple by the way: They do the same. In reality, some people can trust Chinese devices more than Google's ones (imagine that), or trust a particular company that didn't perform a ton of evil action like Google did (that's me and many others).

> There is no good solution to this

The good solution to this is security through compartmentalization, which is the best security approach ever invented. The more varied hardware people use, the harder it is to make a targeted attack or to mass compromise every single device sold.

> most of the evidence that is available shows that GrapheneOS on Pixels are the most secure phones currently available

I don't dispute that, and you won't find me saying that GrapheneOS is insecure in itself. I am saying that they did a wrong bet long-term, and their approach leaves a lot of people without Google's hardware insecure.

> not security theatre, whereas if they also supported phones that didn't even let you lock the bootloader it absolutely would be.

Once again, this is implying one single threat model upon everyone. I never leave my phone unattended, so nobody can secretly reflash it. And whenever I suspect a compromise, I reflash it myself using a disposable VM on Qubes OS. Does it look somewhat secure to you?