I dont want to start a fight or anything like that, I have to decide between these 2 and cant figure out which is the best and why, mostly because if you ask on X they just start swearing to each other without giving any real explanation, can anyone help a person who want to embrace privacy and anonimity?
1/ I know Pixels are technically the best. That's not the issue. My issue is: I am not giving my money to Google, and certainly not for the purpose of escaping the Orwellian dystopia they're building around us. It's not a technical problem, but a question of principle.
I know some people argue that buying Pixel phones specifically to install a deGoogled OS sends Google the message that people are willing to pay for the privilege of preserving their privacy, and the more people buy Pixel phones for that purpose, the louder the message and the more likely Google will finally listen and convert at least part of their business model away from corporate surveillance.
But you know what? That's bullshit. Google will never stop violating people's privacy and monetizing people's data. They just take your Pixel phone money and laugh all the way to the bank at how naive you are.
I will NEVER give Google a single dollar. Full stop. It's not even an option. I'll take the additional risk of using a non-Pixel phone - which, for my threat model, it completely insignificant anyway.
2/ I'll pay whatever it takes to escape Google, and also give the throwaway economy the middle finger. As a well-to-do first-worlder with plenty of disposable and grown up children who have left the house, I have the means to buy overpriced equipment that's compatible with my worldview.
3/ I don't care about drama regardless of where it comes from. Quite frankly, I don't even want to know: I've read enough about and around what was going on with DM to just give the whole thing a pass. Besides, like I said, the man seems crazy enough that it basically invalidates any trust I might have in his code, and it's precisely the type of application for which I desperately need trust. I don't trust DM nor his code, and that's not even a community issue.
I have neither the time nor the desire to review MD's code. I need a working cellphone OS that I can place a reasonable amount of trust in. The Calyx Institute looks 100% legit, run by normal, rational people who aren't off their goddamn minds, and I trust what they do a lot more than GrapheneOS because a lot of GrapheneOS was put together by a nutjob.
Really ? This is the first time I'm reading this, as a person who own 3 pixels actually, and this is too rich for me, people seriously think that ?
But seriously, the reason, I always go for, and recommend a pixel, is because
A - they're available B - they're easy to unlock and flash ( and that's not by accident, Google engineers who still have some humanity and ethics are doing it ) ( although pixels from Verizon are always OEM locked ) C - they're cheap, especially older models
That said, If the circumstances allowed it, I'll do exactly what you did ( FP + CalyxOS ) or just buy a Murena Phone ( and help support a company that fights for user digital rights in the process ) or maybe go "based" all the way, and buy a Pinephone ( + PostmarketOS )
So, hope you didn't interpret me saying ( FP is expensive ) as it's not worth it, as you explained if Adding ~ not supporting a monopoly ~ checkbox to the list, then FP is totally worth every penny, and it's highly unlikely they lock the bootloader in the future ( can't say the same for Google )
DM actions has damaged his project, there's no denying that, and I don't blame people for not running someone's code inside their phones, because they feel uncomfortable about the person himself
And that often leads to harsh judgments like this one :
Idk DM personally to make that kind of judgment, but I do know that he's a brilliant security researcher, and the work he put into GrapheneOS made it leagues ahead of any stock Android, and you don't have to trust him, the code is on github, and it's not made by a bunch of shady cipherpunks, many organizations supports and recommend GOS, such as this one
If we were to judge a project by the actions of one of their Devs, then we're just killing the free software movement from inside, this is something that I keep thinking about actually, Linus torvalds went as far as telling someone to kill themselves, and he admitted that: his not a people's person, RMS with his attitude... Etc
So, what I'm trying to say, is that we should be objective, Open source is way of developing software, and the people behind that software, their takes, their tweets, them drinking alcohol, being abusive.. Etc has nothing to do with software, the software doesn't feel.. humans do.. But is it enough reason to discard that software and trash it, or worse cancel the developer from society ?
I think, if we see that kind of behavior within our Foss community, we must not trash the software and developer, and abandon their project, I think that's too harsh, and no developer deserves that. Instead we should make them aware of their behavior..
DM, got aware after that incident with Louis rossmann , and stepped down, and he was open about having mental issues and he needed and still needs help... Maybe I'm too sensitive and emotional but that's me,
Also, what if someone new to the privacy community sees people trashing other projects, because of their first impression or whatever.. That doesn't help anyone
Yes. There are deluded, wide-eyed idealists who believe Big Tech should be shown that there are honest ways to make money off of direct sales and they don't need to put people under surveillance, and the best way to show them is proving it with their wallets. What they fail to realize is that Big Tech is unprincipled to the core, and the unprincipled way of making money off of people's privacy is orders of magnitude easier and more profitable.
I have nothing against people who have mental problem. Hell, many people who get heavily involved in computers and into free software are on the spectrum and I have no issues with them or the software they made, which I enjoy using.
What I have a problem with is code made by people who make threats. I don't care why they make threats: if they can code, they can code revenge code. And I have a problem with code made by people who have a persecution complex for the same reason.
DM thinks he's persecuted and he did make threats. Repeatedly - unlike Linus. I'm sorry for him and I sympathize on a personal level, but that makes his code quite untrustworthy, because his motivations for making the code and the state of mind he was in when he made the code make the code inherently suspicious. And like I said, I don't have the time nor the desire to go through and vet his code. I have enough projects to take care of myself without having to second-guess someone's suspicious code.
He may be a genius security researcher and he may be the most talented individual on planet Earth. But in the line of work he chose, having a squeaky-clean reputation and credentials is everything, and his personality issues unfortunately damaged both and tainted his work.
Personally, I preferred not to take the risk and I went with Calyx's work which, while perhaps not as hardened as DM's libraries, is adequate enough for my threat model and - most importantly - made by people with a clean rep. At least it was one of the factor, since I was never going to buy a Google phone anyway, and GrapheneOS only supports Google phones.
Well, all I can say is that your arguments are theoretical ( so far )... DM is innocent until proven otherwise..
Not saying "trust" isn't a valid criteria when choosing software, It is... But I can't see anything shady about the project, it's a joy to use, and for what's it worth, I never looked at buying a big tech phone and flashing a custom ROM as a solution, it is, but a temporary fix, real solution in my opinion is a Linux phone that can run Android apps
this 👇 is not theoretical though, buying a pixel does support Google, that's why you buy a used pixel, minimizing the damage I guess
GOS also got code upstream in AOSP.