Comment by palata

> If you can't use your own keys and verify the process yourself

The thing with security is that it is a gradient. Too many people try to win arguments on security by saying a variant of "anyway you have to trust somebody, so it will never be secure". This is exactly what you are doing here.

Say I trust GrapheneOS, the security model guarantees what I said. Obviously I have to trust something, I won't audit every single line of code and assemble billions of transistors myself.

> every year they are responsible for letting their users get scammed

Second tactic for winning a security argument: "but the users get scammed anyway". Sure they do. Because they have to. If you have a system that popular with zero scam, it probably means that the attackers don't even need to attack the human because the system itself is insecure.

Phishing will always exist. If a system is very secure, the easiest way to attack it is to phish the human that has control over it. Complaining about that is weird... what do the people who complain want? One of those two:

- "Please make the system less secure, so that the attackers don't have to attack the human because they can just compromise the system directly"

- "Please keep making the system secure, and keep removing rights from the users, because the users prove over and over again that they cannot be trusted with anything"

You see where I am going. If you only optimise for security, then you remove all the freedom. But we obviously want freedom. So it's a compromise.

Now this compromise is a choice, and different systems can make different compromises. The freedom I want is the freedom to choose my system. I want to be able to install GrapheneOS on my phone. Complaining about macOS not being Linux would be weird: if I want Linux, I use Linux. If I use macOS, well then I have to live with the design choices of Apple.