Comment by strcat
8 days ago
GrapheneOS provides major privacy enhancements including Contact Scopes, Storage Scopes, Sensors toggle, per-connection Wi-Fi privacy via per-connection DHCP state + MAC randomization and far more. It's a privacy project and privacy depends on security so it heavily focuses on protecting against exploitation of privacy and security vulnerabilities too. Privacy and security are not separate things from each other but rather closely tied together and our work is on both for the sake of improving privacy. Our only reason to work on security features is protecting privacy.
I won't argue with you on the project-related part of it, you obviously know best there :) Thank you for all the work!
But how would you "rate" for example desktop "GNU/Linux" with this in mind? Quite clearly privacy is important here and none of the major components leak/store unnecessary personal data. But the security story is quite sad, everything runs as the same user so a random `npm install` can just do whatever it wants with my browser caches, ssh keys, etc. I would say that GNU/Linux is privacy-friendly, but has terrible security. Would you not agree here? How does this fit with the "privacy and security are not separate things" part? Genuinely curious about your opinion here, not arguing for the sake of it, they are just not as closely connected in my mind. For example Google has a good track record of having safe practices regarding data storage -- but privacy is not their strong suit/hard to define what it means for a company to begin with.