Your logic doesn’t escape me but in point of fact, when we’re talking about GrapheneOS we’re not talking about volunteering usage data to Google. GrapheneOS does a better job of protecting user privacy than any other mobile option I can think of.
The problem I have is treating security and privacy like they’re opposing forces. They’re not. You don’t need to make security concessions to ensure privacy and that line of thinking doesn’t make sense when you examine it.
Genuinely curious: what your privacy metrics (what does this actually mean to you) and what is an organization that you trust?
I’m sorry, but that’s just not how security works. Most of the “security” features exist because of patching known vulnerabilities. What this means in real terms: vulnerabilities and how they work are published to the public. There are people who specifically write and sell malware to exploit these known vulnerabilities. This is happening all the time. If you have a permissive security model, you are opening all of your information up to compromise
You cannot reasonably expect privacy on a system that makes major concessions to security. Security is necessary for privacy. The two are not the same thing, but one is needed for the other.
But also… GrapheneOS is in fact a very privacy-friendly operating system. I would consider it the most privacy-friendly in fact.
I don’t think it’s ironic. Google benefits massively from their projects like AOSP or OpenTitan being open source, and they even benefit from projects like GOS doing some heavy lifting for them in developing bug fixes that get integrated upstream.
The fact that their mobile phones are relatively friendly to alternate operating systems is of pretty significant benefit to them.
Google is invested in security research, albeit usually for reasons that don’t benefit users.
I find the criticisms of the founder pretty seriously overblown. My interactions with him have always been positive. He’s on the spectrum and a lot of people engaged in pretty serious abuse toward him and the project he created… so I’ll give him some slack.
I’ve used GrapheneOS for 5 years. It’s good, the project has integrity, and there really isn’t anything that meaningfully compares in meeting its goals. It’s proactive in that they actually do meaningful security research and implement solutions. People who troll on the project are either straight up bad actors or just stupid.
I think that’s a good baseline. Not placing unnecessary trust is definitely a priority. The idea is definitely to remove as much of the need as possible for trust.
You have good goals and they are attainable. I wish you luck.