This looks hugely blown out of proportion. The project founder has a well documented history of what I would consider a persecution complex. Once again he has provided no substantial evidence. The only thing they provided are some, admittedly borderline libelous, news articles. Unless they provide some more concrete information about these supposed attempts of getting a backdoor installed into the system, I will consider this as just another day of GrapheneOS drama.
The evidence is not "news articles", but the contents of those articles where a high-ranking prosecutor threatened to go after GrapheneOS "if they don't cooperate with the law".
No matter your feelings about the creator, I think this was entirely the rational choice.
France is pro-Chat Control. For about a year now there's been an anti-drug trafficking fervor among legislators and government, in which they've pushed for encryption backdoors (separate from Chat Control at the EU level) and recently threatened GrapheneOS. The country is politically unstable so future politics are hard to predict, but anti-encryption politicians stand a good chance of winning the next election. Any rational project would move out.
I don't disagree about leaving France over their position on chat control or legislation.
I disagree about them essentially spreading misinformation about what actually happened. One prosecutor, that probably doesn't even know what GrapheneOS is, making boisterous claims to the press, is not the same as being contacted by the state about adding a backdoors.
Interviewed cop says they'll go after them if they don't cooperate, which would mean a) requesting assistance to law enforcement via means such as backdoors and server seizures and b) resulting in legal steps against the organization and its members by France. Who in their right mind wouldn't take this a threat? After Wikileaks, the Telegram CEO, pushes for chat control and other authoritarian techniques?
Sure, the cop might be a nobody in the grand scheme of things but they're representing a government agency publicly so they're probably not babbling out nonsense in a bar somewhere, being overheard by a reporter.
I expect that most cynics would just keep their heads down and use iOS or something. The intense idealism needed to motivate something like Graphene is compatible with paranoia, but not with weariness.
> The intense idealism needed to motivate something like Graphene
Yes, the intense idealism of the brainwashed and oblivious prompted the realistic Graphene creators to do something themselves instead of waiting for other realistic folks who happen to be few and far between.
A European Arrest Warrant would make the entire EU off limits. Which makes me think they haven't thought this through and are just overreacting, as many on this thread suspect.
If the GrapheneOS maintainers were being advised by a lawyer, they'd surely know that if French Authorities wanted them arrested and they were standing on a street corner in Stockholm, they could just as easily be picked up by police as if they were in a café in Paris. Making the whole France travel ban just a load of theatrics.
Multiple accounts have said the same thing in this thread, and I'll be honest here: given the Jia Tan situation, it could be true (in the way that he's being pushed by external forces). It could it be character assassination... Or it could be totally valid: idk.
But what I do know is that nobody is providing any citations.
I also know that progress depends on the tyranny of unreasonable people.
There is no place in the world where there are not bad proposals all the time. Some places are worse than others, but everyplace has problems and needs to be watched.
They should consider making their primary site a .onion and then have clear-web portals in many countries that serve as a secondary class site or cache. The physical location of the primary site should be unknown.
How does this increase security? The actual code is distributed over github and is digitally signed. Same goes for the installers/updates. Attempts to replace the contents would be easily detected, and would won't do much, aside from maybe compromising someone installing in that short time frame. Moreover darknet sites have an identity problem. It's easy to validate that "grapheneos.org" is the official site, not least because there's no grapheneos.com or similar. If you're using a hidden service you'll get an address like graphenenlhxh74dsi1kk1k8se0wutcc2v4f7bnohqe8zxbkfk8z3wp8.onion. How do you know whether that's the official site, or graphenenlhxr1uvl0i8oiuzx587fpgcesik0apij5axd1a0xbdvj5eg.onion?
It's a sad fact that there's just no way for GrapheneOS to win this fight. The intelligence agencies of every world government are on one side, and a relatively poor organization that produces less restricted cell phone software is on the other.
It's amazing to me that everyone even slightly disliked by the ruling class isn't doing this. Like remember when Nintendo took down a bunch of Switch emulators... from GitHub? Why were they primarily on GitHub?
Technically emulators are not against the law, piracy is against the law. And given that open source projects are all on github, it makes sense for them to just be on github
That said, there are many forks of the projects DMCA'd still floating around.
I read about this when I first discovered GrapheneOS, and it looked like it. And it may be partially correct.
But on the other hand, I have read a lot of "drama" between e.g. /e/OS and GrapheneOS, and more often than not, it looked like GrapheneOS was criticising actual limitations of /e/OS and /e/OS (a mix of the community and official comms) seemed to be the one being unfair.
GrapheneOS generally is pretty direct at saying stuff like "their approach is strictly less secure" or "they are often worse than Stock Android", and I understand that this is not good publicity for Murena. But I am yet to see one of these claims to be wrong: all I can say is that the tone is very direct and could offend the /e/OS people, even if the claims are true.
On the other hand, instead of just acknowledging and trying to explain why /e/OS may be a good choice (e.g. if you happen to own a phone that is not a Pixel and that is well supported by /e/OS), I have seen actually wrong claims from /e/OS against GrapheneOS (sometimes downright technically wrong about security/privacy). And while GrapheneOS is quite exemplary with their support (if your phone is supported, then it's best in class), I have run /e/OS on a couple of phones and I have seen by myself that some of the security updates were 3 years old while the Stock Android was actually up-to-date.
So yeah... I get that it's a sensitive topic, but I feel like there is more a long history of people accusing GrapheneOS of accusing people, and I'm not anymore convinced that this is actually true.
This is likewise my experience. It’s true that Micay is prickly and unwilling to prioritize social grace over technical accuracy, but that’s kind of what I’d like to see for a project like this.
There was a post on the GrapheneOS forums a while back, from Micay, claiming that a well-known YouTuber who had backtracked on recommending GrapheneOS (because of Micay's behavior, according to the YouTuber) had probably actually backtracked because the YouTuber was financially involved with a competing project. My initial reaction to the post was, "Oh, I guess this is that paranoia I've heard about with Micay." My thought was reenforced when it was further claimed, in that thread, that the YouTuber was active in a forum well known for online bullying of people they don't like. The whole thing definitely sounded paranoid.
In the thread, though, there was in fact linked paperwork where the YouTuber had registered the company in question, and also links to a verified account on the forums in question (using the YouTuber's real name).
So, yeah, just because you're paranoid, doesn't mean they're not out to get you.
Yeah, I think it's fair to say that Micay knows a million times more about this technical and application space, and the political and business dynamics around it, than most HNers.
And I also believe that he's actually been personally targeted for harassment, from multiple directions, over the years.
So he's learned and earned some... vigilance.
And overall, I suspect that GrapheneOS is much better for the vigilant mindset.
I donated money partly with this in mind.
I don't know whether the project has a PR expert working with them already, but if not, that would be a nice pairing with the very smart and vigilant people on the team.
Most people rather trust some newspaper or magazine instead of investing 10 minutes into researching on their own only to then start sockpuppeting for the conclusions of the author who probably didn't do their due diligence in writing the piece in the first place.
"Sockpuppeting" has connotations that don't apply here, and it's an important term for other pressing purposes, so we don't want to dilute it. Does "parroting" express your intent well enough?
I understand the concerns and anger of GrapheneOS's leadership, but the hyper-escalation tactic doesn't do what they hope:
First, it sends a message of inexperience in business, negotiation, and conflict resolution: 'I'm going to take my ball and leave' - it looks like an emotional overreaction without strategic thinking. These days you sometimes see powerful parties making similar threats - e.g., Uber threatening to leave certain markets. But those people have significant power and their tactic is really to demonstrate that in order to shift their negotiating position; usually they don't actually decamp, and GrapheneOS has relatively little power so that tactic doesn't apply.
As importantly, it sends the message that GrapheneOS can be pushed around and manipulated: A slight hint of a threat and they flee. Others will take note, and many will think the same of other FOSS projects, large and small - they are easily intimidated and dismissed.
Another reason people don't use these tactics is that they have other important interests besides the one under immediate threat. A requirement of anyone with significant investments that can't be easily abandoned - which is everyone doing anything of value - is to navigate in a way that upholds all those interests. You don't burn down the house to kill a rat. It can be hard and requires careful, deliberate thought and strategy.
One unmentioned interest that might appeal to GrapheneOS's leadership is the freedoms of people in France to create FOSS, and to individual privacy and security.
Exiting France when they feel like the freedoms of their software and their contributors are in danger seems like a perfectly reasonable response.
GrapheneOS is an open source project. They hand out great software for free. They have no obligations to do this. And they certainly have no obligation to try to "negotiate" with obviously hostile governments. They have nothing to gain from this.
> You don't burn down the house to kill a rat.
I don't see how this analogy applies here. France is the house.
This is the second time people responded to a post about GrapheneOS strategy with an argument about obligations. It's hard to even explain how vastly different those issues are. I didn't say anything about GrapheneOS's obligations; I talked about strategy and tactics to serve their goals.
If you do want to talk about obligations - yes, we all have obligations to our communities, societies, etc., whether we like it or not, whether we deny it or not. GrapheneOS has obligations to the open source community, to freedom, to their users and developers, etc. Defining those obligations is very difficult and I won't try, but if none of us have those obligations then who does? There's nobody else coming to the rescue, there is no authority that will take care of it for you (like parents caring for irresponsible children) - it's just you and me.
> I talked about strategy and tactics to serve their goals.
I am skeptical that there is any lesser step that they can take consistent with their goal of an uncompromised OS. Or that France would be satisfied with anything less than access. Security is not a side feature of GrapheneOS that they can compromise on, it's their core mission. It's like telling Frodo to see the sights in Mordor, but stay away from Mount Doom.
> it sends the message that GrapheneOS can be pushed around and manipulated: A slight hint of a threat and they flee.
Somehow I doubt France thinks they "won". What they wanted was a back door into the OS. Not only did they not get that but they lost what little bargaining power they had when gOS left France.
> it sends a message of inexperience in business, negotiation
You don't negotiate with terrorists. Obviously France isn't a terror organization but the point is the same: you don't play their game. You play your own.
If you want my opinion GrapheneOS isn't on the radar of the French government at all, so they don't think they "won" or "lost". It's kind of a "I don't think about you at all" Mad Men Meme.
It's just a few cops who said "I don't like that we can't crack it", and a journalist who asked the prosecutor who got Durov arrested and she said "well sure if they break the law we could sue them".
The only party that is getting hurt about this whole thing is their French hosting company, OVH, who tried to calm down the situation and talk to explain him that they can still safely use OVH.
> Somehow I doubt France thinks they "won". What they wanted was a back door into the OS.
There is absolutely nothing pointing to France wanting a backdoor in GOS. The only thing we have is one prosecutor quoted in a far right journal saying she wouldn’t hesitate to charge them if they are linked to organised crimes and refuse to cooperate.
When France wants a backdoor in an open source project, they do it like every modern country with an intelligence service, sneakily.
When France wants a backdoor in an open source project, they do it like every modern country with an intelligence service, the borrow either the CIA's or Mossads.
I don't know. It's making the news, and if GrapheneOS is the only one protesting this, what are iPhone and Android already complying with? Perhaps I should also switch to GrapheneOS.
And moving your servers out of jurisdictions that threaten them is not hyper-escalation; that's just being responsible.
> It's making the news, and if GrapheneOS is the only one protesting this, what are iPhone and Android already complying with? Perhaps I should also switch to GrapheneOS.
> self-advertised as uncompromising privacy focused OS
> didn't even compromise even a bit (negotiation is already a compromise) against a country who is notorious for advocating for privacy-invasive policies in recent years
> get lectured by yc high-horse rider on the obligation blah blah, even when by and large this move doesn't materially affect the end-users in any substantial way
I used 4chan style because most of the times 4chan commenters have more sense than yc these days. Many people here do live in glass houses.
I am genuinely not sure you understand what GrapheneOS is doing here. They were using French servers (OVH) for some infrastucture, and they are moving away from that because they are pissed at France.
They don't make GrapheneOS unavailable to French users, they just change "cloud provider".
There is no negotiation or conflict resolution there: they don't feel safe using a French provider, so they move to a non-French provider, period.
Related ongoing thread:
France threatens GrapheneOS with arrests / server seizure for refusing backdoors - https://news.ycombinator.com/item?id=46035977 - Nov 2025 (244 comments)
Recent and related:
France is taking state actions against GrapheneOS? - https://news.ycombinator.com/item?id=45999024 - Nov 2025 (108 comments)
This looks hugely blown out of proportion. The project founder has a well documented history of what I would consider a persecution complex. Once again he has provided no substantial evidence. The only thing they provided are some, admittedly borderline libelous, news articles. Unless they provide some more concrete information about these supposed attempts of getting a backdoor installed into the system, I will consider this as just another day of GrapheneOS drama.
The evidence is not "news articles", but the contents of those articles where a high-ranking prosecutor threatened to go after GrapheneOS "if they don't cooperate with the law".
No matter your feelings about the creator, I think this was entirely the rational choice.
France is pro-Chat Control. For about a year now there's been an anti-drug trafficking fervor among legislators and government, in which they've pushed for encryption backdoors (separate from Chat Control at the EU level) and recently threatened GrapheneOS. The country is politically unstable so future politics are hard to predict, but anti-encryption politicians stand a good chance of winning the next election. Any rational project would move out.
I don't disagree about leaving France over their position on chat control or legislation.
I disagree about them essentially spreading misinformation about what actually happened. One prosecutor, that probably doesn't even know what GrapheneOS is, making boisterous claims to the press, is not the same as being contacted by the state about adding a backdoors.
I don't get what you're saying.
Interviewed cop says they'll go after them if they don't cooperate, which would mean a) requesting assistance to law enforcement via means such as backdoors and server seizures and b) resulting in legal steps against the organization and its members by France. Who in their right mind wouldn't take this a threat? After Wikileaks, the Telegram CEO, pushes for chat control and other authoritarian techniques?
Sure, the cop might be a nobody in the grand scheme of things but they're representing a government agency publicly so they're probably not babbling out nonsense in a bar somewhere, being overheard by a reporter.
Don’t you need that sort of paranoia to go out and create a privacy focused mobile OS?
A world-weary cynicism suffices.
I expect that most cynics would just keep their heads down and use iOS or something. The intense idealism needed to motivate something like Graphene is compatible with paranoia, but not with weariness.
> The intense idealism needed to motivate something like Graphene
Yes, the intense idealism of the brainwashed and oblivious prompted the realistic Graphene creators to do something themselves instead of waiting for other realistic folks who happen to be few and far between.
>The project founder has a well documented history of what I would consider a persecution complex.
Source?
Not a "source" but one such incident is https://www.reddit.com/r/PrivacyGuides/comments/13s7mv3/why_...
What happened to the founder of Telegram should be enough to discourage any of them to travel in France.
Especially since I guess they do not have the same kind of money and influence to fight it back.
A European Arrest Warrant would make the entire EU off limits. Which makes me think they haven't thought this through and are just overreacting, as many on this thread suspect.
If the GrapheneOS maintainers were being advised by a lawyer, they'd surely know that if French Authorities wanted them arrested and they were standing on a street corner in Stockholm, they could just as easily be picked up by police as if they were in a café in Paris. Making the whole France travel ban just a load of theatrics.
I mean, maybe?
Multiple accounts have said the same thing in this thread, and I'll be honest here: given the Jia Tan situation, it could be true (in the way that he's being pushed by external forces). It could it be character assassination... Or it could be totally valid: idk.
But what I do know is that nobody is providing any citations.
I also know that progress depends on the tyranny of unreasonable people.
Canada is liberal and a better option for hosting privacy projects than EU.
Every few months a bad proposal comes out of somewhere in EU. The details of this case don’t matter, the tendency is big government control.
I'm not sure... they've added some pretty repressive language controls themselves already. Let alone proposed legislation.
https://www.eff.org/deeplinks/2025/07/canadas-bill-c-2-opens...
There is no place in the world where there are not bad proposals all the time. Some places are worse than others, but everyplace has problems and needs to be watched.
EU is not a country. There are many different countries in the EU.
They should consider making their primary site a .onion and then have clear-web portals in many countries that serve as a secondary class site or cache. The physical location of the primary site should be unknown.
How does this increase security? The actual code is distributed over github and is digitally signed. Same goes for the installers/updates. Attempts to replace the contents would be easily detected, and would won't do much, aside from maybe compromising someone installing in that short time frame. Moreover darknet sites have an identity problem. It's easy to validate that "grapheneos.org" is the official site, not least because there's no grapheneos.com or similar. If you're using a hidden service you'll get an address like graphenenlhxh74dsi1kk1k8se0wutcc2v4f7bnohqe8zxbkfk8z3wp8.onion. How do you know whether that's the official site, or graphenenlhxr1uvl0i8oiuzx587fpgcesik0apij5axd1a0xbdvj5eg.onion?
We can only use technical solutions to this problem for so long.
The real issue is that the public wants a right to digital privacy.
The state would not like you to have that because they are lazy and want to be able to look at your messages.
Because they have convinced themselves that messages are a crime.
This is a political problem not a technical one.
> The real issue is that the public wants a right to digital privacy.
Legitimate question, is there any concrete evidence that the majority of the public actually does want this?
I wonder what an actual referendum on Chat Control would actually say as well.
There is not. In fact, many users will gladly give away any notion of privacy whatsoever in exchange for a Candy Crush lootbox.
I have felt great pity for Snowden all these years, his personal sacrifice was all for nothing, a short news cycle later and nobody cared.
I want digital privacy… but a lootbox is a lootbox.
As long as the cost/benefit calculation is high enough on your side, you’re fine with it?
https://www.pewresearch.org/internet/2023/10/18/how-american...
80% are concerned.
It's a sad fact that there's just no way for GrapheneOS to win this fight. The intelligence agencies of every world government are on one side, and a relatively poor organization that produces less restricted cell phone software is on the other.
And mostly (but not entirely) neutral judges are the arbitrators.
It's amazing to me that everyone even slightly disliked by the ruling class isn't doing this. Like remember when Nintendo took down a bunch of Switch emulators... from GitHub? Why were they primarily on GitHub?
Technically emulators are not against the law, piracy is against the law. And given that open source projects are all on github, it makes sense for them to just be on github
That said, there are many forks of the projects DMCA'd still floating around.
Also cross-posted on Mastodon https://grapheneos.social/@GrapheneOS/115595997701449168
[dupe] https://news.ycombinator.com/item?id=45999024
For what it's worth, Micay has a long history of accusing other people of slandering the project without providing any evidence or rebuttals.
When asked for details, he gets defensive and accusatory, then creates multiple sockpuppet accounts to argue the same points over and over.
I read about this when I first discovered GrapheneOS, and it looked like it. And it may be partially correct.
But on the other hand, I have read a lot of "drama" between e.g. /e/OS and GrapheneOS, and more often than not, it looked like GrapheneOS was criticising actual limitations of /e/OS and /e/OS (a mix of the community and official comms) seemed to be the one being unfair.
GrapheneOS generally is pretty direct at saying stuff like "their approach is strictly less secure" or "they are often worse than Stock Android", and I understand that this is not good publicity for Murena. But I am yet to see one of these claims to be wrong: all I can say is that the tone is very direct and could offend the /e/OS people, even if the claims are true.
On the other hand, instead of just acknowledging and trying to explain why /e/OS may be a good choice (e.g. if you happen to own a phone that is not a Pixel and that is well supported by /e/OS), I have seen actually wrong claims from /e/OS against GrapheneOS (sometimes downright technically wrong about security/privacy). And while GrapheneOS is quite exemplary with their support (if your phone is supported, then it's best in class), I have run /e/OS on a couple of phones and I have seen by myself that some of the security updates were 3 years old while the Stock Android was actually up-to-date.
So yeah... I get that it's a sensitive topic, but I feel like there is more a long history of people accusing GrapheneOS of accusing people, and I'm not anymore convinced that this is actually true.
This is likewise my experience. It’s true that Micay is prickly and unwilling to prioritize social grace over technical accuracy, but that’s kind of what I’d like to see for a project like this.
"Just because you're paranoid, doesn't mean they aren't out to get you."
I was going to say something along these lines.
There was a post on the GrapheneOS forums a while back, from Micay, claiming that a well-known YouTuber who had backtracked on recommending GrapheneOS (because of Micay's behavior, according to the YouTuber) had probably actually backtracked because the YouTuber was financially involved with a competing project. My initial reaction to the post was, "Oh, I guess this is that paranoia I've heard about with Micay." My thought was reenforced when it was further claimed, in that thread, that the YouTuber was active in a forum well known for online bullying of people they don't like. The whole thing definitely sounded paranoid.
In the thread, though, there was in fact linked paperwork where the YouTuber had registered the company in question, and also links to a verified account on the forums in question (using the YouTuber's real name).
So, yeah, just because you're paranoid, doesn't mean they're not out to get you.
Yeah, I think it's fair to say that Micay knows a million times more about this technical and application space, and the political and business dynamics around it, than most HNers.
And I also believe that he's actually been personally targeted for harassment, from multiple directions, over the years.
So he's learned and earned some... vigilance.
And overall, I suspect that GrapheneOS is much better for the vigilant mindset.
I donated money partly with this in mind.
I don't know whether the project has a PR expert working with them already, but if not, that would be a nice pairing with the very smart and vigilant people on the team.
Most people rather trust some newspaper or magazine instead of investing 10 minutes into researching on their own only to then start sockpuppeting for the conclusions of the author who probably didn't do their due diligence in writing the piece in the first place.
"Sockpuppeting" has connotations that don't apply here, and it's an important term for other pressing purposes, so we don't want to dilute it. Does "parroting" express your intent well enough?
I was struggling with the term myself being a non-native speaker. I appreciate your suggestion, it's a much better fit. Thanks!
I understand the concerns and anger of GrapheneOS's leadership, but the hyper-escalation tactic doesn't do what they hope:
First, it sends a message of inexperience in business, negotiation, and conflict resolution: 'I'm going to take my ball and leave' - it looks like an emotional overreaction without strategic thinking. These days you sometimes see powerful parties making similar threats - e.g., Uber threatening to leave certain markets. But those people have significant power and their tactic is really to demonstrate that in order to shift their negotiating position; usually they don't actually decamp, and GrapheneOS has relatively little power so that tactic doesn't apply.
As importantly, it sends the message that GrapheneOS can be pushed around and manipulated: A slight hint of a threat and they flee. Others will take note, and many will think the same of other FOSS projects, large and small - they are easily intimidated and dismissed.
Another reason people don't use these tactics is that they have other important interests besides the one under immediate threat. A requirement of anyone with significant investments that can't be easily abandoned - which is everyone doing anything of value - is to navigate in a way that upholds all those interests. You don't burn down the house to kill a rat. It can be hard and requires careful, deliberate thought and strategy.
One unmentioned interest that might appeal to GrapheneOS's leadership is the freedoms of people in France to create FOSS, and to individual privacy and security.
Exiting France when they feel like the freedoms of their software and their contributors are in danger seems like a perfectly reasonable response.
GrapheneOS is an open source project. They hand out great software for free. They have no obligations to do this. And they certainly have no obligation to try to "negotiate" with obviously hostile governments. They have nothing to gain from this.
> You don't burn down the house to kill a rat.
I don't see how this analogy applies here. France is the house.
This is the second time people responded to a post about GrapheneOS strategy with an argument about obligations. It's hard to even explain how vastly different those issues are. I didn't say anything about GrapheneOS's obligations; I talked about strategy and tactics to serve their goals.
If you do want to talk about obligations - yes, we all have obligations to our communities, societies, etc., whether we like it or not, whether we deny it or not. GrapheneOS has obligations to the open source community, to freedom, to their users and developers, etc. Defining those obligations is very difficult and I won't try, but if none of us have those obligations then who does? There's nobody else coming to the rescue, there is no authority that will take care of it for you (like parents caring for irresponsible children) - it's just you and me.
> I talked about strategy and tactics to serve their goals.
I am skeptical that there is any lesser step that they can take consistent with their goal of an uncompromised OS. Or that France would be satisfied with anything less than access. Security is not a side feature of GrapheneOS that they can compromise on, it's their core mission. It's like telling Frodo to see the sights in Mordor, but stay away from Mount Doom.
> I talked about strategy and tactics to serve their goals
Putting their project or contributors at risk does not serve their goals. You seem to be expecting a lot from a bunch of volunteer contributors.
> it sends the message that GrapheneOS can be pushed around and manipulated: A slight hint of a threat and they flee.
Somehow I doubt France thinks they "won". What they wanted was a back door into the OS. Not only did they not get that but they lost what little bargaining power they had when gOS left France.
> it sends a message of inexperience in business, negotiation
You don't negotiate with terrorists. Obviously France isn't a terror organization but the point is the same: you don't play their game. You play your own.
Leaving the country is exactly that.
If you want my opinion GrapheneOS isn't on the radar of the French government at all, so they don't think they "won" or "lost". It's kind of a "I don't think about you at all" Mad Men Meme.
It's just a few cops who said "I don't like that we can't crack it", and a journalist who asked the prosecutor who got Durov arrested and she said "well sure if they break the law we could sue them".
The only party that is getting hurt about this whole thing is their French hosting company, OVH, who tried to calm down the situation and talk to explain him that they can still safely use OVH.
https://mastodon.social/@_bapt_/115585566888497543
> Somehow I doubt France thinks they "won". What they wanted was a back door into the OS.
There is absolutely nothing pointing to France wanting a backdoor in GOS. The only thing we have is one prosecutor quoted in a far right journal saying she wouldn’t hesitate to charge them if they are linked to organised crimes and refuse to cooperate.
When France wants a backdoor in an open source project, they do it like every modern country with an intelligence service, sneakily.
When France wants a backdoor in an open source project, they do it like every modern country with an intelligence service, the borrow either the CIA's or Mossads.
I don't know. It's making the news, and if GrapheneOS is the only one protesting this, what are iPhone and Android already complying with? Perhaps I should also switch to GrapheneOS.
And moving your servers out of jurisdictions that threaten them is not hyper-escalation; that's just being responsible.
> It's making the news, and if GrapheneOS is the only one protesting this, what are iPhone and Android already complying with? Perhaps I should also switch to GrapheneOS.
That is a (minor) upside, imho.
> self-advertised as uncompromising privacy focused OS
> didn't even compromise even a bit (negotiation is already a compromise) against a country who is notorious for advocating for privacy-invasive policies in recent years
> get lectured by yc high-horse rider on the obligation blah blah, even when by and large this move doesn't materially affect the end-users in any substantial way
I used 4chan style because most of the times 4chan commenters have more sense than yc these days. Many people here do live in glass houses.
https://en.wikipedia.org/wiki/Posting_style
I am genuinely not sure you understand what GrapheneOS is doing here. They were using French servers (OVH) for some infrastucture, and they are moving away from that because they are pissed at France.
They don't make GrapheneOS unavailable to French users, they just change "cloud provider".
There is no negotiation or conflict resolution there: they don't feel safe using a French provider, so they move to a non-French provider, period.
Exactly what ball do you think they’re taking and leaving?
Ok, Johanna Brousse