GrapheneOS writes to Unplugged: (Emphasis mine)
No, you created it to make money. You do not believe in anything beyond making money. You’ve marketed your products with highly inaccurate privacy and security claims including claiming it’s impenetrable.
You are scamming people, and spreading misinformation about an open source project further contributes to it.
The past history of many of the people involved in your company didn’t get erased through creating a new one.
You aren’t on the same side as us and the deeper you dig, the more of a response there’s going to be from us. You are not our allies, and you are not bringing people privacy and security. You’re grifters.
What?
Alright, let’s rewind a bit. GrapheneOS is an open source custom operating system for Android devices (in the Pixel line) that “de-googles” the device and provides a wide variety of security and privacy features. Unplugged is a “private smartphone” company founded by the Blackwater founder Erik Prince.
The above exchange began when Pierre Chang on X asked Unplugged what makes their phone more secure than GrapheneOS, tagging them.
GrapheneOS then replied with:
Where do they make any claim about GrapheneOS?
It’s an ARMv8.2 MediaTek Dimensity 1200 SoC device running a non-hardened fork of the Android Open Source Project. The hardware/firmware doesn’t come close to meeting our security requirements, and it’s not a hardened OS.
To translate this a bit. Android Open Source Project (AOSP) is the base foundation that all android-based systems are built on top of. It initially doesn’t include Google and other bloatware, but vendors tend to add that on. As GrapheneOS states, hardware and firmware matter a great deal when it comes to security, so getting it right is important. They also claim that the Unplugged phone’s operating system LibertOS isn’t hardened. In this context hardened means making specific modifications to improve security.
What’s interesting to note is that in this exchange, Unplugged doesn’t attack GrapheneOS in their weakest point: dependence on Google manufactured hardware. It’s possible that they don’t do this because they don’t want people taking too close a look at their own hardware choices.
They get close in this exchange where GrapheneOS replies to Unplugged defending their firmware.
When using GrapheneOS (or any other custom ROM), Google driver binaries are required, but Google does not provide any commitments regarding data collection or privacy in this code.
This claim about data collection / privacy for the firmware or drivers isn’t accurate. Additionally, you use a MediaTek SoC device with proprietary MediaTek firmware and drivers, and they aren’t known for having good security. The hardware, firmware and driver security of the devices we’re supporting is much better, not worse as you’re making it seem.
As a side note, GrapheneOS is an operating system. The term ROM isn’t accurate and we don’t want it to be referred to as such. It’s a fork of the Android Open Source Project like the stock OS on any Android device.
Unplugged makes the argument that their product is important because the GrapheneOS web installer is too difficult for much of the general population. You can watch Mental Outlaw demonstrate the process and judge for yourself. Regardless of the overall difficulty, would it not be better to have a trusted friend or relative give you assistance rather than settle for a potentially inferior product? In fact if one wants the privacy and security guarantees of GrapheneOS, you can always buy a pre-flashed version from a provider like Above Phone …but that does require putting trust in that provider.
Back in July in response to a podcast, GrapheneOS wrote:
Unplugged has simply doubled down on false claims about GrapheneOS security, pretending people cannot buy devices with GrapheneOS installed and pretending it’s hard to install along with promoting their blatantly insecure products with false marketing.
…
They keep pushing the false claim that Pixels supporting using another OS makes them less secure. The reality is that it’s properly implemented in a secure way without adding any significant attack surface. The bottom of the barrel MediaTek Unplugged devices have awful security.
They still haven’t ported to the initial release of Android 14 with Android 15 right around the corner. This means they’re missing at least around a year of Moderate severity privacy/security patches and huge privacy/security improvements from the past year of Android releases.
Unplugged is using an SoC from MediaTek, a company known to have poor security practices, which fares poorly against real attackers and which has a history of repeatedly shipping actual backdoors. They’re trying to portray that as more trustworthy and more secure hardware. Nope.
Unplugged was founded by Erik Prince, noted war criminal and illegal arms dealer. They make a point in talking about the involvement of their employees in enabling these kinds of operations
That doesn’t imply competence, but explains the lack of ethics.
They’re trying to present themselves as if they were leaders in the field and switched sides, but they never were and simply want money.
Unplugged is an affinity scam in the same vein as the Freedom Phone. At least Freedom Phone doesn’t seem to try to harm open source projects.
Unplugged has built their product out of open source projects, but without complying with the licenses from projects like DivestOS and while trying to harm open source. Claiming to be in the process of replacing some of the code they were caught stealing doesn’t change much…
Now that’s the root of the teachable moment here. What is an affinity scam? In short, it’s when people create a scheme to profit off values without actually “walking the walk”. At worst, it is a deliberate attack on a particular group of people that masquerades as “one of them”. It happens to all kinds of groups and movements, and the privacy and security space is no exception.
It’s really worth asking why so many targeted operations end up having severe data breaches. Is it really too crazy to believe that in this day and age, cyberwarfare is just part of politics? Even Exxon is being investigated for allegedly hiring hackers to go after environmentalists.
We are in serious trouble if we can expect huge amounts of money to go into undermining people’s security. At minimum, it means everyone has to be a lot more careful about recommendations from media figures and personalities. This is one of the major reasons I am in no rush to sell any products. I don’t inherently believe that commercial success is impossible while providing good security, but I consider that bar extremely high.
This is largely because nothing exists in a vacuum. If one company does everything they can to be the best they can be, they can still lose. We don’t have a “perfect market” when it comes to digital security. Because a large portion of the public aren’t very knowledgeable about the issues, it creates opportunities for them to be taken advantage of. A company that spends a majority of it’s time buying PR and marketing will inherently out-compete one that actually invests in the technical merits, all else being equal. But all things aren’t equal, many institutions and private interests have a great deal to gain from undermining people’s security.
This is why Free and Open Source Software (FOSS) is a pre-requisite for genuine advancements in privacy & security. By delivering solid software or hardware as a public good, it is much easier for more parties to test and validate any claims, especially security. Despite what many believe, refusing to compromise on Software & Hardware freedom doesn’t mean making money is impossible, it just means you have to take a radically different approach. My personal suspicion these days, is that the “Unix Philosophy” of “Do one thing, and do it well” can do a lot of good. Instead of single-handedly trying to completely transform the smartphone market all at once, maybe it’s better to focus on a single component and delivering it in a robust verifiable way.
This ultimately brings me to my own objection to the Unplugged phone on a very conceptual level. They pre-load some interesting software options with the phone. With their own dedicated VPN/Messenger/Antivirus and Store apps, it really makes you wonder how much of your life you’re trusting to them. Are we supposed to believe that while using sub-standard hardware (according to GrapheneOS), they’ve managed to somehow deliver the best secure Messenger/VPN & antivirus without any problems whatsoever? Call me skeptical.
Can smartphones be safe?
There really does seem to be a pattern of inferior options being promoted by slick marketing and alternative media. Even the Brax2 phone was no exception. People want to believe there are simple ways to avoid all the pitfalls of our modern digital environment, but that’s not possible. Everything involves trade-offs or sacrifice when one is trying to make meaningful progress. When one doesn’t understand these trade-offs they can fall prey to outright deceptive claims and become ensnared in something far more malevolent than even the defaults.
This is a big part of the reason why this project is about trying to build understanding and context to these problems. Meaningful improvements are possible and within reach, they just require seriousness and dedication. One of the most important steps of all is building up more independent security research. This requires a great deal of funding, education, and promotion for those who either have the skills, or are able to learn them. Anything we can do to bankroll independent security research will go a long way to answering the questions we have about how to move forward.
TL:DR
I wouldn’t recommend buying the Unplugged phone and still see GrapheneOS as the gold-standard for smartphone security. It’s important to remember that a great deal of interests have sophisticated means and a huge desire to undermine your security. Tread lightly, and always double-check your assumptions.
