Talk:GrapheneOS: Difference between revisions

Computing: Software Start‑class Low‑importance

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Start This article has been rated as Start-class on Wikipedia's content assessment scale. Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Software (assessed as Low-importance). This article is supported by WikiProject Computer Security (assessed as Low-importance). Things you can help WikiProject Computer Security with: edit history watch purge AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Linux Start‑class Low‑importance

This article is within the scope of WikiProject Linux, a collaborative effort to improve the coverage of Linux on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.LinuxWikipedia:WikiProject LinuxTemplate:WikiProject LinuxLinux articles Start This article has been rated as Start-class on Wikipedia's content assessment scale. Low This article has been rated as Low-importance on the project's importance scale.

A fact from GrapheneOS appeared on Wikipedia's Main Page in the Did you know column on 15 January 2020 (check views). The text of the entry was as follows: Did you know... that GrapheneOS, a free and open-source operating system for selected Google Pixel smartphones, was recommended by Edward Snowden? A record of the entry may be seen at Wikipedia:Recent additions/2020/January. The nomination discussion and review may be seen at Template:Did you know nominations/GrapheneOS.

The following is an archived discussion of the DYK nomination of the article below. Please do not modify this page. Subsequent comments should be made on the appropriate discussion page (such as this nomination's talk page, the article's talk page or Wikipedia talk:Did you know), unless there is consensus to re-open the discussion at this page. No further edits should be made to this page.

The result was: promoted by Yoninah (talk) 11:58, 12 January 2020 (UTC)[reply]

(

• Comment or view
• Article history

)

GrapheneOS logo

• ... that GrapheneOS (logo pictured) is a free and open-source operating system for selected Google Pixel smartphones, which was recommended by Edward Snowden? Source: "GrapheneOS is an AOSP (Android Open Source Project)", "GrapheneOS can only be installed on certain smartphones from the Google Pixel range." "There is recognition on Twitter by Edward Snowden : "If I configured a smartphone today, I would use GrapheneOS from Daniel Micay as the basic operating system."" [1]

• Comment: Quotes for the hook are translations from German

Created by Yae4 (talk). Self-nominated at 15:35, 16 December 2019 (UTC).[reply]

• Moved to mainspace on 16 December and nominated straight away. Article is long enough, stable, well written and referenced. Earwig's tool doesn't show any problems (many of the key sources are in German, so close paraphrasing is difficult to detect automatically, but a spotcheck shows no problems; AGF on Hungarian/Czech/Turkish sources). Hook is long enough, referenced, and certainly catchy. Image is used in the article, appropriate, and correctly licensed. Article author has no prior DYK noms, so no QPQ is required. In conclusion, good to go. Constantine ✍ 20:14, 24 December 2019 (UTC)[reply]

I don't know what's going on here, User:AngusWOOF, but this page now exists, and I've moved my edits (more sources) there. Maybe this draft could be binned now? -- Yae4 (talk) 18:48, 3 October 2019 (UTC)[reply]

Someone bypassed the draft process. I've moved that one back to draft as (2). AngusWOOF (bark • sniff) 19:03, 3 October 2019 (UTC)[reply]

I'll list my 3 best - based on my guess as to "professionalism" or having editorial staff, and amount of detail included in articles - here. Otherwise I'll wait for some indication it's not going to be a waste of time before spending much more. It seems to have international attention from a variety of sources, although some are blogs etc.:

0. https://timesofindia.indiatimes.com/gadgets-news/doing-these-6-difficult-things-may-make-your-smartphone-hack-proof/articleshow/71252998.cms

1. https://www.origo.hu/techbazis/20190403-grapheneos-android-alapu-biztonsagos-rendszer.html

2. https://hub.packtpub.com/androidhardening-project-renamed-to-grapheneos-to-reflect-progress-and-expansion-of-the-project/ and

3. https://andro4all.com/2019/06/grapheneos-alternativa-android-caracteristicas

-- Yae4 (talk) 20:59, 3 October 2019 (UTC)[reply]

User:AngusWOOF, why was the article quickly moved back to draft, but SO slow to be moved to "active?" Wondering. -- Yae4 (talk) 16:31, 29 October 2019 (UTC)[reply]

WP:RSP to me so I tried to stay out. AngusWOOF (bark • sniff) 16:36, 29 October 2019 (UTC)[reply

]

​ AngusWOOF, Below is more information supporting reliable sourcing.

• TimesofIndia source - Although Wikipedia is not reliable, The_Times_of_India says it's "third-largest newspaper in India by circulation and the second-largest selling English-language daily in the world." Wikipedia search shows 7290 hits in articles. Many are entertainment related, but phones are used for entertainment too, so it seems good for establishing notability.
• packtpub source has been used 20 times according to Wikipedia search. More articles look technical.
• Origo.hu (hungarian) source - Although Wikipedia is not reliable,
  Origo.hu (redirected) says, it "is a major Hungarian language news website founded in 1998..." Search shows
  471 hits.
• DerStandard (german or austrian) source - Although Wikipedia is not reliable, Der_Standard says it is a major German language newspaper (print and online) in Austria. Wikipedia article search shows 490 hits.

I believe these, at least, demonstrate notability with reliable sources, based if nothing else, on many previous uses at Wikipedia. That's not always a guarantee, but combined with 3 sources having Wikipedia articles indicating decent reputations, I believe this should be sufficient. FYI, I have nothing to do with GrapheneOS (although I would give it a test run if I owned the right kind of phone). Could you please move this to an article? -- Yae4 (talk) 18:25, 6 November 2019 (UTC)[reply]

Unfortunately, I don't think this draft has clearly established notability yet. Some of the sources focus on

reliable sources noticeboard could help judge these borderline sources. Note that there are quite a few high-profile RfCs on that noticeboard at the moment, so a discussion might not get as much attention as usual. — Newslinger talk 11:59, 7 November 2019 (UTC)[reply

]

​​ Times of India source lists 6 things to do to make your phone "hack proof." One of the 6 (17%) is install GrapheneOS. Yes, it's based on Snowden recommendation, which is why it got attention, but it is not just passing mention. Packt Hub source is focused almost only on GrapheneOS and Micay, and pre-dates the Snowden news. To me it doesn't look like a blog. Origo Hu source is solely on GrapheneOS and Micay. It's news, not blog. Der Standard is news, not blog. Yes, prompted by Snowden recommendation, but it's the only phone ROM recommended. Then there's several blog-like geek news sources that also covered it. For ROMs not actively doing PR (it appears), that's about as good as it gets. I don't know if precedents matter on Wikipedia, but sourcing for this article seems better than Resurrection_Remix_OS, OmniROM, and Smartisan_OS. -- Yae4 (talk) 16:28, 14 November 2019 (UTC)[reply]

Passing the

proposed deletion of the Resurrection Remix OS article, and tagged the others as needing more sources. — Newslinger talk 06:04, 15 November 2019 (UTC)[reply

]

This makes 2 for 2 on unexpected results related to discussions on this draft... Not moved to article, and proposed deletion of another article... Oh well. -- Yae4 (talk) 19:03, 15 November 2019 (UTC)[reply]

Sorry,

significant coverage requirement. I hope this helps. — Newslinger talk 00:17, 17 November 2019 (UTC)[reply

]

To me it is a thorough review, but what seems to be a good source. -- Yae4 (talk) 18:54, 13 December 2019 (UTC)[reply]

"Did you know" starts immediately after you publish, if you're interested in submitting a hook for GrapheneOS. — Newslinger talk 05:51, 14 December 2019 (UTC)[reply

]

Actually, before you move the article, I would remove the citations to the websites that clearly aren't usable:

• Gadgets Now - This is a republished version of The Times of India article that is already cited.
• https://www.osnews.com/story/129778/grapheneos-an-android-based-security-hardened-open-source-os/ – The content of this blog post is taken from this Liliputing article without attribution. I'm not linking to this because
  copyright violations
  .
• TechHype – Appears to be a
  user-generated post from a social networking site in the form of Reddit and Digg
  .
• TuttoAndroid – No staff list. Also appears to be a summarized translation of this Liliputing article.
• ScoopSquare24 – The quality of the text is very low. I see obvious grammatical errors everywhere. Also, their team page is broken.
• https://bioreports.net/grapheneos/ – This page copies the GrapheneOS home page.

— Newslinger talk 06:30, 14 December 2019 (UTC)[reply]

​ Thanks! Deleted others as listed. It's new, just long enough by my count; not sure about the "hook" thing; within policy AFAIK; Also don't know about the QPQ thing. I would move it, except last time I tried, I ran into problems because of the re-direct, so I'd appreciate some help with that. -- Yae4 (talk) 15:38, 15 December 2019 (UTC)[reply]

Great job,

quid pro quo requirement is waived for your first 5 DYK nominations. If you want to see GrapheneOS mentioned on the Main Page, DYK just needs a short, interesting fact about GrapheneOS that's supported by a reliable source. — Newslinger talk 23:22, 15 December 2019 (UTC)[reply

]

Thanks for all your help, Newslinger, and thanks for the star. Jumped through the hoops for the hook, and we'll see what happens with DYK. -- Yae4 (talk) 15:52, 16 December 2019 (UTC)[reply]

I recently undid this edit, which removed List of custom Android distributions from and added CopperheadOS to the "See also" section. This is because:

• GrapheneOS is listed in
  Reliable sources are still describing GrapheneOS as Android-based ("Android basierende
  "). Until there are substantial changes in GrapheneOS's software architecture, calling it an Android distribution is reasonable to me.
• We're not supposed to add links to the "See also" section that duplicate links in the article body. See
  MOS:NOTSEEALSO
  .

— Newslinger talk 00:45, 18 December 2019 (UTC)[reply]

It's Android-based but Android distribution seems misleading to me. According to the developer, it already makes changes deviating from what's required to be Android:

GrapheneOS is explicitly not Android, because it deliberately doesn't conform to the Compatibility Definition Document and Compatibility Test Suite requirements for considering an OS to be part of the Android family. It's entirely possible to make an OS with an entirely different kernel and software stack that's allowed to be referred to as Android as long as it is fully meets the compatibility and other requirements. Those are the rules for using the trademark. I make fair use of that trademark by referring to GrapheneOS as being almost entirely fully compatible with Android apps. It's not entirely compatible though since it deliberately makes restrictions for privacy/security that are not permitted by the CDD / CTS. [...] However, that doesn't mean I can refer to GrapheneOS as literally being Android since it's not a matter of copyright law / software licenses.

So they are not actually distributing Android but something else. Perhaps the article List of custom Android distributions should be renamed but I think this talk page is not the place to discuss this and I do not have a "reliable" source other than the Android documentation (https://source.android.com/compatibility/cdd).

We're not supposed to add links to the "See also" section that duplicate links in the article body.

Yes, I missed that link. 187.160.10.45 (talk) 11:04, 18 December 2019 (UTC)[reply]

Thanks for responding. I see what you mean, since GrapheneOS is not able to describe itself as "Android" due to trademark restrictions. @

request to move the List of custom Android distributions article to a more generic name like List of Android-based operating systems? — Newslinger talk 11:18, 18 December 2019 (UTC)[reply

]

Removing GrapheneOS from List of custom Android distributions doesn't make sense because the other entries do not meet the requirements to be called Android either. — Preceding unsigned comment added by 187.160.10.45 (talk) 12:13, 18 December 2019 (UTC)[reply]

We're supposed to rely on the language used in reliable sources regardless of the preference of the trademark holder. For example,

requested move for List of custom Android distributions. If the list gets renamed, the "See also" link would be updated here. — Newslinger talk 12:35, 18 December 2019 (UTC)[reply

]

@Newslinger: I'm OK with including the list of "custom Android distributions." The compatibility document seems to be primarily for hardware requirements for compatibility with Android operating system (including Google services), and we're talking about operating system (and default apps) software here. It says, for example, "Where this definition or the software tests described in section 10 is silent, ambiguous, or incomplete, it is the responsibility of the device implementer to ensure compatibility with existing implementations. For this reason, the Android Open Source Project is both the reference and preferred implementation of Android. Device implementers are STRONGLY RECOMMENDED to base their implementations to the greatest extent possible on the “upstream” source code available from the Android Open Source Project." Thus, for these purposes, if the operating system starts from AOSP, which GrapheneOS does as I understand, then calling it a "custom Android distribution" works for me, and it's what sources call it too. If Graphene becomes more significantly different, then it could move to a different list like Comparison_of_mobile_operating_systems, and be moved from Mobile_operating_system#Android. -- Yae4 (talk) 12:38, 20 December 2019 (UTC)[reply]

​​Quotes from golem.de source:

• "Micay and Graphene users repeatedly stress a lack of developers and maintainers."
• "So far GrapheneOS, like its predecessor Copperhead OS, has been developed almost entirely by him, says Micay."
• "A few developers have started to contribute to GrapheneOS."
• In concluding remarks: "We are also a bit worried about how few developers and maintainers are currently working on GrapheneOS - the project is currently more like a one-man show."

In balance, the article is saying it's a "one-man show" with a start of some other contributions. It does not support saying GrapheneOS has a team of developers. -- Yae4 (talk) 16:38, 29 August 2020 (UTC)[reply]

• "Micay and Graphene users repeatedly stress a lack of developers and maintainers." - does not indicate that there is a single developer, but rather an overall lack of developers / maintainers.
• "So far GrapheneOS, like its predecessor Copperhead OS, has been developed almost entirely by him, says Micay." - does not indicate that there is a single developer, but rather than the lead developer has done most but explicitly not all of the work. In fact, that sentence implies that there are other developers doing a subset of the work. Also, in this sentence, it's largely the historical work being talked about. Since the project has historically had a single developer (not anymore), of course the bulk of the work was done by a single developer. The other developers have not been around for the vast majority of the lifetime of the project. The amount of the project created by a developer does not reflect the current division of work between them, and there are explicitly other people working on the project including people the project refers to as officially being involved.
• "A few developers have started to contribute to GrapheneOS." - which is the source stating that other developers had started to contribute to the project at the time of the article being written. Therefore, it is clearly incorrect to state that there is a single developer.
• "We are also a bit worried about how few developers and maintainers are currently working on GrapheneOS" - which once again refers to there being a development team, with Daniel Micay doing the bulk of the work at that time. An uneven division of work does not justify claiming there is a single developer. Events have also occurred since then, such as Pixel 4 support being launched based on community support. The golem.de source is a high quality article providing a historical snapshot but is not up-to-date coverage of the most recent state of the project. It's usable to explain the state of the project at a particular point in time, but not the current state of it. At that time, it did have multiple developers that had come on board, and the project itself shows that those developers / others are still around.

"It does not support saying GrapheneOS has a team of developers." - strongly disagree. It supports stating that there is a development team led by Daniel Micay. It definitely does not support claiming that there are not other developers working on it as that's explicitly in contradiction with the sources. You could state that the OS is primarily developed by Daniel Micay with help from some other developers / contributors, but that's not going to fit well into the infobox. The previous infobox claiming that there was only a single developer conflicts with the sources. The project itself states that it has multiple developers too, which is verifiable due to the open source nature of it, and while those aren't secondary sources it is wrong to deliberately make an inaccurate article based on cherry-picking and misinterpreting from a source.

Even with the way that you've cherry-picked quotations from the source, it doesn't back up what you're saying, and reading the source with the full context presents a much different story.

If you're going to be reverting all of my work, can you please do separate reverts with specific reasons instead of rolling back my changes with a generic reason that does not apply to all of the changes you are rolling back.

Note: Signature copied and new section started below by Yae4 to separate topics...Pitchcurve (talk) 19:46, 29 August 2020 (UTC)[reply]

@Pitchcurve:

• When the article was created in July 2019, it said developer: Daniel Micay.
• When I brought the golem.de source to this article and to this Talk page and convinced Admin Newslinger it was time to the page from Draft to Article space, it said developer: Daniel Micay.
• When I and others helped get the article on the front page of Wikipedia, in January 2020, after extensive review, it said developer: Daniel Micay.
• Have you brought a new source? No. The same golem.de source should NOT now be interpreted to say developer: GrapheneOS development team led by Daniel Micay The source has not changed. You just want this article to say something different.
• Go ahead and show us some convincing links from github, or better, new reliable secondary sources, supporting "development team led by Daniel Micay."
• In general, please start bringing specific sources and quotes to support your positions. That would be much more convincing than TL;DR arguments.

-- Yae4 (talk) 21:23, 29 August 2020 (UTC)[reply]

The golem.de source states that are multiple developers. Your own points attempting to support your argument show that there are multiple developers involved. In many cases, you're pushing a narrative not based on the sources and are inventing facts / details to fill in the gaps as you see fit. You can say that my arguments are "TL;DR" but they are based on the sources, unlike your claims. https://github.com/GrapheneOS shows that there is 1 other core developer with repository access who has made their organization membership public (by default, organization membership is private - you can see from actions in the bug tracker and elsewhere that there are other members that have not toggled their membership to public) along with 1 outside collaborator with commit access to one of the repositories. You can see for yourself that there are ~4-6 developers working on various repositories (look at PdfViewer, Auditor, AttestationServer, Vanadium, platform_bionic, etc.). I am not sure why there's a need to refer to GitHub when the article you reference yourself states that there are multiple developers and that Daniel Micay is the main / lead developer. I am not debating that Daniel Micay did the majority of the work on the project (it is becoming much less true particularly since the Pixel 4 has device maintainers rather than him doing it all), but it is incorrect to refer to him as the only developer.

Mistakes that were made during the creation of the article are not a justification to keep inaccurate information. It's not a point in favor of the inaccurate information. It not being noticed during the creation of the article doesn't justify it. You cannot use past versions of the Wikipedia article as a reference for itself.

GrapheneOS itself has repeatedly brought up that one of their developers was threatened by Copperhead: https://renlord.com/posts/2020-03-25-copperheados-legal-threat/. This isn't covered by a secondary source as far as I know so I don't think it should be included in the article - but I really don't know how you can claim that the project has a single developer. Pitchcurve (talk) 22:21, 29 August 2020 (UTC)[reply]

(unindenting)@Pitchcurve:

• Alternative 0: Developer: Daniel Micay

Long-standing wording, based on secondary sources. This says there is one main person. Readers understand there are others also involved. This is like Replicant, which lists a few names.

• Alternative 1: Developer: GrapheneOS development team led by Daniel Micay

Your proposed wording for the infobox. This is too long, implies an organization, probably a company, with a leader and followers. To my knowledge (which is based on what I've seen in secondary sources, and looking briefly at github), this over-states, or exaggerates both the reality, and what secondary sources say.

• Alternative 2: Developer: Daniel Micay and contributors

To me this is also supported by secondary sources, but looks odd, because "and contributors" is obvious and understood (i.e. extraneous).

• Alternative 3: Developer: GrapheneOS team

This is like

• Alternative 4: Developer: GrapheneOS community

This is like LineageOS or OmniROM.

I'm OK with either of Alternative 0, 3, or 4. Other opinions? -- Yae4 (talk) 17:53, 30 August 2020 (UTC)[reply]

Can you please explain how "The main developer, Daniel Micay, was the creator and lead developer of CopperheadOS until he left the company and continued the open source project as GrapheneOS." is not backed up by the golem.de reference and the others. And what about "After the schism between the two founders of Copperhead, Micay renamed the open source project to the Android Hardening project and then later to GrapheneOS to reflect the revived state of the project"? Why are you rolling back both of these sentences in the same change as the others? Also, where's your source for 64-bit ARM being the only supported architecture? The https://en.wikipedia.org/wiki/Gentoo_Linux article does not claim that 0 architectures are supported just because they are only supported for builds from source. Also, looking across the articles for Linux distributions, this information is obtained from the website / documentation for the distribution rather than expecting all the trivia to be available in up-to-date secondary sources. Listing out the architectures the project says it supports really shouldn't be controversial. Pitchcurve (talk) 19:46, 29 August 2020 (UTC)[reply]

@

WP:NPOV or the sources, in my opinion. Re: X86_64 etc., When I went to verify the primary source, I found only a mention that it was tested, not available for download or using. So it looks like advertising something not really available. In general, a lot of these kind of articles list far too many non-encyclopedic details, but it is often tolerated in these topics almost nobody cares about or reads. -- Yae4 (talk) 21:23, 29 August 2020 (UTC)[reply

]

I'd be happy to remove the architecture field, but if it is included, it should be accurate. There is no basis for claiming that only arm64 is supported. It is not based on a source. It should be removed or left as the corrected version. Either way, that is solution to the problem of inaccurate information. It's you that wants to claim that it only supports arm64 so where is your source? It conflicts with the website (which is the only place where architecture support appears to be discussed) and isn't accurate.

You're repeatedly making unsupported changes based on your incorrect interpretations and assumptions. You keep accusing others of doing what you are doing which is writing content not matching the sources.

Per the source, arm64 is supported in the same state as x86_64. There are no official builds for arm64, but rather specific arm64 devices. It states that there are official releases / support for generic 32/64-bit arm, x86 and mips but that production releases / official builds are made for specific devices. I don't know where you get the information that it specifically only supports arm64.

The sources are definitely available for download and the official release announcements include the tagged source releases (in fact, they only link the source releases, not the official builds for specific devices). I don't know why you're claiming it's not available for download. It is an open source project and just like Gentoo something being supported does not imply there is an official build available. Source-based distributions are a thing.

Pitchcurve (talk) 22:11, 29 August 2020 (UTC)[reply]

@Pitchcurve: I'm OK with deleting the platform field in the infobox. Or, if an accurate, brief list can be put in the infobox, with wiki-links similar to LineageOS, then I'm OK with that. It would be ideal if the infobox summarized the article, based on what secondary sources say. However, I realize that is not always the case for this type of article. That said, I'm not OK with turning this article into an advertisement, or adding more and more material based only on primary sources. -- Yae4 (talk) 18:18, 30 August 2020 (UTC)[reply]

This is not discussed in the secondary sources. I've redone it and used their site as the source for the time being, which matches what is done for articles like https://en.wikipedia.org/wiki/Gentoo_Linux.

GrapheneOS itself refers to support for 32/64-bit ARM, 32/64-bit x86 and 32/64-bit MIPS at a source level. Official builds are only made available for a selection of devices they deem to meet their standards and have the resources to support. There are no official generic 64-bit ARM builds but rather that is only supported at a source level. The only official builds are for a selection of Pixel phones at the moment. It's not accurate to suggest that it has official builds targeting 64-bit ARM generically, when in fact 64-bit ARM has the same level of support as x86_64 including official Vanadium releases (multiple secondary sources cover Auditor and Vanadium so the article should probably mention those). 32-bit ARM, 32-bit x86 and 32/64-bit MIPS are supported at a lower tier, but are supported nonetheless.

Where is a source for it only supported 64-bit ARM to counter what their own site says about the project? In a case where a secondary source is not available, I do not think coming up with the information out of thin air rather than referencing the official documentation is appropriate. Most Wikipedia articles retrieve this assortment of trivia for the infobox (supported architectures, most recent release, etc.) from the project's own documentation / announcements.

The sources do not differentiate arm64 as having special support, other than Vanadium only having official builds for x86_64 / arm64. Official builds being available for a selection of devices that are arm64 devices does not imply that arm64 in general has special support. That is not stated by any available source, and is an inference being made here that's not correct. The reason I changed it from saying "ARM" to "64-bit ARM" is because that made even less sense. At least there's some basis for arm64 being special compared to the others i.e. the fact that the official builds are for devices that are arm64 - but generic arm64 releases are in the same state as x86_64.

Pitchcurve (talk) 20:06, 29 August 2020 (UTC)[reply]

@Pitchcurve: Repeating above section response: I'm OK with deleting the platform field in the infobox. Or, if an accurate, brief list can be put in the infobox, with wiki-links similar to LineageOS, then I'm OK with that. It would be ideal if the infobox summarized the article, based on what secondary sources say. However, I realize that is not always the case for this type of article. That said, I'm not OK with turning this article into an advertisement, or adding more and more material based only on primary sources. -- Yae4 (talk) 18:24, 30 August 2020 (UTC)[reply]

This inconsistency has been in the article since early versions.[2] I note the golem.de source says "free software" when discussing F-droid, It says "real open source project" (paraphrasing Micay) when discussing licensing terms. Which of the above two wiki-links is a better fit? Also, the infobox lists MIT and Apache licenses; are those the only two? -- Yae4 (talk) 12:35, 2 September 2020 (UTC)[reply]

• In Reception, "devices" was added after "other Android." My interpretation is the article is referring to use of GrapheneOS compared with other Android operating systems, not to "devices."[3] Neither is explicitly stated in that context, so I think the word "devices" should not be added there. Relevant excerpt:

"In the test we could use GrapheneOS like any other Android. We enjoy the Google freedom, we don't notice the additional memory protection, but that's the way it should be. It is regrettable that the development of a secure Android was set back by the dispute of the Copperhead founders. We are also a bit worried about how few developers and maintainers are currently working on GrapheneOS - the project is currently more like a one-man show."

The source does go on to discuss "compatible devices" and the "pity" there "are only a few." This article currently mentions devices becoming "garbage" in a neutral fashion; however, it does not balance it with the criticism. In conjunction with adding Pixel 4 and 4XL in Compatibility section based only on a primary source, this begins to look like adding advertising and ignoring criticism, which is non-neutral.

• In Developer, the wording has been changed significantly[4], and sourcing has only been re-arranged; no new secondary sources added.
  • golem.de does not call Micay the "creator" (wording added), only that he "co-founded" the project and was the "main developer".
  • golem.de does not say anything about "the revived state" (wording added) as a reason for renaming from Android Hardening to GrapheneOS, only that developer Micay "Micay wants to continue the development of Copperhead OS and the Android Hardening project with GrapheneOS." If anything, the statement should be more clear Micay is the source being paraphrased, and not state the renaming explanation in Wikipedia voice.

I am therefore re-instating previous wordings. -- Yae4 (talk) 14:04, 2 September 2020 (UTC)[reply]

Daniel micay has in the grapheneos matrix room stated that he wants and has nothing to do with us politics. So, he also wants nothing to do with other people selling phone with grapheneOS. But has stated if they misuse the trademark (grapheneOS logo), he will take legal action against them. It maybe suitable to say while they are using this OS as a base, the project owner has stated they don't agree with them with a clear no racism stance. But since it was in a chat room it cannot be linked as a source.

Mainly to discuss how to present this and what the developers stance is. Vodoyo (talk) 16:08, 10 January 2021 (UTC)[reply]

@Vodoyo: Interesting developments. The court filing[5] also discusses "business deals with criminal organizations" more on Copperhead, but overlaps background of Graphene history. Omerta digital is advertising phones with GrapheneOS. [6] It's a primary source, but may deserve mention in the article? Breitbart is banned at wikipedia IIUC, and all the quoted twitter posts are not reliable. (https://www.breitbart.com/tech/2021/01/09/free-speech-platform-gab-reports-750-increase-in-traffic/) AR15.com is a forum, self-published source, so also not reliable.[7] Do you have any reliable or primary sources covering it? -- Yae4 (talk) 15:38, 31 January 2021 (UTC)[reply]

I've been removing these warnings placed here without any real justification:

• https://en.wikipedia.org/w/index.php?title=GrapheneOS&diff=996391974&oldid=992972113
• https://en.wikipedia.org/w/index.php?title=GrapheneOS&diff=999890908&oldid=999722148
• https://en.wikipedia.org/w/index.php?title=Talk:GrapheneOS&diff=1000542668&oldid=999516085

I don't think these should be added back without a talk page discussion with an explanation of why it makes sense. This kind of thing is discouraging making improvements to the article, which it desperately needs.

See Talk:CopperheadOS#Connected_user_status_disagreement about accusations that have been made against editors to these two articles (including myself) in a way that drives away contributors. Many months ago, I was one of the people that Yae4 made accusations against. In the warning notice Yae4 added for User:Pitchcurve, Special:Diff/975851969 is given as the reason, which simply doesn't make any sense. I think it's unfortunate that the improvements to the article were reverted. This article shouldn't be treated as one person's territory rather than basing it on the sources and consensus-based decision making.

This is what an administrator said on the other talk page:

Yae, as far as I am concerned, your repeated focus on the contributors here, rather than the content of the article, has made this article a toxic environment to edit in, and amounts to disruptive editing.

Unfortunately, that appears to have persisted here despite ending for the CopperheadOS page.

I'll also note that they made a similar veiled accusation against me in their recent edit summary, similar to what they did before. 142.126.174.52 (talk) 16:20, 15 January 2021 (UTC)[reply]

Hey, I was the one to make the second edit(red Daniel Micay) link. I am still new to this, but if I am not wrong Daniel has been credited for lots of security related work on Android, WhonixOS, Rust programming language and obviously this project. These citation are from verifiable and reliable sources. So, I am a bit confused on what exactly would be missing from his page. Thanks in advance for replying :) --Greatder (talk) 03:29, 17 January 2021 (UTC)[reply]

@142.126.174.52: I'm focusing on articles, sources, edits and facts; not on editors, under threat of a complaint being filed[8] by User:Mr._Stradivarius. I would ask you, 142.126.174.52, to do the same. I didn't think the other discussion applied here, so I re-added the tag. If you feel so strongly about it, fine, I don't really care that much. Re: Red Linking non-existent Micay page, a red link only highlights Micay's non-notability, unless or until a page is drafted. I don't feel too strongly either way, but weakly support leaving it out. Re: Tagging missing lawsuit information. It's clear there are some legal processes happening, as a filing was posted on Graphene's website. A reminder tag, to follow up if/when it hits the "reliable" sources seems OK to me. I'm not sure if it's appropriate to use that primary source now, but it does contain some interesting information.

@Greatder:, Why should we link to a non-existent page? Is anyone working on a Draft? If you can bring reliable sources showing notability, go ahead. -- Yae4 (talk) 20:22, 20 January 2021 (UTC)[reply]

I am working on it, so I would encourage keeping a link to indicate work in progress  :) Greatder (talk) 08:13, 22 January 2021 (UTC)[reply]

What if anything can be taken from these PDFs of letters and filings from Graphene and Copperhead? [9] [10] [11] -- Yae4 (talk) 13:42, 5 February 2021 (UTC)[reply]

It's generally not a good idea to rely on public documents as

WP:BLPPRIMARY. — Newslinger talk 13:25, 6 February 2021 (UTC)[reply

]

• Golem.de is a better source than Packtpub.com. Packt has an unfavorable, though old, RSN discussion.[12]
  and the Packt article is currently tagged for poor sourcing, for what that's worth. The Packt source used in this article mainly repeats Micay's twitter, which is not very independent.
• This is original research, but even today, GrapheneOS' AndroidHardening Github calls it "Android Hardening". [13] Usage has been inconsistent, but as far back in time as June 2018, and November 2018, it was called "Android Hardening". [14][15]

Thus, if included, it should be "Android Hardening". -- Yae4 (talk) 11:18, 26 December 2021 (UTC)[reply]

On the history, the article currently seems misleading, and not consistent with the better source (golem.de). If I understand correctly, Micay was working on "Android Hardening" as part of CopperheadOS. The renaming from "Android Hardening" to "GrapheneOS" was about a year after "the incident", if that refers to the firing of Micay in June 2018, yes, but "Android Hardening" was also part of CopperheadOS, which Micay also worked on.

• In June 2018 the Android Hardening repo "platform_packages_apps_Updater" description said "Automatic background updater for CopperheadOS." (archive link above) This indicates Android Hardening was originally being developed as part of CopperheadOS. By November 2018 it may have been splitting off, but this is not entirely clear.
• As of March 2019 it was still called "Android Hardening". [16]
• In May 2019 it "Android Hardening" was being renamed to GrapheneOS.[17]

• Secondary source golem.de says (translated), "The main developer Daniel Micay wants to continue the development of Copperhead OS as well as the Android Hardening project with GrapheneOS." and "Micay is no stranger to the company; he was co-founder of Copperhead, the company behind the hardened Android system of the same name, as well as its lead developer. In mid-2018, the two founders defected. Then, in April 2019, Micay announced GrapheneOS as the true successor to Copperhead OS, which would functionally inherit it." I interpret "defected" as more like "separated", and these statements are saying Micay is moving from CopperheadOS with "Android Hardening" included, to GrapheneOS with "Android Hardening" included.
• "to better reflect what the project has become" is strange language which seems to have a advertising flavor, not neutral wiki-language.

Therefore, I support removing coverage of "Android Hardening" and including statement on transition from CopperheadOS to GrapheneOS more consistent with the golem.de source. I would also support simply removing the Packtpub source, if it wasn't needed to support notability of the article. -- Yae4 (talk) 11:21, 26 December 2021 (UTC)[reply]

Removing the coverage misrepresented what the sources say, so I reverted this. 84.250.14.116 (talk) 15:25, 23 June 2022 (UTC)[reply]

Your statement is false, but thanks for the response (after 6 months).

WP:DUE says we must "fairly represent all significant viewpoints that have been published by reliable sources, in proportion to the prominence of each viewpoint in the published, reliable sources." Your edits are cherry picking a LOT from one reliable source (golem), and one unreliable blog post (Packt) to present - in wiki voice - Micay's version of the history. I simplified the "transition" statement because including more detail gives undue weight to ONE source. Also, too fine details are irrelevant to most readers (i.e. non-encyclopedic), IMO. -- Yae4 (talk) 18:48, 23 June 2022 (UTC)[reply

]

I also noticed the Android Hardening rebranding to GrapheneOS was already also supported by a Pro-Linux reference in the article, so I added that reference before the Packt reference as a secondary supporting citation. 84.250.14.116 (talk) 18:28, 23 June 2022 (UTC)[reply]

And it's in the Yugatech citation too: The former lead developer of the CopperheadOS that had a fall-out last year, Daniel Micay, developed his own open-source project called Android Hardening Project which was later renamed to the GrapheneOS. 84.250.14.116 (talk) 18:36, 23 June 2022 (UTC)[reply]

Also in Svět mobilně and Origo sources, so quite well established in third-party sources. 84.250.14.116 (talk) 18:44, 23 June 2022 (UTC)[reply]

Yugatech is another poor source that just regurgitates Micay tweets, and should be deleted. Yes, mea culpa for ever including it. I'll have to re-look at the others. See above for more on

WP:DUE. -- Yae4 (talk) 18:45, 23 June 2022 (UTC)[reply

]

I proposed the YugaTech article for deletion. 84.250.14.116 (talk) 19:08, 23 June 2022 (UTC)[reply]

Probably a time to remove this YugaTech source, hard to verify anything from it but the existence of a single Tweet. No editorial policy I could find. 84.250.14.116 (talk) 20:16, 21 July 2022 (UTC)[reply]

Glad you finally see reason and agree. Now please look more closely at Talk:GrapheneOS#Origo.hu_source_deletion. -- Yae4 (talk) 21:18, 21 July 2022 (UTC)[reply]

The latest Android Police citation from a week ago goes even further to claim: Founded in 2014 as CopperheadOS, the privacy-focused operating system was briefly known as the Android Hardening project in 2018, before officially becoming GrapheneOS. 84.250.14.116 (talk) 21:54, 23 June 2022 (UTC)[reply]

The Android Police article here at enwiki has had its article deleted and drafts abandoned multiple times for an apparent lack of notability. 84.250.14.116 (talk) 22:01, 23 June 2022 (UTC)[reply]

It seems to be connected to MakeUseOf.com (the same publisher, Valnet Inc.). User:Newslinger said MUO to be "marginally reliable". (Wikipedia:Reliable sources/Noticeboard/Archive 326#Should MakeUseOf.com be considered a reliable source?) — Preceding unsigned comment added by 84.250.14.116 (talk) 22:35, 23 June 2022 (UTC)[reply]

See also Wikipedia:Articles for deletion/MakeUseOf. 84.250.14.116 (talk) 22:37, 23 June 2022 (UTC)[reply]

My understanding: Notability of an article about a source is independent of that source's reliability as a source. In other words an obscure publication on ROMs could be little known, but have a reputation of reliability as a source. Repeating: Android Police seems OK but marginal to me; MakeUseOf.com seemed less reliable. Also, any source that basically repeats tweets without any critical analysis or independent thought should be binned. -- Yae4 (talk) 11:02, 24 June 2022 (UTC)[reply]

After looking at previous Reliable Source Noticeboard discussions of Valnet properties, which includes Android Police, I now feel Android Police is not even marginally OK, and I was mistaken to add the material from that source. Thus, I will be deleting them. -- Yae4 (talk) 22:38, 30 June 2022 (UTC)[reply]

Moved from #aka Primary source statements by GrapheneOS/Micay on Github (and Twitter) re: "Don't use my source" (paraphrase)

Hi,

I don't understand why my modification has been canceled. The latest version of GrapheneOS was released the 11/05/2022, not 2 months ago.

I'm doing the modification again, please keep the section updated.

Thanks. — Preceding unsigned comment added by Didyme33 (talk • contribs) 20:29, 22 May 2022 (UTC)[reply]

Because the edit also deleted a phrase and tag, without mentioning or justifying in edit summary. -- Yae4 (talk) 16:01, 31 May 2022 (UTC)[reply]

Adding, re "please keep the section updated": A problem with articles like this is keeping such minutia details up to date, unless setup to be done automatically. -- Yae4 (talk) 16:17, 31 May 2022 (UTC)[reply]

I see no reason why this has been reverted.

> delete statement based only on twitter - unreliable source This makes absolutely no sense. The text said the GrapheneOS team announced something and I gave a link to the actual announcement by GrapheneOS, which was on Twitter. How is this not a reliable source for this matter?

Gaussgroessereuler (talk) 16:20, 30 May 2022 (UTC)[reply]

See

WP:RSPTWITTER and links from there. The referenced tweet is not only for "an uncontroversial self-description", and "Tweets that are not covered by reliable sources are likely to constitute undue weight." -- Yae4 (talk) 16:02, 31 May 2022 (UTC)[reply

]

It is an uncontroversial self-description, though... The text that the source was used for said that GrapheneOS announced something and the tweet contains the announcement by the official GrapheneOS twitter account. I don't see how that would constitute undue weight. Gaussgroessereuler (talk) 20:21, 2 June 2022 (UTC)[reply]

Controversial - Was it accurate? Did it happen as predicted in a "few months" from February 2022 (i.e. May)? Self-description - No, it involves un-named third parties. Undue weight - See

WP:RSUW. -- Yae4 (talk) 10:07, 3 June 2022 (UTC)[reply

]

​​Following up: Because an apparently reliable source, Android Police covered the same info', it seems marginally OK for inclusion, although the undue weight issue is still a concern. I still feel we should not link Twitter, although some others editing the article would like to, for selected tweets. I will be seeking independent advice. -- Yae4 (talk) 21:44, 22 June 2022 (UTC)[reply]

I stand corrected, thanks to 84.x correlating Android Police with Valnet properties at Reliable Sources Noticeboard. Apologies for ever adding statements based only on Android Police sources. Now removed. -- Yae4 (talk) 22:48, 30 June 2022 (UTC)[reply]

Because there was an edit war, I'll start this. Nothing in cited sources of Special:Diff/1094475710 (nevermind they are user-generated and therefore unreliable anyway) specifically says something to now be proprietary or only "partly" open-source. I don't think the editor in question (nor me) could even link to any source, primary or not, that would non-controversially support the statement that some parts of the project would now be proprietary. At least one of the cited sources seems like a I would like you to... request to remove some code from another project (or multiple projects) due to a schism (or schisms). With further inspection the messages on GitHub seem to be at least a little bit legitimate with deeper inspection (the GitHub issue's OP's profile links to a well-known author with contributions to GrapheneOS repositories), however a regular reader cannot make the correlations from the cited single page alone. I also cannot make that statement in the article, because I would be editorializing and that's not the purpose of Wikipedia; Wikipedia says what other third-party sources say (usually "reliable", even if the definition of "reliable sources" is arguably heavily weighted on "consensus" or virtue signalling with sometimes undue weight based on the language and culture of the wiki, e.g. biased towards Westerner viewpoints on enwiki). This needs reliable third-party sources to be uncontroversial. 84.250.14.116 (talk) 21:45, 22 June 2022 (UTC)[reply]

If I have to put this in another way, the two problems were:

WP:UGC sources stating claims about third-parties (CalyxOS) that are not found in sources (original research) Wikipedia considers "reliable" for inclusion, even if such claims (in those sources) may be true. Therefore, I've reverted this. 84.250.14.116 (talk) 22:22, 22 June 2022 (UTC)[reply

]

​​The "not open source" change was actually first suggested, not by me, but by an IP editor[18]. I did not agree with the addition,[19] at first, but when 3 Github primary sources are readily found, not to mention a bunch of tweets (which are not appropriate for sources), it seems relevant to include some basic facts. Strcat and thestinger are nicknames used by Micay (as if anyone editing, or most people viewing this article don't know). GrapheneOS/Micay has tweeted and posted on github re: not wanting others to use their sources. This information is similar to other factoids included in this article and primary-sourced to GrapheneOS FAQ or other webpages. As previous licensing issues were also germane to CopperheadOS history, and are germane to GrapheneOS history, why not include info' on these statements? It is basic, relevant info' of interest to readers of this article. The statements are not editorializing; they are basic summary of statement by the primary source. -- Yae4 (talk) 22:28, 22 June 2022 (UTC)[reply]

Adding: Based on this edit[20] it seems we are, or should be, in agreement that limited basic "about self" factual statements are OK to include. We shouldn't be cherry picking only selected such statements, however. IMO, your edits have that appearance. -- Yae4 (talk) 23:09, 22 June 2022 (UTC)[reply]

I was thinking of having it as a footnote immediately after the

WP:PSTS), so I can't interpret/make/synthesize/editorialize the statement that there are licensing issues - none of the sources stated explicitly say so. I don't see the statement According to the GrapheneOS primary developer, they request CalyxOS and bromite developers not to use any GrapheneOS sources. as a problem, the problem is the sourcing – it's improperly sourced, and in the latest edit you seem to have also removed the "better source needed" tags. 84.250.14.116 (talk) 23:49, 22 June 2022 (UTC)[reply

]

I was thinking of having it as a footnote immediately after the

open-source

word in lede (and infobox), possibly with a supporting quote in the citation template. I almost submitted an edit, but I don't know anymore why I didn't submit it (not thoughtful). I kept the original text because it supports what's said in the lede, even though I was not too happy to introduce a primary source (I'd be fine with removing that statement too), and it was easy to copy-paste from diffs (although doing that also introduced errors, which another contributor quickly fixed).

I was going to comment here that it being kept in felt out of place in the History section because it was originally part of the other removed content (

WP:3RR without giving enough time to reach a consensus here... Resonantia (talk) 01:29, 23 June 2022 (UTC)[reply

]

Special:Diff/1093735316, linking to The Open Source Definition § 5. No Discrimination Against Persons or Groups, says: The license must not discriminate against any person or group of persons. I don't see the license as a subject of contest in question, I see schisms. Vanadium / LICENSE – GPL-2.0 is on OSI's approved licenses list. The argument proposed by unregistered contributor that this is not "open source" by OSI definition is not convincing me. 84.250.14.116 (talk) 00:12, 23 June 2022 (UTC)[reply]

Particularly troubling is the Bromite issue #2102 citation, which is anchored to the comment which says (among other things): collaborating with a group (Calyx) involved in a substantial misinformation and harassment/bullying campaign directed towards our project and developers – this is according to thestinger, but no "reliable" sources (by Wikipedia's standards) exist to reference in support of these statements, so the source is very questionable without the appropriate context (hence removal as

original research). It doesn't simply say GrapheneOS doesn't want Calyx to use our sources in support of the original statement, it also goes beyond to make other claims (which are more challenging for an uneducated reader to verify and trust the sources) – nevermind its also not easy for an uneducated reader to understand thestinger to (likely) be Daniel Micay. 84.250.14.116 (talk) 00:43, 23 June 2022 (UTC)[reply

]

Note I'm not making a statement here if thestinger is right or wrong with those claims; I'm trying to make a claim how it's improperly sourced for an encyclopedia (Wikipedia). 84.250.14.116 (talk) 01:01, 23 June 2022 (UTC)[reply]

IMO, You, 84.x, are giving far too much attention to deeper analyzing, synthesizing, and interpreting deeper meanings in those github sources... which IS

WP:NPOV by cherry picking only selected primary-source statements from GrapheneOS website. As example, the FAQ[24] clearly indicates there is ongoing dispute over code ownership and licensing; this article references it but does not say anything about the disputes. Anyway, the GrapheneOS site is biased and not reliable for much more than some technical facts. -- Yae4 (talk) 02:31, 23 June 2022 (UTC)[reply

]

GrapheneOS changing the Vanadium license from MIT (permissive) to GPLv2 (copyleft) clearly doesn't make Vanadium open source. You're also making sure to omit the context of Bromite preventing GrapheneOS by using their code since GrapheneOS is unable to include GPLv3 code from Bromite. Bromite was earlier permitting GrapheneOS to include their code under the MIT license and started disallowing it. Why are you omitting the context? GPLv2 is a copyleft open source license which largely exists to require that people using the code (such as Bromite using GrapheneOS code) permit using their own code in the other direction under the same license. That doesn't make the project in any way less than open source. Open source does not mean there aren't requirements on using the code. It means that the code can be used by anyone for any purpose while respecting the licensing terms including attribution, including the license notice which are both almost always required (but often not respected) and if applicable also copyleft enforcing making derivative work available under a compatible license. GPLv2 does not permit the restrictions added by GPLv3, so Vanadium is requiring that Bromite switches to GPLv2 / GPLv2-or-later instead of using GPLv3 which GrapheneOS considers unacceptable. Neither of the projects is not open source for not providing their code to each other under licenses that the other side is willing to use. GrapheneOS is not willing to use GPLv3, and Bromite is not willing to use GPLv2-or-later instead of GPLv3 to use the GPLv3 code from Vanadium. This is nothing like the narrative you are trying to push. The CalyxOS thing you are bringing up involves CalyxOS kicking GrapheneOS out of a project and disallowing them using the code followed by GrapheneOS asking them not to use their code in the same project in response. How is that anything like what you are portraying? 142.126.170.15 (talk) 06:53, 4 July 2022 (UTC)[reply]

In response to User:Yae4:

saying they wish for CalyxOS and bromite developers to stop using their code (and will be changing licenses to push it).

I agree this to be the case, however the availability of sources is rather low quality and not all the sources given are suitable for inclusion due to involving exceptional claims about third-parties.

Wikipedia misleads readers to simply say GrapheneOS is Open Source, and not mention non-open-source behaviors

I disagree. I think I've already said why, but this is objectively an

extraordinary claim which needs extraordinary sources, not guided by feelings or emotions. There may be fallacy involved for licensing (i.e. relating to the android-prepare-vendor repository by AOSPAlliance), or a misinterpration of the OSI definition/generally accepted definition of "open source

". The repository URL found in the infobox gives me an impression that the majority or all repositories are "open source", the licenses used seem to be OSI-approved, and there are no reliable third-party sources to claim otherwise with a neutral viewpoint.

See also

WP:FRINGE

for deviation from prevailing or mainstream views (the definition of "open source").

"License issues", Controversies, or similar

I'd name it Controversies, however I would also expect it to be well sourced with views from both sides and not giving

WP:UNDUE

weight to extraordinary claims from a single party (i.e. Bromite issue #2102 anchored comment should not be used as a reference, because it involves extraordinary claims about Calyx not published in third-party sources Wikipedia considers "reliable").

Re: "licensing issues", don't they belong in the CopperheadOS article instead?

GrapheneOS is less than fully open source in action

I disagree, in the most neutral viewpoint possible, after reviewing the Vanadium license and OSI definition (which was a point of contention in the cited sources). The claim that this is "less than fully open source" may be editorializing or original research, and would also contradict a primary source about self (FAQ), which at the time is the only available source of information; prepare to cite reliable third-party sources for it (or undo Special:Diff/1094478406 as a source of dispute). The decisions, schisms, requests, whatever you want to call them, cannot be objectively seen as restrictions of the license (GPL-2.0 + WebView exception) as OSI defines them, but desires of authors/contributors. The subject of whether GPL-2.0 is "open source" or not should not be in question (even then the GPL-2.0 also prohibits inclusion in proprietary programs without code sharing, but that's a non-issue in this conversation).

improving the article by removing MORE primary sources

I agree with points of contention. Keep references 1 & 2 (and move them to the Wikidata project), these are not exceptional claims nor questionable (software release information). Remove 12 and the statement of dispute as contentional, until reliable sources become available (this is what User:Resonantia also wanted). Remove 20 because it is already supported by 9 (a notable publication). Keep 11 because the Packt publication seems to mee encyclopedic notability here; the source may only partially supports the statement (Micay transitioned to work on GrapheneOS) or may have been misinterpreted and the scope should be clarified for involvements prior to 2019 (renaming in the "AndroidHardening project" to GrapheneOS).

the [GrapheneOS] FAQ clearly indicates there is ongoing dispute over code ownership and licensing [in GrapheneOS]

I disagree. The FAQ doesn't indicate a dispute to be ongoing in this article subject. (There may have been a former dispute.)

I've understood from reading CopperheadOS there is an ongoing dispute in that separate article subject. If these two subjects would not be too distinct from each other, the articles would be merged. Currently the referenced sources seem to indicate notability of GrapheneOS for a standalone article.

the GrapheneOS site is biased and not reliable for much more than some technical facts.

The five points of

WP:PRIMARY

in general apply.

At least a few of the third-party sources (in the history section) here seem to support non-technical facts also published in the primary source.

84.250.14.116 (talk) 13:34, 23 June 2022 (UTC)[reply]

On its face, GrapheneOS releases most of its sources under open source licenses; on this we agree. In practice, Graphene/Micay uses at least a couple public communication channels to ask other projects to, in essence, ignore the licenses and not use their sources. This is a basic historical fact, from Micay's fingers, not an exceptional claim or fringe view. More interpretation should wait for "reliable" sources, but basic facts are basic facts: GrapheneOS asks a couple other projects - Calyx and bromite - to not use their sources.

Ongoing versus previous disputes over code ownership and licensing: Clearly it is ongoing. Not yet for the article, but obviously the disputes have not been settled or (1) we would see at least tweets about it, if not "news" (2) the "history" at Graphene webpage would say so. Instead it uses long, winding explanations... To the extent your edits push this article to match Graphene's version, it is demonstrating biased presentation of sources, IMO.

I may take Packt pub to RSN for more opinions. I've considered it a poor source since the beginning of this article, as said before; Newslinger called it a "blog" and "borderline source" above.

PS. I disagree with copying from CopperheadOS because it is not a good example, and should not be considered as precedent; see lack of consensus etc at that Talk[25]

PPS. It would also be great to see more input in this Talk from all the interested accounts and IPs. -- Yae4 (talk) 16:47, 23 June 2022 (UTC)[reply]

Micay [...] ask[s] other projects to, in essence, ignore the licenses? That's not what the three user-generated sources you added said. If "thestinger" is Micay, then Micay says in the bromite thread the license will be strictly enforced with legal action taken if it's not followed, but we've gone too far to interpret these sources anyway. I don't claim the requests to not use their sources to be fringe, I said your deviating viewpoints of what is the definition of "open source" may be fringe (in context of this conversation and using the fringe viewpoint as a basis to say something isn't "open source"). I don't want to involve myself in this much further.

The edits I've done have attempted to fill omissions – publication bias? – which are supported by both primary and third-party sources (particularly the gap of events between the CopperheadOS schism and the announcement or "rebranding" to GrapheneOS) – the omission of the Android Hardening project (mentioned in the Golem.de source) could give the different impression of the history, inception or continuity, which would not be supported by sources. In sense, I have pushed this article to match more accurately both Graphene and Golem's version of events, not only Golem's Yae4's version of the events. I still see it could be improved to state both viewpoints neutrally, if there remains any confusion I've yet to understand to be inaccurate.

84.250.14.116 (talk) 17:44, 23 June 2022 (UTC); edited 18:12, 23 June 2022 (UTC)[reply]

What I meant to say in the first paragraph, the following is my neutral viewpoint of the new schisms and sources: thestinger uses at least a public communication channel (GitHub) to ask other projects to, in essence, ignore the licenses and not use GrapheneOS sources [because of schisms]. The reasons behind it are not something I'd reference, until reliable sources say why. There's also the other issue: Wikipedia shouldn't publish original research to tell thestinger is Micay (?), unless the alias can be reliably referenced. 84.250.14.116 (talk) 18:04, 23 June 2022 (UTC)[reply]

Moved to #History, transition from CopperheadOS with "Android Hardening", to GrapheneOS

 – Some discussion about Android Hardening history and origins I started didn't belong in here, whoops. 84.250.14.116 (talk) 22:11, 23 June 2022 (UTC)[reply]

I saw no objection in this discussion to remove the

On this, exceptional claims were never included in this wiki-article to my knowledge. The only thing included was a basic factual statement of what Micay/Graphene requested (actually near demanded). Additional claims in the source about others should be excluded from the article but I'm less sure this is justification to not use the source for info about itself. However, in general, I agree self-published info from Micay/Graphene is very low reliablity, and should be minimized to as close to zero as possible, without making the article misleading on important issues like how they really handle "open source" and licensing. Of course the long history of difficult, or toxic, relationships with other people/projects would be important to include, if reliable sources ever cover it. -- Yae4 (talk) 11:15, 24 June 2022 (UTC)[reply]

You're making sure to omit the fact that CalyxOS and Bromite prevented GrapheneOS from using their code prior to Daniel Micay requesting they stop using theirs. It is your incredibly one sided interpretation of what happened

142.126.170.15 (talk) 06:49, 4 July 2022 (UTC)[reply]

Proposing to non-admin close this discussion following the consensus: 2 editors in favour of removing it as original research (particularly on the alias and identity of thestinger), 1 editor in favour to keep the current revision. 84.250.14.116 (talk) 10:30, 28 June 2022 (UTC)[reply]

Disagree with "closing" Only 2 editor accounts or IPs have given opinions and reasons here, unless I missed it. Also, re: harassment and licensing claims as a general and ongoing "thing" by GrapheneOS, this is also supported by primary source statements at their website, claiming similar re: CopperheadOS and the CEO.[26] More uninvolved 3rd party opinions could be useful here. -- Yae4 (talk) 15:13, 28 June 2022 (UTC)[reply]

Implicitly I supposed

WP:DUE. 84.250.14.116 (talk) 17:27, 28 June 2022 (UTC)[reply

]

No explanation in edit summary, and lack of participation here in Talk gives lack of understanding of "the other party's opinions" or reasons.

By the way, see

WP:PRIMARYCARE: "The person's autobiography, own website, or a page about the person on an employer's or publisher's website, is an acceptable (although possibly incomplete) primary source for information about what the person says about themself. Such primary sources can normally be used for non-controversial facts about the person and for clearly attributed controversial statements.". While this is under "an article about a person" it should apply here when covering Micay's statements about his wishes or GrapheneOS, as it is more a personal project and less a business. -- Yae4 (talk) 11:35, 29 June 2022 (UTC)[reply

]

Cite reliable sources and suggest such sources to be added, I'm not interested to argue more about policy. 84.250.14.116 (talk) 13:12, 29 June 2022 (UTC)[reply]

• 84.x starting fresh edit warring: This reversion[27] removed Dubious tag, which referred to this section of Talk, to try to get more opinions. Ignoring 142.x inflammatory personal attacks, only one other editor/account, Resonantia, has given an opinion. Their suggestion, a footnote, has not been added. I suggest you should not remove tags which are intended to highlight points of disagreement, and solicit discussion to reach consensus. Yae4 (talk) 12:06, 6 July 2022 (UTC)[reply]

Finally, as suggested by El_C, I would support removing the statements about Dorsey tweet (and additionally Snowden tweet), as they add little. -- Yae4 (talk) 02:31, 23 June 2022 (UTC)[reply]

Maybe it would be more appropriate to address all the low effort endorsements to a single sentence list of celebrity endorsements. "GrapheneOS has been endorsed by Ed Snowden and Jack Dorsey." Perhaps endorsed isn't the right word, but that sort of list of celebrity nods seems common on musician/artist articles. Anonymous526 (talk) 05:48, 23 June 2022 (UTC)[reply]

Admin

WP:RSPTWITTER, it seems appropriate to delete statements about tweets. This is obviously not a "musician/artist" article. I originally added the bit about a Snowden tweet because we were struggling to convince reviewers this article was even notable, in late 2019,[29] and it and a wiki-link[30] might give the article a smidge of a notability push. If you've looked for recent "reliable" source coverage recently, as I have, you know there still isn't much now. Nevertheless, the tweet garbage should be deleted. -- Yae4 (talk) 12:07, 23 June 2022 (UTC)[reply

]

That was just something that confused me. I'm not actually interested looking into this further, in any capacity, really. El_C 12:48, 23 June 2022 (UTC)[reply]

I agree, the Dorsey tweet is pretty pathetic. I've now removed it. Perhaps the Snowden tweet is still needed for its original purpose. Has the OS/article now accrued sufficient notability independent of it? Anonymous526 (talk) 18:53, 23 June 2022 (UTC)[reply]

Delete it. It's a poor source. -- Yae4 (talk) 19:21, 23 June 2022 (UTC)[reply]

I was inclining to keep the Snowden tweet because of the "Did you know?" this article had, but I'll stay neutral to this opinion so I don't have to express better arguments based on policy. 84.250.14.116 (talk) 20:28, 23 June 2022 (UTC)[reply]

I count two IDs saying let's delete tweet-only sources, and one abstaining. Sounds like time to delete the Snowden tweet mention too. -- Yae4 (talk) 19:51, 27 June 2022 (UTC)[reply]

WP:RSPTWITTER isn't an issue for the Snowden tweets. The article is not citing the tweet itself directly, but multiple news sources mentioning it. Seems okay for the reception section, unless it's weighting for

WP:UNDUE. 84.250.14.116 (talk) 08:39, 28 June 2022 (UTC)[reply

]

I thought we were near agreement that sources mainly regurgitating tweets would be considered not-usable? Here you favor regurgitating tweets because why? Defend notability, or make GrapheneOS look good/endorsed? Also, what about the 2-1 consensus? Maybe we should request more 3rd party opinions here too. -- Yae4 (talk) 15:13, 28 June 2022 (UTC)[reply]

Snowden isn't a primary source, nor are the third-parties quoting Snowden. 84.250.14.116 (talk) 17:30, 28 June 2022 (UTC)[reply]

Snowden is a self-published (unreliable, except maybe about himself) source. The third-party sources need to be judged on their merits, considering

WP:RSPTWITTER. Sure, it made a catchy "hook" for DYK, but that time has passed. -- Yae4 (talk) 11:28, 29 June 2022 (UTC)[reply

]

And the third-party sources aren't self-publications from Snowden. Simple fallacies. 84.250.14.116 (talk) 13:14, 29 June 2022 (UTC)[reply]

We can judge how much the cited sources relied only on paraphrasing tweets from Snowden. -- Yae4 (talk) 22:50, 30 June 2022 (UTC)[reply]

Snowden tweets

I reviewed the sources (or 2 of 3) more carefully; here are my notes:

• Der Standard: says, "The ex-secret service employee would not leave standard Android on the device, but replace it with Graphene OS."[31] Source Weaknesses: passing mention in article about Snowden. Article is based only on paraphrasing Snowden tweets, so very weak source as a whole.

• la republica, about Snowden says: "The former contractor recommends using GrapheneOS software as the phone's base operating system," (and would do a bunch of other things).[32] Source weaknesses: Same weaknesses as above.

• Futurezone.de: Not Found error page (verification fail), but I am confident it has at least the same source weaknesses as above.[33]

Note: Glancing at Edward Snowden these sources - which are about Edward Snowden - were not found, nor was even mention of GrapheneOS. If weak sources about Snowden are not used there, what does it say about using them here, in an article about GrapheneOS.

Summary: Passing mentions of GrapheneOS in weak sources based on tweets, does not justify giving the tweet any weight.

Mentions of Snowden also appear in the Golem.de and heise online citations. 84.250.14.116 (talk) 22:20, 30 June 2022 (UTC)[reply]

When several factors point to not using it, why are you so determined to use it anyway? The Heise citation is a transcript of "independent" YouTube productions, i.e. non-reliable source. See Reliable Sources Noticeboard discussion, ongoing. If we cite Golem.de much more, we will be including the whole article. It already is cited several times. Can find any non-bio, or better any related "tech" wiki-articles with similar endorsement tweet statements as this article? I tried and failed. -- Yae4 (talk) 22:56, 30 June 2022 (UTC)[reply]

• Plan to delete Unless someone provides support for why the Snowden tweet sentence should remain, or improves or better defends the citations, for reasons above, I plan to delete the sentence soon. -- Yae4 (talk) 11:56, 6 July 2022 (UTC)[reply]

  There was a

  WP:3O request on this, but no volunteer responded. 84.250.14.116 (talk) 22:26, 21 July 2022 (UTC)[reply

  ]

In the second sentence, "It is focused on privacy and security," is repetition of "security-hardened, privacy focused," in the first sentence. I suggest deleting the second, and attaching "and is compatible..." to the first sentence. -- Yae4 (talk) 16:49, 23 June 2022 (UTC)[reply]

 Done 84.250.14.116 (talk) 16:53, 23 June 2022 (UTC)[reply]

Thanks. "for selected smartphones, and is compatible with several Google Pixel smartphones." is odd, and should be changed to just ",and is compatible with several Google Pixel smartphones". Sorry I didn't catch that sooner. -- Yae4 (talk) 17:17, 23 June 2022 (UTC)[reply]

I agree it's awkward right now, but there may be a small distinction between what it's aimed for and what it's compatible (or officially supported) with. So not done for now. I couldn't think of a better way to say it. 84.250.14.116 (talk) 17:48, 23 June 2022 (UTC)[reply]

It should be changed. I still favor what I suggested. Also, I believe somewhere guidance says the lead does not need sources, and the lead material should have been included already in the body. -- Yae4 (talk) 10:53, 24 June 2022 (UTC)[reply]

Adding: See

MOS:CITELEAD -- Yae4 (talk) 11:52, 24 June 2022 (UTC)[reply

]

Yes, but because of this, the second request was not so easy to change, it takes more time to analyze the citations that are there and what they say about the jargon of definitions and support of Google Pixel devices. So not done for now. That's what I was trying to say when I couldn't think of a better way to say it. If you'd like to change this before your partial block is over, please propose the exact text to be replaced, what it's going to be replaced with, and what to do with the citations in more detail. Wikipedia:Edit requests style. It may take multiple steps. 84.250.14.116 (talk) 12:05, 24 June 2022 (UTC)[reply]

Thanks for the offer, but I'm in no hurry, so let's go the easier route and wait a few days. -- Yae4 (talk) 20:06, 27 June 2022 (UTC)[reply]

The last added paragraph of Special:Diff/1094410995 may not do much beyond possibly establishing subject notability in a weak way. The article from Mascellino, published in Android Police (lacking encyclopedic notability as much as MakeUseOf), is not even a critical "review", it's restating what the primary sources already say (found from the "External links" section), not comparable to the previous paragraphs from more substantial publications (netzpolitik.org et al.). I would remove the whole paragraph and two references from Mascellino. 84.250.14.116 (talk) 23:29, 23 June 2022 (UTC)[reply]

I hope to have resolved this with a rewrite in a new "Features" section. 84.250.14.116 (talk) 00:35, 24 June 2022 (UTC)[reply]

AndroidPolice is an OK but not great source, IMO. Consensus on MakeUseOf was marginal reliability at best, some said unreliable.[34] My opinion on Features sections - ROM promoters like the section and eventually add allllll the features. The section becomes out of date over time as features change. In general most of the features are not notable and this is why I prefer only a (historical) Reception section. -- Yae4 (talk) 10:50, 24 June 2022 (UTC)[reply]

Adding: Most "news" and "reliable" sources are not critical reviews. Regardless of how interviews are spoon-fed to publications, we are supposed to assess reliability of sources and "fairly" balance what "reliable" sources say about the topic. -- Yae4 (talk) 11:35, 24 June 2022 (UTC)[reply]

(

WP:MREL), until more authorative sources (that's not regurgitating the primary source) can replace it. I can happily agree to remove the "Features" section altogether, although I tried to stay brief and mostly copied your edit. But this doesn't belong to the "Reception" section, in my opinion. 84.250.14.116 (talk) 11:56, 24 June 2022 (UTC)[reply

]

I disagree with this removal of "OK" sourced info.[35] after previously moving it from Reception.[36] and leaving in place other statements based on the same publication, Android Police. Maybe take the source to Reliable Sources noticeboard (although not getting much help on the other attempt). I suggest restoring it in Reception.-- Yae4 (talk) 14:23, 29 June 2022 (UTC)[reply]

I've restored it: Special:Diff/1095644893. Thanks. 84.250.14.116 (talk) 14:32, 29 June 2022 (UTC)[reply]

Your edit summary "Restoring "Features" section per User:Yae4's objections to removal" is, in short, a lie. I did not suggest "restoring". I suggested restoring it in Reception. Huge difference. -- Yae4 (talk) 14:37, 29 June 2022 (UTC)[reply]

The edit summary is accurate. It restores what I've removed myself (Undid revision 1095522108 by 84.250.14.116 and Restoring "Features" section), based on your disagreement above (per

WP:AGF; it could be moved to the reception section as a next step, this has been intermediate. 84.250.14.116 (talk) 14:48, 29 June 2022 (UTC)[reply

]

So, what do you propose next? 84.250.14.116 (talk) 14:55, 29 June 2022 (UTC)[reply]

I think what I stated above is obvious. If it is not obvious to you from what I stated above, then we can wait another day or so and I'll show you. I'm basing my views of Reception sections on practices in other ROM articles. -- Yae4 (talk) 18:08, 29 June 2022 (UTC)[reply]

We'll follow

WP:AGF of contributors. 84.250.14.116 (talk) 18:36, 29 June 2022 (UTC)[reply

]

Citation by Huff at Android Police repeats and references a citation by Hazarika at XDA

Special:Diff/1094410995 added the following (see the diff for attribution, parts of reference improvements were by me):

In March 2022, [...] GrapheneOS applications Secure Camera and Secure PDF Viewer were released to the Google Play Store.^[1][2]

The latter citation by Huff says: As first noted by XDA, linking to the citation from Hazarika, hardly adding any new critical analysis of its own. I don't think this recycling of news is needed, I'd remove the Huff citation. — Preceding unsigned comment added by 84.250.14.116 (talk) 12:32, 24 June 2022 (UTC)[reply]

(1) Current version as modified by you "GrapheneOS applications Secure Camera and Secure PDF Viewer were released to the Google Play Store." is misleading and inaccurate summary of the source, because play store is not the only place they were released, as the XDA source you prefer[37] says: "For any app developers that read this, they are open source, so you can..." and includes link to github. This is why my version (you linked to diff above) says "GrapheneOS applications Secure Camera and Secure PDF were released, including at Google Play Store." This is a more correct summary of the source (and the true facts).

(2) By deleting the Huff source[38] you make it appear less attention was given by "independent" sources to the announcements of the apps, which risks criticism under

WP:DUE. Personally, I doubt whether the 2 apps merit any mention in this article. Let's be honest, both XDA and androidPolice are heavily advert-infested sites; they publish whatever announcements they think their readers may look at; they are basically parroting what Micay tweeted or self-published about the apps - See the "Source" links to two tweets at the bottom of the XDA source. Neither source shows any signs of "critical review" or real independent thought, not that it's a criteria for wikipedia. -- Yae4 (talk) 19:46, 27 June 2022 (UTC)[reply

]

For the record, the wording was changed by another user there: Special:Diff/1094647324. Because the latter source is no longer referenced, I'm inclined to keep the current revision as is, or agree with you to remove the paragraph. 84.250.14.116 (talk) 08:48, 28 June 2022 (UTC)[reply]

The XDA links leans on

WP:SYNTHESIS for released on GitHub, however if a compromise must be made then I would use the Android Police reference for avoidance of doubt, keep your original wording (revert Special:Diff/1094647324), and remove the XDA reference. 84.250.14.116 (talk) 08:59, 28 June 2022 (UTC)[reply

]

Independent, secondary, reliable sources are allowed to synthesize information. It is wikipedia editors who are not supposed to. -- Yae4 (talk) 15:13, 28 June 2022 (UTC)[reply]

Exactly, and the XDA reference does not explicitly say they are released on GitHub. XDA says it's "open source" while linking to repositories (which we also do from the infobox in general). Huff says it's open source and the code is available on GitHub. Say "made available" instead of "released", to be so pedantic. 84.250.14.116 (talk) 17:34, 28 June 2022 (UTC)[reply]

The meaning of the source is plain as day to me (plus consistent with the facts as I know them, not that that carries any weight at wikipedia). This twisting of meanings does make AGF difficult. -- Yae4 (talk) 11:41, 29 June 2022 (UTC)[reply]

References

1. ^ Hazarika, Skanda (2022-03-04). "GrapheneOS brings its camera and PDF viewer apps to the Play Store". XDA. Retrieved 2022-06-22.
2. ^ Huff, Steve (2022-03-05). "GrapheneOS is bringing secure PDF and photography apps to the Google Play Store". Android Police. Retrieved 2022-06-22.

Cherry picking "history" section from CopperheadOS#History

I was OK with and support having very brief or limited coverage of history pre-Graphene (2019) in this article, with link to

WP:NPOV presentation in this article. I suggest going back to the previous, more neutral, brief, limited coverage, and let interested readers go to the other article for the ugly, gory details. -- Yae4 (talk) 20:03, 27 June 2022 (UTC)[reply

]

See #History, transition from CopperheadOS with "Android Hardening", to GrapheneOS. The previous revision gave an impression Micay transitioned to work on GrapheneOS in 2019, which could be somewhat misleading or inaccurate (while cited sources state Micay wanted to continue developing CopperheadOS and Android Hardening before rebranding in 2019 as GrapheneOS). The current revision is the minimal information of history necessary. The CopperheadOS history section summarizes well for the CopperheadOS article subject what happened after (the rebranding to GrapheneOS and legal dispute), in the context it is necessary for that article. Rehearsing this argument again on this talk page isn't improving the article. 84.250.14.116 (talk) 10:13, 28 June 2022 (UTC); edited 11:46, 28 June 2022 (UTC)[reply]

To express my concern with the previous version more fluently, I (as the reader) had an impression that the project started in 2019, while it seemed (according to cited sources) in fact be a continuation of former projects under a new branding. 84.250.14.116 (talk) 10:38, 28 June 2022 (UTC)[reply]

As a more or less objective, and definitely un-connected editor of this article, IMO the GrapheneOS project by that name did start in 2019; before that it was something else, even less notable and not really worthy of mention here. I am well aware of the "continuation" narrative and POV Micay/GrapheneOS wishes to push (see also new section to follow), and the seemingly endless efforts to push that here and elsewhere. I am also aware Micay may have been "fired",... and suffice to say this article currently is not neutral, IMO. I agree I also have no desire to discuss or debate the actual history, but as already stated I prefer less detail over misleading, biased detail, as the article now stands. -- Yae4 (talk) 15:13, 28 June 2022 (UTC)[reply]

I have no doubts the initial release of the operating system under the GrapheneOS name was in 2019, and so I've kept the infobox "initial release" date as 2019. I believe the history section is accurate now and representative of what multiple cited sources say, however if you still find me biased, consider citing reliable sources (like how I've done) to represent an alternative viewpoint of this dispute (if it fits the policy). Consider also dispute resolution, such as

WP:3O. 84.250.14.116 (talk) 17:22, 28 June 2022 (UTC)[reply

]

If something was excluded, this article currently doesn't mention "firing" Micay or how the two "defected" there, although it mentions a "schism". Worthwhile to maybe add there. 84.250.14.116 (talk) 13:36, 29 June 2022 (UTC)[reply]

Other sources at CopperheadOS support "...led to Donaldson firing Micay in June of that year.". Aside: Micay's reddit post stating he was fired is also in archive. Again, best to keep it shorter and sweeter here, but not misleading. By packing in selected marginal notability, marginal source details to your liking, you open it up for expansion, and more discussion. -- Yae4 (talk) 13:58, 29 June 2022 (UTC)[reply]

Which marginal source details are you referring to? 84.250.14.116 (talk) 14:20, 29 June 2022 (UTC)[reply]

"Micay continued the development of CopperheadOS as well as the Android Hardening project." and "the Android Hardening project rebranded. This was explained extensively above[39]. Can you explain the strengths of Origo blurb/post(?)[40] and pro-linux.de slightly longer post(?)[41] as sources? Again, they previously (weakly) supported notability arguments earlier, but do you think they are strong articles/sources? You think those particular tidbits are important for readers,

WP:DUE in context of this article on the OS? If so, why/how? -- Yae4 (talk) 15:05, 29 June 2022 (UTC)[reply

]

Both have significant coverage in multiple sources, without controversial statements or doubts expressed here about them being unreliable. If you find there is undue weight, state and cite another viewpoint (if it fits the policy) – I'm really confused how you come up to these conclusions or debates about NPOV, without citing a contrary argument/viewpoint. Is the author's expertise somehow at question? Origo citation is trivial, I favor to remove it if it's not needed to establish notability of the subject. I don't see wrongs about the Pro-Linux [de] citation. 84.250.14.116 (talk) 15:23, 29 June 2022 (UTC)[reply]

You criticized LinuxReviews, and previously supported Origo, in general hand-waving ways. So I am asking you to give specific reasoning why you support or don't support these particular sources. -- Yae4 (talk) 15:34, 29 June 2022 (UTC)[reply]

For general scrutiny, I first and foremost view if it's a

WP:RSN, if that's somehow a problem (again, it was already in the article and not scrutinized by either of us before this conversation). 84.250.14.116 (talk) 16:04, 29 June 2022 (UTC)[reply

]

For github, don't forget to scroll down from WP:UGC to

WP:NEWSORG, or what makes you think one is a blog or the other has editorial oversight, etc. -- Yae4 (talk) 18:05, 29 June 2022 (UTC)[reply

]

GitHub WP:SELFSOURCE, points 1/2/4 are not met or are in doubt for the statements, particularly unable to directly verify their authenticity (without additional references to establish them to be self-published and correctly attributed).

Pro-Linux impressum: Eine Haftung für die Richtigkeit der veröffentlichten Artikel kann trotz sorgfältiger Prüfung durch die Redaktion von Pro-Linux nicht übernommen werden., if that points to anything about general reliability of Pro-Linux. However, I also could not find a separate editorial policy (Redaktionspolitik). As the statements from the Pro-Linux citation could be found elsewhere too, I have no doubts about its reliability for supporting the specific statements in this article. The authors are also not anonymous, nor using anonymous sources.

Likewise, Origo's impressum lists the staff/editors, before I repeat myself.

I don't want to argue about this anymore here, this is a topic for

WP:RSN. Care has been taken to make sure statements from "marginal sources" are supported by other sources as well, with no indications made of them being generally unreliable or consciously publishing false information.

84.250.14.116 (talk) 19:21, 29 June 2022 (UTC)[reply

]

I've added history about the dismissal. 84.250.14.116 (talk) 15:33, 1 August 2022 (UTC)[reply]

I'm also done here, with the adequate sourcing available. 84.250.14.116 (talk) 17:33, 1 August 2022 (UTC)[reply]

thestinger aka Micay, and Wikipedia POV pushing

Partly regarding: "nevermind its also not easy for an uneducated reader to understand thestinger to (likely) be Daniel Micay." 84.250.14.116 (talk) 00:43, 23 June 2022 (UTC)

With all due respect, hogwash. Self-published, primary, marginally reliable info at Graphene repository linked in this article infobox says thestinger is Micay.[42] This is not a secret, it is not hard to see and understand, and it is not in doubt. I don't think this is

WP:FORBESCON, by listing a Forbes Contributor's post as a "notable" source, when they are explicitly not reliable sources (without at least providing arguments supporting the author's expertise). -- Yae4 (talk) 15:13, 28 June 2022 (UTC)[reply

]

I don't hold, nor disagree with those beliefs. But I (too) could register an account on GitHub, contribute to GrapheneOS repositories and later change my profile name to be "Micay" and make (questionable) claims about third-parties. I'll wait for reliable sources (there is no rush) – actually I've been waiting for a bit longer, and I'm still waiting, and in the meantime trying to get a closure or more opinions to a discussion to remove (dubious) user-generated views (which are not at least supported by reliable sources), until such claims are proper verifiable (and not mere beliefs of editors) and not come from an unnamed "GrapheneOS primary developer" in

WP:V's first paragraph in its entirety, maybe also get more feedback from persons involved in WikiProjects, etc.

And as User:Awilley once said (paraphrased from your talk page): Make Wikipedia better by making sure it reflects the highest quality reliable sources (vs my POV). I've assumed good faith too and changed several points of contention you've brought up here, one example being deprecating using Packt Hub as a source (a citation was not originally added by me). Keep the suggestions coming.

84.250.14.116 (talk) 19:06, 28 June 2022 (UTC)[reply

]

The significance is a few IDs and IPs, including yours, began editing here around the time Micay published "a call for help" (my interpretation), and recruitment of meat or sock puppets is not a good thing. No particular inference on IP editing in general was intended, but it does occur a lot on these kinds of remote backwater articles that also have hornet's nest environment, and accusations of puppetry; see Talk:CopperheadOS where Strcat, another Micay ID made some too, if you haven't already. Linux Reviews was something that came up with a search and appears to be a secondary source. I didn't say it is a reliable source; I asked if it was. Please don't twist or mis-interpret my statements to something other than the plain meaning.

You could lie and create an ID with fake info', but it would obviously not appear on the "People" list[45] of the GrapheneOS project[46], which is linked from this article. You're stretching credibility. -- Yae4 (talk) 11:43, 29 June 2022 (UTC)[reply]

You've created an inaccurate story about that GitHub Gist which is completely refuted by actually looking at where it was linked and the content of the Gist. This is the same thing you're doing with your unsourced licensing claims, where you link 2 comments on GitHub from Daniel Micay requesting for 2 projects which blocked him from using their code to stop using his code in response. It has nothing to do with the licensing about GrapheneOS.

Collapsing off-topic, false, editor attacks

You're acting out the very apparent personal feud you have with Daniel Micay here. You should really not be editing an article about an open source project where you have a personal feud with the developer and are unable to refrain from posting your completely unsourced original research where you are very clearly misinterpreting posts on GitHub. You've been repeatedly warned by admins about your behavior on this article and elsewhere, and an admin needs to intervene here. You're treating the article as your property and have blocked people from improving it by adding better sources and content. You've scared off most people from editing it now.

142.126.170.15 (talk) 06:26, 4 July 2022 (UTC)[reply]

To make it easier to find the suggested

WP:ABOUTSELF published information, here are the links. The first two are enough.[47][48] The third example provides more discussion, but is probably too critical of 3rd parties to be used. It also demonstrates why one might call it "badgering" or "abuse" for descriptive purposes - not for the article.[49] Yae4 (talk) 19:01, 6 July 2022 (UTC)[reply

]

The GitHub post you're linking about was clearly posted for https://twitter.com/GrapheneOS/status/1536489966498369543 as a list of the 10 articles they used to demonstrate notability for Twitter verification. Daniel Micay criticizes those sources in the GitHub post and states that most of them are inaccurate and bad sources. Wikipedia is listed because Twitter requires linking to a Wikipedia article to prove notability for verification, and he includes the same disclaimer he does for the articles.

Collapsing off-topic, false, editor attacks

Yae4 has made it clear both here, on their talk page and in the history of their edits to the article that they have a massive personal grudge against Daniel Micay. Yae4 is very openly trying to push their POV by creating their own interpretation of Daniel's comments on GitHub without any reliably source showing that their highly questionable interpretation of those comments has anything to do with Yae4's non-sourced claims that GrapheneOS is not open source and doesn't permit other projects to use the code under the open source licensing. It should be noted that Yae4 and Daniel Micay have repeatedly talked about each other based on their personal feud. Just as Daniel Micay should not be editing this article, Yae4 should be refraining from editing it too when they have made it abundantly clear with many of their posts that they are highly personally invested in their personal conflict with Daniel Micay. The sockpuppet investigation they filed was rejected and they continue to refer to it along with attempting to do doxxing after being asked to stop by an admin. This is really getting out of hand and an admin needs to intervene ASAP. Your claims about the GitHub post are completely false and once again entirely based on your own original research which comes to conclusions not backed up by what you are linking. Just as you're making false claims about the licensing of GrapheneOS and what was requested by Daniel Micay from CalyxOS and Bromite in response to them disallowing GrapheneOS from using their changes, you're doing the same thing with your story telling about the GitHub post not at all aligned with how it was posted about Twitter verification and heavily criticizes most of the linked articles as a disclaimer to avoid anyone thinking they are accurate or good sources.

142.126.170.15 (talk) 06:18, 4 July 2022 (UTC)[reply]

Free_and_open-source_software or Open-source_software (or less open)?

Moot

 – This was resolved to address the original poster's concerns before the discussion happened. 84.250.14.116 (talk) 14:15, 29 June 2022 (UTC)[reply]

Re: This edit[50]. Setting aside earlier discussion of "partly" open source, do we really need to discuss FOSS versus OSS? At best GrapheneOS is permissively licensed OSS. Only the kernel is FOSS, unless I'm mistaken; not familiar with every detail, but do have the big picture. -- Yae4 (talk) 14:05, 29 June 2022 (UTC)[reply]

I had already corrected the reasoning 8 minutes prior to this talk page discussion: Special:Diff/1095640037. 84.250.14.116 (talk) 14:09, 29 June 2022 (UTC)[reply]

This may be "moot" regarding the one mistake edit, but it will probably come up again, so it seems worth documenting a consensus, if there is. -- Yae4 (talk) 15:29, 29 June 2022 (UTC)[reply]

Open-source. It is my original research belief they are also permissively licensed under free software licenses, but this is not referenced at the moment in the infobox (although not difficult to verify from various LICENSE files in repositories). I wouldn't go as far as calling it "free and open-source software" (or "free, libre and open-source software") until the significant sources do. I'm not familiar what proprietary firmware is involved, so I abstain giving an opinion on it. 84.250.14.116 (talk) 15:39, 29 June 2022 (UTC)[reply]

Partly Open Source with abusive behavior from GrapheneOS lead, trying to badger other projects into being more restricted than licenses would allow. So far we only have

WP:PRIMARY sources supporting the "badgering", however, but that is sufficient for statements about themself, with care. -- Yae4 (talk) 17:49, 29 June 2022 (UTC)[reply

]

Not covered in significant third-party sources so no, it's not sufficient, it's plain

WP:FRINGE interpretation of the OSI definitions. 84.250.14.116 (talk) 17:57, 29 June 2022 (UTC)[reply

]

You haven't provided any sources showing any abusive behavior or any evidence of Micay badgering other projects to stop them using the code under the terms of the open source licenses. What you've done is provide a one sided, POV interpretation

Collapsing off-topic, false, editor attacks

based on your personal feud / conflict with Daniel Micay where you cite their comments on GitHub while omitting the context of CalyxOS kicking GrapheneOS out of AOSP Alliance / ending their code sharing and in the case of Bromite, Bromite disallowing GrapheneOS / Vanadium from using their code. None of this is covered in any reliable sources, and your attempt at pushing a highly one sided editorialized story based on your own interpretation is clearly not appropriate. GrapheneOS is very clearly open source licensed and arguments on GitHub about whether projects are welcome to use each other's code have nothing to do with the licensing. You're talking about abusive behavior while you have spent years holding back this article acting out a personal conflict with the developer.

142.126.170.15 (talk) 06:31, 4 July 2022 (UTC)[reply]

I'm very unsure what "abusive behaviour" and "badgering" are referred here. I see you have also claimed that Micay (the person in question associated with this project?) is recruiting "meat/sock puppets" but I don't really see any evidence that proves that other than an investigation you conducted which had an official verdict as unrelated and I don't see how you could have came to the conclusion that the individuals you mentioned were related at all.

None of that right now, but I will have to agree with IP 142.126.170.15 that lack of evidence of "abusive behaviour" (which is a very strong word so I would expect evidence for such a serious claim) is based on your interpretation and is not

WP:UGC

, and is heavily open to interpretation and should not be included here. I don't intend to stretch for anything, but including these situations would give this page a negative tone to the reader for one that is simply trying to understand what GrapheneOS is and not about conflicts that don't appear to have much impact on any of the projects in question and appear to be operating just fine.

I apologize if I did not answer the original question here that appears to have a verdict of moot, but I'm seeing these quite bold claims in this talk page by User:Yae4 and do not appear to be very neutral. EndariV (talk) 23:49, 4 July 2022 (UTC)[reply]

@EndariV: I do not advocate including a description or interpretation of the statements, only a brief summary. For this article, the behavior characterization is irrelevant, to wikipedia, unless a reliable secondary source covers it. I should not have mentioned a characterization. A factual statement or note regarding "open source" positions is relevant. It doesn't really matter how it was said, but the facts that GrapheneOS asks other projects to not use their sources does warrant at least a note where "open source" appears. -- Yae4 (talk) 12:42, 6 July 2022 (UTC)[reply]

A factual statement or note regarding "open source" positions is relevant. 4 citations in the article supporting the statement with various levels of reliability and counting. Giving you the benefit of doubt, discount one for Origo. It's quite clear the editors here disagree with the latter interpretation as original research, so I'll not rehash. 84.250.14.116 (talk) 14:45, 6 July 2022 (UTC)[reply]

And as I said on 23 June 2022, need to give due weight, particularly if 142.'s unsourced claims of Bromite disallowing GrapheneOS to use their sources has any basis, to have a neutral viewpoint of what's going on with that debate. 84.250.14.116 (talk) 14:50, 6 July 2022 (UTC)[reply]

To make it easier to find the suggested

WP:ABOUTSELF published information, here are the links. The first two are enough.[51][52] The third example provides more discussion, but is probably too critical of 3rd parties to be used. It also demonstrates why one might call it "badgering" or "abuse" for descriptive purposes - not for the article.[53] -- Yae4 (talk) 18:58, 6 July 2022 (UTC)[reply

]

The

WP:PRIMARY sources to be cited were in 2021 or 2022 (do verify). Thus, earlier published (poor) sources could not, obviously, say anything about it. So that means nothing. The finer details of licensing are also not usually discussed by secondary sources, so insisting on that seems unreasonable. Most minor or obscure licensing details like this, in articles like this, do not cause disagreements. I fail to understand why anyone wishes to hide or obscure the simple facts of these requests by GrapheneOS for a couple other projects to not use their sources. If anyone can explain this without getting into extraneous detail, it would be appreciated. -- Yae4 (talk) 20:49, 6 July 2022 (UTC)[reply

]

Review

 Doing... I'll start fresh and review the events I'm aware of again. Please wait. I doubt I will be able to help in this case alone, but I'll review it with the best of intentions to assume good faith. 84.250.14.116 (talk) 02:11, 7 July 2022 (UTC)[reply]

"Ted Talk" on articles histories

14 September 2019: The earliest edit by User:Yae4 to CopperheadOS, and seems to be the only edit before getting involved with the GrapheneOS article.[1] 15 December 2019: GrapheneOS AfC cleanup date. The source model is described as "free and open source", "free" and "open source".[2] It's somewhat safe to argue, at least, User:Yae4 had contributed to the definition of "free", while "open source" was originally contributed by User:Paewlostr (limited contributions to different topics by Paewlostr).[a] On 4 August 2020, CopperheadOS is semi-protected by User:Drmies for edit warring / content dispute.[3] User:Yae4 is not involved, to my knowledge. Since 17 August 2020, User:Yae4 becomes more involved in the CopperheadOS article actively.[4] After this, some content dispute in the CopperheadOS article.[b] Around 27 August 2020, an editor with many edits in the CopperheadOS article comes to the GrapheneOS article, adding statements Micay "continued the open source project as GrapheneOS", cited to a new Golem.de source.[5] User:Yae4 becomes active in the GrapheneOS article again and reverts this editor.[6] Content dispute / edit warring follows.[c][d] On 30 August 2020, User:Yae4 opens Wikipedia:Sockpuppet investigations/Strcat against four editors.[7] On 1 September 2020, User:Yae4 adds NPOV and COI templates to the GrapheneOS article, referring to the SPI.[8] On 3 September 2020, the editors suspected of sockpuppetry are concluded to be unrelated.[9] On 28 October 2020, the COI and NPOV banners are removed by 154.3.42.90 for having "found no foul play" (referring to the closed SPI).[10][e] For some time prior to 24 December 2021, the GrapheneOS article was described as "free and open-source" and "open source with proprietary components".[11] On 24 December 2021, 47.198.1.28 (single-purpose account) changed the status to "mostly free and open-source". No references were added, modified or removed, nor was the statement clarified (unsourced).[12] On 26 December 2021, they addded statements about "extended support releases".[13][f] On 26 December 2021, User:Yae4 rewrites the lede and history section to remove mentions of AndroidHardening and "extended support releases", reverting much of what 47.198.1.28 had added, claiming the changes as "promotional".[14] The history section now claims: After the incident, Micay transitioned to work on GrapheneOS.[g] On 16 January 2022, User:TiltedLeft2 (single-purpose account) reverts 47.198.1.28 and restores the status to "free and open-source" with no mention of "proprietary components", requesting a source.[15] On 17 January 2022, User:Yae4 reverts User:TiltedLeft2 (now "mostly free and open-source" and "open source with proprietary components"), explaining with an edit summary "Similar has been added to most Android OS articles".[16][h] On 20 May 2022, 2001:2003:F40A:7100:E8A5:EAC3:E566:3A15 makes trivial changes to Android 13.[17] This is me (84.250.14.116) self-claiming to be sharing a connection.[18] On 25 May 2022, I (84.250.14.116) make changes in Android related articles.[19] Starting on 5-7 June 2022, the Anonymous twin accounts start editing in the GrapheneOS article. On 13 June 2022, thestinger publishes some text file on GitHub Gist.[i] User:Yae4 interprets this as Micay being concerned about Wikipedia coverage (?). On 14 June 2022, 2a02:8440:9111:f44d:d11b:234d:6e75:47c9 (single-purpose account) changes the release year to 2014.[20] User:Yae4 promptly restores to 2019, claiming "vandalism".[21][j] On 18 June 2022, 125.235.133.212 (single-purpose account) makes a claim in edit summary GrapheneOS is no longer open source, referring in edit summary to OSI definition and AOSP Alliance issue. They removed definitions of "free software" and "open source" from the article, replacing it with "source available".[22] On 19 June 2022, User:Yae4 reverted 125.235.133.212 for original research.[23] On 21 June 2022, User:Yae4 claims "partly free and open-source" and adds three GitHub sources.[24] On 22 June 2022, User:Resonantia (anonymous proxy user according to WP:SPI) reverts User:Yae4's claims of "partly free and open-source" for original research, removes Yae4's GitHub sources.[25] Edit warring follows. On 22 June 2022, I (84.250.14.116) start contributing to the GrapheneOS article at a coincidental time, disagree the statement's match to sources, and revert User:Yae4's "partly open-source" claims and GitHub sources.[26][k] Lots of edits and dispute happen around this time. On 22 June 2022, User:Yae4 changes the status from "partly free and open-source" to "partly open-source".[27][l] On 22 June 2022, User:Yae4 requests semi-protection of GrapheneOS article.[28] On 22 June 2022, User:Yae4 suspects sock puppetry.[29] On 23 June 2022, User:Yae4 is partially blocked for violation WP:3RR at the GrapheneOS article, no page protection applied.[30] On 23 June 2022, I (84.250.14.116) reverted some of User:Yae4's 26 December 2021 edits to the history, to match sources. On 24 June 2022, User:Resonantia (anonymous proxy user according to WP:SPI) tags the GitHub sources from User:Yae4 as user-generated and disputed.[31] ...[m] On 28 June 2022, I (84.250.14.116) added the heise online / c't source to reception.[32] On 29 June 2022, User:Yae4 makes an SPI case about four GrapheneOS article editors.[33] On 29 June 2022, I took heise online / c't sources to WP:RSN.[34] On 3 July 2022, thestinger publishes another Gist talking about Twitter verification and Wikipedia article. GrapheneOS and "Daniel Micay" made tweets. On 3 July 2022, User:Yae4 gets harassed off-site?[n] On 3 July 2022, User:EndariV (single-purpose account) joins to edit the GrapheneOS article. They remove Yae4's GitHub sources as "highly editorialized interpretation/analysis based on a primary, not notable source".[35][o][p][q] On 3 July 2022, User:Jann ruhe (single-purpose account) removed the c't source I (84.250.14.116) had added.[36][r] On 3 July 2022, User:Yae4 reintroduces the GitHub sources under a section named "Licensing history".[37][38] On 3 July 2022, User:Jann ruhe (single-purpose account) removed User:Yae4's GitHub sources yet again, edit summary GrapheneOS lead developer making a claim in a GitHub issue and citing it here does not count as "Licensing history."[39][s] On 4 July 2022, I (84.250.14.116) warned User:Yae4 for continuing to add GitHub sources, after seeing new editors disagreed for various reasons.[40][t] On 4 July 2022, Quacking.[u] On 4 July 2022, I (84.250.14.116) had some suspicions about the new single-purpose accounts.[41] On 4 July 2022, User:Yae4 makes claims me (84.250.14.116) to be wikihounding User:Yae4.[42] I (84.250.14.116) didn't understand what this was about, until several hours after finding the sources. AN/I case opened against 142.[43] and 84.250.14.116[44]. On 6 July 2022, the Anonymous twin accounts are confirmed socks and get blocked. User:Resonantia is "ostensibly unrelated", no comment on 84.250.14.116 (no sleeper accounts on a cursory check). The SPI is awaiting for a clerk/administration. On 5 July 2022, I (84.250.14.116) understood 142.x may be a logged-out Wikipedia account.[45] On 6 July 2022, I (84.250.14.116) took MobileSyrup to WP:NPOVN[47] . On various dates, I invited contributors from this article and WikiProjects to participate in some RSN discussions. On 7 July 2022: You are here, thanks for coming to my incomplete and biased TED talk.[v] I may be omitting a lot of information where I have been reverted myself by User:Yae4. This list will not be complete, I do not have the time or patience.[w] Yae4: After doing this (incomplete and somewhat biased) review, I have to say I appreciate most of this and sincerely understand you've assumed good faith, it must've been difficult to deal with this. I'm patient about making personal claims (as some editors here have accused you of bias), even if the civility and patience may not always be shared (and why I may not always have the patience to reply or argue, but there is no AN/I section about you). In my short-sighted opinion, the article integrity may have started falling apart sometime around December 2019–January 2022,[x] and there have been many attempts of promotional or COI editing in the past before that date. Unfortunately since then received some opposition to critical review by other editors, but it is better now than it was in late June 2022.[y] I also don't understand what this "AOSPAlliance" is, how it relates to GitHub, GrapheneOS, CalyxOS, etc. I understand bromite is a web browser (?), but also don't understand how that relates to any of this. The GitHub sources don't tell me enough information to know what has happened in 2021/2022, how these editors got into a conflict, why they got into a conflict, who is right and what sources are involved (if any). I understand Vanadium is also a web browser and in someway related to the dispute, but its license seems be GPL-2.0+WebView exception - perhaps a deliberate license incompatibility with bromite's GPL-3.0(+)? I see the secondary sources report "open-source", and I see open-source licenses (with potential license incompatibilities), but more importantly, I see the secondary sources report "open-source". So I say: Okay, "open-source" it is. What should I say? I can't think of a way to help you much Yae4, if this shows how several editors who have disagreed with you re: GitHub sources and my swing vote may not turn it around, if new and single-purpose account editors should be given less weight.[z] Know that I'm not happy with all of the editors either at least, and it's a bit troubling to see this happen at this article. If there's something I can do, it's probably to give you a little bit of more leeway and tolerance for your edits, continued patience and assuming good faith, and give less weight to opinions of the new editors. That's what should be done.[aa] I want to end this by with a remark I have also noticed some sources talk about "based on Android Open Source Project", without explicitly mentioning "open-source" as a definition. There's also an open side-question the article has left me unanswered: How does one verify there is "proprietary firmware" in GrapheneOS? 84.250.14.116 (talk) 07:53, 7 July 2022 (UTC)[reply] References ^ Special:Diff/915641536 ^ Special:Permalink/930933433 ^ Special:Diff/971085355 ^ Special:Diff/973478273 ^ Special:Diff/975104180 ^ Special:Diff/975169481 ^ Special:Diff/975717062 ^ Special:Diff/976098047 ^ Special:Diff/976585027 ^ Special:Diff/985883602 ^ Special:Permalink/1061628673 ^ Special:Diff/1061820149 ^ Special:Diff/1062056352 ^ Special:Diff/1062118459 ^ Special:Diff/1066027271 ^ Special:Diff/1066195289 ^ Special:Diff/1088335110/1088907533 ^ Special:Diff/1096497668 ^ Examples: Special:Diff/1089720192/1089830025. ^ Special:Diff/1093074533 ^ Special:Diff/1093157841 ^ Special:Diff/1093157841/1093736028 ^ Special:Diff/1093819680 ^ Special:Diff/1094307821 ^ Special:Diff/1094363773 ^ Special:Diff/1094477304 ^ Special:Diff/1094401513 ^ Special:Diff/1094487331 ^ Special:Diff/1094493094 ^ Special:Diff/1094504980 ^ Special:Diff/1094710764 ^ Special:Diff/1095442203 ^ Special:Diff/1095716411/1095716857 ^ Special:Diff/1095666130 ^ Special:Diff/1096319209 ^ Special:Diff/1096321430 ^ Special:Diff/1096361293 ^ Now it said: In November 2021, GrapheneOS leader Micay wrote, "GrapheneOS android-prepare-vendor Android 12 port must not be used by CalyxOS". and In June 2022, Micay wrote, "Bromite is no longer welcome to use any code from Vanadium or GrapheneOS." But how would a reader interpret it still was "GrapheneOS leader Micay" without original research, or making the connection to the infobox? ^ Special:Diff/1096391164 ^ Special:Diff/1096455200 ^ Special:Diff/1096457124 ^ Special:Diff/1096467663 ^ Special:Diff/1096450794 ^ Special:Diff/1096467191 ^ Special:Diff/1096668439 ^ Special:Diff/1096808948 ^ Special:Diff/1096791729 ^ In this revision, there were at least three sources stating "open-source". ^ Consensus on reliability of sources seems to be followed by at least User:Yae4 favorably. ^ It is my opinion neither editor acted the best they could've in this situation. In my opinion, I would side with User:Yae4 to have stood closer to the newly introduced Golem.de source and its statements. ^ This is one of the sources which mentions "open-source". ^ Kind of late. ^ This IP editor says, among other things, our build numbers, source to our licensing model in FAQ, which may indicate undisclosed connections. Did they perhaps attempt to "mostly free" here to mean open source + proprietary components? Nonetheless, it wasn't what was said in sources, and may be biased. ^ In my opinion, neither the previous revision by IP or this revision by User:Yae4 stood very accurately to the sources at this time. ^ No source or self-reference was provided. ^ For Twitter verification? ^ I'm fine with this. There's been many more such year changes before, all have been reverted to 2019, this is one example. ^ Anecdotally, my browser history says I searched about GrapheneOS on 20 June 2022 for the first time, two days prior. The first IP edit on wiki I can track is around November 2016, accounts much before that. ^ Not clear why this was done, but I've come to agree with removing "free" anyway. ^ At least I think to know well what happened between 22 June 2022 and today. Please understand, there's so much I don't want to spend much longer writing about it. ^ I think? Twitter, Matrix and Gist. ^ As I understood, they side with IP editors and may have called User:Yae4 biased. ^ The statement before this was: According to Micay, the GrapheneOS main developer, they request CalyxOS and bromite developers not to use any GrapheneOS sources. Right now the infobox links to a GitHub profile named "Daniel Micay", but in my opinion it's still leaning on original research. ^ Notice the timing to tweets. ^ Notice the timing to thestinger's Gist. They didn't edit or discuss again. ^ Notice the timing to tweets. ^ I argued the behavior was similar to previously sanctioned behavior with 3RR. In hindsight of knowledge, maybe this has not been the best thing? But with more knowledge of surrounding events, I've learned not to tag User:Yae4 with {{Uw-disruptive3}} so easily. ^ This editor may have attempted to persuade me to stop adding a particular source, because it mentioned CalyxOS? Particularly, I later found off-site conversations of an user claiming the GrapheneOS Wikipedia article was being used to promote CalyxOS as a cherry-picked quote. Hah. ^ The AN/I is still open. ^ Sorry in advance if any of the diffs are also wrong, I don't have the time or patience either. ^ I've had doubts if the article has turned more viewpointed towards what the sources don't say around that time, or selective bias. ^ Perhaps the editing in this article has come to a breaking point where all sources get questioned and burned down, unless the sources are very good, to discourage promotional and COI editors? But it also frustrates legitimate editors too. I also see Yae4 somehow being so concerned about some Micay's list, whether sources appear there or not. ^ I still wouldn't agree to interpret the source. ^ Or should I've done? Have I done? I have. Have I?

Heise.de Youtube transcript as a proxy for self-published Youtube source?

Ignoring the way the information was summarized in the article for now, this edit[54] added a source to heise.de, which gives a transcript of a Youtube video. There is a disclaimer at the bottom, saying (translated): c't 3003 is the YouTube channel of c't. The videos on c't 3003 are standalone content and independent of the articles in c't magazine. Editor Jan-Keno Janssen and video producers Johannes Börnsen and Şahin Erengil publish a video every week. This source then appears to be contrary to

WP:RSPYT. The source and statement(s) it goes with should be removed. Note: It does not escape notice that this is one of the sources suggested off-wiki by Micay at Github.[55] -- Yae4 (talk) 15:52, 29 June 2022 (UTC)[reply

]

I had not noticed the disclaimer in the translation process, I admit that mistake. This is best to be taken to

WP:FORBESCON. I'll take it there. 84.250.14.116 (talk) 16:12, 29 June 2022 (UTC)[reply

]

It sounds exactly like

WP:RSPYT

. Because you delay and decline to remove the added material, I'll add: your summary:

In April 2022, Jan-Keno Janssen of heise online for c't stated GrapheneOS' approach of running Google Play services differently without system level access "works quite well", and said the operating system's focus on security is "uncompromising".

shows bias. Another, more neutral quote is:

" In April... stated, "These three OSes would also be my recommendations: Graphene or CalyxOS if you want uncompromising security and have a Pixel smartphone, /e/OS for everyone else."

-- Yae4 (talk) 17:45, 29 June 2022 (UTC)[reply]

We don't cite the YouTube video, we cite a reliable source (publisher) of said video. Different things. So no, I'm not removing it now (my belief this follows Wikipedia's policies). We'll see what the reliable sources noticeboard says. 84.250.14.116 (talk) 18:19, 29 June 2022 (UTC)[reply]

This choice of quote is low quality and borderline off topic, regardless of the reliability of the source. As a on time podcast-type video it's also unable to be edited / corrected and there is no publisher standing behind it. Can we please just agree to omit this?

Collapsing off-topic, false, editor attacks

Yae4 has been repeatedly including their original research and has a personal feud with Daniel Micay resulting in them being unable to edit the article or participate in these talk page discussions without substantial bias, but in this case despite their inaccurate claims about a GitHub Gist and their regular personal attacks and accusations directed towards Daniel Micay which are pervasive in their involvement here, they are not wrong that this really shouldn't be included. My suggestion is that if you're going to be editing this article and others regularly, make an account so that it's easier for people to remember who you are and refer to you, and then ask for an admin to look at Yae4's involvement here over the years and the multiple warnings / bans they have received about their highly POV editing across multiple articles including the CopperheadOS article and this one. They make it very clear in their comments here and with their editing to the article that they are here with motivations not simply based on editing the article. It appears they got into conflict with Daniel Micay about the Wikipedia article and now both of them are fighting about it across platforms. It really needs to step, and Yae4 seems unlikely to realize on their own that they are highly personally involved and making biased edits.

142.126.170.15 (talk) 06:43, 4 July 2022 (UTC)[reply]

I don't think we can agree due to behaviorally evident bias and connections in this topic. 84.250.14.116 (talk) 23:49, 5 July 2022 (UTC)[reply]

I forgot to address: Corrections in e.g. magazine or newspaper may be published as errata in another number of the publication later. The same could be said about videos. I also don't see it very difficult for a publisher to publish a correction in the text article of web videos that my edit was citing (which was later removed by another SPA editor for being "dubious", "editorialized" and "self-published", a diff I disagree with). 84.250.14.116 (talk) 00:09, 6 July 2022 (UTC)[reply]

It's a strange quote to choose for inclusion in the article even aside from the sourcing since it's mostly not about GrapheneOS. There are a bunch of articles which could be used as reliable sources instead. However, your claim about the GitHub post linked at https://twitter.com/GrapheneOS/status/1536489966498369543 by @GrapheneOS on Twitter to show the 10 sources they used to try to prove notability for Twitter verification is clearly not accurate. The content of the GitHub Gist states the following: "Note: these 10 news articles were chosen based on notability of the publisher and for directly covering the GrapheneOS project rather than it just being mentioned or a team member being asked to provide comments. Most don't have particularly accurate or good coverage of the project, but that wasn't the point of this selection.". It is very clearly not what you are repeatedly claiming it is here.

Collapsing off-topic, false, editor attacks
Yae4, you have made it clear that you have a personal feud with Micay and are unable to participate without being heavily biased against GrapheneOS and Daniel Micay. The research that you're doing and your interpretations of it are very clearly highly biased and not based on the content of what you cite.

142.126.170.15 (talk) 06:37, 4 July 2022 (UTC)[reply]

GitHub (or Gitlab) as sources at Wikipedia

The counts don't always carry much weight, but GitHub has been insource nearly 11000 times,[56] and gitlab around 550 times[57] So using GitHub as a

WP:PRIMARY source is not wiki-forbidden. Someone should review Reliable Sources Noticeboard for discussions. -- Yae4 (talk) 17:06, 4 July 2022 (UTC)[reply

]

A significant portion of the (~11000) Github citations were actually either the repositories themselves (github.com/<username>/<reponame> which in turn actually goes to a user-created "README" file in the root of the repository) or Github.io websites (Github Pages[58]) which are also user generated/authored (<username>.github.io) in some manner by someone/something with push access to the repository and would be considered

WP:UGC

. This applies the same to Gitlab as they have the exact same functionality over there regarding issues and commits and version control. I do see a tiny fraction of Github issues used as citations, but I will explain why I disagree with their usages here.

Github issues and discussions are different and can be authored by anyone unless the repository blocks creation of these discussions by outsiders, but Github issues can be deleted or locked only by someone with push access or admin access to the repo or organization[59]. It certainly falls under

WP:UGC and have heavy inherent bias because the repository owners or administrators can control the narrative. A repository owner can block someone from commenting on an issue but refuse to delete it and allow others to post on it, forbidding them to comment in response to others. They can delete issues they don't like or lock discussions on them while the admins can still comment on it. Even if a secondary source decided to report on it (which many have already regarding the Bromite situation), the repository admins have the full ability to control the narrative in some way whether it's deleting the discussion, deleting parts of it, hiding comments, locking it, etc. Until the repository is put in an "archived" state or is deleted, the admins can manage everything there [60]

.

In short, Github and Gitlab are entirely revolved around

WP:UGC and admins of the repositories can control everything there. EndariV (talk) 23:08, 4 July 2022 (UTC)[reply

]

You gave no specific examples, only general claims, so I won't respond to most of what was said. As to criteria for inclusion:

• the material is neither unduly self-serving nor an exceptional claim;

Micay saying his GrapheneOS project wants other projects to not use GrapheneOS sources is almost the opposite of self-serving, in my view, and I see nothing unusual or surprising

WP:ABOUTSELF

sources to be cited.

• it does not involve claims about third parties;

The individual

WP:ABOUTSELF

statements by Micay to be cited do not involve such claims. They simply say Micay wishes for other projects to not use GrapheneOS sources. If you follow entire discussion threads, it may be true eventually Micay makes general claims about third parties, with no specific examples; these are not the statements to be cited.

• it does not involve claims about events not directly related to the source;

No unrelated events are involved, as far as can see.

• there is no reasonable doubt as to its authenticity; and

True. Claims otherwise are, basically, being intentionally dumb.

• the article is not based primarily on such sources.

True with caveats. Some of the other sources cited in this article, if not most, are based on Micay tweets, GrapheneOS website, or other self-published info being re-published with more or less additional info' from the source authors. Sources in this article should be examined more closely to see if they are really "reliable" sources, or are in essence just re-publishers of

WP:PRIMARY

material.

Re: admins can manage (content at Github): Yes, this is why citing archive.org links is preferred. -- Yae4 (talk) 16:36, 5 July 2022 (UTC)[reply]

It's actually preferable to preserve the original URL in cite template. If needed, use |url-status=unfit with an archive-url to hide the original URL. 84.250.14.116 (talk) 19:28, 21 July 2022 (UTC)[reply]

To make it easier to find the suggested

WP:ABOUTSELF published information, here are the links. The first two are enough.[61][62] The third example provides more discussion, but is probably too critical of 3rd parties to be used. It also demonstrates why one might call it "badgering" or "abuse" for descriptive purposes - not for the article.[63] Yae4 (talk) 18:59, 6 July 2022 (UTC)[reply

]

Note regarding "insource" search at top of this Talk section. My understanding is that search shows where github (or gitlab) was used as "references" although spot checks show it also pulls from external links.

Two footnotes have been added with only neutral paraphrase or brief quotes from Micay statements, consistent with the criteria outlined above as I understand them. -- Yae4 (talk) 19:45, 19 July 2022 (UTC)[reply]

Many of the GitHub sources also come from Wikidata or articles for infobox latest software release information. 84.250.14.116 (talk) 19:01, 21 July 2022 (UTC)[reply]

Do not add them, per EndariV. 84.250.14.116 (talk) 18:20, 21 July 2022 (UTC)[reply]

No response to my point-by-point justification of how it meets all criteria for inclusion? -- Yae4 (talk) 18:43, 21 July 2022 (UTC)[reply]

Not warranted of my time, with remaining other issues about interpretation / original research and undue weight. 84.250.14.116 (talk) 22:33, 21 July 2022 (UTC)[reply]

2019-2020 Did You Know as precedent? Mistakes and moving on

• What was said in the DYK is not a good basis for what should be in the article now. Staying consistent with the Did You Know has been discussed some. We should put that concern away. The DYK statement and discussion are at near top of this page. It said "Did you know... that GrapheneOS, a free and open-source operating system... with link to Free_and_open-source_software. Clearly, GrapheneOS is not, and was not in 2019, "a free and open-source operating system". There are parts, like the kernel, that are FOSS, and there may be other parts that are FOSS; however, above limited consensus was "Open-source_software" fit better (ignoring unresolved disagreement on "partly" or requesting non-open-source behavior from other projects). Thus, the first phrase and 33% of the statements in the DYK were false. Therefore, we can move on from the DYK statement and try to be more accurate in future.
• The DYK is not a basis for "reliability" of included citations. Reviewer Constantine mentioned "spotcheck" and limitations of automatic process, and said "AGF on Hungarian/Czech/Turkish sources". The DYK review process did not give a thorough review of all the sources. The DYK is not a basis for "reliability" of citations. -- Yae4 (talk) 16:26, 5 July 2022 (UTC)[reply]

Collapsing off-topic, false, editor attacks

What has changed is that you now have an extreme personal grudge against the developer of this project which is driving you to make incredibly biased and baseless claims, along with vandalizing the article with false claims you are pushing as part of your vendetta. You have an on and off site feud with them and engage in stalking and doxxing and which the admins have repeatedly warned you about. With that context, it should be noted your claims that it is not open source / free software are completely fabricated and you have absolutely zero evidence or sources. Open source and free software licenses have requirements including attribution and potentially copyleft. Not all open source / free software licenses are compatible. Open source / free software has absolutely no connection to an argument between 2 projects on GitHub leading to one switching from MIT to GPLv2 (both open source and free software licenses. Admin intervention is desperately needed. Yae4's bias and vendetta is completely off the rails and out of control. 142.126.170.15 (talk) 19:45, 5 July 2022 (UTC)[reply]

Origo.hu source deletion

I will be removing this source. No one has spoken out in favor of this source, aside from me, long ago, and limited mixed support by 84.x. 84.x previously said "Origo citation is trivial, I favor to remove it if it's not needed to establish notability of the subject." I agree on "trivial". IMO, being "needed to establish notability" is irrelevant although I previously did use similar arguments; it does not support "reliability" of the source, and thus does not really more than trivially support notability of GrapheneOS. After reviewing the source again, it also has the following weaknesses:

• It uses a photo sourced from AndroidPIT; they did not even get their own photo (which has only entertainment value, not particular to GrapheneOS).
• It references a Packt pub article for a portion of the info'. In previous discussions, Packt pub is generally agreed to be a poor source. -- Yae4 (talk) 03:07, 6 July 2022 (UTC)[reply]
• Newlinger said above (adding excerpt), "commenters in deletion discussions generally expect qualifying sources to be longer than the Origo article. Packt Hub is a blog that promotes Packt's main publishing business – the blog is a borderline source, and routine announcements like the page provided tend to be ignored in deletion discussions when it's not coming from a more highly regarded source." This was talking about article "notability", slightly different context, but point is: Packt Hub is an unreliable source; Origo article partly used Packt Hub as a source; therefore, all considerations combined, Origo is an unreliable source, in this Article context. -- Yae4 (talk) 09:38, 6 July 2022 (UTC)[reply]

The citation was supporting statements ("open source" and project history) previously disputed on this talk page before removal. By removing this source, the lede is now only supported by a singular other (albeit trivial) secondary source, which weakens the independent coverage and verifiability (what secondary sources say) on subject. Deleting it outright – without evaluation of reliability in context (straightforward and uncontroversial statements) – as a participant to such dispute could be seen as disruptive or tendentious editing. In other words, my words should be interpreted to at least support using it in the lede (an Android-based, open-source, privacy and security-focused mobile operating system). No particular issue taken to remove it from the history section right now, because there is a good availability of citations to support the statements made there. 84.250.14.116 (talk) 07:27, 6 July 2022 (UTC)[reply]

Note addition above in this section.

• Please commit. In your opinion is that particular origo.hu source "reliable" and "independent" enough to use here, or is it a short, poor, unreliable non-independent source? I am trying hard to understand your meanings and
  WP:AGF
  . I thought I did. Clarity on your bottom lines would be appreciated, to avoid mis-understanding.
• Re: "the citation was supporting statements": Unless I am mistaken, we are supposed to follow where reliable secondary and limited primary sources lead. We are supposed to include information based on those reliable secondary or limited primary sources, not decide what we wish to include, then select sources to support those statements. Statements unlikely to be challenged do not even require sources; See
  WP:WHYCITE
  .
• Re:"Tendentious":
  WP:BRD. -- Yae4 (talk) 09:38, 6 July 2022 (UTC)[reply
  ]
• Re: "The citation was supporting statements ("open source"": A 2019 source cannot say anything about 2021 and 2022 requests by GrapheneOS for CalyxOS and bromite projects to not use GrapheneOS sources. -- Yae4 (talk) 21:13, 6 July 2022 (UTC)[reply]

Reliable for an Android-based, open-source, privacy and security-focused mobile operating system. Do not misinterpret statements from 2021-2022 to have changed source model / development model, which were also not relevant or significant to be covered in secondary sources. The statement from a 2019 source still seems 100% valid. 84.250.14.116 (talk) 22:11, 21 July 2022 (UTC)[reply]

Jonathan Lamont's review at MobileSyrup

Lamont, Jonathan (20 March 2022). "A week with GrapheneOS exposed my over-reliance on Google". MobileSyrup. Blue Ant Media. Retrieved 6 July 2022.

While I believe the MobileSyrup site has some low-quality clickbait posts too, I believe this article (and other news reporting by Lamont at MobileSyrup) could be considered reliable in context for

WP:ATTRIBUTEPOV

statements in the reception section, with convincing critical evaluation of the subject (and also used to possibly demonstrate an alternative viewpoint versus the c't 3003 reception I previously added, which was removed). There's a question if the article (biased as an opinion piece) could be used to support another disputed but straightforward statement ("open-source") as a fact.

Engadget has also published a news article using one of Lamont's articles (to my surprise) at MobileSyrup as a source,^[1] so anecdotally Lamont's work in the technology field could be seen as previously published by an independent, reliable publication.^[a] Actually, searching with DuckDuckGo web search engine, I found several other Engadget^[b] and VentureBeat^[c][d] articles using MobileSyrup as a source, though I trust Engadget's editorial team more for fact-based, non-opinion statements.

Referencing the article it in the reception section would also address some concerns of neutral point of view. Particularly, Lamont says works quite well but also it's often not a seamless experience like using an unmodified Pixel or an iPhone. It also agrees with the (now removed) statement from Janssen (c't 3003) about Google Play working well in the operating system (despite the different approach). 84.250.14.116 (talk) 09:29, 6 July 2022 (UTC)[reply]

I am also aware of some promotional / sponsored articles (not entirely independent, disguised under news) being published at MobileSyrup (including from Lamont), so non-opinion statements passed as a fact at MobileSyrup need to be given more critical evaluation whether they are reliable or appropriate in context. 84.250.14.116 (talk) 10:04, 6 July 2022 (UTC)[reply]

• Poor first impression of MobileSyrup but will consider more carefully, and comment again later. I also previously, briefly looked at this source, because it is on Micay's suggested sources list in Github. My first impression is: "advert infested clickbait" group blog similar to Liliputing.
• Did you not see the linked "I replaced Android on a Pixel 3 with an Android-based privacy OS" in the first sentence? It did not appear on Micay's list either. Any reason not to consider both?
• About MobileSyrup[64]: "All news and reviews are proudly written by Canadians. MobileSyrup.com is Canada's source for the latest and most interesting stories in mobile technology. Tech is for everyone." may indicate biased favorable presentation of Canadian efforts, such as GrapheneOS.
• I do give credit for being somewhat lengthy "review" style. Independence and reliability is an open question.
• Another article by same author, not specifically covering GrapheneOS, did not impress by including Twitter as a source or reference. -- Yae4 (talk) 10:18, 6 July 2022 (UTC)[reply]
• mobilesyrup has been wiki-sourced 200+ times,[65] for what it's worth.
• Mobilesyrup.com is not on perennial sources list, and was not found in a search of RSN discussions.[66]
• Author's words support group blog post quality: Lamont wrote, mid-way, "In my first impressions post, I mentioned running into an issue with my contacts not syncing. -- Yae4 (talk) 15:27, 6 July 2022 (UTC)[reply]

  Thank you for expanding from the earlier article. 84.250.14.116 (talk) 15:41, 6 July 2022 (UTC)[reply]

  Understand clearly: I oppose using this "advert infested click bait" group blog (low, unreliable) quality source. -- Yae4 (talk) 18:50, 6 July 2022 (UTC)[reply]

  Off we go to

  WP:RSN#Jonathan Lamont's review at MobileSyrup. 84.250.14.116 (talk) 19:28, 6 July 2022 (UTC)[reply

  ]

  Wikipedia:Reliable sources/Noticeboard/Archive 379#Jonathan Lamont's review at MobileSyrup, for future reference. 84.250.14.116 (talk) 10:31, 25 July 2022 (UTC)[reply]

  How would you summarize that discussion? Do you think the comments there justify using Mobilesyrup 5+1 times? To me, there was a lack of endorsement of the source. -- ~~~~ Yae4 (talk) 17:00, 27 July 2022 (UTC)[reply]

  My summary is somewhere between Option 2: Unclear or additional considerations apply, and Option 3: Generally unreliable for factual reporting, with only 4 opinions given. We've probably used it too much. -- Yae4 (talk) 18:06, 3 August 2022 (UTC)[reply]

References

1. Yahoo
   . Retrieved 6 July 2022.

1. WP:RSP#Engadget
   .
2. ^ MobileSyrup site:engadget.com
3. WP:RSP#VentureBeat
   .
4. ^ MobileSyrup site:venturebeat.com

Compatibility section & support release cycles

Regarding Special:Diff/1096795401/1096802922 from IP 84.250.14.116

Support release cycles aren't particularly "Compatibility" related either, I think the Golem.de source already said what's necessary?

I do agree that support release cycles aren't exactly related to compatibility; this information would be better addressed elsewhere. However, a portion of the original text — until they no longer receive updates from Google — is no longer accurate and I believe it should be removed. "As of 2019, GrapheneOS supports the most recent smartphone models in the Google Pixel product line" would be more accurate, however, that's a rather short paragraph. I'm not sure what a good resolution would be, but the current phrasing in present tense is simply incorrect.

According to the GrapheneOS website, the Pixel 3 (XL) and Pixel 3a (XL) devices receive additional extended security support releases of GrapheneOS (as of July 2022).

This is slightly misleading and does not fully represent the entire picture. Saying that they receive extended security support releases misleads readers into a false sense of security; as the GrapheneOS website states, "it's not possible to provide full security updates". They might contain some security patches, but there's a reason the authors call them "harm reduction" releases and omit "security" from "extended support". At the very least, "security" should be removed. Additionally, in its current state, the section implies that only four devices will receive extended support while the project has committed to providing ten devices with additional support. I believe this phrase should be revised to say either of the following (my preference is the latter).

According to the GrapheneOS website, the Pixel 3-5 devices will receive additional extended support releases of GrapheneOS (as of July 2022).

According to the GrapheneOS website, they will provide extended support releases for devices that Google has committed to supporting for three years, such as the Pixel 3, 4, and 5 series (as of July 2022).

Amolith (talk) 20:33, 6 July 2022 (UTC)[reply]

I admit I didn't understand the source you provided (and was about to ask for your opinion, before I went ahead and tried to correct it myself). I don't want to combine sources to come up with a conclusion of something they don't explicitly say. The way I wrote it was the most straightforward statement I could understand; later, another editor also supported it with a secondary source (Lamont) in almost exact (but expanded) words from the source. Is it better now? 84.250.14.116 (talk) 21:21, 6 July 2022 (UTC)[reply]

Again your statements are misleading. I oppose using Lamont as a source, but you already cited it regardless, without any consensus. I also note this

WP:PRIMARY source was added after, I thought, agreeing to minimize primary sources. How do you square adding this selected primary source, but not adding the GitHub primary sources? -- Yae4 (talk) 21:38, 6 July 2022 (UTC)[reply

]

Don't bark at the messenger, resolve this with User:Amolith. 84.250.14.116 (talk) 21:41, 6 July 2022 (UTC)[reply]

By the way, I did also make it hopefully clear using Lamont's review as a biased source for factual reporting has additional considerations. I did not cite them for factual reporting, as was done here. 84.250.14.116 (talk) 21:51, 6 July 2022 (UTC)[reply]

I have no opinion on this, really. I've tried to assume good faith for Amolith and help them cite information dated correctly. Prefer independent, secondary sources when available. Good luck. 84.250.14.116 (talk) 21:46, 6 July 2022 (UTC)[reply]

WP:PRIMARY sources should be minimized. Anything controversial or requiring interpretation or explanation should be avoided. Expanding the section based on primary sources is a mistake. I favor the simple, one-sentence statement, in absence of significant coverage. -- Yae4 (talk) 22:18, 6 July 2022 (UTC)[reply

]

PS. Simply open-source licensing is also factually incorrect, based on Micay GitHub posts, but I can't seem to get even a note added. Sad to say, "factually correct" is apparently not the wiki-criterion. -- Yae4 (talk) 22:22, 6 July 2022 (UTC)[reply]

• Re: "As of 2019, GrapheneOS supports the most recent smartphone models in the Google Pixel product line" would be more accurate, however, that's a rather short paragraph." I see no problems with this short paragraph, and have no issues with shortening the sentence as suggested. It is still consistent with the secondary source, and eliminates any need for primary source or other, complicating, secondary source. With 84.x saying they "have no opinion on this", I agree with this suggestion by Amolith, and will make this change. -- Yae4 (talk) 22:43, 6 July 2022 (UTC)[reply]

  I think simply shortening the paragraph is a good resolution. It removes the no-longer-accurate caveat and focuses the Compatibility section on compatibility.

  I do not understand why citing a

  WP:PRIMARY, a primary source may be used on Wikipedia only to make straightforward, descriptive statements of facts that can be verified by any educated person with access to the primary source but without further, specialized knowledge. I was not extrapolating my own conclusion when citing #How long can GrapheneOS support my device for?

  , I was rewording the phrase, "GrapheneOS aims to provide harm reduction releases for devices which only have a minimum of 3 years support", to make more sense in context.

  I'll address the bullets in

  WP:PRIMARY

  individually.

  1. GrapheneOS.org is a reliable source because it's the subject of this very article. A factual statement made by the project on the project's website is directly relevant to the article.
  2. My use included no interpretation; I reworded a factual statement from the project's website.
  3. My use included no interpretation; I reworded a factual statement from the project's website.
  4. My use "[did] not analyze, evaluate, interpret, or synthesize [the] material"
  5. This would have been the only primary citation in the article.
  6. My use included no unsourced material; I reworded a factual statement from the project's website.

  I can understand why use of primary sources should be minimised and agree with that. In this specific situation, however, I believe using a primary source would be perfectly acceptable. Amolith (talk) 01:36, 7 July 2022 (UTC)[reply]

  @

  WP:ABOUTSELF

  criteria here (above):

  Talk:GrapheneOS#GitHub_(or_Gitlab)_as_sources_at_Wikipedia and let me know (up there) what you think about that; to me, the issues are closely related to the kind of citations you are wanting here. -- Yae4 (talk) 04:25, 7 July 2022 (UTC)[reply]

Proprietary firmware, statement in Infobox?

Has anyone found sources to support the proprietary components (firmware) statement in the infobox? It's been there for a long time without a supporting reference (since at least December 2021). If I had to take an educated guess, it may be something to do with baseband radio firmware and Android bootloader (Aboot), but so far the sources cited have only supported the statement of "open source" source model. 84.250.14.116 (talk) 11:54, 21 July 2022 (UTC)[reply]

I understand it to refer to proprietary firmware blobs that must be included for some hardware components to function. It appears inconsistently in ROM articles, but Replicant_(operating_system) correctly says only "open source" as their goal is to entirely remove all proprietary blobs. Other articles the same phrase "Open source with proprietary components" is used include Resurrection_Remix_OS, LineageOS, and OmniROM. "Source model" could also be interpreted to include whether the ROM supports adding proprietary apps or not, as some, like GrapheneOS do, and others like Replicant do not. Template:Infobox_OS says, "Source model of the operating system." Thus, "Open source with proprietary components" is correct for GrapheneOS. -- Yae4 (talk) 17:24, 21 July 2022 (UTC)[reply]

Though I seem to agree what you said about the ROM articles and Replicant in general,

no original research. The statements must be verifiable. I'm also fine with leaving the citation tag there for longer if needed. 84.250.14.116 (talk) 19:32, 21 July 2022 (UTC)[reply

]

Template:Infobox OS/doc actually says development methodology. Leaning on synthesis here, but I've understood from the sources available in the article and GrapheneOS FAQ the project development model of GrapheneOS is described as "open-source", but firmware (security updates) is reliant on OEMs like Google. Google doesn't develop GrapheneOS (they develop Android), so I'm a bit more inclined to call it just "open-source" and stick to sources. 84.250.14.116 (talk) 21:06, 21 July 2022 (UTC)[reply]

I've not found indication GrapheneOS builds their own hardware / firmware (yet). 84.250.14.116 (talk) 21:08, 21 July 2022 (UTC)[reply]

It's not really

WP:OR. It's almost common knowledge, or should be. Wikipedia is unreliable, but see Android_(operating_system)#Licensing, search for "proprietary components", "blob" or "firmware" and look for sources if you wish. This is a basic Android thing, with only one exception AFAIK. Why are you asking, really? This has all appearances of continually trying to make GrapheneOS appear less "proprietary" and more "open source" in this article than they really are or behave. -- Yae4 (talk) 21:18, 21 July 2022 (UTC)[reply

]

I'm not opposed to making a distinction where the development model differs between "open source" and "proprietary". It's a matter of question which entities follow which development model, and if the proprietary firmware development is related to GrapheneOS (this article subject) at all. Right now the infobox could be understood as GrapheneOS developing their own proprietary firmware, but I can't verify. The purpose is to clarify; perhaps {{Clarify}} would've also been appropriate or more appropriate, to improve verifiability. 84.250.14.116 (talk) 21:32, 21 July 2022 (UTC)[reply]

For GrapheneOS specifically: I'm not sure if there are actually relevant proprietary firmware blobs. The Pixel line of phones has fully open source kernel drivers and is a reason for why it's so widely supported among custom Android distributions. Other projects like LineageOS deal with a far wider range of phones, many of which do have proprietary drivers.

The LTE/baseband/SoC code is a closed-source blob. But this is closed-source in the same way that CPU microcode on typical computers is closed: it's a low level component that fully open source operating systems have to interact with, that doesn't affect their being open. (You wouldn't consider Arch partially closed-source, for example).

I think the question is, if binary blobs are

- not distributed with the project

- not a part of the GrapheneOS codebase

- but still necessary for the project to work

Is the project fully open source? I would say yes.

I'll also call back over to the Android article: their "Source Model" tag in the sidebar says "Open source (most devices includes proprietary versions of the OS with proprietary components, such as Google Play)". GrapheneOS's OS is open source (being an open fork of AOSP) and it doesn't contain proprietary components (Google Play must be downloaded manually if desired). 75.172.38.252 (talk) 21:25, 24 July 2022 (UTC)[reply]

Almost ignoring the github (and twitter) posts by Micay asking or demanding other projects to not use their sources, those low level components necessary to make the devices work do make those things less than FOSS, and less than "open" source. Re the aside on Arch_Linux, FSF does not list Arch, although they list Hyperbola and Parabola, based on Arch[68]. Even unreliable wikipedia says "the default Arch Linux kernel contains nonfree proprietary blobs, hence the distribution is not endorsed by the GNU project." As I understand it, these issues are what distinguishes Replicant and makes it fully open, unlike most others. Finally, GrapheneOS adding features to help install proprietary apps, and use play services, makes the project far less than fully "open source" in my opinion. -- Yae4 (talk) 07:47, 25 July 2022 (UTC)[reply]

Arch's nonfree blobs statement is referenced and verifiable in that article. 84.250.14.116 (talk) 09:32, 25 July 2022 (UTC)[reply]

I haven't seen any sources backing up your claims of demands by the GrapheneOS project for other projects to not use their sources. However, asking other projects to not use their sources would be fine and not affect open source status as they can use them anyway. I could see valid reasons for this attitude from the developers if the GrapheneOS source code contains many device-specific or project-specific tweaks, but I'll note again that that does not affect nor put an asterisk on the project being open source.

Re. Arch Linux again, I brought it up because Wikipedia lists it as "Open Source" without any qualifications. The Free Software Foundation considers Hyperbola and Parabola (and not Arch) "free software" which is a distinct and much more loaded term than "open source". If we agree that Arch Linux falls into the same category of openness as GrapheneOS, then we should remove the "proprietary components (firmware)" label (and as I previously mentioned, it is unsourced and misleading: components implies things distributed with the project, like kernel drivers, which are all open source).

> GrapheneOS adding features to help install proprietary apps, and use play services, makes the project far less than fully "open source" in my opinion.

This is definitely wrong. Open-source's requirement lies within the code, not what the code does. Would you consider a web browser to be "less than open source" because it provides access to websites running obfuscated and nonfree JavaScript?

Yae4, please give a read through the section of the below article for the difference between free software and open source software, I believe you're conflating the two.

https://en.wikipedia.org/wiki/Free_and_open-source_software#Overview 71.212.97.112 (talk) 07:48, 27 July 2022 (UTC)[reply]

Yae4, I do not think you understand how open source software works. Under your wrapped definition of what an "open source operating system" is, you would have to add the "proprietary components (firmware)" label to almost every relevant operating systems out there, including Red Hat Enterprise Linux, all variants of Fedora Linux, all variants of Ubuntu and the vast majority of its derivatives, all variants of openSUSE and the vast majority of its derivatives, Arch Linux and the vast majority of its alternatives, and so on. In fact, you would need to add it to every single Linux distribution that's not using the Linux-libre kernel, since the Linux kernel itself contains blobs. Even then, operating systems like ReplicantOS or /e/OS require proprietary firmware to function. Just because they do not ship firmware updates doesn't mean the proprietary firmware isn't there. It gets to the point where the label no longer means anything, because it doesn't make any sense.

Next, let's have a look at your "help install proprietary apps" claim. As IP user 84.250.14.116 said, it does not matter what the code does, what matters is what the code actually is. GrapheneOS's codebase is entirely open source. Just because it gives the user the freedom to install whatever they want (including proprietary packages) does not make it not so. Are you going to make the claim that every Linux distribution which allows users to install proprietary packages from its repository not fully open source? Are you going to claim that Flatpak (especially with its defacto FlatHub repository) and AppImages are not fully open source, just because of they give the user the freedom to install proprietary software? This is total non-sense.

Finally, you mentioned Micay's tweets. It doesn't matter what his wishes are. What matters here is the licenses that he uses, which are Apache, MIT, GPLv2, and various open source licenses. Your code doesn't magically become proprietary if you express your wish that certain people don't use it when it is licensed under GPLv2.

Please, let Wikipedia be the place for objective information, and not your personal blog expressing your opinion. LennartMcKenzie (talk) 07:47, 29 July 2022 (UTC)[reply]

I see your links, and suggest you

WP:NPOV, particularly the "nutshell: Articles must not take sides, but should explain the sides, fairly and without editorial bias. This applies to both what you say and how you say it." Sides and context here include both the letter of the Copyrights and Licenses, and the other-than-open statements of the project leader. It is difficult to summarize "GrapheneOS" in terms of a one category "source model", but all sides of the characterization should be included, somewhere, with due weight. Zero weight (as is now) to the post-2019 controversies over licensing is too low, even if, so far, the only sources are primary. Much other information has been added to the article based only on primary sources. Due weight is due weight in all relevant topics. I am OK with explanatory notes, or a whole section on Controversies, but zero mention is insufficient. -- Yae4 (talk) 16:17, 30 July 2022 (UTC)[reply

]

This is the problem with what you are doing. You are taking a side and attempting to impose your bias to a factual page.

Just because you do not like the lead developer doesn't mean that you can magically change what the License their code actually use and who owns the Copyright to what.

Let's apply the Neutral point of view here: If you think that every operating system that require proprietary firmware to function (practically all major relevant operating systems) should have the label "with proprietary firmware", then you should add it to almost every single operating systems artcile out there. Not doing so but only doing it to GrapheneOS is being biased and taking sides.

The same thing goes with licensing: If the developer express their opinion that certain people do not use their open source code warrants you calling it "less than open source", then you should also give that label to every single piece of software licensed under restrictive licenses like GPLv3. That license is a VERY restrictive license, prohibiting the use of that piece of software in any project (open source or not) that do not use the same license. People who write software under the Apache, MIT, or BSD licenses cannot use GPLv3 code at all. https://www.gnu.org/licenses/rms-why-gplv3.en.html Does that make GPLv3 sftware not open source? Likewise, Bromie being GPLv3 cannot use Vanadium code because it is GPLv2, does that make Vanadium/GrapheneOS any less than open source?

Your logic does not make sense and y ou should really look past your bias and be neutral here. LennartMcKenzie (talk) 00:05, 31 July 2022 (UTC)[reply]

WP:NOPA. As for fixing all the other articles, don't worry, 84.250.14.116 has seen some light and is on the job.[69] -- Yae4 (talk) 02:09, 31 July 2022 (UTC)[reply

]

So are accusing others of your own sins at this point. You are quite literally violating the rules about neutrality while accusing others of it. LennartMcKenzie (talk) 02:15, 31 July 2022 (UTC)[reply]

You are&* LennartMcKenzie (talk) 02:16, 31 July 2022 (UTC)[reply]

That said, the documented/primary-sourced requests by GrapheneOS for other projects to NOT USE THEIR SOURCES, should be at least noted in this article. -- Yae4 (talk) 17:26, 21 July 2022 (UTC)[reply]

Relevance (or irrelevance) aside, the statement had no apparent effect on the source model or firmware. 84.250.14.116 (talk) 21:49, 21 July 2022 (UTC)[reply]

Primary sources added on 21 July 2022

As of Special:Permalink/1099531430 and the subsequent {{Advert}} and {{Primary sources}} tagging: I agree. The features section probably has indiscriminate examples of features since Special:Diff/1099482303/1099531430, and much of them are sourced to a primary source (the official website). I would remove what's not said in secondary sources, it may bear no encyclopedic significance if it's not discussed in those. But I think the new "supported devices" table in the compatibility could be kept as more up-to-date information of existing information mentioned in secondary sources, even if cited to a primary source – sans the user-generated endoflife.date source, I would remove that one reference. 84.250.14.116 (talk) 19:21, 21 July 2022 (UTC)[reply]

For reasoning about primary sources, I'll refer to User:Amolith's messages from 6–7 July 2022 here. 84.250.14.116 (talk) 19:35, 21 July 2022 (UTC)[reply]

I rechecked, the primary source doesn't support it (and the one from FAQ previously discussed is more difficult to verify). There is no good verifiability for the table. I'd remove it, unless there's a better citation soon. 84.250.14.116 (talk) 19:46, 21 July 2022 (UTC)[reply]

See also

WP:NOTCATALOG I would remove all of the fluffy advertising details. It's non-encyclopedic, and we should not copy the website to wikipedia. Anybody interested in the advertising details can go read the website. Lastly "Secure Camera and Secure PDF Viewer" already appear in History, with secondary source, so we don't need to repeat it with added advertising details. -- Yae4 (talk) 21:18, 21 July 2022 (UTC)[reply

]

You seem to have a better idea what you see as "advertising", so be

WP:BOLD. Improve it, or if it can't be improved, delete it. 84.250.14.116 (talk) 21:25, 21 July 2022 (UTC)[reply

]

CellularNews source addition and removal, and conflict with HowToGeek

So two new citations were added by

WP:NPOV situation as Wikipedia isn't for "pros and cons". _{I don't know why User:Jabrodoah reverted my attempt at being friendly to new contributors to the page, but sorry if I cannot do that.. Thank you IP 84.250.14.116} EndariV (talk) 06:15, 5 July 2022 (UTC)[reply

]

I do appreciate User:Stellarnebula and in general more outside users that help out with the page that is in dire need of more outside contributors. Hope that's clear with everyone :) EndariV (talk) 06:22, 5 July 2022 (UTC)[reply]

The cellular news summary and source added in Special:Diff/1096514055 was removed in Special:Diff/1096554423. with edit summary "Remove outdated and conflicting citation" See Talk, which was confusingly added to an unrelated September 2020 monologue. I have moved the newer discussion to this new section for less confusion.

• Re "The CellularNews article[73] does not appear to have a creation date so..."

False. It clearly says: "Published: June 28, 2021" slightly below the title.

• Re Conflicting information between sources

This does make things more difficult, but it is not reason to ignore one source while including others you may consider to be more accurate. We are supposed to:

WP:NPOV

in a nutshell: Articles must not take sides, but should explain the sides, fairly and without editorial bias. This applies to both what you say and how you say it.

• Re "The CellularNews article doesn't seem like a good citation..."

I also had doubts about the Cellular News source, because it is another advert'-infested click-bait site like so many others. I also agree it has some conflicting information I do not agree with. I agree it appears to regurgitate information from Micay's website and Twitter. However, they gave a relatively thorough review, and independent secondary sources (if they really are) are allowed to give their opinions. Unless they have no editorial policy, or have been found to be a non-reliable source at wikipedia, or some valid reasons they are unreliable, we should discuss how to explain it in the article.

For now, without having formed an firm opinion on reliability of the source, I will therefore be restoring the source previously added by Stellarnebula, and including a modified summary. -- Yae4 (talk) 15:43, 23 July 2022 (UTC)[reply]

The creation date (modified date) is June 25, 2021. The publication date is June 28, 2021. 84.250.14.116 (talk) 12:11, 24 July 2022 (UTC)[reply]

Rewrite of the Features section

I have rewritten the Features section to provide a more comprehensive and detailed list of security features rather than focus just on the sandboxed Google Play Services: and as it's a substantial enough change, I figured it would be best to let the talk page know.

I don't forsee there being any problems, however, a variety of sources like listing and going over individual security changes (which makes finding good citations much easier).

There are one or two features (sensors permission and scoped storage access) that I could not find any news outlets mentioning. I have just linked to the official GrapheneOS website for those. 75.172.38.252 (talk) 21:05, 24 July 2022 (UTC)[reply]

"Good" citations is a whole "thing." Thanks for the rewrite. I've changed it some. See above for discussion of why Android Police was previously removed as being unreliable. -- Yae4 (talk) 07:48, 25 July 2022 (UTC)[reply]

Now {{Prose|section}}. 84.250.14.116 (talk) 09:46, 25 July 2022 (UTC)[reply]

Possibly also {{Excessive examples|section}}, but I've not tagged this. 84.250.14.116 (talk) 10:17, 25 July 2022 (UTC)[reply]

84.250.14.116: For a "Features" section: is prose all that desireable? Not all that much necessarily needs to be said about each change: which I think fits a bullet point list well.

I don't think it was Excessive Examples (it certainly isn't now in the current state, after review + cleanup): my impression is that example cruft applies to examples of a concept (for explaining). The Features section isn't trying to say "GrapheneOS has features, this is why", it's trying to give an overview of all the features in GrapheneOS. 71.212.97.112 (talk) 09:24, 27 July 2022 (UTC)[reply]

It's to nudge contextualization and explain the significance of listed features, for Wikipedia:Notability. I would make comparisons to Debian#Features (GA-class article) and revision 1099482303 of this article. I agree the list itself should no longer as excessive as it was before after the cleanup and peer review, but prose is preferable for an encyclopedia (when expanding on what a feature is, and how it's different). 84.250.14.116 (talk) 21:59, 29 July 2022 (UTC)[reply]

See

perfection is not required and even biased sources may be reliable in context). Should those citations be referenced in the "Features" section? 84.250.14.116 (talk) 10:01, 25 July 2022 (UTC)[reply

]

In my opinion, may be marginally reliable in this context with

in-text attribution (according to Jonathan Lamont of MobileSyrup in July 2022), matches what the GrapheneOS official website says about itself. 84.250.14.116 (talk) 10:26, 25 July 2022 (UTC)[reply

]

Peer review

LTE-only mode

I removed the "LTE-only mode" because of finding various web search results for Android + force LTE (or similar), those mentioning the same Settings ➔ Network & Internet ➔ SIMs ➔ Preferred network type as mentioned in GrapheneOS official website. I may be miseducated, because the GrapheneOS website also says: This section doesn't list features like the [...] and so on but rather only our improvements to modern Android. I could also not find the GrapheneOS LTE-only feature covered by third-party sources (except from Android Police). 84.250.14.116 (talk) 12:06, 25 July 2022 (UTC)[reply]

Kernel security fixes.

This may be a feature fluff advert, because it lacks a comparison point. GrapheneOS website (currently cited as a reference) describes it as:

GrapheneOS includes fixes for many vulnerabilities not yet fixed in Android. On modern devices with Generic Kernel Image (GKI) support, we update the kernel to the latest stable GKI release many months before the stock OS gets the update. This means we're shipping hundreds of fixes not included in the stock OS including many security fixes. We also backport more fixes on top of this for the kernel and for other components too.

According to Ron Amadeo of

WP:RSP#Ars Technica), Google has described Generic Kernel Images to work across all Android devices, [...] to enable faster security deployments.^[1] Amadeo also reported LTS kernel updates occasionally arrive via OTA updates, but devices typically don't jump to major new kernel versions. Google intended to ship GKI to consumers starting with Android 12, with Pixel 6 being the first anticipated phone to receive it.^[2]

I don't think GKI needs to be mentioned in the article's features section at any point (in comparison to AOSP, there is little or no distinction).

Next, I found and read Amadeo's news article on how Samsung and third-party devs fixed the Dirty Pipe bug faster than Google.[3]

So where is the patch? It hit the Android codebase on February 23 and then didn't ship in the March security update. That would have been a fast turnaround time, but the April security update is now out, and Dirty Pipe, CVE-2022-0847, still isn't anywhere to be found on Google's security bulletin.

Once the fix hit the codebase in late February, many third-party ROMs like GrapheneOS were able to integrate the patch in early March.

The Pixel 6 being the last phone to get an update would certainly be on-brand for Google, as the company has continually struggled to get updates for its new flagship out on time. The phone's December and January patches arrived weeks late, even though speedy updates are supposed to be a major selling point of the Pixel line.

According to Amadeo again, Google shipped the Dirty Pipe patch in Android's May 2022 security update.^[4] There may be one inaccuracy in the GrapheneOS website in this example, because it seems to me reportedly the slow man (for Google Pixel device) security fixes here was Google (not Android, or AOSP developers).

Based on this available information, I would still remove the "Kernel security fixes." as a feature, but add a new mention to the history section referencing GrapheneOS and Samsung releasing the patches faster than Google (or in other words, Google delaying releasing the patches after the source code patches become available in Android). We've already done something similar with the 9to5Google reference about GrapheneOS releasing Android 12L earlier than Google.

MAC address randomization

I've added a comparison to Android Open Source Project as a footnote. Besides verifiable claimed existence in GrapheneOS, I don't think see this being covered by reliable third-party sources.

Vanadium (web browser)

The German-language quote in footnote from golem.de source was lost in the editorial process. I'm not sure why, though the other German-language quotes were kept. Later, the same reference was re-used in the same statement needlessly (once to support a statement about Vanadium web browser, a second time to support a statement about its basis on Chromium web browser). I may have preferred the former prose text with in-text attribution, because the golem.de source may be biased as an opinion piece.

How-To Geek reference in reception section

This reference is not an opinion piece or a critical review, and should be moved back to the features section with prose (in my opinion).

Apps app

It's currently tagged as "citation needed", after an editor removed the Android Police citation. "Apps app" can be found mentioned in the March 20, 2022 review from Lamont at MobileSyrup, but needs additional consideration if it warrants any mention in an encyclopedia, due to

WP:NOTGUIDE

context and the trivial mention. Several applications not present in the default AOSP distribution have been developed for GrapheneOS may be okay for it (makes a comparison to AOSP).

Auditor service / app

Possibly redundant mentions in article. Oddly enough, one of them with "citation needed", one cited to GrapheneOS website (despite how both can be found from the same reference in the same section), after the Android Police citation was removed.

The attestation service references Micay's attestation.app service, which doesn't seem notable (beyond a few user-generated sources and the previously discussed Packt Hub citation); advert?

GrapheneOS website says (potentially unreliable reference): The hardware attestation feature is part of the Android Open Source Project and is fully supported by GrapheneOS., further going on to advocate the use of a hardware attestation API instead of Google's SafetyNet API.

statement about self

).

With the information available to me, I have not established its relevance in the features section and I could not (due to an editorial limitation of knowledge) make a neutral, understandable comparison to AOSP.

I'll keep this updated as I find more concerns. 84.250.14.116 (talk) 16:57, 25 July 2022 (UTC); updated 18:10, 25 July 2022 (UTC); updated 19:48, 25 July 2022 (UTC)[reply]

Thanks for the review. I split the section back into being somewhat divided between OS-level features and apps because I think the distinction is important: Apps can be installed on other Android distributions and are not exclusive to GrapheneOS (yet still being a "feature" developed by the GrapheneOS project), while OS-level features are specific to the operating system itself.

I also made a few minor changes to clean up the grammar and flow and remove some ambiguity. One specific change is to the MAC address sentence, it was editorialized to add "enabled by default" which unfortunately had the effect of implying standard AOSP has the same feature (it doesn't, GrapheneOS's randomizes per-connection instead of per-network).

Re: LTE only mode, I think it may be a feature removed in later Android versions and frontported to GrapheneOS, but it needs more research. Re. Kernel security fixes, I wasn't particularly happy with that either as I wasn't able to find a great source (although one certainly should exist? kernel security fixes are a main focus of the project). Moving notable ones to the history section seems like a good idea.

Re. Auditor service app / attestation.app, as I understand it that's a core feature / motivation for GrapheneOS. I do know that the "hardware attestation feature" mentioned on the GrapheneOS website just refers to the cryptographically signed boot process. Every (decent) default Android phone has this, and usual practice for custom ROMs is to completely break it to get non-stock code running on the device. GrapheneOS tries to do this "correctly" which is why the installation process is so different from other custom ROMs (at least ones I've installed, so Lineage). The hardware attestation API should be different and that should be what is done through the Auditor app.

When I mentioned "service" in that section, I was referring to the standard way it's used (two devices each with the app audit each other). That attestation.app service seems to just be an extension of that, maybe by acting as the second device. I don't think it's noteworthy enough for the article.

With the Android Police source deemed as unreliable, I'll find some replacements for sections missing citations shortly. 71.212.97.112 (talk) 09:06, 27 July 2022 (UTC)[reply]

Whoops, I'm definitely wrong about the MAC addresses. Thank you for the detailed descriptor, 84.250.14.116. 71.212.97.112 (talk) 09:35, 27 July 2022 (UTC)[reply]

Vanadium's WebView

A hardened WebView implementation provided by the Vanadium browser cannot be entirely verified from the golem.de source alone. "WebView" appears in primary sources (the official website), and WebView is a Wikipedia disambiguation page, so a reader is unlikely to understand what a "WebView" is from Wikipedia. Does WebView warrant any mention?

GrapheneOS includes a number of security and privacy focused changes compared to other Android distributions.

Which distributions (and how do they make the operating system more secure or privacy focused)? At the moment, only a few comparisons are drawn to Android Open Source Project. Theoretically it would also be possible to draw conclusions to other mobile operating systems (such as iOS), but I'm not doing that here (possibly due to systematic bias and my lack of knowledge/research on the topic).

Relevance (in general)

A lot of features mentioned, but not much coverage in third-party sources to establish relevance. See

WP:NOTDIR

. The section lede may need a better descriptor to reduce the scope of examples (i.e. "[some] notable features", according to Wikipedia's policies). We're supposed to cover what reliable sources cover about the subject, not what Wikipedia editors (or the article subject) thinks to be important.

Sensors permission toggle

For a better source, look out for "peripherals toggle" or similar wording in sources to cite. I can't remember which source said this, unfortunately.

84.250.14.116 (talk) 10:09, 27 July 2022 (UTC)[reply]

> Vanadium's WebView

It seems I missed replying to this: "WebView" is just the technical term for the OS-provided browser library, that then can be used by other apps for opening webpages within themselves. I could add a descriptive note to clarify this since it doesn't have its own Wikipedia page if you'd think that would be helpful: but I also found another source verifying it.

I found the source on the sensors permission toggle, by the way: it was buried in a general Android Hackaday article. I've also backed it up with a good Polish source I found. 98.97.36.93 (talk) 06:55, 5 August 2022 (UTC)[reply]

Finding bits of sources to support adding what you want the article to say is not how wikipedia is supposed to go. Your "good Polish source" looks like a republisher of Android Police (and GrapheneOS website), and thus unreliable. -- Yae4 (talk) 16:24, 5 August 2022 (UTC)[reply]

Per-application scoped storage access.

Another fluff feature listing? AOSP documentation suggests this feature may not be exclusive to GrapheneOS: Scoped storage limits app access to external storage. In Android 11 or higher, apps targeting API 30 or higher must use scoped storage. Previously in Android 10, apps could opt out of scoped storage.^[7] I can make a comparison to AOSP, if it can warrant a mention.

The given reference to GrapheneOS website is described as follows:^[8]

GrapheneOS provides Storage Scopes as a fully compatible alternative to the standard Android storage permissions. Instead of granting storage permissions, users can enable Storage Scopes to grant the requested permissions in a highly restricted mode where the app can create files/directories in the user's home directory but can only access the files it has created itself. Users can then optionally add files and directories as storage scopes to permit the app to access files created by other apps.

Which sounds a lot like how AOSP describes it: No read or write access to other apps' external app data directories and Write access to other apps' media files is allowed only with direct user consent (exceptions granted to System Gallery and apps that are eligible for All Files access).

I'll be removing this for now, unless and until coverage in third-party sources mentions it as something relevant to GrapheneOS.

84.250.14.116 (talk) 12:28, 27 July 2022 (UTC); edited 12:34, 27 July 2022 (UTC)[reply]