Conversation

This Tweet was deleted by the Tweet author. Learn more

It's funded by companies and organizations supporting it as a permissively licensed open source project. It doesn't have any business model and won't have one. The work will only be done under the condition that it has been funded and past work needs funding to bring it back.

Replying to

and

GrapheneOS already uses MIT licensing for the new components and the existing licenses (mostly Apache 2) for modifications to existing components. Kernel changes will be GPL2 but could be permissively licensed if any is standalone and ends up being worth using outside the kernel.

Replying to

and

The work on the Auditor app has not yet been funded, so it doesn't have licensing for the sources available yet. It will be MIT licensed once the funding for it finally comes through, which is the last piece of the puzzle for the repositories in the GrapheneOS organization.

Replying to

and

There's a huge amount of work in development that will need to be funded in order to be released as part of the project, along with lots of past work that needs to be funded in order to release it under permissive licensing. The model is that all development must be compensated.

Replying to

and

Once someone has paid for it, it doesn't really matter anymore. The maintenance and porting of the code has to be funded too. There's a lot of interest in advancing the project so as long as it's clear that it must be funded companies / organizations are willing to do that.

Replying to

and

It's up to the companies and organizations using it and funding the work to come up with their own business models or approaches to getting grants / donations. Figuring out how to get funding isn't my problem but rather the problem of people who want to make use of the project.

12:54 AM · Apr 6, 2019Twitter Web Client

Replying to

and

And to be clear, my current work on the project is being funded. To make the project sustainable, the supporters of the project will also need to fund the work of more full-time developers. It can substantially expand in scope and depth with enough resources being provided.

Replying to

and

Some of these companies / organizations are quite interesting in having custom hardware made where there's a lot more control over it and privacy/security can be furthered at the hardware level. That's a long way off and it's very difficult just to *match* Pixel security though.