Conversation

github.com/GrapheneOS/har was initially released in August 2018. I developed it to replace the port of OpenBSD malloc to Linux and Android that I made in 2014. Copperhead was founded in late 2015 and split from my open source Android hardening project in June 2018.

GitHub - GrapheneOS/hardened_malloc: Hardened allocator designed for modern systems. It has...

Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...

1

19

61

This Tweet was deleted by the Tweet author. Learn more

Replying to

and

I'm aware that they're selling devices ripping off our work. They regularly spread misinformation about GrapheneOS and myself. It's part of what I'm talking about above. It's unfortunate that anyone falls for it. It's how they're able to fund these attacks on GrapheneOS.

1

3

Replying to

People are paying a huge amount of money to a company (and resellers) that's ripping off the work of the open source project they screwed over while fraudulently claiming ownership and credit for the work. It's sad people can't see through their flimsy excuses and misinformation.

2

1

Replying to

Selling people a "hardened" device that doesn't even keep up with security updates and just has branding and marketing behind it is a scam. Their licensing is done by tracking users with their fork of our update client, exposing them to being targeted with a malicious update.

2

1

Replying to

and

This is false

1

2

Replying to

and

It's not false. You sell users devices that are putting them at risk. CopperheadOS is unable to keep up with security updates and is the opposite of a hardened OS. Tracking users and exposing them to targeted malicious updates is not something a secure OS would do.

1

1

Replying to

and

I’m running Android 11 right now

2

1

Replying to

We are not tracking users. Please provide proof.

1

1

Replying to

and

It's plainly visible in the updater code. That's the proof. You're exposing users to the risk of being targeted with malicious updates. You're selling them a fake 'hardened' product based on poorly copying the work of others without actually understanding most of it. It's sad.

10:31 PM · Nov 6, 2020Twitter Web App

Replying to

Stop hiding behind your product using a closed source OS to cover up the privacy and security flaws, along with the blatant misappropriation of the work of other developers while claiming credit for it and not respecting the open source licenses. It's disgusting.

1

1

1

Replying to

and

Wat

Replying to

and

I thought you said the code was closed source? Which is it?

1

1

Replying to

and

CopperheadOS is closed source. Are you seriously trying to argue otherwise? The sources are not publicly available and Copperhead denied access to the code to a Whonix developer who asked to audit it.

2

2

Show replies