It's a misconception that GrapheneOS is focused on security over everything else. It's a privacy project and privacy depends on security so it heavily focuses on both. It also provides major privacy improvements on a technical level rather than only avoiding privacy invasive apps and services. Privacy involves a lot more than which apps and services are bundled with the OS, contrary to how most supposedly private phone options are marketed.
> Securitywise it's hard to argue against them, although GOS tends to sacrifice usability in favor of security, which leads to odd decisions.
GrapheneOS doesn't make any major usability sacrifices for security. Privacy or security features with usability compromises are either opt-in or opt-out.
> Worth noting however is that usage of GOS is also seen as a signal in and of itself for the authorities that you may have something unsavory to hide
GrapheneOS is far more widely used than most alternate mobile operating systems and there's a lack of basis to claim that it's widely seen in the way you're describing in a way that other operating systems are not. In fact, they're largely conflating other operating systems with GrapheneOS because it's the most widely talked about and known about. They're calling devices GrapheneOS devices which aren't running it. In many cases it's not even a fork of it.
> have said that the OS is popular with organized crime
This is completely unsubstantiated and not evidence has ever been provided. On the other hand, it's known that law enforcement in Europe has widely sold devices to organized crime which they marketed by claiming they were based on GrapheneOS:
https://darknetdiaries.com/episode/146/
Using portions of our code doesn't make something GrapheneOS and marketing is also a different thing than reality. Most of what's claimed to be GrapheneOS in this context is not GrapheneOS but rather trademark infringement by forks or even non-forks.
> /e/OS (and similar "non-LineageOS" ROMs really) instead focus more on de-Googling.
Nope, /e/ always connects to multiple Google services regardless of configuration and gives highly privileged access to them. GrapheneOS doesn't connect to Google servers by default and avoids giving privileged access to installed Google apps via our sandboxed Google Play compatibility layer.
> They're still generally security focused.
No, that's definitely not the case. /e/ has absolutely atrocious security and fails to provide even basic security patches and protections. This is also part of why it provides poor privacy due to lagging far behind on privacy patches in addition to security patches along with being missing important standard Android privacy and security protections due to being far behind and not having it all set up. /e/ doesn't provide comparable privacy features to GrapheneOS Storage Scopes, Contact Scopes, Sensors toggle and far more not only the security features. /e/ isn't just not a security hardened OS, it's also not a privacy hardened OS. LineageOS has better privacy and security than /e/. AOSP has better privacy and security than LineageOS.
> Because of this, they usually have better depreciation timelines
/e/ doesn't provide proper updates for any devices. Many of the devices they support aren't getting driver and firmware updates from them even when they're available. They lag far behind on kernel, Android, Chromium (including WebView) and other updates too. They support many devices without kernel, driver and firmware updates available but they're usually way behind even when they are. /e/ simply doesn't care about providing basic privacy and security so they continue having people buy and use highly non-private and insecure devices lacking basic patches.
> Finally, it's worth noting that the GOS community is absurdly toxic to anyone doing anything privacy-related that isn't under the banner of GOS. It's extremely maximalist, tends to get very upset at other projects whenever they get attention (see sibling reply to this, where they pretty much melted down because an outlet dared to recommend a Fair phone+/e/OS) and the projects official channels have generally encouraged this sort of behavior. It doesn't really damage the software itself, but it's worth considering.
No, completely backwards. The massive amount of false marketing, misinformation and harassment engaged in by the /e/ project and community is what's toxic. The founder and CEO of /e/ and Murena openly spreads content from Kiwi Farms and neo-nazi sites. He directly engages in harassment towards the GrapheneOS team. Here's him supporting authoritarians smearing GrapheneOS by replying to threads about it linking to harassment content based on fabrications on a neo-nazi conspiracy site:
https://archive.is/SWXPJ https://archive.is/n4yTO
The communities of several projects including /e/ have heavily engaged in spreading misinformation about GrapheneOS including fabricated stories about our team. They've even taken it to the point of repeated swatting attacks aimed at killing our team members. There are relentless raids on the GrapheneOS community platforms including our chat rooms where Child Sex Abuse Material, gore and endless harassment towards our team members including fabricated stories and harassment content from Kiwi Farms and elsewhere is posted.
People should review https://eylenburg.github.io/android_comparison.htm which is a third party maintained comparison between AOSP-based operating systems which addresses many of the misconceptions you have about how GrapheneOS compares to AOSP, /e/ and other operating systems. You're not at all correct about what's provided by /e/ which fails to keep up with basic updates or provide the standard protections.
We can provide large amounts of further examples of the founder and CEO of /e/ and Murena participating in this harassment.
The attacks towards us including your libelous claims about us here are what's absurdly toxic.
> It's extremely maximalist
It isn't but rather is very pragmatic and focused on usability, robustness and compatibility alongside the major focus on privacy. The focus on security is to protect privacy because it depends on it.