DE version is available. Content is displayed in original English for accuracy.
Advertisement
Advertisement
⚡ Community Insights
Discussion Sentiment
57% Positive
Analyzed from 3004 words in the discussion.
Trending Topics
#grapheneos#micay#don#donaldson#keys#more#https#project#friendly#rossmann
Discussion (162 Comments)Read Original on HackerNews
> The domain “Copperhead.co” was registered by Donaldson in 2014 and incorporated in 2015 under both Donaldson’s and Micay’s names. The idea was that shares would be split equally, with Donaldson as CEO and Micay as de facto chief technology officer. Their flagship product
It sounds to me like some "business" characters I know well. They "handle the business" while someone else does 99% of the actual work, then ask to split 50/50. This didn't work out for Donaldson, and now he spends his time harassing Micay? Is that the gist or am I misreading?
As a response, Micay decided to destroy the update signing keys for all the CopperheadOS devices out in the wild. Resulting in financial damages to Donaldson.
Hardly a level-headed response, even if you disagree about the financial share of something.
Intelligence wanted in, and Donaldson seemingly would have been happy to oblige.
So what? Causing someone financial damages isn't illegal. Your boss causes you financial damages when they fire you. Your competitor causes you financial damages when they offer a discount.
If Micay was a 50% owner, sounds like he didn't do anything illegal. Immature maybe, which simply puts him at parity with the other party involved.
Yeah, that’s the issue. I don’t want people who behave immaturely, impulsively, or vindictively, having a key role in something as important as my phone os. I want stability, maturity, and thoughtfulness.
That's not healthy for any project.
[1] https://en.wikipedia.org/wiki/Kiwi_Farms
Rossmann wanted to work with GOS and they didn't want him. So Rossmann made that video to make Daniel look bad for revenge probably. Saying he was leaving GOS was a lie, not that GOS can push malicious updates which was also a huge lie. Even after pointing that out that part wasn't corrected because Louis doesn't care about accuracy, he only cares about making Daniel/GOS look bad. He used his big following to punish Daniel. Now he works with Nick from Calyx after he got pushed out and are doing business together.
The more you learn about the story, the more you see the Copperhead stuff was just the beginning and those involved held grudges and pushed their grudges onto more people who bought their lies and it continued. Privacy-focused OSes that pretend to compete with GrapheneOS suck. GrapheneOS is led by someone with integrity, unlike some other projects.
https://news.ycombinator.com/item?id=47853847
Classic OCPD behaviour
Classic OAD (Obvious Asshole Disorder)
This Micay guy spends so much time and does something hugely beneficial and we're arguing about how he responds to criticism?
I'd rather direct and blunt rather than the weasel words and lies most companies put out.
I'm more concerned that Signal incorporated in US is having easy life.
To add - ironically, it was Durov (Telegram founder) who got arrested in Paris.
(I know one historical connection that looks suspicious, but it could be explained by the fact that prestigious social network graphs in the US tend to be incestuous, and a closely-connected world.)
They Built a Legendary Privacy Tool. Now They're Sworn Enemies https://www.wired.com/story/they-built-privacy-tool-graphene... (https://archive.ph/pbJu9)
1- GrapheneOS has a long history of long rants attacking people and projects. The leads will tell you that they're just correcting falsehoods etc, but a lot of companies/brands are target of falsehoods and don't bother to respond. I don't claim that GrapheneOS is wrong on anything they say, I'm just saying that these rants are a choice, and I see them as a red flag.
2- I once interacted with GrapheneOS on mastodon and I said something like the above. Something along the lines of "you know regardless of whether or not you're factually correct, these public attacks on other people companies are really bad for your image". Within 2 or 3 exchanged tweets they were threatening me with legal action. To me being a litigious project/person is an even bigger red flag than above. I have never in my life met someone who both lightly threatens legal action AND is an upstanding person.
Just my opinion, don't get upset over it.
EDIT: I just want to spell it out AGAIN - I don't claim that anything on their post is factually wrong, I have no idea.
For contrast, Signal is a very secure messenger which also wants to be user friendly so as to get the largest user base they can, which leads to all kinds of compromises - everything that’s come out that looks like a vulnerability in Signal originates in some feature or capability added to make the product more user friendly. Graphene will not make those trades.
Neither approach is de facto right - they spring from fundamentally different philosophies on how to maximize user safety, and both have been extremely successful in their missions, but you’ve gotta recognize what you’re looking at when you look at Graphene.
These things are not mutually exclusive:
You can make a great technical product while being friendly. You can make a great technical product while not being friendly.
You can make a compromised or flawed technical product while being friendly. You can make a compromised or flawed technical product while being unfriendly.
This comes up pretty often in other HN threads, unrelated to Graphene. There's this weird personality type who insists that they aren't legally obligated to be friendly or nice or pleasant, therefore it's fine for them to be unfriendly or jerks or unpleasant.
Going it alone is that nineties libertarian romanticism, a persistent self-destructive tendency that in present market conditions is unsustainable
Still a user though.
It's worth actually reading the linked post. Relevant segment:
In 2018, matters between Micay and Donaldson came to a head over Donaldson’s desire to pursue business deals with criminal organizations, and his attempts to compromise the security of CopperheadOS, including by proposing license enforcement and remote updating systems that would allow third-parties to have access to users’ phones. As part of this process, Donaldson began to demand that Micay provide Donaldson with the “signing keys” - i.e. the credentials required to verify the authenticity of releases of CopperheadOS. Donaldson advised that, in order to secure certain new business, potential customers required access to the Keys.
The keys had been in continuous use by Micay, in his personal capacity, since before the incorporation of Copperhead. However, more importantly, any party with the keys could mark malicious software as “authentic”, and thereby infiltrate devices using CopperheadOS.
Micay was unwilling to participate in that kind of security breach. Since Donaldson had control over certain infrastructure for the open source project, he would be able to incorporate (or hire others to incorporate) the privacy-damaging features described above for all future releases of CopperheadOS. Micay therefore deleted the keys permanently and severed ties with Copperhead and Donaldson.
There's many examples of people being unfriendly and still coming across as someone of character, Linus Torvalds comes to mind.
[1] https://news.ycombinator.com/item?id=36089104
[2] https://www.youtube.com/watch?v=4To-F6W1NT0
Sometimes they aren't even factually correct and get a bit upset about it when called out.
Anyways, I have gotten the same impression and these seem like red flags to me as well.
Which is why I'd take everything in that response with a mountain of salt (and I'd pay attention to what they're not saying).
(But, if you ignore the rants, that's a fantastic OS.)
You are very much saying that OP is an attack post.
Or at least implying the point that it is tonally dissonant to claim otherwise.
If you didn't believe it was wrong you would comment on the post but you are explicitly avoiding doing that.
I ask because I'd be pretty disappointed in GrapheneOS over that kind of thing and it'd probably at least partially change my opinion of them, but it's better to validate these types of serious accusations and get the full context.
Daniel Micay has a history of absolutely unhinged behavior online to the point that 2.5 years ago community backlash to his public behavior basically forced him to step down from leading the project.
Great project. It's hard for me to say if things have gotten better or worse since the change, but at the very least things had been quiet and drama-free for a few years. Finally.
Until today that is.
not enough people talk about how software projects also offer up a similar kind of atmosphere: you're suddenly hyperconnected with a whole bunch of humans you don't know and are receiving feedback from people outside of your immediate community. "hackers" for all the interesting ways they've contributed to computer science over the decades also have branches spawned from the original chronically-online, highly-opinionated and sort of antisocial and poorly adjusted sects of civilization. being the face of a project is like pouring rocket fuel on whatever predispositions you might have, and on more than one occasion we've seen people go from occasionally unhinged person to seriously unhinged.
this comes with a lot of bad outcomes for quite a few people, primarily it always has some serious amplification qualities to egos and narcissism. and for genuinely good and kind people who are just trying to share their value/contributions and are suddenly jettisoned into spotlights, we often see them suddenly step back and discontinue work on a project entirely.
we often see these departures and think solely "must be burn out" and don't put much more thought into what that means. but we don't do enough to frame how software projects just elevate people into a position that most people don't do a good job in mentally and socially, and how it deteriorates the pieces of them that make them feel like they're valuable members of a community/tribe. some have luck making their project communities their tribe, but that's obviously a risky step to take. for many who have a successful project, sometimes it starts as the most validation they've ever received and then they don't know how to reconcile with the exponentially-widened audience when negative reception starts pouring in.
daniel micay is just one of like.. many in these sorts of projects i've seen who are simply unfit for the role. for many reasons, i don't think he's a pleasant person at all. i don't have any answers here. i also see this in homebrew scenes for gaming, it's like my least-favorite human petri dish of software development enjoyers. lot of oddball developers in that space and quite a lot of incredibly dramatic fallouts and theatrics that seem to come with the anonymous nature of not tacking your real name / identity to a project, and a consuming audience that has zero idea what goes into development so the negative feedback/demands that come in are in their own way unhinged.
We have all of the parasocial behavior from bystanders as well. Cult mentalities and hero-worship. It's quite a strange phenomenon.
I was personally involved in a story they did in 2015 that was paid for by a three letter gov agency to bad mouth a companies tech into changing. I know only a few of their tricks, and they’re dirty as hell.
It's why we need sociopaths - to give us our jerbs, so we would know what to doo!