I don't agree with your conclusion, but just wanted to say the segment on "roast nothing" was hilarious and absolutely true. Quite right that many cuisines depend on meat to be worth eating. I'm just happy that the food I eat no longer consumes animal lives; the mechanism to do that is a triviality compared.
This is my experience as well. If you want it to write good tests, you have to take a much more involved approach of first making it establish what needs testing in each module, writing each test one at a time, and making it prove that it can break the test by modifying the source code to introduce a bug, modify the test to be appropriate, rinse and repeat. I haven't done this much because it's very expensive in terms of time and premium tokens...right now, I just write most tests myself so at least I have faith in the verification suite.
I understand your concern, though your suspicion is a little shortsighted. It can be personally dangerous to volunteer for projects that directly circumvent the control of the establishment.
These lyrics are from the song "Don't Look Now" by Creedence Clearwater Revival. The lines are a poetic way of saying that the work of taking coal from the mine, harvesting salt, and nurturing a tree is the task of other people, often those in the "working class", not the "you" and "me" of the song, who are implied to be in a privileged position
Many Android devices are unlockable, you can run your own software, and yet we still have a problem. This problem exists irrespective of what you can technically do with the hardware due to the vote by corporations to favour device "security" over user freedom. A phone is useless to most people without the apps they depend on.
I literally can't unlock my device (Xiaomi) because there's no way to, despite that it's apparently the law in Germany that GPLv2 software cannot be Tivoized because "corresponding source" was interpreted to include everything you need to install modified software on the device. (AVM vs I don't remember, regarding fritz!box home routers)
AI coding is in many ways antithetical to great software engineering.
It is the current spear-edge of the investor pressure to ship products faster, and monetize users more aggressively, all at the cost of quality, reliability, ethics, security.
If you, as a software engineer, once held an ideal about programming as an art or craft, AI coding flies in the face of all that.
It turns out that maximising for short-term profit leaves many other objectives behind in its wake.
Yes, with major tradeoffs. Asahi Linux is an amazing project, but they have not yet figured out how to get anywhere close to a Mac's power efficiency when it is running MacOS. For example, you will lose a lot of battery life[0][1] with the lid closed, whereas on MacOS you lose pretty much nothing.
Note, GrapheneOS seems to have been able to secure partner access to Android early security releases, but this comes with the cost that the source used to make these special "01" builds is private until general availability. This might not be a tradeoff that LineageOS is willing to take; GrapheneOS has provided the option on a recommended opt-in basis.
The bad thing in general is the dependence on Google policy for all AOSP distros. Joining those programs might long term worsen the situation.
IMHO, it could be worth the fight if GrapheneOS could win their (rather legal/lobbying) battle to obtain play integrity certification by following security closely (which is a joke IMHO because EOL phones with not updates for years also get integrity). Google releasing easily diffable security only bytecode sets, seems like a security nightmare for everyone else.
All of those distros suffer from the reliance of Google to release anything, so they in one way or the other they play the game. Particularly Lineage heavily does 'self-censoring' to comply without much benefit IMHO. We really would need e.g. does not even include the keys for providing alternative web views or the ability to switch the location provider. While google has those capabilities, they only support services sending data to their own servers.
I used lineage as my daily driver since the CyanogenMod days and the HTC desire, but switched to a Google Pixel a few month back, because I felt I had lost the play integrity fight and although my great Redmi Note 10 Pro was running other like a charm thanks to lineage and the device maintainers (Daniel and Aryan), I personally could not invest time and cognitive capacity anymore.
More and more device manufacturers are locking down their bootloaders again. I hope someone can break the momentum and finds a way to break the OS duopoly.
We have the sources for the patches which is how they get applied the source tree. We have both the regular releases and security preview releases so it's easy to see what was changed since it's a small amount of code: currently 59 security patches for Android 16, similar to the size of typical Android security patches, although 1 was already public elsewhere so we applied to the regular release.
> does not even include the keys for providing alternative web views or the ability to switch the location provider.
Trusting third parties with this is a privacy and security risk. GrapheneOS uses our Vanadium fork of Chromium for the WebView and LineageOS has their own builds of Chromium for it. We provide our own network location implementation using a semi-offline approach based on Apple's location service. We plan to add fully offline support for both Wi-Fi and cell tower network location via downloading regional databases. SUPL is essentially obsolete for GrapheneOS since all supported devices have PSDS and the network location service is already used to help accelerate GNSS when enabled, so we could just remove that instead of making our own SUPL service based on the same data.
We're making progress in fighting the Play Integrity API but governments and regulators move slowly. Courts also move slowly but we haven't brought it to a court yet and would prefer not having to do that. We would greatly prefer if Google worked it out with us and other AOSP-based operating systems but it doesn't appear there's much chance of that ever happening. It's strange since we were never hostile towards them, earned them a lot of money via hardware sales and made substantial upstream contributions.
A major Android OEM is working with us because unlike Google, they're able to see the significant benefits of working with us and selling a lot of devices based on it once they have official GrapheneOS support. Google could have worked with us and others instead of the path they're taking. They could have sold a lot more Pixels by opening up the devices more and improving them. Instead, they'll sell a lot fewer Pixels than they could have as one of the main reasons people buy them goes away. A lot of people who bought them and used the stock OS still bought them because they knew they could get first class support for another OS. They're shooting themselves in the foot. Our userbase will be buying devices from another OEM instead once they meet our requirements.
>> All of those distros suffer from the reliance of Google to release anything, so they in one way or the other they play the game. Particularly Lineage heavily does 'self-censoring' to comply without much benefit IMHO. We really would need e.g. does not even include the keys for providing alternative web views or the ability to switch the location provider. While google has those capabilities, they only support services sending data to their own servers.
> Trusting third parties with this is a privacy and security risk.
> Trusting third parties with this is a privacy and security risk.
I sure trust more LineageOS webview and the guy running BeaconDB than google or apple fwiw.
I understand Graphene goal isn't freedom but "security", just a hardwareless OEM eventually complying with whatever Google will want.
The preview patches are source code patches we're applying to the source tree used for the regular GrapheneOS releases. We have the sources for the patches, but we need to wait to the embargo end date to publish the security preview patches as source code. We keep the patches in a dedicated Git repository with a script for applying them to the source tree from the regular release. Each security preview release is tagged there, so we can release the sources which were used as soon as the embargo date is reached.
No, GrapheneOS is partnered with a major Android OEM and has security partner access through them. Our security preview releases are in full compliance with the terms set by Google. It's permitted to ship the patches early with delayed source releases for the patches on the dates the embargoes end. The current patches are from the November 2025, December 2025 and January 2026 bulletins. We've shipped the full set of currently available patches for those 3 months.
I don't know the exact terminology, but they described what they currently have as security partner access or at least advanced access to security patches. To my knowledge they are still working on full partner access that would grant them timely access to the AOSP source code.
I imagine so. I understand that Opera GX, for example, provides a specialized version to Russian IPs that locks down the search engines that can be used.
reply