Post AuSeTJM3twS3IBSgro by GrapheneOS@grapheneos.social
(DIR) More posts by GrapheneOS@grapheneos.social
(DIR) Post #AuSeT8xwWlDV4U6Hsu by GrapheneOS@grapheneos.social
2025-05-25T16:58:16Z
0 likes, 0 repeats
In order to provide better support for blind users, we maintain a fork of the open source TalkBack app fixing serious issues with it, modernizing it and making the builds reproducible. One of the goals of making our own Setup Wizard has also been integrating TalkBack support.
(DIR) Post #AuSeTA3IUL5sRNc4rw by GrapheneOS@grapheneos.social
2025-05-25T16:59:15Z
0 likes, 0 repeats
Google unfortunately doesn't publish the source code for each stable release of TalkBack as they do for Android itself. The open source release of the app lags significantly behind. It also has a bunch of missing and broken features. We plan to gradually improve this situation.
(DIR) Post #AuSeTBAQLKO9tlxHcG by GrapheneOS@grapheneos.social
2025-05-25T17:02:41Z
0 likes, 0 repeats
In order to use GrapheneOS, blind users need to successfully install the OS and set up the device to be usable with a screen reader. This is an area we've been thinking about and working on improving for a while. Our new Setup Wizard provides a better base for integrating this.
(DIR) Post #AuSeTByPLUN4OnLCWe by GrapheneOS@grapheneos.social
2025-05-25T17:05:40Z
0 likes, 0 repeats
The first barrier to someone using GrapheneOS without sight is installing the OS. We've done what we can to make our web installer as accessible as possible (https://grapheneos.org/install/web). However, users need to interact with the device's firmware interface which the user can see.
(DIR) Post #AuSeTCtTvI1bFo2mUC by GrapheneOS@grapheneos.social
2025-05-25T17:09:30Z
0 likes, 0 repeats
Due to the inaccessible firmware user interface, it's difficult to perform the installation correctly and safety, particularly confirming unlocking and then confirming locking. Confirming the verified boot key matches after installing/locking would require OCR on another device.
(DIR) Post #AuSeTDve4jLkSo41Uu by GrapheneOS@grapheneos.social
2025-05-25T17:11:26Z
0 likes, 0 repeats
The next issue is the Android Open Source Project no longer includes a text-to-speech app. Pico TTS used to be included in AOSP but was not what Google Mobile Services devices use. It was quite primitive, awful to use and AOSP removed it after security issues were found.
(DIR) Post #AuSeTEsUXwQBPJb1Dk by GrapheneOS@grapheneos.social
2025-05-25T17:12:19Z
0 likes, 0 repeats
We've wanted to include a text-to-speech app and bundle a language pack to have it working out-of-the-box for a long time. We could then add a shortcut for enabling TalkBack in our new Setup Wizard to make things accessible from the start of the post-install setup process.
(DIR) Post #AuSeTFv0g41udPmXmi by GrapheneOS@grapheneos.social
2025-05-25T17:14:56Z
0 likes, 0 repeats
To provide what we need, the TTS app needs to be built into the OS, enabled and set up to work by default without configuration. It doesn't do any good if you need to connect to a network and download a language pack. It also needs to work Before First Unlock via Direct Boot.
(DIR) Post #AuSeTGnbP5hNMjK8sS by GrapheneOS@grapheneos.social
2025-05-25T17:16:54Z
0 likes, 0 repeats
Since it will be enabled by default, security is quite relevant. It shouldn't be a bunch of C++ code without a modern coding style, use of sanitizers, decent tests, etc. It needs to be actively developed and properly maintained. This is why Pico TTS had to be removed from AOSP.
(DIR) Post #AuSeTHhy1WmkBXh9jU by GrapheneOS@grapheneos.social
2025-05-25T17:18:13Z
0 likes, 0 repeats
GrapheneOS is intended to be a drop-in replacement for the Android Open Source Project usable by companies to make all kinds of products. Due to this, we avoid non-commercial usage licenses. Lots of the language packs for TTS implementations have non-commercial usage licenses.
(DIR) Post #AuSeTIaClsActl4TGy by GrapheneOS@grapheneos.social
2025-05-25T17:35:59Z
0 likes, 0 repeats
We also avoid including GPLv3 code in the base OS since it would add restrictions on how it can be used. We do add new GPLv2 licensed code. This doesn't mean we have issues with using GPLv3 code or making forks of GPLv3 projects, we just don't bundle it within GrapheneOS itself.
(DIR) Post #AuSeTJM3twS3IBSgro by GrapheneOS@grapheneos.social
2025-05-25T17:39:47Z
0 likes, 0 repeats
Neither eSpeak NG or RHVoice meets our security expectations (piles of problematic C and C++ code) and both have licensing issues. Both were previously also missing Direct Boot support to function Before First Unlock, but we requested it from both and eSpeak NG implemented it.
(DIR) Post #AuSeTK7v20jTgbquSe by GrapheneOS@grapheneos.social
2025-05-25T17:42:33Z
0 likes, 0 repeats
There were previously no good options available. Things have changed and there are multiple open source text-to-speech implementations which could be turned into a suitable Android app and integrated into the OS. This involves significant work and we haven't gotten to this yet.
(DIR) Post #AuSeTKo6VATbnRabDM by GrapheneOS@grapheneos.social
2025-05-25T17:44:26Z
0 likes, 0 repeats
We have hundreds of planned features. We've been working on some features for months or even years. We try to focus on features which would provide the most overall benefit to our users with a focus on improving privacy, security, compatibility and usability. It's subjective.
(DIR) Post #AuSeTLnQp9X6reHZo0 by GrapheneOS@grapheneos.social
2025-05-25T17:47:19Z
0 likes, 0 repeats
For example, built-in support for network location was a feature we wanted to integrate for years. Last year, we made it a top priority, and assigned a developer to solely work on it, so it got done. This is still being worked on to add cellular fallback and full offline support.
(DIR) Post #AuSeTMUgEM7z1mW7DU by GrapheneOS@grapheneos.social
2025-05-25T17:51:52Z
0 likes, 0 repeats
Blind users can use GrapheneOS and there are blind users happily using it. Avoiding regressions which would require them to need help to fix it is a priority for us. Since the initial install will likely require someone's help regardless, that part isn't as much of a priority.
(DIR) Post #AuSeTN9Rmmjn4DaflA by GrapheneOS@grapheneos.social
2025-05-25T18:04:42Z
0 likes, 0 repeats
Today, a highly inaccurate post was published attacking the GrapheneOS project and accusing of cruelty because our ongoing work on this is unfinished:https://fireborn.mataroa.blog/blog/grapheneos-where-licenses-matter-more-than-people/The post is incredibly misleading and has many outright false claims. It has numerous fake quotations.
(DIR) Post #AuSeTNmRRnvh19poXY by GrapheneOS@grapheneos.social
2025-05-25T18:08:08Z
0 likes, 0 repeats
In addition to the false claims already addressed earlier in this thread, the post heavily misrepresents our optional sandboxed Google Play compatibility layer. Our compatibility layer is fully open source and if people install Google Play, that runs as regular sandboxed apps.
(DIR) Post #AuSeTOjdthHhylX5oe by GrapheneOS@grapheneos.social
2025-05-25T18:08:56Z
0 likes, 0 repeats
Sandboxed Google Play is not included in GrapheneOS. It's an optional feature and people can choose if they want to install those as regular sandboxed apps. They cannot use any special system or privileged APIs. It's the standard app sandbox used for any user installed apps.
(DIR) Post #AuSeTPQXKDb07nbLfs by GrapheneOS@grapheneos.social
2025-05-25T18:11:16Z
0 likes, 0 repeats
Throughout the article, there are outright false claims about what we have said and done. It even shows multiple quotes which look like it's quoting something we have said but instead are outright fabrications. The author accuses us of cruelty and all kinds of other things.
(DIR) Post #AuSeTQ8qfT2cLEKjk8 by GrapheneOS@grapheneos.social
2025-05-25T18:12:43Z
0 likes, 0 repeats
Despite being filled with an extraordinarily level of false claims and misrepresentations, the article was well received on Mastodon and widely propagated across it. It has already inspired many attacks on GrapheneOS and our team based on falsehoods.https://dragonscave.space/@fireborn/114568003702926490
(DIR) Post #AuSeTQsDwlKybxYyTA by GrapheneOS@grapheneos.social
2025-05-25T18:13:53Z
1 likes, 1 repeats
An enormous amount of fabrications about GrapheneOS and harassment towards our team is regularly directed towards us on Mastodon. We've had a far worse experience there than any other social media platform by quite a large amount. This is only the most recent major case of it.
(DIR) Post #AuSeTWuDWGUrJsXePQ by GrapheneOS@grapheneos.social
2025-05-25T18:25:00Z
0 likes, 0 repeats
It's likely one of the newer generation text-to-speech implementations meets our requirements and can be turned into an app we can integrate to work out-of-the-box without requiring any configuration. That's not going to be achieved by attacking us and our team with falsehoods.
(DIR) Post #AuShWN4epTXLYhTJA0 by whvholst@eupolicy.social
2025-05-25T19:17:19Z
0 likes, 0 repeats
@GrapheneOS I rather doubt this is a common reading of the GPLv3. Could you elaborate on this?
(DIR) Post #AuShWOMQ2vL3Y4n0U4 by GrapheneOS@grapheneos.social
2025-05-25T19:18:49Z
1 likes, 1 repeats
@whvholst It is the common reading for GPLv3 and one of the primary reasons it exists. We want it to be possible to use GrapheneOS on locked down devices. GPLv3 does not permit using the software if the person the device is distributed to cannot replace it. We want GrapheneOS to be a direct replacement for AOSP without additional licensing restrictions. Most companies avoid using GPLv3 and we do not want most companies having a licensing reason to avoid using GrapheneOS or working with us.
(DIR) Post #AuShWaqzb4vOINBanw by GrapheneOS@grapheneos.social
2025-05-25T19:14:29Z
0 likes, 0 repeats
@hyperreal @evilcookies98 @xuxxux eSpeak NG is written nearly entirely in C without following modern best practices. It has memory corruption bugs uncovered by hardware memory tagging.The licensing does matter. We keep GrapheneOS to not being more restrictive than the licensing for AOSP. Including code under both permissive and copyleft licenses is fine, but not GPLv3 or variants of it. We do not want to limit where GrapheneOS can be used which we'd be doing if we included GPLv3 code in it.
(DIR) Post #AuShWbtVjCX7WTN7Mu by GrapheneOS@grapheneos.social
2025-05-25T19:15:51Z
0 likes, 0 repeats
@hyperreal @evilcookies98 @xuxxux We CAN include GPLv3 apps in the GrapheneOS App Store. We do not have an issue with eSpeak NG being GPLv3 licensed, it just means we aren't going to bundle it in the OS. It's not the best open source text-to-speech implementation that's available regardless. There are a bunch of more recent text-to-speech implementations including from Mozilla and other groups which would be better choices. Many would require us to port it to Android and wrap it into an app.
(DIR) Post #AuShWd994YdLPFh7NQ by GrapheneOS@grapheneos.social
2025-05-25T19:17:24Z
1 likes, 1 repeats
@hyperreal @evilcookies98 @xuxxux Regardless of which implementation we choose, we're going to need to fork it and integrate it into GrapheneOS. We want to fork a modern implementation with good functionality/usability, good security and licensing we can include in GrapheneOS based on our requirements for it. Our preferred license would be Apache 2, but it'd also be fine if it was MIT, BSD, GPLv2, GPLv2-or-later, etc. Most open source licenses would be fine. There are other options.
(DIR) Post #AuSjWjjKnJDnjXneym by fluchtkapsel@nerdculture.de
2025-05-25T19:20:02Z
0 likes, 0 repeats
@GrapheneOS I'd really like to know what specific issues you have with GPLv3. Which restrictions would apply? What could not be done anymore? Why is this more of an issue than accessibility today? Please don't handwave that away.
(DIR) Post #AuSjWkmYsnOgzqJkeG by GrapheneOS@grapheneos.social
2025-05-25T19:26:13Z
0 likes, 0 repeats
@fluchtkapsel AOSP does not include GPLv3 code because most tech companies want to avoid it. If we included it, most companies would be unwilling to use GrapheneOS.Bundling eSpeak NG would not make GrapheneOS more accessible since it would require setup to use it and so would TalkBack. The setup wizard would need to be completed followed by setting that stuff up. Improving this requires significant work on integrating a text-to-speech implementation and adding further integration for TalkBack.
(DIR) Post #AuSjWl1RzRJ5k1Hdr6 by fluchtkapsel@nerdculture.de
2025-05-25T19:32:43Z
0 likes, 0 repeats
@GrapheneOS Are there really any companies considering the use of GrapheneOS over direct access to AOSP? If it's companies handing out smartphones with GrapheneOS to employees, GPLv3's restrictions do not apply because that is not some kind of distribution requiring source code access or being able to reflash the hardware.
(DIR) Post #AuSjWlToHzzZ9yYI3k by GrapheneOS@grapheneos.social
2025-05-25T19:37:46Z
0 likes, 0 repeats
@fluchtkapsel There are companies considering the use of GrapheneOS and talking to us about it. There are companies wanting to build phones we can support. It has been expressed that including GPLv3 code would be a problem because their legal departments were block them moving forward. They would not want to use it with a subset of what we have removed. Bundling GPLv3 code would limit how widely GrapheneOS can be used and significantly reduce interest in it from companies. We aren't doing it.
(DIR) Post #AuSjWlyISeNWgWodZw by GrapheneOS@grapheneos.social
2025-05-25T19:41:22Z
1 likes, 1 repeats
@fluchtkapsel These attacks on the GrapheneOS project are going to take significant resources away from development, reduce contributions, reduce partnerships and that will need to result in us focusing more on the core OS and adding fewer features. The impact of all these attacks on the project add up and play a significant role in how much we can do. People doing it have themselves to blame for feature development going more slowly than they want, and at least 1 partnership was lost due to it.
(DIR) Post #AuSjWqQnsbYeW6BSZE by GrapheneOS@grapheneos.social
2025-05-25T19:28:57Z
0 likes, 0 repeats
@fluchtkapsel GPLv3 forbids multiple things not forbidden by GPLv2 including making locked down devices without support for replacing the software under that license. That isn't something we want to do ourselves, but we want to permit using GrapheneOS in any way including to make those kinds of devices. We want GrapheneOS to be something companies can use as a drop-in replacement for AOSP anywhere. We aren't throwing it away and sabotaging potential partnerships to include this specific TTS app.
(DIR) Post #AuSjWrD0zM7evcjxiK by GrapheneOS@grapheneos.social
2025-05-25T19:38:50Z
0 likes, 0 repeats
@fluchtkapsel The best open source text-to-speech implementations are NOT licensed as GPLv3, so why is that a problem? The whole situation is being incredibly misrepresented by that blog post and Mastodon post. It's ignoring that whatever we choose will need to be forked and integrated into GrapheneOS. It's ignoring our security requirements. It's making it seem as if the only thing that's required is including GPLv3 code and then magically there will be the required integration.
(DIR) Post #AuSjWwlwIw1uBO7QLQ by GrapheneOS@grapheneos.social
2025-05-25T19:30:26Z
0 likes, 0 repeats
@fluchtkapsel There are other TTS implementations with acceptable licensing. Regardless of what's chosen, we will need to fork it and turn it into something we can ship. eSpeak NG is not something we want to include for MULTIPLE reasons. Licensing is ONE of the reasons.eSpeak NG largely consists of a whole bunch of non-battle-hardened C code which has compatibility issues with hardware memory tagging due to some latent memory corruption bugs. This would be enabled-by-default attack surface.
(DIR) Post #AuSjpOURzLmjMQjbua by alxlg@mastodon.social
2025-05-25T19:06:36Z
0 likes, 0 repeats
@GrapheneOS GPL is working as intended here. Possible solutions:1. Companies comply with GPL2. Companies fund a MIT licensed alternative
(DIR) Post #AuSjpOsuWPLoaIB92O by GrapheneOS@grapheneos.social
2025-05-25T19:08:29Z
0 likes, 0 repeats
@alxlg There are multiple permissively licensed text-to-speech implementations including ones far better than eSpeak NG. We're being attacked because we don't want to bundle eSpeak NG but it's far from the best open source option anyway. The people attacking us have little interest in helping us review and fork one of the options, then integrating it into the OS, and that is why it's not done already. Attacking us only drains our resources and extends the timeline for incorporating this.
(DIR) Post #AuSjpPl9GkjhIVYSZs by alxlg@mastodon.social
2025-05-25T19:22:04Z
0 likes, 0 repeats
@GrapheneOS Can you stop with this whining? You are getting criticized for making sure your product is parasite-friendly. Criticism, not attacks. And you criticize other people's work a lot.
(DIR) Post #AuSjpPzgOiMW1aM4ES by GrapheneOS@grapheneos.social
2025-05-25T19:43:28Z
1 likes, 1 repeats
@alxlg We don't spread fabrications about other projects and their development teams as this highly dishonest post was doing.We're giving away our work for free to the world to use for any purpose. A company working with us and giving back to the project are hardly parasites. On the other hand, how about people using it who are not only not contributing in any way, not making donations and are actively trying to harm us pushing spin and fabrications about us? What do you call that?
(DIR) Post #AuSqCHeEC3yaWcbckC by eladnarra@disabled.social
2025-05-25T20:33:11Z
0 likes, 0 repeats
@GrapheneOS I think this post exemplifies a difference in approach that's causing issues.For disabled folks, a lack of accessibility is a bug, not a missing feature. So our position is that it should be prioritized higher, not lumped into general features and improvements. Focusing on things that provide the most benefit to users overall leaves out disabled people and accessibility by default, because we're a minority. One has to prioritize accessibility outside that subjective calculation.
(DIR) Post #AuSqCIg2Mp19iWSaCe by GrapheneOS@grapheneos.social
2025-05-25T20:40:18Z
0 likes, 0 repeats
@eladnarra GrapheneOS is an open source project. Blind people are 100% capable of doing software engineering and contributing to GrapheneOS. They're the people who know best about what they need and how to approach things. One of our contributors is in fact blind and helps us work on TalkBack along with helping to test it and a bunch of other things. There is a whole lot which has to be done simply to keep what we already have working. Expanding what we have requires more contributions.
(DIR) Post #AuSqCJFqDhepVZDB0i by GrapheneOS@grapheneos.social
2025-05-25T20:42:55Z
0 likes, 0 repeats
@eladnarra We have a small development team and have had major setbacks due to attacks on the project, Google largely refusing to work with us and making our job harder with the Play Integrity API and recently our lead developer being forcibly conscripted to fight in a war. We're struggling just to continue the project already and are already dealing with a huge amount of hate and harassment towards us based on fabrications about us. Now we're dealing with another source of it. That's great.
(DIR) Post #AuSqCJsTu2Z9RPI2Eq by GrapheneOS@grapheneos.social
2025-05-25T20:44:13Z
0 likes, 0 repeats
@eladnarra Not clear how more attacks on us is going to improve things for our present and future blind users. This has already disrupted development, taken resources away from the ongoing port to Android 16 without the main person who did 90% of the recent ports to new Android versions, etc. Every GrapheneOS user including our blind users will be negatively impacted by the project and team being attacked with outrageously false claims about us. What should be cut to make up for it?
(DIR) Post #AuSqCKUPd0uJL32KMS by GrapheneOS@grapheneos.social
2025-05-25T20:46:11Z
0 likes, 0 repeats
@eladnarra The port to Android 16 is essential to keep providing the latest privacy and security patches. Porting all of our features to Android 16 is not mandatory. Features can be dropped if needed. We're also going to need to narrow our focus and scale back what we're working on further. The reason we have a bunch of largely unmodified AOSP sample apps is lack of resources to make a bunch of new apps meeting our standards, or to fork existing ones. The same goes for lack of translations.
(DIR) Post #AuSqCLKAWaJ7vZFf28 by GrapheneOS@grapheneos.social
2025-05-25T20:48:12Z
1 likes, 1 repeats
@eladnarra We're successfully providing a highly private and secure OS with broad app compatibility and good stability. We're not able to do everything though. We cannot realistically make our own TTS app so we rely on there being one that's a reasonable starting point to include. Perhaps one of them is a reasonable starting point now. eSpeak NG cannot meet our requirements. Someone attacking us for not including eSpeak NG with a bunch of false claims about us is not going to accelerate this.
(DIR) Post #AuSqCSqgY5TdGRWEBk by GrapheneOS@grapheneos.social
2025-05-25T20:50:58Z
0 likes, 0 repeats
@eladnarra Several people have now told us about more recently created permissively licensed TTS apps which may meet our requirements.If people put a fraction of the effort into helping us as they do harming us, things would be dramatically better as a whole.Responding to these posts and posting about this on our timeline would have been development time. This time could have gone towards working on TTS if someone had reached out to us interested in helping us instead of hurting us.
(DIR) Post #AuSw2nhYlNUGld1eO8 by evilcookies98@mastodon.stickbear.me
2025-05-25T18:38:45Z
0 likes, 0 repeats
@sanana @GrapheneOS yes it is. It’s on the thread where the original blog post was posted. I try to be understanding earlier in the year because there was genuinely no solution. Now there is and it’s being rejected for the most trivial of reasons. If you bought a phone that didn’t have a screen and you couldn’t use it, you’d flip your lid too. If your local repair shop refuse to give you a screen because it didn’t look like they thought it should, you’d go ballistic.
(DIR) Post #AuSw2p4df3Xh1Upb04 by GrapheneOS@grapheneos.social
2025-05-25T18:44:48Z
0 likes, 0 repeats
@evilcookies98 @sanana Having security requirements and licensing requirements for code that's included in GrapheneOS are not trivial reasons. We need an app providing a high quality implementation with reasonably secure code which we can set up to be working out-of-the-box. It needs to be using licenses we can use within GrapheneOS. Nearly all open source licenses are suitable. We can use MIT, BSD, Apache 2, MPL, GPLv2, etc. GPLv3 and variants of it we can use in our App Store but not the OS.
(DIR) Post #AuSw2po0wLq3IE3pj6 by vax_@infosec.exchange
2025-05-25T19:00:07Z
0 likes, 0 repeats
@GrapheneOS There's Sherpa onnx project http://github.com/k2-fsa/sherpa-onnx that's quite good and fit with its′ license. Do you think it'll fit your use case?
(DIR) Post #AuSw2qdlpvErskHAOm by GrapheneOS@grapheneos.social
2025-05-25T21:43:19Z
1 likes, 1 repeats
@vax_ It might, we'll need to look at it. Currently dealing with a huge amount of additional hatred towards us based on the false premise that we don't care about making GrapheneOS more usable by blind people despite our active work on it. It's not easy that we need to reimplement all of these kinds of things. We took years to add built-in network location. People need to have some patience with us as it takes time to do things properly. This is hardly the only thing which is taking a while.