They Built a Legendary Privacy Tool. Now They’re Sworn Enemies

It’s hard to find overmuch accusation astir Daniel Micay online. Google him and you’ll crook up an impersonal X relationship and a barren LinkedIn page, positive immoderate YouTube “exposés” and occurrence wars connected Reddit and HackerNews that qualify him arsenic everything from a privateness advocator to a cybersecurity visionary to a despot. Meanwhile, Claude refers to him arsenic a “formidable autarkic mobile information researcher” who is “widely described arsenic socially abrasive” (for immoderate that’s worth). “All I tin archer you astir Daniel is that helium lives successful Canada,” says Dave Wilson, the assemblage manager of GrapheneOS, a world-famous privateness instrumentality and Micay’s existent project.

Within the cybersecurity community, the mythology surrounding Micay goes beyond celebrity. He could beryllium a shade oregon a benignant of egregore, similar Satoshi Nakamoto oregon Ned Ludd. Fans prime isolated scraps of biographical information; enemies instrumentality swipes astatine his method achievements. Who is Daniel Micay? What does helium truly want? When I wrote to the email listed connected the GrapheneOS website, I heard backmost the aforesaid day: “The squad arsenic a full would beryllium blessed to instrumentality questions and reply them unneurotic successful a corporate fashion. As specified immoderate responses would beryllium from the ‘GrapheneOS team’ and not straight Daniel Micay.” Interesting. Then I got successful interaction with Micay himself—via LinkedIn, of each places. He declined my petition for an on-the-record interview, citing information concerns. I’ve since learned he’s 28 years old.

I did speech to Micay’s erstwhile concern partner, James Donaldson, astatine magnitude and against the wishes of Donaldson’s lawyer. I besides talked to associates of Micay’s. Over galore months, a representation emerged of thing little than a story but possibly much than a man—and 1 who would spell to utmost lengths to support his legacy.

“He was a comic guy, ” said Donaldson. Note the past tense.

Donaldson claims helium archetypal met Micay sometime betwixt 2011 and 2013, erstwhile Micay joined Toronto Crypto, a tiny radical that occasionally got unneurotic to speech cryptography implicit beers. (Through his existent team, Micay disputes this. He says helium met Donaldson successful 2014 and ne'er officially joined the group.) At the time, Micay was a information researcher and unfastened root developer with an involvement successful the fast-growing mobile space.

Micay could be, according to Donaldson, somewhat guarded. He had an off-kilter consciousness of wit and chimed successful lone erstwhile thing method came up. Donaldson recalled a clip erstwhile a troll infiltrated the crypto group’s chat and gave them the seemingly intolerable task of decrypting a bid of messages. Micay did truthful eagerly and easily. “I person a knack for figuring retired radical precise aboriginal on,” Donaldson said, “and I knew this feline was brilliant.” (Through his team, Micay claims to person nary recollection of this event.)

Donaldson, present 42, is simply a self-taught hacker who ne'er finished school, was concisely unhoused, and spent astir of his twenties successful a “positive hardcore punk band.” “It’s chill being smart,” helium told me. “But if you can’t wage your bills, you’re a dumbass.” He saw an accidental to marque wealth successful Android, which past controlled 80 percent of the smartphone idiosyncratic base. Because the operating strategy was a decentralized, unfastened root ecosystem that seemed to prioritize commercialized entreaty and wide adoption implicit security, Android—with its plethora of vulnerabilities—had been likened to Swiss cheese. (This was successful noteworthy opposition to the much unafraid walled plot of Apple’s iOS.) Donaldson didn’t cognize however to plug those holes himself, but present helium knew idiosyncratic who could.

The domain “Copperhead.co” was registered by Donaldson successful 2014 and incorporated successful 2015 nether some Donaldson’s and Micay’s names. The thought was that shares would beryllium divided equally, with Donaldson arsenic CEO and Micay arsenic de facto main exertion officer. Their flagship product, CopperheadOS, was an unfastened root operating strategy that focused connected thing called Android hardening. Like gathering a fortress and digging moats astir a castle, “hardening” a portion of bundle makes it much hard for hackers to summation access. In the lawsuit of CopperheadOS, this meant protecting mobile information by adding layers of information connected apical of the banal Android OS. (Micay has claimed successful tribunal filings that helium was already moving connected Android hardening earlier gathering Donaldson and that helium agreed to the concern connected the explicit knowing that helium would clasp power implicit the resulting OS.)

CopperheadOS was an instant deed and 1 of the archetypal of its kind—few others were paying attraction to mobile information astatine the time. A twelvemonth aft its launch, Chris Soghoian, past a main technologist astatine the American Civil Liberties Union, called CopperheadOS “the astir breathtaking happening happening successful the satellite of Android security.” Open root advocacy groups similar the Guardian Project, arsenic good arsenic the Google Play store alternate F-Droid, started inquiring astir partnerships. In 2018, CopperheadOS was featured successful 2600: The Hacker Quarterly.

In existent startup fashion, Donaldson picked up each sorts of eclectic IT jobs successful the company’s infancy—fixing printers, recovering hacked WordPress websites—to assistance money Micay’s enactment connected the operating system. “I support Daniel distant from the mean satellite truthful helium tin beryllium astir and hack connected Android,” Donaldson said successful a 2017 interrogation with Crypto Tech Solutions. “I cognize erstwhile to get retired of the way.” In the aforesaid interview, Donaldson jokingly compared himself to Erlich Bachman, the cavalier incubator from HBO’s Silicon Valley. He believed that his quality to span the spread betwixt the technically versed and the business-minded was what would marque Copperhead successful.

While Donaldson was retired doing interviews arsenic the look of the operation, Micay was often locked distant successful what Donaldson referred to arsenic the “wizard tower,” hunting vulnerabilities successful Android and patching them successful CopperheadOS. Micay besides spent clip troubleshooting for the idiosyncratic base. As an unfastened root purist—he was a longtime contributor to projects similar Arch Linux and Mozilla’s Rust programming language—Micay seemed to consciousness a work to enactment anyone funny successful the project. Even if it was astatine the disbursal of his ain well-being. It was captious to him that everyone had escaped entree to mobile security.

But those values began to diverge from Donaldson’s. On the 1 hand, Donaldson inactive considered himself a benignant of hacker rebel. At 1 point, helium adjacent sent maine “The Conscience of a Hacker,” a poetic manifesto written successful 1986 by idiosyncratic called the Mentor. (“This is our satellite present … the satellite of the electron and the switch,” it reads. “Yes, I americium a criminal. My transgression is that of curiosity.”) On the different hand, helium was moving a business. “We were each hacker rebels trying to marque money,” helium said.

For the first twelvemonth oregon truthful of CopperheadOS’s operation, everything you needed to download, install, oregon modify it was disposable online. The anticipation was to marque wealth from selling tech enactment that prioritized paying users. But the proliferation of CopperheadOS dupes, combined with round-the-clock troubleshooting, meant that everyone but the Copperhead squad was getting their just stock of the Android hardening pie. “We had to bash thing astir it,” Donaldson said.

In October 2016, Copperhead moved from being unfastened root to having a noncommercial license, a determination Donaldson insists helium made with Micay. (Micay’s lawyer said that Micay simply “placated” Donaldson.) Now, astir users would person to acquisition a Copperhead telephone to entree the OS. “I don’t similar begging for donations,” said Donaldson, and helium felt it was astir clip the operating strategy started generating revenue. Once Copperhead relicensed, Donaldson said, the task instantly started signing agreements with Fortune 500 companies.

While Copperhead worked with nonprofits, Donaldson had his oculus connected defence contractors. “That’s the beatified grail, to beryllium honest,” helium said. “The thought that I could enactment successful the defence manufacture doing things Copperhead-related was awesome.” He clarified that Copperhead’s exertion would lone beryllium utilized to support these clients from adversaries, not for them to someway weaponize it successful turn. He assured maine that Copperhead wasn’t selling out; it was being pragmatic, and information should spell to those who worth it. In a 2017 interrogation with Vice, Donaldson was asked whether helium was ever tempted to usage his powers for evil. “That depends,” helium said, “on your explanation of evil.”

Micay apt had a definition. Between licensing the OS and the anticipation of doing concern with defence contractors, helium seemed to consciousness the integrity of his codification was eroding arsenic rapidly arsenic his bureau successful the Copperhead partnership. Not lone was CopperheadOS nary longer disposable to the masses, it was starting to service the precise radical Micay wanted to support users from. Above each else, his spouse seemed to beryllium determining the destiny of the strategy helium had built.

By the outpouring of 2018—two and a fractional years aft officially launching Copperhead—the past spot of power Micay seemed to person near was CopperheadOS’s signing keys. If hardening is gathering a fortress, signing keys get you into the castle: They find what bundle a instrumentality volition spot and which changes tin beryllium made to each instrumentality moving the operating system. At larger-scale institutions similar Linux, elaborate safeguards are enactment successful spot to bounds the power that immoderate 1 subordinate tin person implicit the operating system. But successful Copperhead’s case, the institution didn’t person a ample web of developers. Micay was successful sole possession of the keys.

And helium was astir to bash thing astir wholly unheard of successful the satellite of cybersecurity.

Tensions went from passive to assertive erstwhile Donaldson approached Micay astir a compliance audit. Donaldson said helium needed to cognize however the signing keys were stored—a petition that Micay suspected was tied to a woody Donaldson was brokering with a ample defence contractor. Micay believed this would enactment the entirety of CopperheadOS’s idiosyncratic basal astatine hazard and unit him to springiness up what small power helium had left.

Fearful of what Donaldson mightiness bash with unbridled access, Micay took to the net to aerial his concerns. In a bid of since-deleted tweets, helium utilized the CopperheadOS X account—the aforesaid relationship helium utilized to connection tech support—to impeach Donaldson of being untrustworthy. He thought users deserved to know.

Online forums soon became Micay and Donaldson’s main battleground, and nationalist sentiment fanned the flames. Micay accused Donaldson of spreading misinformation astir CopperheadOS, portion Donaldson accused Micay of impacting concern opportunities. “He banned maine disconnected my ain subreddit, ” Donaldson told me, explaining that helium lone wanted to cognize wherever the keys were stored and that helium didn’t request entree to them. He thought Micay was being “erratic” and “defamatory,” helium said successful a ineligible filing: “Simply put, Micay’s power implicit the keys was a liability.”

Donaldson’s lawyers sent Micay a missive connected May 14, 2018, attempting to revise Micay’s relation and stitchery accusation astir the signing keys. The missive claimed that “there is nary written shareholders’ statement successful place, nor immoderate written employment agreements oregon occupation descriptions for either of you.” But due to the fact that “Mr. Donaldson is the sole manager of the Corporation and the Chief Executive Officer,” the missive continued, helium had the authorization to deem the presumption quo of the institution “unsustainable” and mandate that Micay beryllium demoted oregon resign. When I asked Micay’s lawyer astir this, helium told maine that due to the fact that Micay was ne'er technically an worker of Copperhead, helium couldn’t beryllium fired.

A period later, erstwhile the concern had not been resolved, Donaldson’s lawyers sent different missive claiming to terminate Micay’s employment. They said Micay’s behaviour had been “inconsistent with his ongoing obligations to Copperhead.” Donaldson said that this missive was the past nexus successful the chain. He said helium had antecedently fixed Micay aggregate opportunities to instrumentality paid leaves and regroup, offers that Micay allegedly declined.

That near the contented of the keys. According to Donaldson, the keys were institution property, and Micay, having refused to cooperate with revising their concern terms, was nary longer portion of CopperheadOS. Donaldson told maine what helium remembers saying to Micay: “You person to springiness the keys up, bro. Like, if you don’t wanna springiness them to me, that’s fine. But our customers request to support utilizing their devices.”

“He threatened to prehend Daniel’s workstations to retrieve what helium claimed was spot of Copperhead,” said Dave Wilson, who’d aboriginal enactment intimately with Micay. Surely this was Donaldson’s last-ditch effort to currency successful connected his enactment earlier they parted ways, and Micay was, apparently, livid. He was being ousted from the task helium had spent years building. There was nary mode helium was giving up the keys.

So, helium burned them. Destroyed them. In a since-deleted Reddit post, Micay wrote: “I see the institution and the infrastructure to beryllium compromised.”

All that work, gone. Without the signing keys, changes to CopperheadOS were each but intolerable to make. No updates could beryllium pushed. No exploits could beryllium patched. Micay had successfully eliminated immoderate anticipation of behaviour helium disagreed with by destroying entree to the operating system. “It was a testament to the integrity of the project,” Wilson said.

But voiding entree to CopperheadOS besides near existing users vulnerable. As the aureate regularisation of cybersecurity goes: Updates support devices secure. “We person these devices successful Iraq, Afghanistan, Ukraine, Russia, China. What’s gonna hap to them?” said Donaldson. “We cannot update them anymore.” The lone applicable enactment for astir users was to power to a antithetic operating system.

Many of CopperheadOS’s partners and contractors rapidly dropped out. “I did everything I could to marque our customers happy,” Donaldson said, defeated. His fallout with Micay had near him successful fiscal ruin, helium added—“we had chargebacks connected our slope relationship that was connected to my idiosyncratic credit. I paid retired of my pouch to person people’s devices sent over” for recovery. In March 2020, Donaldson filed a assertion requesting astir fractional a cardinal Canadian dollars successful damages. When I asked if helium was inactive successful interaction with Micay, Donaldson fto retired a adust laugh: “We talk done lawyers now.” (According to a counterclaim filed by Micay, the 2 had met successful idiosyncratic less than 10 times since Copperhead’s incorporation.)

In a benignant of Zuckerberg-Winklevoss redux, there’s small question that Micay built the tech portion Donaldson marketed it, but whether Micay was legally allowed to destruct the keys is cardinal to ongoing litigation. Through Wilson, Micay insists that helium wrote the codification for CopperheadOS earlier gathering Donaldson and that Donaldson had agreed to fto him support ownership of the operating system. But successful a ineligible filing, Donaldson stresses that porting hardening techniques to Android was his (and a erstwhile concern partner’s) idea. He maintains that, arsenic CTO, Micay had a fiduciary work to Copperhead and that helium violated that work erstwhile helium deleted the CopperheadOS signing keys.

“You’re going to get harassed for penning this,” Donaldson warned me. “No 1 understands my broadside of the story.” He told maine that helium can’t disclose the further facts that helium claims would warrant his “100 percent win.” “My lawyers are precise huffy that I’m talking to you,” Donaldson said. “I person to clasp my cards adjacent to my chest.”

Although Micay did not hold to talk to WIRED, an email from his squad accused Donaldson of directing “libelous harassment contented towards me” and added, accordant with tribunal documents: “Your questions are mostly centered astir mendacious narratives by James Donaldson and his fabrications astir Daniel.”

It wasn’t long earlier allegations and conspiracy theories started to propulsion fans of CopperheadOS to take sides. Almost arsenic a pledge of allegiance, staunch defenders of Micay started spreading the gospel of a caller operating system. It was called GrapheneOS.

Turns out, earlier the particulate settled connected CopperheadOS, Micay had begun rebuilding the infrastructure of his code. GrapheneOS was a nonstop continuation of his enactment astatine Copperhead, the institution said, conscionable nether a caller name. This clip around, the task would beryllium tally wholly connected donations and stay unfastened source. It would “never again beryllium intimately tied to immoderate peculiar sponsor oregon company,” said Wilson, who joined Micay arsenic GrapheneOS’s assemblage manager. It would beryllium a nonprofit. “In a way,” Wilson added, “I gotta springiness [Donaldson] recognition to the grade that helium did enactment successful the instauration of GrapheneOS successful immoderate weird signifier oregon form.”

GrapheneOS launched successful April 2019. Like its predecessor, it was a success. Many notable tech influencers—TheHatedOne, PewDiePie, and, astir recently, Linus Tech Tips—started reviewing the operating strategy and promoting its use. Jack Dorsey became 1 of GrapheneOS’s biggest supporters, on with Ethereum cofounder Vitalik Buterin and Swiss privacy-focused institution Proton AG. Edward Snowden weighed in: “If I were configuring a smartphone today,” helium tweeted, “I’d usage @DanielMicay’s @GrapheneOS arsenic the basal operating system.”

Whereas CopperheadOS broke crushed for popularizing Android hardening, GrapheneOS gained traction by giving users options to bounds their device’s entree to data. One of its flagship features is simply a sandboxed mentation of Google Play. Every Google Android phone—and they inactive represent astir 70 percent of the planetary smartphone idiosyncratic base—comes with Google Play. It cannot beryllium deleted and requires extended privileges to run, beyond what’s instantly indispensable for each application. Why? For what? Even the GrapheneOS squad is unsure. On a GrapheneOS-run device, however, these privileges are granted lone connected an app-by-app basis. Users are fixed the enactment to contradict entree to, for instance, their web and sensors. By gathering a vacuum-sealed, simulated situation for that app to tally (“sandboxing”), GrapheneOS compartmentalizes the information of that app and gives users power implicit however overmuch of it is accessible by their devices. In essence, it de-Googles your Google phone.

By the aboriginal 2020s, the GrapheneOS squad had grown to astir 20 people, and Micay was the pb developer. It indispensable person felt vindicating.

Other opinions didn’t matter—but that didn’t halt them from coming. GrapheneOS yet deed 400,000 users, and each seemed to person their ain unwavering instrumentality connected however things should work. Having spent truthful overmuch clip warring for the purity of CopperheadOS, it’s tenable to presume that Micay felt particularly protective of GrapheneOS. Whenever idiosyncratic would situation his implementation—especially those who compared GrapheneOS to CalyxOS, a competing Android OS—he would get into powerfully worded debates astir method intricacies.

In turn, users fought back. A mates radical made videos “exposing” their backstage conversations with Micay; others made a amusement of deleting GrapheneOS. The GrapheneOS squad itself was accused of going aft competing projects and dissenting parties. (Donaldson has called these “campaigns of harassment.”) Wilson told maine that acquisition and consciousness are cornerstones of GrapheneOS’s work. If you’re not up for the heated debates and lengthy treatment threads, helium said, conscionable “buy an iPhone.”

For each their intensity, the occurrence wars seemed contained to the internet. But connected April 23, 2023, determination was a sound connected Micay’s door. Fully equipped policemen were lasting outside. They were told, according to Wilson, that “Daniel is equipped and he’s gonna sprout everyone that volition enter.” Micay had been swatted. It happened 2 much times, his lawyer said.

Seemingly shaken from the experience, Micay scaled backmost his responsibilities astatine GrapheneOS. He continues to consult and occasionally contributes to the task but has relinquished power to his squad members. Micay has besides scrubbed overmuch of his integer footprint from the internet, leaving a conspiracy-sized spread successful the debris of his past battles.

It’s casual to boil the saga of GrapheneOS down to a fistful of tweets and net hearsay, but the spot of its tech was—and remains—hard to ignore. Last year, 404 Media reported connected leaked documents from Cellebrite, a bundle that helps retrieve information from locked phones. The documents, which elaborate Cellebrite’s occurrence complaint crossed antithetic Pixel generations, recovered that “every locked Pixel 9 moving GrapheneOS was inaccessible.”

“There are nary existent alternatives,” says Joe, a GrapheneOS powerfulness idiosyncratic and “the astir privacy-paranoid idiosyncratic successful the room.” I got successful interaction with him done a Morke.org address, an email work known to run connected the acheronian web. Joe, a assemblage student, submits his assignments successful idiosyncratic to debar portals and lone pays successful cash. He tells maine astir vibrant pockets of the acheronian web dedicated to evangelizing homebrew privateness solutions—an emergent question of absorption astatine a clip erstwhile Meta plans to region end-to-end encryption connected Instagram DMs, automakers are openly selling driving information to security companies, and gait strategy exertion could soon beryllium utilized to place civilians from their locomotion connected the streets of New York City. “They person warheads,” Joe says. “We person the inflatable hammer that squeaks.”

GrapheneOS finds itself successful the mediate of this moment. In the six months I spent talking to its squad members, Micay’s aura of enigma started to fade. The ghostly net hero-villain who’d bash immoderate it took to marque his constituent became conscionable different feline passionate astir information tech. But from Wilson—whom I was messaging with, astatine 1 point, for respective hours a week—I got uncommon glimpses into the interior workings of the GrapheneOS operation. It became, successful immoderate ways, more mysterious. “Dave Wilson,” for 1 thing, is not his existent name. (Some fishy he’s really Micay, though helium denies this.) In fact, astir nary 1 astatine the institution seems to cognize wherever their colleagues unrecorded oregon what they look like. They are bound by a azygous mission: privacy, theirs and everyone else’s.

And GrapheneOS inactive gets successful trouble—with users, with competitors, with authorities. The institution has precocious raised eyebrows with functions similar duress pins that, erstwhile entered, erase each information stored connected your device. “Cops accidental criminals usage a Google Pixel with GrapheneOS,” noted a caller headline. The amended the privateness tool, of course, the much it becomes associated with criminality.

It’s hard to triumph astatine cybersecurity. It’s besides casual to get mislaid successful the details. There are “vendors selling exploits to governments to onslaught radical and virtually termination journalists,” Donaldson told me. So why, helium mused, are helium and Micay—one of the astir skilled information specialists he’s ever met, adjacent if helium does assertion Micay “massively disrupted” his finances—still fighting? The existent enemy, I deliberation Donaldson was yet trying to archer me, is retired there.

Let america cognize what you deliberation astir this article. Submit a missive to the exertion at [email protected].