Many other people promoting these platforms often talk about the (limited) support for running Android apps. You can choose to use those apps there, just as you can on GrapheneOS, and it does not make sense to claim that availability of apps is a bad thing. GrapheneOS supports nearly every Android app which would run on the stock OS thanks to the sandboxed Google Play compatibility layer feature. Many of our users including make no use of that feature, and it didn't exist before 2021 so our entire userbase before then was happily using it without Play services. There are more users now, but there were still many before, and many are happy using only the open source Android app ecosystem which goes far beyond F-Droid which doesn't even have apps like Signal, Chromium, Brave, Bromite, etc.
You're trying to make this about AOSP vs. a completely insecure software stack but the post is about a phone which is capable of running AOSP and other phones are more than capable of running the desktop Linux stack. It's a red herring, and you're being thoroughly dishonest and manipulative in how you're presenting the app ecosystem considering that there is a far larger open source app ecosystem for AOSP than there is for desktop Linux on mobile... F-Droid has very incomplete coverage of the overall open source app ecosystem and they don't always do a particularly good job maintaining it. F-Droid itself still targets Android 7.1 (API 25).
I'm talking about the fact that this hardware, firmware and software is a decade behind on security and has almost zero systemic privacy/security work across it. You have the privacy and security situation completely backwards. The fact that Purism blatantly lies about many aspects of their hardware, firmware and software also demonstrates that they're a highly untrustworthy vendor. I would trust a company like HTC far more because at least they aren't blatantly lying about the security patch level, openness of the hardware and they aren't covering up security vulnerabilities, weaknesses and the fact that the firmware/hardware is proprietary.
> Yes, Android/AOSP does have a lot more security built into its design than Debian->PureOS, but it is based on a model of letting all sorts of unverifiable and dangerous code run inside it.
I'm not sure why someone would want to place complete trust in thousands of different fragmented projects which have no real isolation and no systemic privacy/security work on the overall OS or across those projects. Many of those projects are unmaintained, and some of them have even shipping malicious changes either unintentionally or intentionally before. You're also trusting the huge amount of packagers for the OS who set up the builds and patches for these projects. There are still closed source apps availability, but open source is not the magical panacea that you present it as and does not infer any inherent privacy/security properties on the software. It doesn't make the developers inherently more trustworthy or ethical either. It's a development approach, which we can both agree is a great approach and enables people to make changes to the software, fork it or attempt to contribute to it upstream.
> Care to provide any evidence to prove that Purism or its employees are "spreading tons of misinformation and outright lies about the mainstream options"?
You've done a great job of doing that yourself by cycling through a whole bunch of inaccurate talking points promoting their products and attacking other projects like GrapheneOS. Most of it comes directly from Purism, and your comment is an extension of their highly underhanded, dishonest and malicious attacks on projects like GrapheneOS to make sure they keep getting their substantial salaries and profit.