It’s troublesome to discover a lot information about Daniel Micay on-line. Google him and also you’ll flip up an impersonal X account and a barren LinkedIn web page, plus some YouTube “exposés” and flame wars on Reddit and HackerNews that characterize him as the whole lot from a privateness advocate to a cybersecurity visionary to a despot. In the meantime, Claude refers to him as a “formidable impartial cellular safety researcher” who is “extensively described as socially abrasive” (for no matter that’s price). “All I can let you know about Daniel is that he lives in Canada,” says Dave Wilson, the group supervisor of GrapheneOS, a world-famous privateness software and Micay’s present venture.
Inside the cybersecurity group, the mythology surrounding Micay goes past movie star. He might be a ghost or a sort of egregore, like Satoshi Nakamoto or Ned Ludd. Followers choose aside scraps of biographical information; enemies take swipes at his technical achievements. Who is Daniel Micay? What does he really need? After I wrote to the e mail listed on the GrapheneOS web site, I heard again the identical day: “The staff as an entire could be comfortable to take questions and reply them collectively in a collective trend. As such any responses could be from the ‘GrapheneOS staff’ and not straight Daniel Micay.” Attention-grabbing. Then I obtained in contact with Micay himself—by way of LinkedIn, of all locations. He declined my request for an on-the-record interview, citing security considerations. I’ve since realized he’s 28 years outdated.
I did speak to Micay’s former enterprise accomplice, James Donaldson, at size and towards the needs of Donaldson’s lawyer. I additionally talked to associates of Micay’s. Over many months, a portrait emerged of one thing lower than a delusion however maybe greater than a person—and one who would go to excessive lengths to shield his legacy.
“He was a humorous man, ” mentioned Donaldson. Word the previous tense.
Donaldson claims he first met Micay someday between 2011 and 2013, when Micay joined Toronto Crypto, a small group that often obtained collectively to speak cryptography over beers. (Via his present staff, Micay disputes this. He says he met Donaldson in 2014 and by no means formally joined the group.) At the time, Micay was a safety researcher and open supply developer with an curiosity in the fast-growing cellular area.
Micay might be, in accordance to Donaldson, considerably guarded. He had an off-kilter humorousness and chimed in solely when one thing technical got here up. Donaldson recalled a time when a troll infiltrated the crypto group’s chat and gave them the seemingly unimaginable activity of decrypting a collection of messages. Micay did so eagerly and simply. “I’ve a knack for determining folks very early on,” Donaldson mentioned, “and I knew this man was sensible.” (Via his staff, Micay claims to haven’t any recollection of this occasion.)
Donaldson, now 42, is a self-taught hacker who by no means completed faculty, was briefly unhoused, and spent most of his twenties in a “optimistic hardcore punk band.” “It’s cool being good,” he informed me. “However for those who can’t pay your payments, you’re a dumbass.” He noticed a possibility to earn cash in Android, which then managed 80 p.c of the smartphone person base. As a result of the working system was a decentralized, open source ecosystem that appeared to prioritize industrial enchantment and mass adoption over security, Android—with its plethora of vulnerabilities—had been likened to Swiss cheese. (This was in noteworthy distinction to the safer walled backyard of Apple’s iOS.) Donaldson didn’t know the way to plug these holes himself, however now he knew somebody who may.
The area “Copperhead.co” was registered by Donaldson in 2014 and included in 2015 beneath each Donaldson’s and Micay’s names. The concept was that shares could be break up equally, with Donaldson as CEO and Micay as de facto chief expertise officer. Their flagship product, CopperheadOS, was an open supply working system that targeted on one thing referred to as Android hardening. Like constructing a fortress and digging moats round a citadel, “hardening” a bit of software program makes it tougher for hackers to achieve entry. In the case of CopperheadOS, this meant defending cellular knowledge by including layers of safety on prime of the inventory Android OS. (Micay has claimed in court docket filings that he was already working on Android hardening before assembly Donaldson and that he agreed to the partnership on the specific understanding that he would retain management over the ensuing OS.)
Disclaimer: This article is sourced from external platforms. OverBeta has not independently verified the information. Readers are advised to verify details before relying on them.
