| README.md | ||
Grayson Giles (Amnesia)
Independent Security Researcher · Systems Architect
Co-copyright holder on the official Whonix Bridges wiki (with project founder adrelanos) · Contributor to QubesOS & Whonix
PGP Fingerprint: 456F 268D 14C9 ECCE 1A77 3558 03E8 F5B6 3BAC 3998
Lead Architect of lainOS & Protocol 7 · Creator of VESME-avf
Independent security researcher and systems architect specializing in OS-level security, virtualization, and hardware-rooted trust. Lead architect of LainOS and Protocol 7, a non-systemd compatibility architecture that decouples modern Linux desktops from systemd-era assumptions. Contributor to QubesOS and Whonix, credited for upstream fixes to the Snowflake Tor pluggable transport. Creator of VESME, an experimental ram-only secure messaging framework using Android’s Virtualization Framework.
Focused on sovereign computing, deterministic systems, and hardened isolation.
Core Projects
Protocol 7 — Systemd compatibility layer for OpenRC on Arch Linux(lainOS layer 02) (2026 – Present)
Role: Systems Architect / Lead Developer
Repository: https://forgejo.lain.rocks/lainOS/Protocol-7
Protocol 7 is a minimal, interface-level compatibility layer designed to run Arch Linux without systemd while preserving broad compatibility with AUR software.
Technologies: C, OpenRC, SHA256 integrity, Wayland (Sway), PipeWire
Status: Active — production-viable (~85% - 95% readiness) for sovereign desktop use
LainOS — Privacy-Hardened Arch Linux (2022 – Present)
Role: Project Lead/Maintainer
Website: https://lainos.net
Repository: https://github.com/The-LainOS-Project
LainOS is a rolling-release Linux distribution based on Arch, focused on privacy, user sovereignty, and minimal trusted computing base.
Key Contributions
- Hardened kernel configuration and MAC randomization by default
- Built deterministic session model
- Maintained long-term rolling release stability
- Led distributed development team and SDLC process
VESME — Virtualized Ephemeral Secure Messaging Environment (2025)
Role: Architect & Lead Developer
Repository: https://gitlab.com/amnesia1337/vesme-avf
VESME is a secure messaging framework built on Android’s Virtualization Framework (AVF) and KVM, providing hardware-backed isolation for ephemeral communications.
Key Contributions
- Executed messaging stack inside isolated ephemeral VMs
- Integrated XMPP + OMEMO over Tor
- Implemented GPG-based authentication and secret handling
- Designed traffic obfuscation mechanisms
- Enabled user-initiated secure VM wipe
- Ported framework from aarch64 Debian to x86_64 Arch (LESME)
Upstream Contributions
QubesOS & Whonix (2024)
-
Snowflake Pluggable Transport: Diagnosed, repaired and optimized critical failures in the Snowflake bridge integration within Qubes-Whonix.
-
Quantifiable Impact: Directly restored and maintained connectivity for 2,000+ daily active users in heavily censored regions (Russia, Iran, Turkmenistan) who rely on Qubes-Whonix for high-assurance anonymity.
-
Wiki Documentation: Co-copyright holder (with project founder adrelanos) for the official Whonix Bridges Wiki, serving as the primary technical resource for bridge configuration and troubleshooting. Credited as amnesia at boum dot org
-
Upstream Integration: Credited with fixing the "outdated client" bug in
whonix-gatewaytemplates, ensuring modern Snowflake features (like AMP cache rendezvous) are functional.
References
-
QubesOS Guide: https://forum.qubes-os.org/t/quick-start-guide-snowflake-proxy-in-qubes-whonix-tor-control-panel/28889
-
Whonix Guide: https://forums.whonix.org/t/quick-start-guide-fix-snowflake-proxy-in-qubes-whonix-tor-control-panel/20377
-
Whonix Bridges Wiki: https://www.whonix.org/wiki/Bridges
Hardware-Rooted Security Work
-
Provisioned Libreboot and Heads via external SPI flashing
-
Implemented measured boot with TPM PCR sealing
-
Verified firmware integrity using physical GPG tokens
-
Neutralized Intel Management Engine during flashing
-
Reduced TCB to auditable user-controlled components
Consulting & Applied Security (2017–Present)
Information Security Consultant and Technician providing privacy and security services for individuals and organizations.
Selected Work
-
Built librebooted Qubes laptops and GrapheneOS devices
-
Designed secure network infrastructure and routers (OpenWRT)
-
Delivered QubesOS and mobile privacy training
-
Implemented endpoint security solutions
-
Built secure communication infrastructures
-
Replaced invasive IoT systems with privacy-respecting alternatives
Blockchain Infrastructure & Security (2020–2022)
-
Engineered hardened mining clusters with reduced attack surface
-
Implemented VPN gateways and encrypted tunnels
-
Deployed zero-trust management environment
-
Designed cold storage and private key custody
-
Conducted electrical and physical safety audits
Technical Skills
Programming
- Bash, Python
Systems & Security
-
OS architecture and maintenance
-
Virtualization (KVM, Xen, AVF)
-
Firmware security (Libreboot, Heads, TPM)
-
Tor, PGP, encryption
-
Hardened networking
Engineering Practices
-
SDLC management
-
Manual QA and peer review
-
Secure repository management
-
Developer key management (GPG)
Community Engagement
-
Contributor to open-source security projects
-
Co-copyright holder on Whonix Bridges Wiki
-
Active participant in Linux and privacy communities
PGP Fingerprint: 456F 268D 14C9 ECCE 1A77 3558 03E8 F5B6 3BAC 3998