Once they've established a rule that you have to help them in all cases, what stops them from forcing you to push an update to a phone while the user still has it, to collect information from the phone while actually unlocked and in use?
We won't comply with illegal demands, so how would they force us to do it?
GrapheneOS System Updater doesn't identify the device or user to the server. A massive portion of GrapheneOS users are using a VPN and some are using Tor so many of the IP addressed are VPN/Tor exit IPs shared between people. How would an update be targeted to a specific phone?
