Punkt. MC02 phone doesn't run GrapheneOS. It still runs a fork of Android 13 while GrapheneOS is solely based on Android 15. MC02 is clearly using the LineageOS update client, not the GrapheneOS update client. It's problematic that some people think it's a way to get GrapheneOS.
@privatize_universe That one wasn't written by them and it's not yet clear what they're going to do with it. If they could change the license, they probably would.
@privatize_universe It's not possible to change from a pre-existing copyleft license without permission from every contributor or somehow removing all their code and all code based on it which is not practical since who knows what got based on it elsewhere. AGPL also prevents them introducing code under their own heavily restricted non-commercial usage license. They could theoretically pay the contributors and relicense the code though.
iOS 18.1 added an implementation of the auto-reboot timer for locked devices we've been using in GrapheneOS since June 2021:
https://chaos.social/@jiska/113447894119816217
This was one of our early generation protections against forensic data extraction. We added a lot more protections this year.
iOS 18.1 was released on October 28, 2024. This has nothing to do with recent news coverage where cops are blaming imaginary features for devices not staying in After First Unlock state. Devices likely crashed due to one of many bugs which exist, including already patched ones.
FUTO made a $40k donation to GrapheneOS supposedly with no strings attached. They ended up being unhappy with us not making content with them and promoting them. They began supporting attacks on us and tried to destroy the GrapheneOS project. Recommend not taking money from them.
It's not hyperbole to say that FUTO has caused millions of dollars of damage to GrapheneOS with the fabrications and spin they're still actively spreading about us. Any developer offered money by them should be aware of what happens if you don't promote them and tolerate abuse.
FUTO apps aren't open source but rather source available with heavy restrictions on usage:
https://github.com/futo-org/android-keyboard/blob/master/LICENSE.md
They're taking the place of real open source apps and making it less likely for viable options to emerge since people are going to use and contribute to these.
FUTO made a $40k donation to GrapheneOS supposedly with no strings attached. They ended up being unhappy with us not making content with them and promoting them. They began supporting attacks on us and tried to destroy the GrapheneOS project. Recommend not taking money from them.
@freeborn | ἐλεύθερος This sounds like an app bug causing a compatibility with Android 15. It's very unlikely that it has to do with GrapheneOS unless you have the Network permission disabled for the app.
We're working on fixing a regression in the GrapheneOS releases based on Android 15 which resulted in a subset of users having a subset of their Network and Sensors toggle settings not migrated over from the Android 14 permission database to the Android 15 permission database.
GrapheneOS based on Android 15 will reach the Stable channel later today. It's very stable already and we've fixed a bunch of upstream bugs including several impacting the stock Pixel OS. We've made 7 official releases based on 15 already and the 8th is going to reach Stable.
We're preparing the changes for a new release of GrapheneOS based on Android 15. We've implemented over a dozen fixes, largely for new upstream issues impacting the Android Open Source Project. We also added a workaround for the new stock OS Android 15 factory reset protection.
Android 15 is being released today and we should be ready to quickly ship a release based on it as if this is a monthly update, not even a quarterly one.
We already put together builds working well across all supported devices based on the Android 15 Beta and September sources.
There's a highly inaccurate article about Pixels from Cybernews making the rounds everywhere in privacy communities. It gets the details nearly completely wrong and thoroughly misrepresents things like the optional network-based location used nearly everywhere as Pixel specific.
@51595631 We refute it when we see it, but it would be far better if we had a community which was far more active at defending the project against these attacks. It would avoid us needing to spend nearly as much time on it as we do and would also help to protect us from getting attacked for debunking misinformation. A lot of the attacks are based on making false claims and then claiming our team in insane, delusional, etc. after posting detailed replies debunking low effort lies.
@51595631 There are people actively trying to harm GrapheneOS through getting very low quality news sites to repeat the attacks and then trying to reference that from Wikipedia, etc. Almost all of this involves people posting dishonest attacks referencing other people doing the same in cycles. This is really the main area we need help so we can focus on development and much less on defending ourselves. It's harder for people to help us with the spurious legal system attacks, etc.
Our understanding is that there will be a stable release of Android 15 on October 15th. We fully ported all our changes to it by September 3rd after the early source code release in September. We'll aim to have a release out within 24h of the stable release being pushed to AOSP.
GrapheneOS users on 8th/9th gen Pixels are making a massive contribution to getting memory corruption bugs in the open source ecosystem thanks to the nice crash report notifications created by our hardware memory tagging feature. One of the latest fixes:
https://github.com/mullvad/mullvadvpn-app/pull/6727/files
Our latest release blocked a class of VPN leaks via multicast packets discovered by our community. Unfortunately, end-of-life Pixel 4a (5G), Pixel 5 and Pixel 5a have an upstream kernel bug that's causing it to break compatibility with IPv6-only carriers. We're dealing with it.
@787dade1 Yes, and we've already been testing it via the Android 15 flags available in Android 14 QPR3. We already ported our changes to support those things previously. We have our Android 15 port largely done now.
GrapheneOS support for the Pixel 9 Pro Fold is no longer marked experimental and is now available through our production site:
https://grapheneos.org/releaseshttps://grapheneos.org/install/web
Our 2024083100 release has been confirmed to be working and to have a working future upgrade path.
Telegram has full access to all of the content of group chats and regular one-to-one chats due to lack of end-to-end encryption. Their opt-in secret chats use homegrown end-to-end encryption with weaknesses. Deleting the content from the app likely won't remove all copies of it.
GrapheneOS support for the Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL is now available via our official site in addition to our staging site.
https://grapheneos.org/install/web
Most users don't have any issues. 2 people reported an occasional Wi-Fi connectivity issue not happening for others.
https://x.com/cryps1s/status/1824077327577591827
This is a fake story. Turns out that getting security information from the CISO of a mass surveillance company trying to build a dystopian police state providing police with "predictive policing" software largely based on racial stereotypes is a bad move.
GrapheneOS has publicly posted about the carrier apps included on Pixels and their privileged permissions on numerous occasions. We talked about the ones which get enabled automatically based on using a SIM from a carrier rather than a disabled demo without an automatic trigger.
Here's a thread from 2017 posted from our project's previous Twitter account which was stolen in 2018:
https://x.com/CopperheadOS/status/903362108053704704
Incredibly important to note that this thread directly involves the CEO of Trail of Bits that's now claiming their iVerify team discovered these apps.
GrapheneOS has publicly posted about the carrier apps included on Pixels and their privileged permissions on numerous occasions. We talked about the ones which get enabled automatically based on using a SIM from a carrier rather than a disabled demo without an automatic trigger.
Wired should retract the article and explain how they're going to do better. They keep publishing this kind of fearmongering misinformation from information security industry charlatans. There are real remote code execution flaws being fixed in Android and iOS but they push this.
"The most straightforward way to do this would involve having physical access to a victim's phone as well as their system password or another exploitable vulnerability that would allow them to make changes to settings. Google's Fernandez emphasized this limiting factor as well."
Wired should retract the article and explain how they're going to do better. They keep publishing this kind of fearmongering misinformation from information security industry charlatans. There are real remote code execution flaws being fixed in Android and iOS but they push this.
"iVerify vice president of research [...] points out that while Showcase represents a concerning exposure for Pixel devices, it is turned off by default. This means that an attacker would first need to turn the application on in a target's device before being able to exploit it."
"The most straightforward way to do this would involve having physical access to a victim's phone as well as their system password or another exploitable vulnerability that would allow them to make changes to settings. Google's Fernandez emphasized this limiting factor as well."
This is one of multiple carrier apps in the stock Pixel OS which we don't include in GrapheneOS. We were aware of it already since we had to go through them and figure out why they exist. We could embrace this fearmongering and leverage it for marketing, but we aren't dishonest.
"iVerify vice president of research [...] points out that while Showcase represents a concerning exposure for Pixel devices, it is turned off by default. This means that an attacker would first need to turn the application on in a target's device before being able to exploit it."
iVerify are scammers and anyone paying them money should rapidly stop doing it and remove their malware from their devices. The real security risk is giving remote code execution on your devices to one of these sketchy EDR companies lying about their capabilities and discoveries.
This is one of multiple carrier apps in the stock Pixel OS which we don't include in GrapheneOS. We were aware of it already since we had to go through them and figure out why they exist. We could embrace this fearmongering and leverage it for marketing, but we aren't dishonest.
Wired was manipulated into spreading misinformation to market Palantir and iVerify by misrepresenting a vulnerability in a disabled demo app as being a serious problem which could be exploited in the real world. They should retract the article but won't.
https://wired.com/story/google-android-pixel-showcase-vulnerability/
iVerify are scammers and anyone paying them money should rapidly stop doing it and remove their malware from their devices. The real security risk is giving remote code execution on your devices to one of these sketchy EDR companies lying about their capabilities and discoveries.
We've become aware of another company selling devices with GrapheneOS while spreading harmful misinformation about it to promote insecure products. We're making our usual attempt at resolving things privately. However, we need to quickly address what has been claimed regardless.
We're going to be making another attempt at shipping DNS leak prevention for third party VPN apps. The last attempt resolved a lot of the compatibility issues with the previous approach, so we've made some progress. We don't what's wrong with Proton VPN and certain other apps.
Unplugged has simply doubled down on false claims about GrapheneOS security, pretending people cannot buy devices with GrapheneOS installed and pretending it's hard to install along with promoting their blatantly insecure products with false marketing.
https://x.com/_AndresSegovia/status/1813261339319804343
Chromium's V8 Optimizer toggle for disabling JavaScript JIT compilation was changed to only disable the 2 higher tiers of JIT compilation while still leaving the baseline JIT compiler enabled. This also caused the device management policy for JIT predating this to change meaning.
Linux kernel becoming their own CVE Numbering Authority (CNA) is wasting resources they'd have previously put towards higher quantity and quality backporting. We've noticed a drop in both for the stable/longterm branches and particularly Android Generic Kernel Image LTS branches.
We've had around 2.5 years to evaluate impact of Generic Kernel Images. Our conclusion is that this caused more harm than good to GrapheneOS.
Generic Kernel Images are supposed to make kernel updates easier via a stable ABI, but Pixels update all drivers for GKI updates anyway.
https://grapheneos.social/@GrapheneOS/112481434513090992
The latest release of GrapheneOS adds the first piece of our ongoing work on duress/panic features. It makes standard factory resets including by device admin APIs wipe the device near instantly before it reboots to recovery to wipe and format it.
Our latest OS release that's currently in the Beta channel implements a new feature for blocking DNS leaks by third party VPN service app implementations which were discovered by our community:
https://github.com/GrapheneOS/os-issue-tracker/issues/3442
The good news is this does successfully block these leaks.
@IngwiePhoenix
Thanks for the support!
There are a lot more great features on the way including App Communication Scopes, 2-factor fingerprint unlock, duress PIN/password and much more.
We'll be blacklisting mailbox.org and websites using it for email hosting for registration on discuss.grapheneos.org and as an alert email for attestation.app. They're blocking emails from our mail server for a convoluted, nonsensical reason and won't stop.
@TeslaLiberty If you aren't using Alpha, it's not really relevant to you. It's why we have the Alpha channel. It also doesn't impact the vast majority of users in Alpha, only 3 reports so far.
We found another regression introduced by a recent f2fs change in the Linux 5.15 LTS branch so we'll have to make another release for Pixel 8 and Pixel 8 Pro before it can reach Beta. Only 2 users doing Alpha channel testing ran into this and one has confirmed reverting it works.
Reset attack mitigation for firmware-based boot modes such as fastboot mode has been added as one of our requirements for GrapheneOS support:
https://grapheneos.org/faq#future-devices
It shipped as part of this month's firmware updates for Pixels based on our proposal. Other OEMs should add it.
Google is publicly working on a fix for the factory reset vulnerability we reported:
https://android-review.googlesource.com/c/platform/frameworks/base/+/3008138
Currently, apps using device admin API to wipe do not provide any security against a local attacker since you can interrupt them. Forensic companies are aware of this.
GrapheneOS is much different from CalyxOS and /e/OS. GrapheneOS is a hardened OS with substantial privacy/security improvements:
https://grapheneos.org/features
CalyxOS and /e/OS are not hardened operating systems. They greatly reduce security vs. AOSP via added attack surface, rolled back security and slow patches. We don't have much in common with them.
There may also be compatibility issues with IPv6-only Wi-Fi networks. We're working on resolving this too. We were treating this as security patches and unfortunately we didn't get any reports of any app or network compatibility issues during the 20 hours of public Beta testing.
@Ivan Definitely no for the most part since this only shipped on October 28th in iOS 18.1 and there are much older versions included in the screenshots such as iOS 16. It is possible a small portion of it was because of this. It appears they reboot the default 4 days after it was locked in iOS 18.1.
Can you see the rest of the thread over the bridge?
https://grapheneos.social/@GrapheneOS/113450097776800819
@0f68e3d2 You can use both a work profile via a local profile management app and Private Space at the same time. You can also have up to 32 user profiles on GrapheneOS rather than only 4.
@51595631 We refute it when we see it, but it would be far better if we had a community which was far more active at defending the project against these attacks. It would avoid us needing to spend nearly as much time on it as we do and would also help to protect us from getting attacked for debunking misinformation. A lot of the attacks are based on making false claims and then claiming our team in insane, delusional, etc. after posting detailed replies debunking low effort lies.
@PentaSophia We still have extended support for the Pixel 5 and will for a while longer but that does not mean you should use it. Get a used Pixel 7a or 6a. Even a Pixel 6a still has more support remaining than the Pixel 5 did on the day it was launched since the Pixel 6 moved to 5 years of support from launch instead of only 3 years. Pixel 8 has moved to 7 years of support from launch. 7 years of support essentially solved this problem.
@7514fab5 You won't have privacy/security using carrier-based calls rather than end-to-end encrypted messaging. Decent smartphones are also much more secure than desktops or laptops.
iVerify claims to defend against sophisticated attacks from within the app sandbox on Android and iOS by looking for signs of past jailbreaks, etc. They did not discover Showcase, how to enable it, permissions it has or connections it makes. It's marketing for a crippled AV app.
We'd greatly appreciate if more GrapheneOS users helped with the Alpha/Beta testing of Vanadium releases. Can enable the Alpha/Beta channel by selecting Vanadium in the app repository client (Apps) and changing release channel with the menu. We might need to make it more visible.
https://beacondb.net/ is a promising project aiming to allow anyone to host the service or use it from a local client with the same data.
Don't contribute your data to a service trying to centralize control, particularly one from the folks behind the astounding insecure /e/OS.
@d6728fef Google Maps works fine alongside sandboxed Google Play. They're regular sandboxed apps unable to do more than other regular user installed apps. Our compatibility layer makes this work.
Oddbean new post about login | logout
Notes by GrapheneOS | export