GrapheneOS [Unofficial]

1849 readers

35 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago

MODERATORS

[email protected]

GrapheneOS version 2022013010 (grapheneos.org)

submitted 3 years ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

2022013010

Tags:

SP1A.210812.016.A2.2022013010 (Pixel 3, Pixel 3 XL) — extended support release for legacy devices with frozen 2021-11-01 patch level
SQ1A.220105.002.2022013010 (Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL, Pixel 4a, Pixel 4a (5G), Pixel 5, Pixel 5a, emulator, generic, other targets)
SQ1D.220105.007.2022013010 (Pixel 6, Pixel 6 Pro)

Changes since the 2022011423 release:

make DownloadManager friendlier to apps with the Network permission revoked instead of triggering SecurityException
Sandboxed Google Play compatibility layer: revert marking location service as a foreground location service (not necessary)
Sandboxed Google Play compatibility layer: add compatibility shims enabling full support for using Play services geolocation
Sandboxed Google Play compatibility layer: add GmsCompat app providing infrastructure for the compatibility layer and shortcuts to Google Play configuration activities (will toggle for redirecting the Google Play geolocation API in a future release)
Sandboxed Google Play compatibility layer: replace converting Google Play services to foreground services with keeping them alive using the GmsCompat app
Dialer: update visual voicemail configuration based on Google Phone 73.0.414822266
Messaging: replace obsolete AOSP MMS configuration database with one generated from the stock OS app
Vanadium: update Chromium base to 97.0.4692.98
Vanadium: use Google Chrome branding for client hints to help with blending in
Vanadium: enable HTTPS-only mode by default (can connect via HTTP through the warning screen if HTTPS upgrade fails)
Vanadium: enable strict origin isolation by default
Vanadium: disable appending variations header
Camera: update to version 10
Auditor: update to version 41
hardened_malloc: code cleanup and micro-optimizations
adevtool: initial public release replacing pre-generated vendor trees
adevtool: overhaul of GrapheneOS specific configuration

Twitter / Nitter | Reddit / Teddit

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 0 points 3 years ago (1 children)

I wish it was avalible for my phone...

[–] [email protected] 1 points 2 years ago

Sorry for such a long wait in ever getting a reply to your comment.

in case you were unaware, An explanation on why so few devices are supported

"Devices are carefully chosen based on their merits rather than the project aiming to have broad device support. Broad device support is counter to the aims of the project, and the project will eventually be engaging in hardware and firmware level improvements rather than only offering suggestions and bug reports upstream for those areas. Much of the work on the project involves changes that are specific to different devices, and officially supported devices are the ones targeted by most of this ongoing work.

Devices need to be meeting the standards of the project in order to be considered as potential targets. In addition to support for installing other operating systems, standard hardware-based security features like the hardware-backed keystores, verified boot, attestation and various hardware-based exploit mitigations need to be available. Devices also need to have decent integration of IOMMUs for isolating components such as the GPU, radios (NFC, Wi-Fi, Bluetooth, Cellular), media decode / encode, image processor, etc., because if the hardware / firmware support is missing or broken, there's not much that the OS can do to provide an alternative. Devices with support for alternative operating systems as an afterthought will not be considered. Devices need to have proper ongoing support for their firmware and software specific to the hardware like drivers in order to provide proper full security updates too. Devices that are end-of-life and no longer receiving these updates will not be supported." from: https://grapheneos.org/faq#future-devices

Hopefully someday in the future the device makers will properly handle the requirements needed for GOS