Lightnews — Scholar-powered news

GrapheneOS

@grapheneos.org

13K followers 0 following 4.5K posts

Open source privacy and security focused mobile OS with Android app compatibility. https://grapheneos.org/

grapheneos.org

Posts Media Videos Starter Packs

Pinned

GrapheneOS @grapheneos.org · Feb 7

In April 2024, Pixels shipped a partial implementation of our January 2024 proposal for firmware-based reset attack protection. Fastboot mode now zeroes RAM before enabling USB. This successfully wiped out the After First Unlock state exploit capabilities of two commercial exploit tools.

8 22 380

GrapheneOS @grapheneos.org · 13h

Forum discussion thread:

discuss.grapheneos.org/d/27316-vana...

GrapheneOS @grapheneos.org · 13h

Vanadium version 141.0.7390.111.0 released:

github.com/GrapheneOS/V...

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

#GrapheneOS #privacy #security #browser

Release 141.0.7390.111.0 · GrapheneOS/Vanadium

Changes in version 141.0.7390.111.0: update to Chromium 141.0.7390.111 enable origin keyed processes by default for improved site isolation sandboxing drop unnecessary code related to our search e...

github.com

1 2 22

GrapheneOS @grapheneos.org · 14h

We have the November 2025, December 2025 and January 2026 security updates in our security preview releases which we recommend using. This is a good example of why we strongly disagree with 3 month embargoes. We fully fixed TapTrap ourselves a while ago so that's resolved in the regular releases.

2 5

GrapheneOS @grapheneos.org · 1d

Yes, you can use nearly all Android apps on GrapheneOS. The main exception are ones using the Play Integrity API to ban using any alternate OS. Some of the apps using the Play Integrity API have started to permit GrapheneOS via hardware attestation but will need updates for newly added devices.

GrapheneOS @grapheneos.org · 1d

We're working on getting it through our OEM partner and they're working on getting clarification from Google about what's going on. If Google isn't going to push it to AOSP soon, something else will be worked out.

GrapheneOS @grapheneos.org · 1d

Pixel 6 launched with the Linux 5.10 LTS branch and then moved to the Linux 6.1 LTS branch. Pixel 8 and later have 7 years of support from launch so they'll update to new kernel branches multiple times rather than once. Pixel 8 went from 5.15 to 6.1 but will need to move to newer kernels.

GrapheneOS @grapheneos.org · 1d

As an example, Pixel 6 and Fairphone 4 were both released in October 2021. Pixel 6 launched with Android 12 and received each monthly, quarterly and yearly release. It has Android 16 QPR1 and moved to Linux 6.1. Fairphone 4 is on the initial yearly release of Android 13, which is end-of-life soon.

1 2

GrapheneOS @grapheneos.org · 1d

No, those aren't not secure devices meeting our requirements listed at grapheneos.org/faq#future-d.... Fairphone lags far behind on support for current Android versions and providing important privacy/security patches for drivers/firmware. Important hardware-based security features are also missing.

2 1

GrapheneOS @grapheneos.org · 1d

No, it's not. Check the Phone app permissions.

GrapheneOS @grapheneos.org · 3d

Does it happen after rebooting?

GrapheneOS @grapheneos.org · 3d

What's the version in Settings > About phone > Build number?

GrapheneOS @grapheneos.org · 4d

You'll need to provide more information. Which device model and OS version are you using? Try updating to the latest OS release if you haven't already.

1 1

GrapheneOS @grapheneos.org · 4d

There's an explanation in the page for the Setup Wizard which is also provided to existing users via a notification opening a similar page. More information is available at discuss.grapheneos.org/d/27068-grap....

GrapheneOS @grapheneos.org · 4d

Those are the only devices meeting the update and security requirements listed at grapheneos.org/faq#future-d.... We're actively working with a major Android OEM towards a subset of their future devices meeting these requirements. Broad device support wouldn't be compatible with privacy/security.

GrapheneOS @grapheneos.org · 5d

Only adding it as an option to the update settings only resulted in a tiny portion of the userbase using the security preview releases. Providing everyone with an explicit choice was important since otherwise it will take a lot of time for people to become aware of it and many won't ever notice it.

GrapheneOS @grapheneos.org · 5d

Our 2025092500 release (grapheneos.org/releases#202...) was the first with support for opting into security preview releases via the update settings.

Our latest release (2025100900) now provides a choice in the initial Setup Wizard process and a notification with the same choice for existing users.

1 1

GrapheneOS @grapheneos.org · 5d

GrapheneOS version 2025100900 released:

grapheneos.org/releases#202...

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

discuss.grapheneos.org/d/27194-grap...

#GrapheneOS #privacy #security

GrapheneOS releases

Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

grapheneos.org

6 4 49

GrapheneOS @grapheneos.org · 5d

Yes, it will be supported, but we don't know how long it's going to take.

1 4

GrapheneOS @grapheneos.org · 5d

They still set the patch level on the Pixel 7 to the latest value despite not having the patches from either the 2nd half of each Android Security Bulletin or the patches from the Pixel Update Bulletins. OEMs are supposed to have their own bulletins covering patches for components not from AOSP.

GrapheneOS @grapheneos.org · 5d

/e/ sets the patch level inaccurately for the officially supported devices too, and is similarly far behind on providing privacy and security patches. As an example, their official support for the Pixel 7 is on Android 13 without kernel, driver and firmware patches from October 2023 or later.

1 1

GrapheneOS @grapheneos.org · 5d

discuss.grapheneos.org/d/27068-grap... provides more information on our security preview releases. The reason we're providing both regular and security preview releases is because we're required to wait to the embargo end date to publish the source code for the patches in the future bulletins.

GrapheneOS @grapheneos.org · 5d

December 2025 patches from the past couple days have been included and the January 2026 preview is now available.

Our next release coming today provides a choice to use our security preview releases in the initial setup wizard with a notification for existing users. Opting into it is recommended.

1 12

GrapheneOS @grapheneos.org · 5d

Unpatched devices impact more than the owners of the devices. DDoS attacks are largely done from compromised embedded devices and personal computers which were not receiving important patches. Exploiting known vulnerabilities months or years after they were patched is very common.

GrapheneOS @grapheneos.org · 5d

The fact is your device has extraordinarily poor privacy/security, which /e/ is misleading people about including by setting an inaccurate Android security patch level. It's an unsafe device and devices with a bunch of unpatched vulnerabilities really shouldn't be internet connected in general.

2 1

GrapheneOS @grapheneos.org · 5d

/e/ substantially rolls back the privacy and security model compared to AOSP, far more than LineageOS. There are also other operating systems doing what they can to patch a small portion of Linux kernel vulnerabilities and aren't misleading users about what's provided. DivestOS was doing it before.

1 1