We cannot say which OEM it is at this point. It'll be announced when we can.
03.09.2025 19:09
π 1
π 0
π¬ 1
π 0
We cannot say which OEM it is at this point. It'll be announced when we can.
It's been more than that, and in those years, there have been no other devices meet our requirements. We're currently working with an OEM to have some of their future devices support GrapheneOS. They're implementing what we need. We can't cut corners, we'll just support OEMs who want to do the work.
You're calling GrapheneOS corrupt for having clearly defined standards and sticking to them, but not companies that make software and hardware that is marketed as private and secure while being neither? It's very weird.
This is an extremely weird thing to say. We've made it extremely clear why we currently support the devices we do, and we have also made it clear why we can't support the other devices people usually talk to us about. We're working on supporting other devices, but we won't cut corners doing it.
This kind of thought process and purity tests almost always leads people to worse outcomes where they're much worse off than they could've otherwise been, such as with devices with horrible security/privacy practices that don't receive basic patches or have gaping holes.
Privacy is not synonymous with "avoid Google". You can use things Google has made and have privacy. There are specific things that make e.g. Brave a better choice than other non-Chromium based browsers, or Pixels a better device for building an alternative OS.
Things were a bit different with Android this time, likely due to a functionality vs security trade-off that made it harder to address the issue in AOSP. Going forward, we'll continue reporting to Google but jointly disclose to GrapheneOS for any future Android-related issues.
DHS is urging law enforcement to treat even skateboarding and livestreaming as signs of violent intent during a protest, turning everyday behavior into a pretext for police action. www.wired.com/story/dhs-te...
Signal. Tor. GrapheneOS. People should be loud and proud about using security and privacy tools that work - that's the best way to counter the narrative that only people with something to hide would.
www.androidauthority.com/why-i-use-gr...
Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.
ICEBlock is incredibly false privacy claims for marketing. They falsely claim it provides complete anonymity when it doesn't. They're ignoring both data kept by Apple and data available to the server but not stored. They're also spreading misinformation about Android:
www.iceblock.app/android
bsky.app/profile/iceb...
Apple stores which devices/users install which apps. They have the device IDs. US government could obtain a list of people who installed the app if a court authorized it. Not clear what they mean by having to storing device IDs. Those IDs aren't accessible to Android apps.
European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.
www.xatakandroid.com/sociedad/cad...
We're going to be moving forward under the expectation that future Pixel devices may not meet the requirements to run GrapheneOS (grapheneos.org/faq#future-d...) and may not support using another OS. We've been in talks with a couple OEMs about making devices and what it would cost.
Disable non-proxied UDP is the most secure/private option.
WebRTC is a peer-to-peer communications protocol for web sites and therefore causes numerous privacy issues through making direct connections between participants. By default our Vanadium browser disables the peer-to-peer aspect by only using server-based (proxied) connections.
One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. We soon learned their disappearance was completely unrelated to GrapheneOS. Our priority has been keeping them safe.
Our 2025040700 release was an early April 2025 security update release based on the Android Security Bulletin backports.
April 2025 monthly release of Android 15 QPR2 is in the process of being published today and we'll make a new release after the tags are all pushed to AOSP.
Macarne has provided a sponsored server to replace our current EU update servers so we can handle current traffic and near future growth. Ryzen 9950X, 128GB RAM, 2x 2TB NVMe and most importantly 25Gbps bandwidth. It's greatly appreciated!
macarne.com
GrapheneOS showing Curve Pay enabled for tap to pay.
For @grapheneos.org users missing Google Pay, it would now appear that
Curve are now running Curve Pay in parallel, even in GPay enabled regions where previously unavailable.
Tap to Pay is here.
GrapheneOS currently supports all devices that meet the project's criteria. We would love to be able to support more devices, and would be open to do so if a device meeting our requirements is made. You can see our hardware requirements at grapheneos.org/faq#future-d....
For an idea of what we're looking for, see the 10Gbps options at tempest.net/dedicated-se... with 64GB memory. They're also willing to give us a significant discount, which other major providers haven't offered. Tempest is currently IPv4-only though, which isn't ideal for our usage.
We've made 2 attempts at talking to OVH about offering us something different than their publicly available products which hasn't gone anywhere. We likely need to move this part of our infrastructure to 1 or 2 other providers with unmetered 10Gbps dedicated servers like Tempest.
We currently have 16Gbps total bandwidth for our update servers and that's not nearly enough for major releases anymore. Rather than further scaling up our current 2Gbps unmetered VPS approach, we're currently looking into other options. OVH lacks cost effective 10Gbps servers.
What do you think you would miss in particular? Perhaps what you think you would miss you can actually have on GrapheneOS.
One thing is certain. This is something they're choosing to do and there's no incompatibility on our end. It's unfortunate but we have to keep being loud so that they realize there are users who want GrapheneOS supported. If people quietly drop apps who do this, they won't change it!
I see. They seem to be doing two things. They're enforcing that you install the app from Play Store, but they're also marking the Play Store listing as requiring a Google-certified OS. The app itself might not use Play Integrity, so you could perhaps trick it if it thought it was installed via PS.
Did you download it from the Play Store? If not, please try that, while you're signed in to your Google account there and let us know if you continue having issue. If the app is using the Play integrity API, you'll be notified by the OS. It seems to require DCL and native code debugging, too.
Apps enforcing enforcing a Play Integrity API check have nothing to lose by permitting GrapheneOS too via hardware attestation. You'll get positive reviews from our rapidly growing userbase instead of negative. GrapheneOS is much more secure than anything Play Integrity permits.