KindnessInfinity

joined 2 years ago
MODERATOR OF
grapheneos
androidapps
sorted by: new top controversial old
66
GrapheneOS Port To AOSP 16 Progress (grapheneos.social)
 

In May, we began preparing to port to Android 16 despite our most active senior developer responsible for leading OS development being unavailable (https://grapheneos.social/@GrapheneOS/114359660453627718). Android 16 launched today and porting is going to be significantly more difficult than we were expecting.

We did far more preparation for Android 16 than we've ever done for any previous yearly release. Since we weren't able to obtain OEM partner access, we did extensive reverse engineering of the upcoming changes. Developers also practiced by redoing previous quarterly/yearly ports.

Unfortunately, Android has made changes which will make it much harder for us to port to Android 16 and future releases. It will also make adding support for new Pixels much more difficult. We're likely going to need to focus on making GrapheneOS devices sooner than we expected.

We don't understand why these changes were made and it's a major turn in the wrong direction. Google is in the process of losing multiple antitrust cases in the US. Android and Chrome being split into separate companies has been requested by the DOJ. They may be preparing for it.

We're hard at work on getting the port to Android 16 done but there's a large amount of additional work we weren't expecting. It can be expected to take longer than our usual ports due to the conscription issue combined with this. It's not good, but we have to deal with it.

Having our own devices meeting our hardware requirements (https://grapheneos.org/faq#future-devices) would reduce the time pressure to migrate to new releases and could be used to obtain early access ourselves. Based on talks with OEMs, paying for what we need will cost millions of dollars.

We've made a lot of progress on porting to Android 16 already. If things hadn't been made harder for us, we would likely be able to publish an experimental release tomorrow and quickly get a release into the Alpha and then Beta channels to start ironing out the bugs in the port.

Our speculation about this is that a result of Google losing a US antitrust case and likely losing several more soon, they're preparing for Android and Chrome being split into separate companies. If Android gets split off, they want to retain Pixels.

https://www.nytimes.com/2025/04/21/technology/google-search-remedies-hearing.html

Google seems to be in the process of splitting up Android and Pixels along with moving towards treating other Android-based platforms as their competitors instead of their partners. Pixels retain first class alternate OS support with Android 16 firmware so it's not about that.

We have early builds of GrapheneOS based on Android 16 booting in the emulator. We would usually be working on quickly porting over device support and getting the kernels ready including doing the production kernel builds now. Unfortunately, that will be harder than usual.

27
GrapheneOS version 2025061000 released (grapheneos.org)
 

This will likely be the final release based on Android 15 QPR2 since Android 16 has been released today.

Tags:

  • 2025061000 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2025060200 release:

  • expand our code for checking Google Play Store source stamp signatures to checking each split APK in order to prepare it for future security-relevant usage including optionally marking apps as installed from the Play Store after verifying the source stamp (this is currently used for stripping Play Store inserted checks for apps being installed from the Play Store which had looser security requirements)
  • remove Chunghwa Telecom and Netlock Certificate Authorities (CAs) based on the decision by the Chrome Root Store (this does not impact Vanadium since it uses a more sophisticated browser root store rather than the OS root store and will distrust certificates from these CAs not added to Certificate Transparency logs before 2025-08-01 to avoid website compatibility issues)
  • kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.141
  • kernel (6.6): update to latest GKI LTS branch revision
  • Vanadium: update to version 137.0.7151.72.0
  • Vanadium: update to version 137.0.7151.72.1
  • Network Location: increase difficulty of position estimation tests to help avoid regressions
9
Vanadium version 137.0.7151.72.2 released (github.com)
 

Changes in version 137.0.7151.72.2:

  • disable permission prompt for Local Network Access until it's supported on Android to avoid rare crashes impacting some users
  • backport upstream patches for the Local Network Access checks feature we're enabling early
  • replace our patch for an upstream Picture in Picture (PIP) bug with a backport of an upstream patch

A full list of changes from the previous release (version 137.0.7151.72.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

7
Vanadium version 137.0.7151.72.1 released (github.com)
 

Changes in version 137.0.7151.72.1:

  • enable Local Network Access checks by default (this was already shipped in Vanadium Config 95 so it doesn't change anything for users with up-to-date Vanadium Config)
  • add chrome://flags toggle for Android for the Local Network Access flag we're enabling by default so users can disable it (will be replaced by a site setting UI in the future)
  • drop change for testing Android 16 support prior to Android 16 release to prepare for the upcoming Android 16 stable release

A full list of changes from the previous release (version 137.0.7151.72.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

12
Vanadium Improvements For WebRTC (grapheneos.social)
 

WebRTC is a peer-to-peer communications protocol for web sites and therefore causes numerous privacy issues through making direct connections between participants. By default our Vanadium browser disables the peer-to-peer aspect by only using server-based (proxied) connections.

Vanadium provides a user-facing setting at Privacy and security > WebRTC IP handling policy.

From least to most strict:

DefaultDefault public and private interfacesDefault public interface onlyDisable non-proxied UDP

For Vanadium, "Disabled non-proxied UDP" is the default.

The tracking technique described at https://arstechnica.com/security/2025/06/meta-and-yandex-are-de-anonymizing-android-users-web-browsing-identifiers/ is prevented by Vanadium's default "Disabled non-proxied UDP" value. It's also prevented by "Default public interface only", which does permit peer-to-peer connections but won't try to use the loopback interface for it.

We have a list of most of the features provided by Vanadium at https://grapheneos.org/features#vanadium. There are dozens of additional privacy and security features planned along with data import/export and improved support for system backups. It takes time to implement these things properly.

Vanadium doesn't have billions or even millions of users which limits our ability to prevent fingerprinting. We plan to address this by launching it for use outside GrapheneOS including publishing it through the Play Store. We want to implement more of the planned features first.

For the non-WebRTC issue being abused by Yandex, Chromium 137 shipped a fix for it behind a feature flag that's being gradually rolled out. We can roll this out to 100% of Vanadium users through a Vanadium Config update. We can start Alpha testing for that new flag later today.

Vanadium Config version 95 enables protection for local networks and loopback. The user interface for making per-site exceptions isn't available for Android yet. The overall feature can be disabled via chrome://flags if for some reason someone needs that functionality right now.

0
Future Plans For Text To Speech and Speech To Text In GrapheneOS (grapheneos.social)
 

We're looking into using https://github.com/k2-fsa/sherpa-onnx to provide built-in text-to-speech and speech-to-text to greatly improve the out-of-the-box accessibility of GrapheneOS for blind users. We already have a screen reader included via our fork of the open source variant of TalkBack.

To have text-to-speech functioning out-of-the-box, we can choose one of the models with open source training code and data as the default to be included within the OS. We wouldn't need to include anything that's not truly open source. It's the only reasonable option we've found.

There are over 100 models for 40 languages. Some research is going to be required to figure out which of the English ones are fully open source (open training data and code) and then which of those works best for basic text-to-speech to have as the default bundled in the OS.

If we had text-to-speech support included in GrapheneOS, we could also provide an automatic captions feature.

We'll need to do a basic review of the code for text-to-speech, speech-to-text, shared code and any other parts we decide to use. We'll need at least a minor fork of it.

We want to stick to a model with open source training code/data for what we bundle, so we're likely not going to be able to use one of the best options by default. Having a tolerable open source model by default with the option to switch to great "open" models seems good enough.

We could use help narrowing down which of the available English models with open training data would be best (least bad) for basic text-to-speech usage including for TalkBack. We could also collect feedback somewhere on which ones people think are best overall across languages.

1
GrapheneOS Developers Left To Reverse Engineer Android Early Releases (grapheneos.social)
 

We still need help getting early access to Android 16 sources prior to the stable release in June. Every mainstream Android OEM has it. We're currently spending significant time on reverse engineering Android 16 Beta releases. It's a huge waste compared to having what we need.

0
GrapheneOS Foundation In Search For OEM Able To Help With Early OS Ports [UPDATED: 05-12-2025] (grapheneos.social)
submitted 1 month ago* (last edited 1 month ago) by KindnessInfinity@lemmy.ml to c/grapheneos@lemmy.ml
0 comments fedilink
 

We need an Android OEM or someone working at one to provide us with early access to the Android 16 sources in order to have a smooth port this year. We need this before June. We requested it to help with this very difficult situation (see the linked thread) and still need it.

https://grapheneos.social/@GrapheneOS/114359660453627718

GrapheneOS Foundation can sign an NDA for this. We can act as a contractor for an Android OEM or one of their contractors. We need this early access so that we can start early due to the developer who usually does most of it being unavailable. If you can get us this, please help.

Since we still haven't received early access to Android 16 sources, we'll need to begin deciding which subset of the GrapheneOS features must be ported and which ones could be initially dropped and added back in the following weeks in order to keep doing full security patches.

For example, our 2-factor fingerprint unlock feature is going to be particularly hard to port due to massive changes to the lockscreen code in Android 16. We can drop it for the initial release and add it back later with user configuration being preserved so it works as before.

Without early access, our porting process is likely going to involve making an initial release with dozens of GrapheneOS features missing to get initial Alpha testing going, then adding back features alongside fixing many upstream regressions and a small number of porting issues.

In the past few years, we've typically been able to make an experimental release with all of our features ported within a day or two of the new yearly release being pushed to the Android Open Source Project. It tends to take a week to reach Stable, which was already too long.

Over time, we've added many more features including ones which are harder to port including sandboxed Google Play compatibility layer, Storage Scopes, Contact Scopes, 2-factor unlock and much more. Some MUST be ported for an initial release, others could be temporarily omitted.

We hired an extremely talented developer in 2021 who later became our lead developer. He was doing the majority of this porting work from 2022 on. He's currently stuck in a military training camp due to being forcibly conscripted so we need standard early OEM access this year.

If you want to see GrapheneOS continue, please help us get early access to Android 16 sources before the end of the month. We ideally need all of it so we can do early builds for the emulator, but even just having a few of the most important repositories early would help a lot.

In exchange for an OEM providing us with early access, we can help with fixing multiple severe vulnerabilities and weaknesses fixed by GrapheneOS which are not being reported to Google due to them blocking us from having partner access. We can help in far more ways than that too.

Every Android OEM licensing GMS has access to what we need and could provide it to us under a contract where we're working on GrapheneOS with it for their benefit. Every Android OEM has substantially benefited from our upstream work, and could benefit more if they worked with us.

1
GrapheneOS Foundation Now Hiring Remote Developers (grapheneos.social)
 

GRAPHENEOS IS HIRING

Are you an experienced AOSP developer?

Interested in working full time, fully remotely on GrapheneOS?

Can you hit the ground running?

https://grapheneos.org/hiring

Global opportunity paid via Wise (local bank transfers), BTC, ETH or XMR.

0
GrapheneOS version 2025041100 released (grapheneos.org)
 

Tags:

  • 2025041100 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2025040700 release:

  • full 2025-04-05 security patch level
  • rebased onto BP1A.250405.007.D1 Android Open Source Project release
  • remove code for Qualcomm XTRA (PSDS) privacy improvements since we no longer have any devices with Qualcomm GNSS and we can add it back in the future if we need it again rather than porting it forward under the assumption we'll be using it
  • fix upstream RecoverySystem.verifyPackage(...) vulnerability (this was not directly exploitable due to there being 2 layers of update package signature verification and downgrade protection, but the first layer of protection should work properly to avoid a vulnerability in the 2nd layer being exploited)
  • Android Debug Bridge: more complete fix for upstream use-after-free bug for network-based connections which is being caught by our always enabled hardware memory tagging support for the base OS in hardened_malloc
  • kernel (6.1): update to latest GKI LTS branch revision
  • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.83
  • Seedvault: update to 15-5.5 (will be replaced with a better backup implementation in the future)
  • Vanadium: update to version 135.0.7049.79.0
  • Auditor: update to version 88
  • PDF Viewer: update to version 27
  • PDF Viewer: update to version 28
0
GrapheneOS version 2025030100 released (grapheneos.org)
 

Tags:

  • 2025030100 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2025022800 release:

  • Network Location: improve integration of altitude into trilateration to properly account for not all networks providing it including avoiding an edge case null pointer exception
  • Network Location: add default enabled data saver exemption
  • Network Location: use hideFromAppOps as documented by the Android API documentation for a network location service and to match how other the other OS location services and the Play services location service in the stock OS work in practice (this likely avoids the need for the exemption from the GrapheneOS location indicator but we're keeping that for now to avoid wasting development time determining it)
0
GrapheneOS version 2025022700 released (GrapheneOS Network Location Support Added) (grapheneos.org)
submitted 3 months ago* (last edited 3 months ago) by KindnessInfinity@lemmy.ml to c/grapheneos@lemmy.ml
0 comments fedilink
 

Tags:

  • 2025022700 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, emulator, generic, other targets)

Changes since the 2025021100 release:

  • add opt-in GrapheneOS network location implementation available via Settings > Location > Location services based on using the Apple Wi-Fi positioning API either through a GrapheneOS proxy or directly via Apple's service, which will be extended with much more functionality in the near future including incorporating altitude into trilateration, using cell towers if it provides a better estimate than Wi-Fi and using our own network location database either via a service or offline database downloads (we're in the process of building our own database by scraping all of the data from Apple's service and have already done a test run obtaining essentially all the cell tower data along with lots of Wi-Fi data)
  • fix Wi-Fi APEX issues preventing an OS network location service from doing Wi-Fi scans without the INTERACT_ACROSS_USERS / INTERACT_ACROSS_USERS_FULL privileged permissions
  • Sandboxed Google Play compatibility layer: add support for using an OS network location provider for the default enabled rerouting of Google Play location requests to the OS location service
  • add support for "5G only" and "4G or 5G only" modes in addition to our existing "4G only" mode
  • enable support for blocking callers not in Contacts
  • resolve regression for secondary user SMS in Android 15 QPR1 by enabling partial upstream fix since we dropped this part of our fix for the issues but the upstream fix wasn't actually active
  • fix Storage Scopes / Contact Scopes app settings link not working for apps in nested profiles in some cases
  • Launcher: limit 4x5 grid option to phones
  • kernel (6.1): update to latest GKI LTS branch revision
  • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.79
  • backport mainline APEX module patches for DocumentsUI, Media Provider and Network Stack
  • Vanadium: update to version 133.0.6943.89.0
  • Vanadium: update to version 133.0.6943.121.0
  • Vanadium: update to version 133.0.6943.137.0
  • Vanadium: update to version 134.0.6998.39.0
  • App Store: update to version 27
  • App Store: update to version 28
  • Messaging: update to version 5
  • Messaging: update to version 6
  • Messaging: update to version 7
  • PDF Viewer: update to version 21
  • PDF Viewer: update to version 22
  • PDF Viewer: update to version 23
  • PDF Viewer: update to version 24
  • PDF Viewer: update to version 25
  • PDF Viewer: update to version 26
  • Camera: update to version 79
  • Camera: update to version 80
  • Camera: update to version 81
view more: ‹ prev next ›