GrapheneOS: a open source privacy and security OS

[ForgottenSeer 85179]

GrapheneOS is an open source privacy and security focused mobile OS with Android app compatibility.

Official releases are available on the releases page and installation instructions are on the install page.

See the GitHub organization for sources of the OS and various standalone sub-projects including the cutting edge new hardened memory allocator and other projects.

The official GrapheneOS releases are supported by the Auditor app and attestation service for hardware-based attestation. For more details, see the about page and tutorial. You can also extend these with support for your own builds.

GrapheneOS: the private and secure mobile OS

GrapheneOS is a security and privacy focused mobile OS with Android app compatibility.

grapheneos.org

Offical support:

Reddit - Dive into anything

www.reddit.com

&
IRC: #grapheneos on Freenode (irc.freenode.net) / Matrix: #grapheneos:matrix.org

The latest release is: 2020.02.07.19
Android february security updates are alreadys included and of course GrapheneOS comes with Android 10!

I'm not the maintainer, nor a Android Dev but a GrapheneOS user and i just wan't post new releases here and also can help with questions as good as i can.

 

[Lenny_Fox]

@security123

Thanks, I user my Windows Phone 4,5 year. My girlfriend uses the 2 test nee phone option of her mobile operator. We bought the same phone (Samsung A70), which is also supported. So when she switches phones again I will install this OS on her phone. I really enjoy A70 battery life. With this OS I may extend its life to 4 to 5 years also.

 

[ForgottenSeer 85179]

@security123

Thanks, I user my Windows Phone 4,5 year. My girlfriend uses the 2 test nee phone option of her mobile operator. We bought the same phone (Samsung A70), which is also supported. So when she switches phones again I will install this OS on her phone. I really enjoy A70 battery life. With this OS I may extend its life to 4 to 5 years also.

Well, GrapheneOS has official production support for the Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL.
But if you can build it up for yourself then that may work but you don't get the fully security do to lack of needed Hardware.

But you can use the Auditor app to increase your security

 

[Lenny_Fox]

That is why o first try to build it first on her phone when she has a new one, but that is over two year. In two years time anything can happen. I first had my hopes on Ubuntu touch but sadly Ubunti stopped that project. Ahhwel I can always switch to postmarketOS or LineageOS when everything fails

 

[ForgottenSeer 85179]

March security update available!:

2020.03.03.03

• QQ2A.200305.002.2020.03.03.03 (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, emulator, generic, other targets)

Changes since the 2020.02.07.19 release:

• full 2020-03-01 security patch level
• full 2020-03-05 security patch level
• rebased onto QQ2A.200305.002 release
• use time.grapheneos.org instead of grapheneos.org for HTTPS-based time updates
• Vanadium: migrate to Trichrome for unified builds of separate browser and WebView apps with a shared library app
• Vanadium: use org.grapheneos.vanadium.webview instead of com.android.webview as the WebView package name
• Vanadium: rename WebView to Vanadium System WebView from Android System WebView
• Vanadium: update Chromium base to 80.0.3987.99
• Vanadium: update Chromium base to 80.0.3987.117
• Vanadium: update Chromium base to 80.0.3987.119
• SELinux policy: remove base system app apk_data_file execute
• SELinux policy: remove zygote access to apk_data_file

Restoration of past features since the 2020.02.07.19 release:

• Vanadium: stop replacing signature from the Vanadium signing key with the OS release key
• Settings: add back control over camera access while the screen is locked
• fix MAC randomization after reboot for the always randomize MAC option
• SELinux policy: split out base system untrusted_app (normal unprivileged apps) and isolated_app (isolatedProcess sandbox) SELinux policy domains for future work
• SELinux policy: remove base system app execmod
• SELinux policy: remove base system app execmem
• SELinux policy: remove base system app execute_no_trans
• SELinux policy: remove base system app app_data_file execute
• SELinux policy: remove base system app ashmem execute
• SELinux policy: remove base system app tmpfs execute
• SELinux policy: remove zygote execmem
• SELinux policy: remove system_server_startup domain
• add LTE only mobile network configuration option

 

[ForgottenSeer 85179]

Today a new updates was released:

2020.03.04.16

• QQ2A.200305.002.2020.03.04.16 (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, emulator, generic, other targets)

Changes since the 2020.03.03.03 release:

• Vanadium: backport upstream fix for Android 10 downloads
• Vanadium: update Chromium base to 80.0.3987.132
• Settings: avoid overriding MAC address with random persistent MAC address when viewing MAC address
• finish porting support for per-connection random MAC rather than using the per-network random address

 

[ForgottenSeer 85179]

New FAQs are written:
FAQ: Why aren't my favorite apps bundled with GrapheneOS?

FAQ: How can I set up system-wide ad-blocking? / Are ad-blocking apps supported?

More: GrapheneOS FAQ

 

[ForgottenSeer 85179]

New update!:

Changes since the 2020.03.04.16 release:

• integrate Seedvault backup app as the default backup service
• integrate port of CalyxOS SetupWizard app to support restoring with Seedvault and other initial setup
• Vanadium: disable unused safe browsing feature by default (Safe Browsing is currently a no-op due to the lack of Play Services, and support for using the local database backend hasn't been implemented. Various changes would be needed to make it available and to make sure that privacy is preserved.)
• Vanadium: disable unused Google VR support
• Vanadium: disable content feed suggestions by default
• Vanadium: update Chromium base to 80.0.3987.149
• Settings: fix broken upstream MAC randomization value mapping uncovered by the always randomize option value
• make_key: use scrypt for key derivation used to encrypt keys
• add script/encrypt_keys.sh and script/decrypt_keys.sh for handling key encryption
• improve UX, performance and algorithm support for encrypted keys in script/release.sh and script/generate_delta.sh
• dexpreopt: disable BOARD_USES_SYSTEM_OTHER_ODEX for mainline devices, which was causing odex files to be unintentionally omitted from the system image for modern devices
• dexpreopt: use speed filter for boot images and non-prebuilts rather than unintentionally only setting it for prebuilts
• dexpreopt: disable pre-optimization for apps bundled by android-prepare-vendor to work around unresolved issues with conflicting inlined definitions

GrapheneOS releases

Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

grapheneos.org

 

[ForgottenSeer 85179]

Copperhead is making bogus legal threats to intimidate and scare off contributors to GrapheneOS

Copperhead is continuing to run a misinformation campaign against GrapheneOS along with attacking it in other ways. They're having success at tricking and scamming both individuals and companies to get substantial amounts of money which then goes towards further attacks GrapheneOS and stealing more of our work. They've gradually been rewriting history and have come up with an evolving story where they fraudulently claim authorship / ownership over the project. They've tried to erase their failed attempt to take over an independent open source project they were supposed to be sponsoring / supporting. They've stolen an enormous amount of money and research / development work from us.
We need the community to help with countering their misinformation campaign, including reaching out to people and companies that have been duped. If you're interested in helping with this, get in touch with me on IRC (strcat on irc.freenode.net) or Matrix (@strcat:matrix.org). The community needs to substantially step up and start helping with this on a regular basis. We need people spreading the word about what they're doing and countering their daily attacks on GrapheneOS and GrapheneOS contributors. There's ongoing damage being done to the project by the fraud being perpetrated by James Donaldson and Copperhead Limited. They're trying to steal credit for the authorship and ownership of the work to enrich themselves from it, all while trying to destroy the project they continue to leech from.
People often ask how they can contribute without technical skills and this is how. Reach out to individuals and organizations supporting this scam and get the truth to them. The money being illegitimately vacuumed up by these people is directed towards causing harm to us. The more successful they are with their scam, the more damage they're able to do. It's very important for the community to start taking this seriously. It's ridiculous that they've been able to go on for so long thanks to apathy and inaction. The privacy and security industry is full of these scam artists but these ones are particularly bad. James Donaldson is causing enormous damage to open source privacy and security work. He's a sociopath with no mortal compass and he's never going to be convinced to stop what he's doing. Instead, we need to counter the damaging misinformation campaign with facts by reaching out to the people duped by people. Cutting off their illegitimate revenue based on the theft / fraud they're committing protects others from being harassed, intimidated or duped by them. Please start taking action.

Source:

Info: Copperhead was the old - now dead project from Daniel Micay and his partner. After his partner make a lot of unserios stuff, Daniel leave the project and start his own GrapheneOS.
But after that, his partner start attacking the project with lies and misinformations all over the place.

So if you wan't help the project with lack knowledge of programing skills, this is a chance.

 

[ForgottenSeer 85179]

The secure PDF viewer got a update (which will be included in next GrapheneOS update):

Release 3 · GrapheneOS/PdfViewer

Full list of changes from the previous release (version 2). Notable changes: add initial implementation of pinch-to-zoom fix enabling / disabling next/previous actions This release will be bundle...

github.com

• add initial implementation of pinch-to-zoom
• fix enabling / disabling next/previous actions

Info about this PDF viewer:

Spoiler

Simple Android PDF viewer based on pdf.js and content providers. The app doesn't require any permissions. The PDF stream is fed into the sandboxed WebView without giving it access to content or files. Content-Security-Policy is used to enforce that the JavaScript and styling properties within the WebView are entirely static content from the apk assets. It reuses the hardened Chromium rendering stack while only exposing a tiny subset of the attack surface compared to actual web content. The PDF rendering code itself is memory safe with dynamic code evaluation disabled, and even if an attacker did gain code execution by exploiting the underlying web rendering engine, they're within the Chromium renderer sandbox with no access to the network (unlike a browser), files, or other content.

Also the app can be downloaded from Google store if your device doesn't run GrapheneOS.

 

[ForgottenSeer 85179]

April Security Updates are available:

GrapheneOS releases

Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

grapheneos.org

Changes since the 2020.03.23.22 release:

• full 2020-04-01 security patch level
• full 2020-04-05 security patch level
• rebased onto QQ2A.200405.005 release
• Pixel 3a, Pixel 3a XL: fix SystemUI paths in memory pinning configuration
• only include Updater app when OFFICIAL_BUILD=true is set in the environment to avoid accidental use of the default update server with unofficial builds that are not compatible
• Vanadium: update Chromium base to 80.0.3987.162
• PDF Viewer: update to version 3
• update SELinux policy for officially supported devices based on isolated_app domain split
• raise protected_fifos / protected_regular from 1 (world-writable directories) to 2 (group-writable directories too)

From GrapheneOS dev:

For now, only the tags are available, until it starts being pushed out via the Beta channel. The incremental (delta) updates for efficiently upgrading from the previous release to this release still need to be generated. It takes a long time on the workstation used to build the official releases. It needs to be replaced soon.

 

[ForgottenSeer 85179]

New update:
2020.04.13.21

Changes since the 2020.04.07.10 release:

• Vanadium: update Chromium base to 81.0.4044.96
• Vanadium: remove unsupported password leak detection option
• Vanadium: expand automated string rebranding
• Vanadium: remove Google prefix from storage settings label
• enable VPN lockdown by default
• reword random MAC options to make them clearer
• start the final phase of the migration process for random MAC preference values
• generate manifests for stable releases directly referencing revisions by hash instead of tag name to simplify signature verification for the sources

Restoration of past features since the 2020.04.07.10 release:

• globally enable -ftrivial-auto-var-init=zero rather than porting our downstream -fsanitize=local-init feature
• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL): globally enable -ftrivial-auto-var-init=auto rather than porting our downstream -fsanitize=local-init feature
• Vanadium: enable -ftrivial-auto-var-init=auto rather than porting our downstream -fsanitize=local-init feature

 

[ForgottenSeer 85179]

Oh, wow. A fast update again:
2020.04.14.23

Changes since the 2020.04.13.21 release:

• Settings: adjust wifi_privacy_values to the new values
• Settings: remove unnecessary workaround for MAC randomization preference
• Settings: tweak MAC randomization preference wording

 

[ForgottenSeer 85179]

2020.05.05.02

Changes since the 2020.04.14.23 release:

• Vanadium: update Chromium base to 81.0.4044.111
• Vanadium: update Chromium base to 81.0.4044.117
• disable safe volume feature everywhere instead of only the US
• hardened_malloc: implement slab allocation memory corruption checks for malloc_usable_size
• set SCHED_BATCH in the build system and release generation scripts instead of the interactive shell
• use more sensible factory images zip naming scheme
• Settings: add missing title for top_level_settings to fix showing it as null in search results

Restoration of past features since the 2020.04.14.23 release:

• Vanadium: use 64-bit Trichrome browser processes

 

[ForgottenSeer 85179]

This also include:

• full 2020-05-01 security patch level
• full 2020-05-05 security patch level

I also donate now the project. Please do the same - monthly

 

[Vitali Ortzi]

Awesome project underrated!
Although I still prefer iOS at times .

 

[ForgottenSeer 85179]

The flashing instructions at GrapheneOS install documentation now include complete, fully tested instructions for Windows 10. Windows 10 has bsdtar (libarchive tar) and curl built-in now, which is nice

 

[ForgottenSeer 85179]

The next release of GrapheneOS will raise the minimum supported API level from 23 (Android 6) to 28 (Android 9): raise minimum supported API level to 28 · GrapheneOS/platform_build@0eb096a
Users will be warned when trying to run apps targeting API < 28. This is important due to backwards compatible privacy/security improvements

This reduce the attack surface a lot! (old unsecure Apps can't run anymore)

 

[ForgottenSeer 85179]

This reduce the attack surface a lot! (old unsecure Apps can't run anymore)

And here it is:

2020.05.23.12

• QQ2A.200501.001.B2.2020.05.23.12 (Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL)
• QQ2A.200501.001.B3.2020.05.23.12 (Pixel 2, Pixel 2 XL, emulator, generic, other targets)

Changes since the 2020.05.05.02 release:

• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL): use Clang for compiling code for the host too
• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL): add build-tools prebuilts to PATH to reduce external dependencies and avoid potential reproducibility issues
• add build-tools prebuilts to PATH in the release signing and delta generation scripts to reduce external dependencies and avoid potential reproducibility issues
• fix upstream bug relying on malloc addresses for sort order of 3 items, causing Bluetooth A2DP audio to fail 2/3 of the time with hardened_malloc when the expected item isn't first
• use the same datetime for build number and build date
• always use UTC as the time zone for build dates
• update GrapheneOS fork of android-prepare-vendor to the collaborative AOSPAlliance fork
• raise minimum supported API level to 28 from 23, producing a warning for apps targeting API < 28 (the Play Store disallows uploading new apps or app updates targeting API < 28 so this isn't an aggressive warning)
• Vanadium: update Chromium base to 81.0.4044.138
• Vanadium: update Chromium base to 83.0.4103.60
• Vanadium: disable media DRM preprovisioning
• Vanadium: most private WebRTC IP handling policy by default
• set SCHED_BATCH in the kernel build scripts

Restoration of past features since the 2020.05.05.02 release:

• Settings: allow disabling Vanadium browser app via the Settings UI now that Trichrome (browser, WebView, shared library) has replaced Monochrome (monolithic app) for providing the WebView without having 2 copies of the browser engine

 

[ForgottenSeer 85179]

New update for secure PDF viewer app:

Release 4 · GrapheneOS/PdfViewer

Full list of changes from the previous release (version 3). Notable changes: add user-facing error reporting This release will be bundled with the next release of GrapheneOS and is also being pus...

github.com

(Available in Google store for other devices too!)