GrapheneOS: a open source privacy and security OS

[ForgottenSeer 85179]

New update for secure PDF viewer app:

Release 4 · GrapheneOS/PdfViewer

Full list of changes from the previous release (version 3). Notable changes: add user-facing error reporting This release will be bundled with the next release of GrapheneOS and is also being pus...

github.com

(Available in Google store for other devices too!)

A fast update:

Release 5 · GrapheneOS/PdfViewer

Full list of changes from the previous release (version 4). Notable changes: fix new error reporting code This release will be bundled with the next release of GrapheneOS and is also being pushed...

github.com

 

[ForgottenSeer 85179]

The PdfViewer updates are now included, beside some other changes:
2020.05.29.00

Changes since the 2020.05.23.12 release:

• PDF Viewer: update to version 4
• PDF Viewer: update to version 5
• revert attempt at fixing audio DeviceDescriptor sorting
• hardened_malloc: temporarily disable SLOT_RANDOMIZE to work around DeviceDescriptor sorting bug

 

[ForgottenSeer 85179]

June 2020 security update:

2020.06.02.02

Changes since the 2020.05.29.00 release:

• full 2020-06-01 security patch level
• full 2020-06-05 security patch level
• rebased onto QQ3A.200605.002 release
• Vanadium: update Chromium base to 83.0.4103.83
• factory images: add fastboot version detection to flash-all.bat on Windows

 

[ForgottenSeer 85179]

• Settings: adjust wifi_privacy_values to the new values
• Settings: remove unnecessary workaround for MAC randomization preference
• Settings: tweak MAC randomization preference wording

What did you want say with these?

 

[Ink]

What did you want say with these?

It's the changelog from April. https://grapheneos.org/releases#2020.04.14.23

 

[ForgottenSeer 85179]

It's the changelog from April. https://grapheneos.org/releases#2020.04.14.23

Sure but we already have June and I post Changelog from April already
So I don't know what Albert want say without any content.

 

[ForgottenSeer 85179]

GrapheneOS has experimental support for the Pixel 4 and 4 XL in the development branch, but it needs testing and lots of work to complete it. It's important to fully support these to be able to support the upcoming Pixel 4a and other current generation Qualcomm SoC devices too.

 

[ForgottenSeer 85179]

Auditor App got a update to version 18:

Release 18 · GrapheneOS/Auditor

Full list of changes from the previous release (version 17). Notable changes: add support for Google Pixel 4 add support for Google Pixel 4 XL add support for GrapheneOS on Google Pixel 4 add supp...

github.com

Also see that Tweets about:

 

[ForgottenSeer 85179]

New update:

2020.06.22.21

• QQ3A.200605.001.2020.06.22.21 (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 4, Pixel 4 XL)
• QQ3A.200605.002.2020.06.22.21 (Pixel 3a, Pixel 3a XL, emulator, generic, other targets)

Changes since the 2020.06.02.02 release:

• SystemUI: handle non-SRGB wallpapers
• Vanadium: update Chromium base to 83.0.4103.96
• Vanadium: update Chromium base to 83.0.4103.101
• Vanadium: update Chromium base to 83.0.4103.106
• script/generate_metadata.py: add channel name to update channel metadata
• Updater: sanity check channel name in update channel metadata
• Updater: raise minSdkVersion to 29
• Updater: extract care_map.pb rather than care_map.txt
• Updater: use a different zip for streaming updates (still an experimental / hidden feature)
• disable RFC 7217 support (stable link-local IPv6 privacy addresses) and stick to link-local IP addresses based on the (random) MAC addresses
• rebase SetupWizard changes onto upstream CalyxOS SetupWizard
• SetupWizard: use system captive portal URL, rather than a custom Google URL
• NetworkStack: ignore captive portal fallbacks when one is set at runtime
• factory images flash-all script: reboot to bootloader after installing update
• make_key: use 4096-bit RSA keys
• script/release.sh: auto-detect AVB algorithm to support 4096-bit RSA keys for verified boot
• add experimental Pixel 4 and Pixel 4 XL support
• Auditor: update to version 18

Restoration of past features since the 2020.06.02.02 release:

• kernel (Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL): add back FORTIFY_SOURCE enhancements
• kernel (Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL): add back userspace ASLR improvements

 

[ForgottenSeer 85179]

July Security Update available:

GrapheneOS releases

Official releases of GrapheneOS, a security and privacy focused mobile OS with Android app compatibility.

grapheneos.org

Changes since the 2020.06.22.21 release:

• full 2020-07-01 security patch level
• full 2020-07-05 security patch level
• rebased onto QQ3A.200605.002 release
• change TrichromeLibrary package name
• drop MAC randomization preference migration code
• Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL: update APNs with carriersettings-extractor
• disable network time refresh when network time is disabled (previous behavior inherited from upstream)
• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL): make reproducible builds simpler
• kernel (Pixel 4, Pixel 4 XL): use max mmap entropy by default to cover init

Restoration of past features since the 2020.06.22.21 release:

• kernel (Pixel 4, Pixel 4 XL): enable UNMAP_KERNEL_AT_EL0 Meltdown mitigation (KPTI)
• kernel (Pixel 4, Pixel 4 XL): enable ARM64_SSBD Spectre v4 mitigation
• kernel (Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL): enable PANIC_ON_OOPS
• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL): set PANIC_TIMEOUT to -1

 

[ForgottenSeer 85179]

THIS is the most private and secure phone on the planet - GrapheneOS review and how to install

https://www.youtube.com/watch?v=xIXAzA555xk

 

[ForgottenSeer 85179]

August security update:
2020.08.03.22

Changes since the 2020.07.06.20 release:

• full 2020-08-01 security patch level
• full 2020-08-05 security patch level
• rebased onto QQ3A.200805.001 release
• fix build for Pixel 3 when Pixel 3 XL kernel is not built
• fix secondary stack hardening when a non-page-size multiple stack size is specified
• fix picking up previous build date when doing incremental builds
• Vanadium: update Chromium base to 84.0.4147.89
• Vanadium: update Chromium base to 84.0.4147.105
• Vanadium: update Chromium base to 84.0.4147.111
• Vanadium: remove Chromium logo in chrome://version

Restoration of past features since the 2020.07.06.20 release:

• kernel (Pixel 4, Pixel 4 XL): read-only data expansion

 

[ForgottenSeer 85179]

Small update:
2020.08.07.01

Changes since the 2020.08.03.22 release:

• SELinux policy: fix executing apk libraries as executables for third party applications

 

[ForgottenSeer 85179]

September security update and preparation for Android 11:
2020.09.10.05

This should be the final GrapheneOS release based on Android 10. It ships the device-independent monthly security patches and migrates over to using the Android 11 branch of the GrapheneOS kernels, which brings all the upstream kernel hardening in Android 11 along with the full September kernel updates. The remaining patches for the full 2020-09-05 patch level require finishing the migration to Android 11 in order to ship the September update for the other device support code. It's possible we could ship some of this early, but instead we're going to be focusing on finishing the enormous task of migrating to Android 11. Further help with bringing up support for the devices with Android 11 and porting over each of the GrapheneOS hardening features to it would be greatly appreciated. Donations are also extremely helpful. GrapheneOS has brought on another full time developer using donated funds and there are 3 part time developers helping with Android 11. We're also collaborating with CalyxOS and others in the AOSP Alliance to bring up fully signed, production device support.

Pixel 4 kernel tags are not published yet since that's still a work in progress. We want to fix some side channel mitigation regressions caused by upstream Android 10 hardening work. We can't simply revert the upstream changes since they're important mitigations too. This should be handled within 24 hours. We'll publish releases and tags whether or not we get these side channel mitigations working, but the plan is to finish the work first.

Changes since the 2020.08.07.01 release:

• full 2020-09-01 security patch level
• partial 2020-09-05 security patch level (missing userspace device support changes until port to Android 11 is finished)
• Vanadium: update Chromium base to 84.0.4147.125
• Vanadium: update Chromium base to 85.0.4183.81
• Vanadium: update Chromium base to 85.0.4183.101
• Vanadium: remove unused learn more link from Incognito page
• recovery: reject updates with serialno constraints to match the GrapheneOS Updater app
• kernel (Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL): update base kernel to Android 11
• SetupWizard: update base to latest CalyxOS SetupWizard
• conscrypt: drop temporary upstream revert of version code which was accidentally kept during a rebase
• backport fix for USB audio regression from Android 11

Restoration of past features since the 2020.07.06.20 release:

• kernel (Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL): enable intra-object FORTIFY_SOURCE overflow checks

Also nice that more dev's join the team

 

[ForgottenSeer 85179]

2020.09.11.14

Testing the Android 11 kernels was useful, but we weren't able to ship the previous release due to issues uncovered during testing. The Android 11 kernels have minor backwards incompatible changes in the drivers for at least a subset of the devices so we'll need to ship them with the rest of the changes. Thanks to our testers for helping us with this. This will be the new final Android 10 release, assuming no further problems are uncovered during testing.

Changes since the 2020.09.10.05 release:

• revert to using the Android 10 kernels on the devices that were switched over early due to backwards incompatible changes in some drivers

 

[ForgottenSeer 85179]

We're going to be pushing out Beta releases of GrapheneOS for Android 11 in the near future. It's almost ready for broader testing. A bunch of our hardening features are going to be missing in the initial Beta releases. Still need a lot of the low-level hardening ported over.

 

[ForgottenSeer 85179]

Standalone hardened_malloc version 3 released:


Also forget to post here (but do in another thread ):
Auditor app version 19 released:

Release 19 · GrapheneOS/Auditor

Full list of changes from the previous release (version 18). Notable changes: workaround for StrongBox issue discovered on Android 11 Pixels update target SDK version to 30 (Android 11) update dep...

github.com

 

[ForgottenSeer 85179]

2020.09.18.13 preview

Changes since the 2020.09.11.14 release:

• initial port to Android 11 with most GrapheneOS changes ported over (missing most SELinux policy hardening, some Pixel 4 / 4 XL kernel side channel mitigations, finer-grained Pixel 4 kernel Control Flow Integrity, the setup wizard and the hardened Vanadium WebView)
• full 2020-09-05 security patch level
• temporarily use stock WebView until the next release of Chromium is available with public support for Android 11 to provide the WebView via Vanadium again
• fix VPN lockdown setting getting overridden on user stop
• SELinux policy: disable gmscore_app domain
• SELinux policy: use dedicated SELinux domain for Updater app based on the modern untrusted_app domain
• stop disabling support for stable local privacy addresses since Android 11 handles it better by only using it when MAC randomization is disabled
• update to a new version of Seedvault for Android 11
• build and use otatools.zip for signing releases instead of an ad-hoc approach
• Auditor: update to version 19
• Updater: update targetSdkVersion to 30
• disable Scudo on 64-bit since we use the substantially more secure hardened_malloc
• fully replace jemalloc with Scudo on 32-bit

Installations made before this project was renamed to GrapheneOS and before the first official release of the Android Hardening project will be forced to factory reset as part of this upgrade, due to lack of backwards compatibility with the unaltered AOSP encryption format.

This a preview release and is only going to be released via the Beta channel.

 

[ForgottenSeer 85179]

BTW: the Twitter preview feature here is nice!

 

[ForgottenSeer 85179]

2020.09.25.00

Changes since the 2020.09.18.13 release:

• fix Wi-Fi MAC randomization settings for translations that were missing our added option
• Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL: add missing configuration for biometric sensors in Android 11
• fix upstream bug in the NFC quick settings tile for Android 11 breaking it after reboot
• fix NFC quick settings tile icon handling for Android 11
• Settings: fix upstream NFC preference so that it listens for changes and can see it being toggled via the NFC tile
• Vanadium: update Chromium base to 85.0.4183.120
• Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL, Pixel 4, Pixel 4 XL: update APNs with carriersettings-extractor
• add back SetupWizard
• Settings: fix launching WifiSettings

We're no longer going to be listing out restored past features in a separate section for the release notes.