GrapheneOS [Unofficial]

In the latest release of GrapheneOS, you can now enable hardware memory tagging for all user installed apps on the Pixel 8 and Pixel 8 Pro to make them substantially harder to exploit. This is particularly useful for apps like Signal and WhatsApp.

Everyone on GrapheneOS has hardened_malloc and our other baseline exploit protections. hardened_malloc has great support for hardware memory tagging to provide a form of memory safety for memory unsafe code with a mix of deterministic guarantees and randomized general protection.

We've also replaced the Linux kernel version on the Pixel 8 and Pixel 8 Pro. AOSP and the stock Pixel OS use 5.15.110 while GrapheneOS is now using 5.15.137 and will be closely following along with kernel.org LTS releases after they go through appropriate testing.

We mentioned Signal/WhatsApp because despite having end-to-end encryption, they both have a massive amount of remote attack surface, use tons of memory unsafe code for handling media, voice/video calls, etc. along with not using sandboxing. E2EE does no good if app is exploited.

GrapheneOS now has near full coverage for using memory tagging to defend against heap memory corruption outside the Linux kernel.

Future work will be converting Linux kernel's MTE-based debugging into hardening and enabling Clang stack allocation tagging for userspace/kernel.