KindnessInfinity

joined 2 years ago
MODERATOR OF
androidofficial
androidapps
grapheneos
twoxchromosomes
sorted by: new top controversial old
9
Vanadium version 122.0.6261.64.0 released (github.com)
 

Changes in version 122.0.6261.64.0:

  • update to Chromium 122.0.6261.64
  • add support for using Vanadium Config on the current oldest minimum OS version (Android 10) which we intend to increment to Android 13 in the near future

A full list of changes from the previous release (version 122.0.6261.43.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

8
GranpheneOS Vanadium Improvements To Come (grapheneos.social)
 

Our features page now has a section listing the features added by our Vanadium browser and WebView:

https://grapheneos.org/features#vanadium

It explains the approach to content filtering, anti-fingerprinting and state partitioning including current limitations. Major improvements are coming.

The only other browser we can currently recommend is Brave. It preserves most of the security of mobile Chromium while adding more state partitioning, anti-fingerprinting and the most advanced content filtering engine. Vanadium is more secure but needs to catch up in those areas.

13
Vanadium version 122.0.6261.43.1 released (github.com)
 

Changes in version 122.0.6261.43.1:

  • add initial basic support for filtering ads based on a subresource filter APK updated separately from Vanadium

A full list of changes from the previous release (version 122.0.6261.43.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

9
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 96 released (github.com)
 

Changes in version 96:

  • update max supported version of Play services to 24.07
  • update max supported version of Play Store to 39.7
  • update Android Gradle plugin to 8.2.2

A full list of changes from the previous release (version 95) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

5
Vanadium version 122.0.6261.43.0 released (github.com)
 

Changes in version 122.0.6261.43.0:

  • update to Chromium 122.0.6261.43
  • checkout PGO profiles by default now that PGO is enabled by default for Android production builds

A full list of changes from the previous release (version 122.0.6261.43.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

13
GrapheneOS Moves To OpenSSH (grapheneos.social)
 

SSH public key for signing GrapheneOS releases:

contact@grapheneos.org ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIUg/m5CoP83b0rfSCzYSVA4cw4ir49io5GPoxbgxdJE

This key has been used for signing our Git tags since January 2023 and will also replace signify for factory images releases.

Official builds of GrapheneOS are signed with per-device signing keys for updates and verified boot. Those signatures are automatically verified.

The signatures for source releases (Git tags) and factory images are a separate thing and we're standardizing on using SSH for those.

We replaced GPG with signify for signing factory images in 2019 prior to SSH having file signing support. Signify is perfectly modern, unlike GPG which is a poorly designed legacy technology. However, SSH signing is a lot more broadly available than signify and is a bit nicer.

Our SSH public key is signed with our previous GPG and SSH keys:

Key: https://grapheneos.org/allowed_signers Signify signature: https://grapheneos.org/allowed_signers.sig GPG signature: https://grapheneos.org/allowed_signers.asc

GPG key has been fully retired for a while and the signify key will also be retired going forward.

We've completed replacing the factory images signify signatures with OpenSSH signatures. It only impacts users following the traditional CLI install guide. It's a nice improvement since Windows and macOS have it in the base install and nearly all Linux distributions package it.

Each supported OS for installation either has a Chromium-based browser in the base install (Android, ChromeOS, Windows) or a first party repository with one available, so the web install avoids this problem and relies on verified boot for verifying the flashed firmware and OS.

11
Vanadium version 121.0.6167.178.0 released (github.com)
 

Changes in version 121.0.6167.178.0:

  • update to Chromium 121.0.6167.178
  • disable selecting initial search query text for the web and global search intents added by GrapheneOS

A full list of changes from the previous release (version 121.0.6167.164.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

4
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 95 released (github.com)
 

Changes in version 95:

  • add stub for Vibrator.addVibratorStateListener() since it requires the privileged ACCESS_VIBRATOR_STATE
  • update max supported version of Play Store to 39.6

A full list of changes from the previous release (version 94) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

7
Vanadium version 121.0.6167.164.0 released (github.com)
 

Changes in version 121.0.6167.164.0:

  • update to Chromium 121.0.6167.164
  • mark origin trials for opting out of third party storage partitioning as unsupported on Android
  • add support for global search intent in addition to our existing web search intent handling to have Vanadium fully replace the AOSP Search app
  • extend toggle for opening links in incognito to custom tabs and search intents

A full list of changes from the previous release (version 121.0.6167.143.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

15
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 94 released (github.com)
 

Changes in version 94:

  • update max supported version of Play services to 24.05
  • update max supported version of Play Store to 39.5
  • update Gradle to 8.6

A full list of changes from the previous release (version 93) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

28
GrapheneOS version 2024020500 released (grapheneos.org)
 

Pixel 4a (5G) and Pixel 5 are end-of-life and shouldn't be used anymore due to lack of security patches for firmware and drivers. We provide extended support for harm reduction.

Tags:

  • 2024020500-redfin (Pixel 4a (5G), Pixel 5)
  • 2024020500 (Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, emulator, generic, other targets)

Changes since the 2024012600 release:

  • full 2024-02-01 security patch level
  • full 2024-02-05 security patch level
  • rebased onto UQ1A.240205.004 Android Open Source Project release
  • run full compacting garbage collection purging all regular Java heaps of dead objects in SystemUI and system_server after locking (this is already done after unlocking to purge data tied to the lock method and derived data, but it makes sense to do it after locking too)
  • kernel (Pixel 4a (5G), Pixel 5, Pixel 5a): update to latest Android 14 QPR2 Beta release including additional security fixes
  • kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Generic 5.10): update to latest GKI LTS branch revision including update to 5.10.209
  • kernel (Pixel 8, Pixel 8 Pro, Generic 5.15): update to latest GKI LTS branch revision including update to 5.15.148
  • kernel (Pixel 8, Pixel 8 Pro, Generic 5.15, Generic 6.1): enable both software Shadow Call Stack (SCS) and Pointer Authentication Code (PAC) protection for kernel return addresses instead of only using SCS when PAC is unavailable
  • kernel (Pixel 8, Pixel 8 Pro, Generic 5.15, Generic 6.1): enable Branch Target Identification (BTI) protection for the kernel in addition to Clang type-based CFI to provide coarse-grained CFI coverage for indirect calls excluded from type-based CFI
  • kernel (Generic 6.1): apply sysrq hardening changes
  • kernel (Generic 6.1): update to latest GKI LTS branch revision including update to 6.1.74
  • Settings: enable SIM deletion confirmation by default
  • System Updater: clarify name of the notification channel for already being up to date
  • Messaging: update MMS configuration database based on Google Messages 20240123_01_RC02
  • Dialer: update visual voicemail (VVM) configuration database based on Google Phone 121.0.603393336
  • Vanadium: update to version 121.0.6167.101.2
  • Vanadium: update to version 121.0.6167.101.3
  • Vanadium: update to version 121.0.6167.143.0
  • Vanadium: update to version 121.0.6167.143.1
  • Camera: update to version 65
  • Camera: update to version 66
9
Vanadium version 121.0.6167.143.1 released (github.com)
 

Changes in version 121.0.6167.143.1:

  • do not clear URL bar on focus by default for search intents

A full list of changes from the previous release (version 121.0.6167.143.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

view more: ‹ prev next ›