KindnessInfinity

joined 2 years ago
MODERATOR OF
androidofficial
androidapps
grapheneos
twoxchromosomes
sorted by: new top controversial old
6
Auditor app version 75 released (github.com)
 

Notable changes in version 75:

  • reschedule remote verification after OS updates to get the updated information submitted as soon as possible
  • update SDK to 34 (Android 14)
  • update target API level to 34 (Android 14)
  • add low-level ACCESS_NETWORK_STATE permission required by API 34 to schedule jobs depending on network availability
  • reduce network timeouts to 30s from 60s
  • update CameraX library to 1.3.0-rc02
  • update AndroidX Preference library to 1.2.1
  • update Material library to 1.10.0
  • update Guava library to 32.1.2
  • update Bouncy Castle library to 1.76
  • update ZXing library to 3.5.2
  • update Kotlin to 1.9.10
  • update Gradle to 8.3
  • update Android Gradle plugin to 8.1.1
  • update Android build tools to 34.0.0
  • replace deprecated onBackPressed() callback
  • remove workarounds for fixed SDK and library issues

A full list of changes from the previous release (version 74) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.

This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them.

Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS app repository and on GitHub. These releases are also bundled as part of GrapheneOS. You can use the GrapheneOS app repository client on Android 12 or later for automatic updates.

Releases are initially pushed out through the Alpha channel channel for both the Play Store and our app repository, then get moved to the Beta channel and finally the Stable channel.

graphemes users must either obtain GrapheneOS app updates through our app repository or install it with adb install-multiple with both the APK and fs-verity metadata since fs-verity metadata is now required for out-of-band system app updates on GrapheneOS as part of extending verified boot to them.

6
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 77 released (github.com)
 

Changes in version 77:

  • update max supported version of Play services to 23.39
  • update max supported version of Play Store to 37.8
  • update target API level to 34 (Android 14)

A full list of changes from the previous release (version 76) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

27
GrapheneOS Android 14 experimental release (discuss.grapheneos.org)
 

Initial public release of GrapheneOS based on Android 14 is available. This is an experimental release with nearly all our features ported but isn't quite ready and won't be pushed out via the Alpha/Beta/Stable release channels. For more information, see

24
GrapheneOS Now Based On Android 14 (grapheneos.social)
 

GrapheneOS is now based on Android 14. Most of our changes have been ported already but we still have a lot more porting work to do. It's all going to need to be tested before we can get it all merged, and then we can start making public experimental releases based on 14.

4
Vanadium version 118.0.5993.48.0 released (github.com)
 

Changes in version 118.0.5993.48.0:

  • update to Chromium 118.0.5993.48

A full list of changes from the previous release (version 117.0.5938.153.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

2
Vanadium version 117.0.5938.153.0 released (github.com)
 

Changes in version 117.0.5938.153.0:

  • update to Chromium 117.0.5938.153

A full list of changes from the previous release (version 117.0.5938.140.0) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

8
GrapheneOS - Pixel 8 News (grapheneos.social)
 

Pixel 8 and Pixel 8 Pro are confirmed to have at least 7 years of full support:

https://support.google.com/nexus/answer/4457705?hl=en#zippy=%2Cpixel-later-including-fold

We expect 6th and 7th generation Pixels will also receive major OS updates until the end of their security support period. Bear in mind these are a minimum, not when it ends.

Android only has a single active stable branch, which is the latest major OS release. For example, Android 14 has now replaced Android 13.

Android 11, 12 and now 13 only have standalone backports of Critical/High severity patches and a subset of Moderate/Low severity patches

The alternative to updating 6th and 7th generation Pixels to the latest major OS release until their end-of-life would be continuing to develop an older major release and continuing to have releases for it. We think it's much more likely they give them 5 years of major updates.

It's likely they've already come to that conclusion and it's why it makes sense for the Pixel 8 and Pixel 8 Pro to have at least 7 years of major OS updates to go along with a minimum of 7 years of security patches. It's easier rather than harder for them to do both, especially with Treble.

5
GrapheneOS Emergency Alerts Toggles (grapheneos.social)
 

"On GrapheneOS, you can fully disable emergency alerts in Settings → Safety emergency → Wireless emergency alerts since we add a toggle for Presidential alerts.

The naming of the alert types varies based on country which is determined by the carrier's country code, not language.

In Canada, the government sends every alert as a presidential alert instead of using the separate categories for extreme threats, severe threats and AMBER alerts. They do this to prevent disabling any of the alerts on normal operating systems and it's why we added this feature.

That also means every alert in Canada has a siren.

Many of the more severe alerts have been false positives:

https://www.nytimes.com/2018/01/13/us/hawaii-missile.html https://www.preventionweb.net/news/canada-fallout-false-nuclear-alarm

Most AMBER alerts are custody battles or false alerts.

On GrapheneOS, it's up to you if you want this feature enabled." - As posted by the official GrapheneOS mastodon

3
GrapheneOS version 2023100300 released (grapheneos.org)
 

Android 14 is replacing Android 13 this month. There will no longer be any monthly or quarterly releases of Android 13, only the monthly backports of Android Security Bulletin patches. This is an early October release based on the Android Security Bulletin backports. We'll need to port to Android 14 to provide the full 2023-10-05 patch level. We've spent months porting to Android 14 in advance in order to make this migration as smooth and quick as possible. We weren't accepted as an Android partner so we don't have full early access to new major releases, but we've had partial early access to the sources and were able to do a lot of the porting in advance.

There wasn't a proper Android Open Source Project or stock Pixel OS release for September since Android 14 was meant to be released. They only shipped a release marked as having the 2023-09-01 patch level, but most patches which were going to be included in 2023-09-05 were deferred to October and most of the devices ended up providing the published 2023-09-05 patch level. Devices with a Qualcomm SoC (Pixel 4a (5G), Pixel 5, Pixel 5a) or standalone Qualcomm Wi-Fi (Pixel 7a) still need firmware/driver patches for 2023-09-05. Other supported devices (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel Tablet, Pixel Fold) were already on the 2023-09-05 patch level and will now be on the 2023-10-01 patch level. All of these devices will be quickly upgraded to the full Android 14 2023-10-05 patch level once it's released.

Pixel 4, Pixel 4 XL and Pixel 4a are end-of-life and shouldn't be used anymore due to lack of most security patches for firmware and drivers. We provide extended support for harm reduction with the displayed patch level frozen at the last obtainable value.

Tags:

  • 2023100300-coral (Pixel 4, Pixel 4 XL)
  • 2023100300 (Pixel 4a, Pixel 4a (5G), Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, emulator, generic, other targets)
  • 2023100300-tangorpro (Pixel Tablet)
  • 2023100300-felix (Pixel Fold)

Changes since the 2023100100 release:

  • full 2023-10-01 security patch level (early release based on AOSP 13 security backports since the AOSP/stock monthly release is not available yet)
12
GrapheneOS Security Patches & Android 14 News (grapheneos.social)
 

We'll be releasing an early October security update today since there hasn't been an official Android Open Source Project and stock Pixel OS release yet. They'll likely release it with Android 14 and we'll be fully focused on quickly porting to Android 14 once it's available.

Android 14 will likely be released on October 4th and Android 13 will no longer have monthly or quarterly stable releases. Android 13 will only have the monthly release of the Android Security Bulletin (ASB) patch backports to 11, 12, 13 and soon 14. Those aren't all the patches.

The full set of patches is provided by the monthly, quarterly and yearly releases of Android. Their policy is for every Critical/High severity AOSP patch to be backported. Most Moderate/Low severity patches aren't backported. However, severity levels are often very arbitrary.

Pixels will only be supported by Android 14 going forward so the many patches for firmware, drivers and other hardware-related code will only be available via Android 14. This is why GrapheneOS has focused so much on porting to Android 14 in order to quickly migrate over to it.

28
GrapheneOS version 2023100100 released (grapheneos.org)
 

Pixel 4, Pixel 4 XL and Pixel 4a are end-of-life and shouldn't be used anymore due to lack of most security patches for firmware and drivers. We provide extended support for harm reduction with the displayed patch level frozen at the last obtainable value

Tags:

  • 2023100100-coral (Pixel 4, Pixel 4 XL)
  • 2023100100 (Pixel 4a, Pixel 4a (5G), Pixel 5, Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, emulator, generic, other targets)
  • 2023100100-tangorpro (Pixel Tablet)
  • 2023100100-felix (Pixel Fold)

Changes since the 2023091800 release:

  • fix upstream bug auto-dismissing crash dialogs
  • improve readability of native crash reports
  • Settings: remove Private DNS setting for secondary users since it's not currently per-profile like VPN configuration but rather is global like Wi-Fi configuration
  • Settings: remove connectivity check setting for secondary users
  • Dialer: disable false gesture detection for answering calls until the faulty implementation in the AOSP Dialer app is replaced
  • hardened_malloc: improve fatal error reporting to include the abort message in Android crash reports
  • Messaging: work around upstream null pointer exception bug
  • libvpx: apply patch for CVE-2023-5217 to the standalone AOSP libvpx library, which was already fixed in the 117.0.5938.140.0 release of Vanadium
  • Pixel 4, Pixel 4 XL: add upstream sensor-related app compatibility fix from the September release already included for other devices
  • kernel (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold): add upstream build reproducibility fix
  • GmsCompatConfig: update to version 75
  • GmsCompatConfig: update to version 76
  • Vanadium: update to version 117.0.5938.140.0
  • replace GrapheneOS themes stub app with AOSP themes stub app with our configuration ported over to it (AOSP didn't used to include a themes stub app
2
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 76 release (github.com)
 

Changes in version 76:

  • update max supported version of Play services to 23.37
  • update max supported version of Play Store to 37.7

A full list of changes from the previous release (version 75) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.

view more: ‹ prev next ›