Salta al contenuto principale

mastodon - Collegamento all'originale

We've received the Pixel 10 we ordered and have confirmed it supports unlocking, flashing another verified boot key and locking again.

Our Pixel 10 support will likely only be possible to complete after we finish porting to Android 16 QPR1 which is being released in September.

reshared this

in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS

A second Pixel 10 we ordered has arrived at a package forwarding service in the US to be shipped to a country without Pixels available.

We'll order a Pixel 10 Pro (XL) and Pixel 10 Pro Fold for our main device testing farm today too since we'll supporting all 4 variants of them.

in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
Previously, we likely would have been able to implement support for the Pixel 10, Pixel 10 Pro and Pixel 10 Pro XL in the next 48 hours. However, we likely need to wait for Android 16 QPR1 and our port to it since we don't expect a Pixel 10 device branch will be pushed to AOSP.
in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
We've received confirmation that Android is switching to having quarterly releases across devices. There will be 3 quarterly and 1 yearly release of Android and the Android Open Source Project. Monthly releases are Pixel exclusive and will have far fewer changes than before.
in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
Previously, only Pixels shipped the quarterly releases in practice. Other OEMs will now be pushed to ship those, but not the monthly releases which are now officially Pixel exclusive. Please note monthly Android Security Bulletins are a different thing from the monthly releases.
in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
Android Security Bulletins are backports of a subset of patches deemed High/Critical severity to older Android releases. That currently means the initial yearly releases of Android 13, 14, 15 and 16 without the monthly/quarterly updates for those. This will need to change now.
in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
The changes are acceptable for us and we can deal with it. We're currently working with a major OEM towards future generations of their devices meeting our requirements and providing official GrapheneOS support. GrapheneOS on both Pixels and these future non-Pixels will be fine.

Joe Vinegar reshared this.

in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
Pixels are still the most secure Android devices and the only ones combining a high level of security with proper support for an alternate OS. However, it's clear they don't value alternate OS support and won't remain the best devices for GrapheneOS once we have official ones.

reshared this

in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
We could continue supporting future Pixels such as the Pixel 11 and Pixel 12 after we have another option available but we won't depend on them continuing to provide alternate OS support. It's good that the Pixel 10 still provides it since our alternative is a year or two away.

Yogthos reshared this.

in reply to GrapheneOS

Pablo Majster
mastodon - Collegamento all'originale
Pablo Majster
Does this mean this will be the end of GrapheneOS support for Pixels?
in reply to Pablo Majster

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@ppaluchowski64 Only if future Pixels stop meeting our requirements. We still plan to support them if they continue providing what we need including proper alternate OS support.
@Pablo Majster
in reply to GrapheneOS

Tomás
mastodon - Collegamento all'originale
Tomás

"...alternative is a year or two away." sounds like you going into hardware industry or something more like switching Pixels for another devices?

I actually own a Pixel 8 with your SO and I love it. I don't want to mess swapping tbh but if that would be the case... I would do it another time when time arrives

TIA

in reply to Tomás

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@th0maswaschosen We'll still be supporting the already supported devices until their end-of-life which is 7 years from launch for the Pixel 8.
@Tomás
in reply to GrapheneOS

Christian
mastodon - Collegamento all'originale
Christian
Any idea when you’ll be sharing more details about the Graphene phone? I’d definitely prefer to support your project and get that device over a Pixel 10. However I'm planning to switch to GrapheneOS sooner or later.
in reply to Christian

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@7l6dHJh7xq They'll be a future generation of existing mainstream phones with enhanced security and updates to meet our requirements in order to have official GrapheneOS support. It will likely be a year or two so it would be an alternative to the Pixel 11 or Pixel 12 rather than the Pixel 10. We aren't really sure how long it will take at this point.
@Christian
in reply to GrapheneOS

xyhhx 🔻 (plz hire me)
mastodon - Collegamento all'originale
xyhhx 🔻 (plz hire me)
wait, you're working on official devices?? 👀
in reply to xyhhx 🔻 (plz hire me)

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@xyhhx We're working on GrapheneOS support for future generations of a subset of the device models provided by a major Android OEM. Their current devices don't provide the updates and security features we need, but they're capable of doing it. We're working with them towards providing this so we can support their devices. They may end up officially selling devices with GrapheneOS as an option but that's not the bare minimum and it can be successful even without initially having that.
@xyhhx 🔻 (plz hire me)
in reply to GrapheneOS

nanasahib
mastodon - Collegamento all'originale
nanasahib
if grapheneos really goes down the route of supporting affirmative hardware manufacturer any chance a smaller (6.1 inches or less) phone can be picked for support as well?
in reply to nanasahib

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@nanasahib If there's a variant of those able to meet our requirements. The initial devices will need to be flagships for better updates and security features and those tend to be larger so that's what you should expect.
@nanasahib
in reply to GrapheneOS

astroboy
mastodon - Collegamento all'originale
astroboy
@xyhhx Is major Android OEM Samsung? I can't think of any other company.
@xyhhx 🔻 (plz hire me)
in reply to astroboy

Daniel
mastodon - Collegamento all'originale
Daniel
@astroboy @xyhhx on one side they close the bootloader, on the other side they are working with a little ROM supplier, it make no sense
@xyhhx 🔻 (plz hire me) @astroboy
in reply to Daniel

astroboy
mastodon - Collegamento all'originale
astroboy
@DanielDNK @xyhhx Yeah, good point. But I just don't know any other "major Android OEM" that would fit the purpose. I don't believe they would work with a chinese OEM, right?
@xyhhx 🔻 (plz hire me) @Daniel
in reply to astroboy

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@astroboy @DanielDNK @xyhhx Nearly all phones are either made in China or use a bunch of important components from there. iPhones and Pixels are made in China. It's unavoidable in practice and people would complain about a phone made in the US too.
@xyhhx 🔻 (plz hire me) @astroboy @Daniel
in reply to GrapheneOS

Michael
mastodon - Collegamento all'originale
Michael

I'm really hoping for a situation where Graphene works with Fairphone to make a viable 1st party Graphene phone.

That would meet both the privacy and repairability / longevity needs I feel many are looking for.

I understand Fairphone currently is very far from meeting the requirements, but one can hope that expressing this at least gets them on the radar.

in reply to Michael

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@mikeymop Fairphone's devices have atrocious security and are very far from meeting our hardware requirements. They very clearly do not prioritize security and also have negligible engineering resources with nearly everything done by their ODM. You should read discuss.grapheneos.org/d/24134…. They're definitely not a reasonable choice for GrapheneOS support. The marketing claims for their devices for long term support and updates aren't at all accurate. They already have an incompatible partnership too.

Devices lacking standard privacy/security patches and protections aren't private - GrapheneOS Discussion Forum

GrapheneOS discussion forum
GrapheneOS Discussion Forum
@Michael
in reply to GrapheneOS

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@mikeymop Murena are blatant scammers pushing an extraordinarily insecure/non-private OS and services as something they're not. They're heavily invested into spreading misinformation about GrapheneOS and attacking our project/team. We won't work with a company that's partnered with Murena, who are in fact enemies of privacy and security to the point they secretly send user data to OpenAI and act as if that's a private service better than Apple doing it locally. Their products are truly scams.
@Michael
in reply to GrapheneOS

Michael
mastodon - Collegamento all'originale
Michael

I knew about Fairphone's security shortcomings thanks to y'all but wasn't sure as to whether it was the result of neglect or the result of just not knowing any better.

While I was already wary of Murena, I didn't know they were so hostile towards Graphene. I am sorry Graphene's team has had to combat toxicity from them.

Unfortunate, as the idea of the FP hardware is attractive. Regardless of who makes it, I do look forward to a 1st party device, and I wish your team success on it.

in reply to GrapheneOS

Daniel
mastodon - Collegamento all'originale
Daniel
@mikeymop so a Nothing phone with gos is definitely excluded for the same reason
It let us mainly Chinese brand or Volla for the future of GOS after the Pixel
@Michael
in reply to Daniel

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@DanielDNK @mikeymop Nothing devices don't currently meet our requirements but we would be willing to work with them.
@Michael @Daniel
in reply to GrapheneOS

Daniel
mastodon - Collegamento all'originale
Daniel
@mikeymop FYI they did partnership with Murena to be able to sell brand new CMF phone with /e/OS on it but buy it cheaper than the retail price and keep the Nothing warranty. They are a special reseller with a specific partnership like Fairphone is to let them access to brand new phones for less than the MSRP...
@Michael
in reply to Daniel

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@DanielDNK @mikeymop Selling them devices at a bulk rate isn't really a partnership. That's nothing like Fairphone spreading misinformation for them and participating in their attacks on GrapheneOS.
@Michael @Daniel
in reply to GrapheneOS

Daniel
mastodon - Collegamento all'originale
Daniel
@mikeymop
What ?
You mean Murena ?
I never heard about Fairphone talking about GrapheneOS in this terms
@Michael
in reply to Daniel

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@DanielDNK @mikeymop Fairphone has explicitly supported them in doing it. We made a post debunking misinformation from Murena and Fairphone responded to it with a corporate speak response lacking substance. Murena responded with a bunch of misdirection and misinformation. Fairphone helped mislead people into believing that through their response supporting Murena. Fairphone did that after the CEO of Murena had personally targeted our founder and encouraged harassment, which our post addressed.
@Michael @Daniel
in reply to GrapheneOS

Dimitris Zervas
mastodon - Collegamento all'originale
Dimitris Zervas
an almost related question: if the perfect device arrives with all the requirements that you want, is there any chance that contactless payments could be supported, or is that a purely software issue from googles side?
in reply to Dimitris Zervas

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@dzervas Curve Pay, PayPal and many European banking apps provide tap-to-pay support usable on GrapheneOS. Curve Pay is for the UK and European Economic Area. PayPal tap-to-pay is currently very region limited. Both Curve Pay and PayPal tap-to-pay will likely expand to the US and elsewhere.
@Dimitris Zervas
in reply to GrapheneOS

Lamb_Borg_Genie
mastodon - Collegamento all'originale
Lamb_Borg_Genie
"since our alternative is a year or two away" Hell yeah, keep going brothers, stay strong. Love and highly appreciate the work you are doing and which benefits it provides to the community.
in reply to GrapheneOS

ClutchK1ck
mastodon - Collegamento all'originale
ClutchK1ck

I'm still a bit confused about what extra work is required without Google publishing the device tree? Am I correct in the assumption that the driver binaries are still available, it's just a case of creating a device tree, the same/similar way it wasn't available for all devices starting Android 16?

Long time grapheneOS user by the way. All this is great news and I love where the project is going, I'll be setting up a monthly donation now.

in reply to ClutchK1ck

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@ClutchK1ck As part of migrating to Android 16 in June, we removed most of the AOSP device trees and ported the small remaining portion to Android 16. We're currently finishing this by removing nearly the entirety of the remaining device trees. We've replaced all of this with our own automation generating what we need from the combination of AOSP and the stock OS factory images. We already had this tooling prior to Android 16 but needed to greatly expand it and ship work we had in-progress.
@ClutchK1ck
in reply to adison verlice

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@adisonverlice Theoretically, yes, but we're not designing the device and it will realistically Qualcomm's secure element as part of the SoC and potentially an additional secure element based on an off-the-shelf one. Unless another company starts manufacturing OpenTitan-based secure elements for purchase as a component, then we don't expect there will be one included. There can also be stages of making improvements to new generations of devices especially after we prove the business case.
@adison verlice
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
@adisonverlice Do you expect the Qualcomm secure element to provide comparable protection to the Titan 2?
@adison verlice
in reply to Demi Marie Obenour

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@alwayscurious @adisonverlice No, but a future revision can have a better secure element.
@Demi Marie Obenour @adison verlice
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
@adisonverlice Do you believe that it can be practically broken by commercial exploit tools?
@adison verlice
in reply to Demi Marie Obenour

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
@adisonverlice Also, as part of the partnership would it be possible for GrapheneOS to collaborate with the OEM on the SPU firmware?
@adison verlice
in reply to Demi Marie Obenour

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@alwayscurious @adisonverlice Yes, that would be possible and they may be interested in it. We could eventually have things like duress PIN/password support at a secure element level. That's a realistic thing to get done since it's firmware only and doesn't require custom hardware. Changes to the hardware are going to require us proving this can be a successful business proposition through device sales.
@Demi Marie Obenour @adison verlice
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
@adisonverlice Also, what makes the Titan 2 better than both commercial secure elements and the Qualcomm Secure Processing Unit?
@adison verlice
in reply to Demi Marie Obenour

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@alwayscurious @adisonverlice Google building a secure element from scratch based on OpenTitan simply worked out a lot better than taking a standard ARM secure core and using a bunch of ARM IP for the firmware, etc. where it's largely a legacy design and code as the foundation. Titan M1 was bypassed by at least Cellebrite in practice but not the Titan M2. Cellebrite didn't bypass the Pixel 2 secure element seemingly just because not much used it and they didn't invest the resources.
@Demi Marie Obenour @adison verlice
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
@adisonverlice Hopefully there will be a commercially available OpenTitan-based secure element that can be used someday.
@adison verlice
in reply to GrapheneOS

adison verlice
mastodon - Collegamento all'originale
adison verlice
why doesn't grapheneOS, if they're so focused on getting this graphene phone started, have a team that builds these opentitan chips? I would think if you're that security focused, this is something graphene would do.
pretty sure you could, though do correct me if i'm wrong
in reply to adison verlice

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@adisonverlice We have too much to do already and need to hire a bunch of people to work on GrapheneOS.
@adison verlice
in reply to GrapheneOS

adison verlice
mastodon - Collegamento all'originale
adison verlice
yea but you seam hell bent on security, so i figured grapheneOS would just build their own sets of chips. also, if you do use the quacom secure element, that is proprietary
in reply to GrapheneOS

adison verlice
mastodon - Collegamento all'originale
adison verlice
which also means you can't exactly verify if quaqum is watching you or not
in reply to GrapheneOS

Pablo Majster
mastodon - Collegamento all'originale
Pablo Majster
Are you open to working with different OEM manufacturers, or do you plan to stick with the one you're currently partnering with?
in reply to Pablo Majster

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@ppaluchowski64 We would be open to working with other OEMs but we currently want to focus on this instead of dividing our efforts and potentially pushing away the current partnership.
@Pablo Majster
in reply to GrapheneOS

Apple iPhone 3s
mastodon - Collegamento all'originale
Apple iPhone 3s
@ppaluchowski64 thanks for being so professional and answering so many questions! I think it's great for the brand reputation
@Pablo Majster
in reply to GrapheneOS

confettiarenasabotage
mastodon - Collegamento all'originale
confettiarenasabotage
People do you want to bet/guess which will be the OEM, for the fun? 😆
I think I can only put 4 options -_-
If you think it is another, say which one.
It seems I can't answer to my own polls, but I think it is Motorola or maybe Nothing.

  • HMD (Nokia) (0%, 0 votes)
  • Nothing (100%, 1 vote)
  • Motorola (0%, 0 votes)
  • Samsung (0%, 0 votes)
1 voter. Poll end: 1 giorno fa

Questa voce è stata modificata (1 settimana fa)
in reply to confettiarenasabotage

Lukas
mastodon - Collegamento all'originale
Lukas
@Canning1452 Imho Nothing are too proud of their OS to work with GrapheneOS, they don't want users to flee the Nothing Experience. Also, Samsung is locking down everything (no more OEM unlocking on some of their recent phones), they don't look open to this kind of things.
Fairphone would be a better guess imo. Even if they already have /e/os, it proves they are open to alternative OS.
Otherwithe Nokia, Sony and Motorola could do this too. They are not popular nor trendy in any way.
@confettiarenasabotage
in reply to Lukas

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@lukas_moinet @Canning1452 Fairphone isn't capable of meeting our requirements and handles security poorly. They barely do engineering themselves, it's done for them by their ODM. Their partnership with Murena is also a major issue. Recommend reading discuss.grapheneos.org/d/24134….

Devices lacking standard privacy/security patches and protections aren't private - GrapheneOS Discussion Forum

GrapheneOS discussion forum
GrapheneOS Discussion Forum
@confettiarenasabotage @Lukas
in reply to GrapheneOS

Lukas
mastodon - Collegamento all'originale
Lukas
@Canning1452
I read most of this but it was a bit overwhelming because english is not my first language 😅
Thus I thought you could kinda "fix" how they do things, I must be wrong then
@confettiarenasabotage
in reply to GrapheneOS

eee_eff
mastodon - Collegamento all'originale
eee_eff
Do you have any idea when this might be announced...is this a year away or weeks?
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
Do you expect that this means that only Pixels will get High/Critical patches fixed promptly?
in reply to Demi Marie Obenour

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@alwayscurious Pixels still have monthly updates. Other OEMs may largely switch to only quarterly updates. The issue is there are no monthly AOSP tags so we can no longer use Pixel code from AOSP even though they didn't actually remove hardware/google/pixel, etc.
@Demi Marie Obenour
in reply to GrapheneOS

Demi Marie Obenour
mastodon - Collegamento all'originale
Demi Marie Obenour
Will GrapheneOS still be able to provide monthly updates? This seems to lead to a huge patch gap for anything non-Pixel.
in reply to GrapheneOS

RoelandDeVries
mastodon - Collegamento all'originale
RoelandDeVries
does this mean GrapheneOS on future phones from another OEM will only receive the monthly Security Bulletins with backports for High and Critical severity vulnerabilities and will have to wait on the next Quarterly release for the rest of the vulnerability fixes?
in reply to RoelandDeVries

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS

@RoelandDeVries No, it won't be a problem for other devices at all.

We'll have everything we need via quarterly/yearly updates, ASBs and hardware vendor patches.

Monthly updates are now much smaller than they were before. There were 0 Android Security Bulletin patches in July and also 0 Pixel Update Bulletin patches. August barely had anything. September has a massive amount of patches due to them deferring nearly all of it since the yearly release in June to the next quarterly release.

@RoelandDeVries
in reply to GrapheneOS

Christoffer S.
mastodon - Collegamento all'originale
Christoffer S.
Please let this be without all the Gemini stuff? Is that at all possible?
in reply to GrapheneOS

Roos
mastodon - Collegamento all'originale
Roos

this is amazing.

I was a bit afraid that the fold would be left out because it's a such a niche device. It's great to hear you're supporting the device and proactive about it.

Thank you!

in reply to Roos

GrapheneOS
mastodon - Collegamento all'originale
GrapheneOS
@roos We support the existing Pixel 9 Pro Fold and original Pixel Fold which was a Pixel 7 variant like the Pixel Tablet.
@Roos
in reply to GrapheneOS

Davide Manca
mastodon - Collegamento all'originale
Davide Manca
Finally, it's a great news that can it be a GrapheneOS phone. You guys have done a great job on these years, but for ethical reasons councerning Google products i never used your great OS. Really looking forward to see which OEM did you choose to cooperate. Good luck from Italy