Similar to iOS lockdown mode, Android 16's Advanced Protection feature is misguided. It adds security features exclusive to it which require using all of the other features. This prevents people using new security features if they need to avoid 1 feature.
security.googleblog.com/2025/0…
Advanced Protection: Google’s Strongest Security for Mobile Devices
Posted by Il-Sung Lee, Group Product Manager, Android Security Protecting users who need heightened security has been a long-standing com...Google Online Security Blog
Maronno Winchester reshared this.
GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •Domenico De Treias reshared this.
GrapheneOS
in reply to GrapheneOS • • •ṫẎℭỚ◎ᾔ ṫ◎ℳ
in reply to GrapheneOS • • •GrapheneOS
in reply to ṫẎℭỚ◎ᾔ ṫ◎ℳ • • •ṫẎℭỚ◎ᾔ ṫ◎ℳ
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •Worlds Gone Mad
in reply to GrapheneOS • • •unexpectedteapot
in reply to GrapheneOS • • •I hope long term you have/make a plan, because while what you are describing are legally questionable anti-consumer practices, I don't see them being challenged any time soon. It only gets tighter over time with these monopolies.
Wish I had something more positive to say, but you all are great and I wish you the best in your mission o7 ❤
vax_
in reply to GrapheneOS • • •k2-fsa
GitHubAnselm "Two Sheds" Schüler
in reply to GrapheneOS • • •GrapheneOS
in reply to Anselm "Two Sheds" Schüler • • •Anselm "Two Sheds" Schüler
in reply to GrapheneOS • • •GrapheneOS
in reply to Anselm "Two Sheds" Schüler • • •GrapheneOS
in reply to GrapheneOS • • •Account settings: Your browser is not supported.
g.coNoodlez
in reply to GrapheneOS • • •Alexis
in reply to GrapheneOS • • •GrapheneOS
in reply to Alexis • • •Alexis
in reply to GrapheneOS • • •Viacheslav A
in reply to GrapheneOS • • •Buccia
in reply to GrapheneOS • • •Demi Marie Obenour
in reply to GrapheneOS • • •xyhhx 🔻
in reply to GrapheneOS • • •GrapheneOS
in reply to xyhhx 🔻 • • •Anselm "Two Sheds" Schüler
in reply to GrapheneOS • • •GrapheneOS
in reply to Anselm "Two Sheds" Schüler • • •Ilias
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •RejZoR
in reply to GrapheneOS • • •GrapheneOS
in reply to RejZoR • • •GrapheneOS
Unknown parent • • •@SupportGrapheneOS_667 That's for the Google account rather than Gmail specifically, and it has an impact on Android for the stock OS when logged into a Google account. Several of the Android Advanced Protection features are existing Google Advanced Protection features impacting Android including blocking installing apps from outside the Play Store.
It's possible to use other mail clients but they must implement the modern authentication support which likely requires using a WebView for this.
GrapheneOS
Unknown parent • • •Buccia
Unknown parent • • •Support GrapheneOS 667
in reply to Buccia • • •Never used "Advanced Google Protection" and hopefully never will.
(Thanks for the reply)
Joshua
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •@J3317 @evilcookies98 @wmd eSpeak NG has restrictive GPLv3 licensing that's not appropriate for GrapheneOS. It also doesn't really meet the robustness or security requirements.
RHVoice doesn't implement Direct Boot support so it can't work Before First Unlock. A text-to-speech implementation can of course be installed on GrapheneOS.
We have our own fork of the open source TalkBack included but there hasn't been a text-to-speech app we can include yet and they also mostly require setup too.
Joshua
Unknown parent • • •The Evil Chocolate Cookie
in reply to Joshua • • •Joshua
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •Andromxda 🇺🇦🇵🇸🇹🇼
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •@evilcookies98 @J3317 @wmd We won't bundle code with more restrictive licensing than GPLv2. It would limit GrapheneOS usage.
We haven't locked anything out. You can use eSpeak NG, RHVoice, Speech Recognition & Synthesis, etc. on GrapheneOS. Only Google's app could provide a good out-of-the-box experience anyway. Neither eSpeak NG or RHVoice is up to the task of providing a robust and usable implementation that's ready to go out-of-the-box for an easy initial setup for someone who depends on it.
The Evil Chocolate Cookie
in reply to Joshua • • •GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •@evilcookies98 @wmd @J3317 There are major issues with the open source options both in terms of robustness and usability along with overly restrictive licensing. Google's app is the only one which really meets the requirements but is a closed source implementation.
We've seen some newer apps in development without the same legacy baggage and may be able to include one of them soon. Including one of them does not mean a device will be usable by blind users after flashing/locking though.
GrapheneOS
in reply to GrapheneOS • • •GrapheneOS
in reply to Andromxda 🇺🇦🇵🇸🇹🇼 • • •GrapheneOS
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •Andromxda 🇺🇦🇵🇸🇹🇼
in reply to GrapheneOS • • •Marty_Man_X
in reply to GrapheneOS • • •GrapheneOS
in reply to Marty_Man_X • • •Marty_Man_X
in reply to GrapheneOS • • •thanks for the clarification
In this case can’t be sure why these modes on iOS and Android don’t offer more granular control - might be as simple as: they assume most users, even those who’d benefit from these modes, won’t understand the various elements/what they should enable, so they enable all at once in these modes.
Not saying it’s the right approach just trying to understand if there’s some merit to them.
GrapheneOS
in reply to Marty_Man_X • • •Joshua
Unknown parent • • •GrapheneOS
in reply to Joshua • • •Joshua
Unknown parent • • •The Evil Chocolate Cookie
in reply to Joshua • • •Joshua
Unknown parent • • •Jan Polák
in reply to Joshua • • •@J3317 @evilcookies98 @wmd Direct boot aware apps can run in the time between system boot and first unlock. The app needs to be able to run without an access to (most) of its files, since these are encrypted and need unlocking.
I am not sure what exact implication this has for the usability of screen readers, since I haven't needed one.
The Evil Chocolate Cookie
in reply to Joshua • • •GrapheneOS
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •GrapheneOS
in reply to Joshua • • •desirable_dialogue
in reply to GrapheneOS • • •Would it be a violation of GPLv3 license, or any other licence to which you currently apply, if you include eSpeak NG?
GrapheneOS
in reply to desirable_dialogue • • •GrapheneOS
Unknown parent • • •@joepie91 @J3317 @evilcookies98 @darkyen There are better options than eSpeak NG with the permissive licensing we neeed. Regardless of the choice of the app to fork, there's work involved in forking it and integrating it to work seamlessly out-of-the-box without requiring any setup. There's further work to add TalkBack integration into Setup Wizard.
We're not to blame for a project choosing licensing which is broadly known to be something many companies want to avoid. That choice limits usage.
Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •GrapheneOS
in reply to GrapheneOS • • •@joepie91 @J3317 @evilcookies98 @darkyen github.com/k2-fsa/sherpa-onnx is an example of a permissively licensed and more modern implementation. We have not reviewed it in depth and far away from being able to bundle a fork of it into the OS. All we know is that it's what many of our users recommend we use when this is brought up.
It also supports speech-to-text in addition to text-to-speech and various other functionality. It's more like Google's speech services app. Doesn't mean it's ready to ship.
GitHub - k2-fsa/sherpa-onnx: Speech-to-text, text-to-speech, speaker diarization, speech enhancement, and VAD using next-gen Kaldi with onnxruntime without Internet connection. Support embedded systems, Android, iOS, HarmonyOS, Raspberry Pi, RISC-V, x86_6
GitHubSven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •@joepie91 @J3317 @evilcookies98 @darkyen If we include this, there are other people who are going to be very angry about it because it's based on neural networks.
bsky.app/profile/stopgenai.com…
bsky.app/profile/stopgenai.com…
This is how modern speech-to-text, text-to-speech, translation, automatic captions, etc. are all implemented. If we tied our hands and refused to use anything using neural networks, we wouldn't be realistically ever able to include speech-to-text, translation, captions, etc.
The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •@joepie91 @J3317 @evilcookies98 @darkyen
> There is already a viable system which can be implemented today, as has been presented to you by someone *who actually uses these accessibility tools*, which is espeak.
No, a dozen people who depend on text-to-speech to use their devices have told us they cannot possibly get by with eSpeak NG as their text-to-speech implementation. They would use it to get from the start of the setup wizard to installing a proper TTS app. We want a decent feature.
Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •@J3317 @evilcookies98 @darkyen There are, to my knowledge, exactly *zero* models in the LLM/GenAI space that are actually open-source by any reasonable definition, and there's good reason to believe that they can't ever be (because this amount of training data is virtually impossible to ethically source), so the idea of this kind of model as an open-source solution is essentially vaporware.
There is already a viable system which can be implemented today, as has been presented to you by someone *who actually uses these accessibility tools*, which is espeak.
GrapheneOS
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •@J3317 @evilcookies98 @darkyen I have literally suggested a solution for this several posts up, that would absolutely work.
"Do not want to do this" is a very different thing from "cannot do this".
GrapheneOS
Unknown parent • • •@joepie91 @J3317 @evilcookies98 @darkyen You should check back on the article you spread and attacked us over. The person who published it retracted it and apologized to us for approaching it that way. They want to help us integrate and test something that is acceptable for us to ship instead.
The app which multiple people have recommended to us is github.com/k2-fsa/sherpa-onnx. We would still need to review it, fork it and integrate it to have a seamless out-of-the-box auto-configured experience.
GitHub - k2-fsa/sherpa-onnx: Speech-to-text, text-to-speech, speaker diarization, speech enhancement, and VAD using next-gen Kaldi with onnxruntime without Internet connection. Support embedded systems, Android, iOS, HarmonyOS, Raspberry Pi, RISC-V, x86_6
GitHubSven Slootweg (soft-deprecated)
Unknown parent • • •Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •GrapheneOS
in reply to Sven Slootweg (soft-deprecated) • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •@evilcookies98 @J3317 @joepie91 @darkyen What shiny stuff? We're working on keeping GrapheneOS alive despite having our lead developer forcibly conscripted to fight in a war. Our entire focus has been on Android 16 porting for weeks. The only things we've shipped recently are minor features implemented weeks or months ago which were sitting as open pull requests which hadn't been fully reviewed and tested yet.
We don't even have a real boot animation since our focus is so much on the core OS.
The Evil Chocolate Cookie
in reply to GrapheneOS • • •Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •@J3317 @evilcookies98 @darkyen As I have brought up before, that system appears to be based on LLM/GenAI tech and models, which means it cannot ever be open-source.
And what the author of the article decides to do frankly has no bearing on my arguments here. You are still presenting "do not want to do" as "cannot do", which are two very different things.
GrapheneOS
in reply to Sven Slootweg (soft-deprecated) • • •@joepie91 @J3317 @evilcookies98 @darkyen
Proposing building and testing twice as many releases as the solution to anything where we cannot do both things at once in the same builds is something we regularly see about multiple topics including root access. It's not something realistic. It would require an enormous amount of resources.
16 separate 45 minute OS builds followed by a long release signing process and then delta generation from previous releases is already a huge amount to be doing.
The Evil Chocolate Cookie
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •GrapheneOS
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •Joshua
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •GrapheneOS
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •GrapheneOS
Unknown parent • • •@evilcookies98 @J3317 @joepie91 @darkyen No, the app needs to be forked to work out-of-the-box without configuration. In order for us to use an app, it needs to be something meeting the license requirements. We also need to integrate enabling the screen reader we provide into the setup wizard.
Since this will be enabled by default and handling untrusted input, the security is important.
We're responsible for keeping our users safe and upholding the standards we have committed to providing.
The Evil Chocolate Cookie
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to The Evil Chocolate Cookie • • •@evilcookies98 @darkyen @J3317 @joepie91 It is not us being petty. We have license requirements which we are committed to following. There would be serious consequences to us breaking that commitment.
eSpeak NG is not the only open source TTS app.
Regardless of which app we use, we'll make it work at first boot after installation without downloading any language packs, without configuring anything, etc. We need to add setup wizard screen reader integration. We have been working towards it.
The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •@evilcookies98 @J3317 @darkyen @joepie91 In order for it to be available, it has to be built into the OS. In order to build it into the OS, it has to use the licensing we have committed to using. This is not about idealism, it is about what we need in order to continue GrapheneOS development.
eSpeak NG is not the only open source TTS app. There are multiple apps in the running for being chosen to fork for this purpose. It isn't one of them due to the license, but several others are.
GrapheneOS
in reply to The Evil Chocolate Cookie • • •@evilcookies98 @darkyen @J3317 @joepie91 This doesn't have to do with perfectionist standards. We've made a commitment to not using GPLv3 licensing.
Bundling the eSpeak NG APK into GrapheneOS will not providing the accessible experience from the start of the setup wizard you want us to provide. It would only mean it doesn't have to be installed. There is significantly more to making it into a seamless thing which works out-of-the-box including activating TalkBack on the first setup wizard page.
GrapheneOS
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to GrapheneOS • • •@evilcookies98 @darkyen @J3317 @joepie91 The reason we made our TalkBack fork is as part of working towards providing this. The TalkBack fork has been getting tested and some major issues with it got resolved.
It often takes us a long time to get features finished. We had no network location included in GrapheneOS from 2014 until late 2024.
It is a non-profit open source project. We accept external contributions and most people we've hired started as external contributors to the project.
GrapheneOS
in reply to Joshua • • •@J3317 @evilcookies98 @darkyen @joepie91 We've been missing a TTS engine since after SVOX Pico was removed from the Android Open Source Project alongside them dropping the requirement to have TTS in order to keep AOSP passing the Compatibility Test Suite. This is from before the time of the currently available TTS apps.
It would have been possible to fork SVOX Pico and overhaul it to fix the memory corruption, etc. but that didn't happen. Back then we also had literally 1 developer.
GrapheneOS
Unknown parent • • •The Evil Chocolate Cookie
in reply to GrapheneOS • • •GrapheneOS
Unknown parent • • •@evilcookies98 @J3317 @darkyen @joepie91
> you don’t like the license
No, that's not it. It is not about disliking it. We do not have an issue with GPLv3 in general. It's only including GPLv3 code in GrapheneOS that's a problem. We could package the app in our App Store but that isn't going to help with this. We need something built into the OS.
GrapheneOS
in reply to The Evil Chocolate Cookie • • •The Evil Chocolate Cookie
in reply to Joshua • • •The Evil Chocolate Cookie
in reply to Joshua • • •Joshua
in reply to The Evil Chocolate Cookie • • •Joshua
in reply to GrapheneOS • • •The Evil Chocolate Cookie
in reply to Joshua • • •GrapheneOS
Unknown parent • • •Joshua
Unknown parent • • •The Evil Chocolate Cookie
Unknown parent • • •Joshua
in reply to The Evil Chocolate Cookie • • •GrapheneOS
in reply to Joshua • • •@J3317 @evilcookies98 @joepie91 @darkyen Yes, and those are all Google Mobile Services devices. They can all use Google's full closed source TalkBack implementation and can use Google's speech services app if they don't have their own one.
GrapheneOS doesn't include Google Mobile Services so a bunch of things that provides are missing from what we're starting from and we've had to gradually implement them ourselves.
What we're starting from has no setup wizard, no update app, etc.
Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to Joshua • • •@J3317 @evilcookies98 @joepie91 @darkyen
We currently have 3 senior devs, but 1 is fully unavailable to work on the project (war) and one is largely unable to work on development right now. 3rd was on a long sabbatical to deal with a major move between countries. They came back due to the emergency, but they were not up to speed on everything.
We have 1 new experienced dev we just hired full time due.
There are ~6 junior devs but only half full time and several are away right now.
GrapheneOS
in reply to GrapheneOS • • •@J3317 @evilcookies98 @joepie91 @darkyen We need senior developers to review other people's work and guide them so productivity is very low right now due to the lead developer being conscripted. This hasn't been a good few months to get much done.
Android 16 is right around the corner and we're dealing with unexpected regressions which have come up which is taking time away from important preparation work for it.
Our focus right now is preserving what we have, which takes a lot of work.
Joshua
in reply to GrapheneOS • • •GrapheneOS
in reply to Sven Slootweg (soft-deprecated) • • •GrapheneOS
Unknown parent • • •@darkyen @evilcookies98 @joepie91 @J3317 We could use github.com/k2-fsa/sherpa-onnx to provide text-to-speech and speech-to-text. Speech-to-text would be very helpful for accessibility and would enable adding automatic subtitles.
How else could we provide speech-to-text than a neural network approach?
Many of the aggressive voices for accessibility at all costs including disregarding licensing and security are going to switching to demanding we avoid including anything using neural networks instead.
GitHub - k2-fsa/sherpa-onnx: Speech-to-text, text-to-speech, speaker diarization, speech enhancement, and VAD using next-gen Kaldi with onnxruntime without Internet connection. Support embedded systems, Android, iOS, HarmonyOS, Raspberry Pi, RISC-V, x86_6
GitHubJan Polák
in reply to GrapheneOS • • •@evilcookies98 @joepie91 @J3317 Somebody in this thread already said that something is better than nothing and they can always install their preferred TTS later, so I would't worry too much about it.
I dislike the modern "AI" hypetrain as anybody else, but some things *are* well suited for neural networks, voice interface being one of them.
There might be ethical problems with training datasets, but surely that is better than breaking OSS licenses outright?
GrapheneOS
in reply to Jan Polák • • •Jan Polák
in reply to The Evil Chocolate Cookie • • •GrapheneOS
in reply to GrapheneOS • • •@darkyen @evilcookies98 @joepie91 @J3317 However, look at one of the responses we got about mentioning wanting to add text-to-speech and speech-to-text this way:
grapheneos.social/@GrapheneOS/…
If people are going to give us a hard time and try to harm us if we ship speech-to-text which is not really feasible for us to do another way, what are we meant to do about providing those accessibility features?
Text-to-speech CAN be done in the older more hard-wired way but the modern ones have moved on.
GrapheneOS
2025-05-26 01:44:03
Jan Polák
in reply to GrapheneOS • • •@evilcookies98 @joepie91 @J3317 You will never make everybody happy. However, the linked people don't want an LLM and as far as I know, TTS and STT are not based on an LLM architecture. They don't have a way to generate new words. It is just a way to compress rules about making human sounding sounds into a data file. So you could still add it without adding any LLMs.
Claiming that an accessibility feature people need is a slippery slope to adding ChatGPT are just petty.
Sven Slootweg (soft-deprecated)
in reply to GrapheneOS • • •@J3317 @evilcookies98 @darkyen This was about espeak, not RHVoice; and to my knowledge, espeak is algorithmic in nature and not trained on a massive dubiously sourced set of training data, which means it does not suffer from the same problem.
I have my doubts that this discussion is going to be moving in a productive direction for either of us, so I'll leave you with this comment:
The way you've responded to this situation has damaged your reputation in my eyes *far* more than that article ever could have.
You've yelled at a blind person for expressing their frustration with being excluded, you've threatened pausing development on accessibility entirely (which feels rather "look what you made me do!"), you've repeatedly refused to take responsibility for your decisions by framing them as if they are out of your hands, and you've confirmed the long-standing rumours that you call all criticism "attacks" (which is something I'd remained undecided on until now because I didn't have enough information, but now got to see first-hand).
You yell a lot about how that article has "harmed the project", but if you're concerned about harm to the project, I think that you need to be looking inward instead, at the way you interact with criticism.
GrapheneOS
in reply to Sven Slootweg (soft-deprecated) • • •@joepie91 @J3317 @evilcookies98 @darkyen
It's clear you've been heavily influenced by attacks on the project and team. If this is your attitude, avoid contacting us.
We haven't yelled at anyone. We were attacked with now retracted false claims, hyperbole and claims that we're cruel because we get things implemented slowly and need to use software meeting our requirements.
GrapheneOS is missing features some people need to use it. That doesn't only apply to blind users. We're working on it.
GrapheneOS
in reply to GrapheneOS • • •@joepie91 @J3317 @evilcookies98 @darkyen
Not having features everyone needs to use GrapheneOS despite our ongoing work improving many different areas of usability and accessibility doesn't mean we don't care. It takes us a long time to implement things. We had no network location from 2014 until late 2024. We had no compatibility with apps depending on Google Play until summer 2021. We still have a bunch of legacy AOSP sample apps. We'd have SVOX Pico TTS if it wasn't removed from AOSP.
Alexis
Unknown parent • • •