Nostr Web Client

After our Android 16 port was completed yesterday, we started fixing an Android tapjacking vulnerability disclosed last month:

https://taptrap.click

We have a fix implemented and it will be included in our next release, likely with the monthly Android 16 update tomorrow.

This vulnerability was disclosed to Google in October 2024 and Android still hasn't fixed it. Security researchers should report vulnerabilities to #GrapheneOS in addition to Google. This now joins many other fixes for serious vulnerabilities which are exclusive to GrapheneOS.

Shawn 6mo ago

If I understand correctly, this will be in Stable?

Reply to this note

Please Login to reply.

Discussion

Final 6mo ago

A GrapheneOS Android 16 release SHOULD be in Stable by today. This update with patch will release shortly after then go into stable a while after.