Replying to Avatar Final

As a preview of what's going to be possible in the upcoming release of #GrapheneOS, here's a screenshot from a Pixel Tablet running desktop Chrome in a virtual machine with basic GPU acceleration via ANGLE on the host. The infrastructure is a lot more robust than the Terminal app:

Our next release also enables running the Terminal app in secondary users. There's still the temporary limitation of only being able to use a single VM on the device at a time because the dedicated internal network interface it uses for the Terminal app isn't split up at all yet.

GUI VM support will have 2 main use cases:

1) Running a specific app or an entire profile via GrapheneOS virtual machines seamlessly integrated into the OS.

2) Running Windows or desktop Linux applications with desktop mode + USB-C DisplayPort alt mode on the Pixel 8 and later.

This virtual machine management app (Terminal) will be handling the 2nd case. It's essentially already available in a very primitive way. We expect this to become much more usable and robust entirely from the upstream Android work on the virtual machine and desktop mode features.
Avatar
Final 4mo ago 💬 21

Android 16 QPR1 is a big deal for #GrapheneOS.

All of the major desktop mode features will be available in this version. A lot of it is available as developer options for an early preview on GrapheneOS but will be fully production ready by the time we have A16 QPR1.

This will allow a Desktop experience for users. Modern Pixels can then dock their device and use a mouse and keyboard to navigate the UI.

A functional desktop mode is huge, but it is a stepping stone towards a far greater feature target for us: A Desktop OS VM manager.

One OS feature (the Linux terminal app) already provides a Linux command line using a Debian virtual machine. Ideally, we would want to move away from a non-hardened desktop distribution like Debian, which the upstream uses, and have something an ARM build of secureblue, securecore or even a gold target for Windows 11 ARM for superior app compatibility.

Here you can see desktop operating system apps within a freeform window over the standard GrapheneOS applications. There are many unique setups and software choices if we can further develop this:

nostr:nevent1qqsxfr077j8sv4qgd3u43z0pqae52kxldseu3zzc4z5sy8f20ujq8pcppemhxue69uhkummn9ekx7mp0qgstnr0dfn4w5grepk7t8sc5qp5jqzwnf3lejf7zs6p44xdhfqd9cgsrqsqqqqqptkgq9j

nostr:nevent1qqsrl9npdmj50snnk8ue9m285n6rkjwnu269sasuw0pk4yashmafwtqpzpmhxue69uhkummnw3ezumt0d5hsyg9e3hk5e6h2ypusm09ncv2qq6fqp8f5clueylpgdq66nxm5sxjuygpsgqqqqqqst0wkpg

Gaining desktop functionality and including being able to run GUI Windows and desktop Linux applications via hardware accelerated virtualization will then lead to further innovative features, including:

1) Running a specific app or an entire profile via GrapheneOS virtual machines seamlessly integrated into the OS.

2) Running Windows or desktop Linux applications with desktop mode + USB-C DisplayPort alt mode on the Pixel 8 and later.

3) Create an amnesiac virtualized environment nested within the OS user that could be plausibly deniable.

There are also a few massive targets that would take a lot of work and wouldn't be seen yet, but worth considering. For example, Android provides Chromium's layer-1 sandbox as an OS feature available to be used by any app via isolatedProcess. It would be fantastic to move this to virtualization using microdroid. It'd be a large project, but have a very high impact for browsers, like per-site virtual machine instances. That would provide security above Tor Browser and comparable to Microsoft Edge's deprecated Application Guard feature that ran Edge in an isolated virtual machine but at a more seamless and useable scale.

Since isolatedProcess is an OS API, it'd benefit all Chromium-based browsers and other apps using it rather than being specific to Vanadium. That'd be a difficult project but we can consider it as a future large feature on the same scale as our sandboxed Google Play feature. This would make many apps get a large security boost.

Reply to this note

Please Login to reply.

Discussion

Avatar
Ryan 4mo ago

nostr:nprofile1qqsp3yzapfwkyw4cr2vt4xx9s27474lj2pkxhqyfqh79n826pv3fkzqpz4mhxue69uhkzem8wghxummnw3ezumrpdejqzyrhwden5te0dehhxarj9ekxzmnyqy28wumn8ghj7un9d3shjtnyv9kh2uewd9hsrqj9zl this is another reason to go for an pixel 8 over 7.

Avatar
node 4mo ago

Desktop mode. Very interesting. You’re right iI’l wait a bit. The longer update period is really good

Avatar
Ryan 4mo ago 💬 1

Once the 10 drops price will go down I'm sure.

Avatar
node 4mo ago

August 20th is real soon ™

Avatar
Marc 4mo ago

What's wrong with the 7?

Avatar
Ryan 4mo ago

It won't to desktop mode. 8 series and higher.

Avatar
node 4mo ago

Nothing’s wrong with it. The 8 is just more powerful and has more features. Like that note on top

Avatar
Final 4mo ago

The Pixel 8 and later is far more secure than the 7th generation and earlier because ARMv9 hardware security features like hardware memory tagging are available and the OS uses them. It's a huge difference but not something people would see with their own eyes. The 9 is slightly better than the 8 but not in a huge jump like 7 to 8 is.

f0
DarthSatoshi 4mo ago

Which docking station would the user need?

Avatar
Final 4mo ago

Any USB-C dock or cable that works with displayport alt mode will do. A docking station is useful if you wanted to plug in USB peripherals like keyboards and mice, but they can be done through Bluetooth accessories if you wanted.

ee
eee8f902... 4mo ago

This will probably be what makes me upgrade from my Pixel 6a. My Graphene device does pretty much everything I need on a day to day outside of work. Only occasionally do I need a keyboard and bigger screen to work with documents etc, which is why I keep a Thinkpad.

Exciting!

nostr:nevent1qqsp6h3qsgdc78ww0jfc8v6p5jpzg280r2ecrywsyzp75yy7z698kdqpz3mhxue69uhkummnw3ezummcw3ezuer9wcpzpwvda4xw463q0yxmev7rzsqxjgqf6dx8lxf8c2rgxk5ekayp5hpzqvzqqqqqqy4rf3tk

Avatar
Slimer 4mo ago

When are we to expect QPR1? 👀 This looks cool

Avatar
Final 4mo ago 💬 1

Upstream? Around September

Avatar
Slimer 4mo ago

Nice 🤙 look forward to GrapheneOS's build soon after hopefully

cb
cbc411bb... 4mo ago

I would love to be able to run Tails.net . Especially with the Persistent Storage feature

Avatar
2140.wtf #blockworkgallery 4mo ago

Excellent

Avatar
Final 4mo ago

Update: A16 QPR1 stock still keeps Desktop as a developer feature rather than production :( BUT, it is far more functional.

Avatar
EverlastingOS 1mo ago

When will Android 16 QPR1 be out? Need GrapheneOS on my pixel 10 ASAP :P

Avatar
Final 1mo ago

If you have seen the latest news, we are now working on that. Because of how big the changes are there won't be a release immediately. Pixel 10 can start once there's production ready builds, which may take some weeks for the whole thing to come through.