Graphene is a 2D sheet of carbon atoms forming an extremely strong and thin material. The properties of the material make it a fitting name for the project.
You can easily make small amounts of graphene yourself that way. It's not an exotic material. It's only hard to make a large sheet of it. It was a neat name for this project based on the simplicity and yet immense strength of it.
The previous name being Android Hardening Project it made sense to evolve the branding this way.
It has no relation to any biological applications that people might infer.
A patch has been released for this issue for those holding out in Apple land.
However for those of you on Android already, how quick would your chosen device manufacturer and/or alternate OS if any take to implement it?
There is a reason Pixel devices are regarded highly by genuine security advocates and even more so why they are the chosen device of the just as recommended and regarded GrapheneOS.
GrapheneOS hitting it out of the park again with security patches BEFORE Google or other OSes release them.
โ full 2023-09-01 security patch level (early release based on AOSP 13 security backports since the AOSP/stock monthly release is not available yet)
#TakingSecuritySeriously
Fantastic, glad to have you on board, welcome to the community. Please reach out if you have any questions or need assistance with anything.
๐ซก
6th Gen Pixel > are recommended for #GrapheneOS
Happy to help with any questions but in the mean time please read our comprehensive documentation and then fire away AMA.
Take care Ian, have a great day.
grapheneos.org
Fellow fan of the Shokz, for the rink and the skatepark they're perfect.
nostr:npub1l3gpk6vrudg8r67swqlex5alv9ch59s4lw46kk6hekuxe2n3aczsyqvu48 nostr:npub1jmlh72aghydlx785ljqlfsx473068wykyxlmaj829rqrm7t30hdqu2gnlz That's because you're a moron and have no idea how any of this works.
/s
I hear the GrapheneOS community can be quite toxic.
Who us?
Your Google account is referenced by Inter Process Communication (IPC). A voluntary decision by the user when logged into Play Services.
Running Play Services in a secondary user means you can End Session, put it back to rest and prevent any further running. Play Services and Google API can only run if you use the former or install apps built with Google SDK that include them. You're in total control. Happy to discuss it more if you have concerns, questions etc.
MicroG is there in the system doing it's thing regardless all the time along with Google connectivity checks, network time, attestation key provisioning, SUPL, PSDS (Pixel 6 and 7), eSIM activation. Nevermind that while the 'implementation' is open source the rest is still privileged Google Services on other OS.
Whatever though, we all pays our money and makes our choices, your prerogative to use what fits so long as you're happy alls well with the world.
Take care and be well.
If you're happy to be able to screenshot incognito tabs then the current upstream chromium implementation, and Vanadiums default going forward is fine for you.
If you wish to protect them again as was the case until this change then the above is required.
Per the note below, having done some digging this was definitely an intended change, however I also have a work around...
Source:
https://chromium-review.googlesource.com/c/chromium/src/+/4135877
Workaround:
1. Open Chrome Flags - chrome://flags/
2. Set the following -
I know what you were offering came from a position of positive helpfulness. No disrespect there. However the dicussion was around Google having privileged system level access. Only GrapheneOS removes this completely as outlined in the attached note.
I did not mean to belittle your suggestions and value, appreciate you mentioning GrapheneOS, tbankyou.
No root nor command line interface use required. A simple step by step button click process is available which avoids any risk pf hard bricking a device. With people like myself on hand to help hand hold if needed.
grapheneos.org/install/web
Just be aware that GrapheneOS and Calyx are VERY different offerings, I'll leave this note here to save typing it again but if you want to know anything the same offer at the end of it applies here too.
Pixels use the open source Trusty OS and Open Titan as the basis for the TEE and RISC-V secure element.
Translation: "we only work with government-friendly hardware".
There are plenty of security/oss centric Android devices out there.
You can talk with fairphone: https://www.fairphone.com/ or pinephone: https://www.pine64.org/pinephone/ or purism: https://puri.sm/products/librem-5/
Nope. Nothing. Zero. Just the hardware from the best buddies of US law enforcement agencies (not even being ironic about this fact)
Fairphone:
Fairphone 4 receives the monthly Android Security Bulletin patches 1-2 months late and the recommended Android security patches years late. For the past devices, they've also promised to provide many years of support but cut off security support after 2-3 years. That's not good.
Fairphone 4 is missing a secure element providing important standard hardware-based security features. It also has a completely broken implementation of verified boot and hardware-based attestation. Hardware wasn't configured securely. They'd need to fix this and likely didn't.
Even if they were able to support the Fairphone 5 as long as they claim, which has never held up in the past, we require proper security patches that are complete and delivered on time. Not acceptable to have the ASB patches always delayed by 1-2 months and other patches missed.
For their past devices, they make huge promises they end up being unable to keep. They said they'd support the Fairphone 4 for a long time too, but it's clear that it's not going to get security support for the whole lifetime which means their support promises are misleading.
For the existing devices, their definition of long support time has meant that when their device receives a final OS update from 2020 in 2022, they refer to it as receiving 2 more years of support than a device which received that as a final update in 2020. It makes little sense.
Pinephone:
Librem:
nostr:nevent1qqsd6k8uvl337nacmzyd0d75vkjyqcg058lluuhuqcvd3sqw4470qvgcsdh8c
I uninstalled and was able to reinstall, I am using the latest nightly of Aurora.
You do not have a modded GCam installed in another user by any chance?
This issue has been resolved and anyone affected who may have made this change can now revert it.
A fix has been deployed and this should not happen again with the current setup.
Fake YouPorn extortion scam threatens to leak your sex tape - A new sextortion scam is making the rounds that pretends to be an email from the adult si... https://www.bleepingcomputer.com/news/security/fake-youporn-extortion-scam-threatens-to-leak-your-sex-tape/ #security
Didn't know I had one to leak apparently ITSEC knows something I don't ๐๐คฃ
There appears to have been an upstream change to Chromium and therefore Chrome and Vanadium on GrapheneOS that results in screenshots being able to be taken of both standard AND incognito tabs.
We're investigating and looking to see if we can reinstate/resolve this. Should this be possible, I will provide further info.
Set Aurora to open these links in App Info>Open by Default
https://play.google.com/store/apps/details?id=com.google.android.GoogleCamera
Yes, to be extra careful you can use a secondary user to isolate it, from IPC and seeing any other apps installed as I imagine you won't be signing in for any data to be tied to an identity. The rest of the GrapheneOS privacy featureset will of course be applied eg no access to hardware identifiers etc.
You can also use Google Maps with and without sandboxed Play Services and with or without network location provider.
By default all location requests are routed via the OS API so effectively GPS/GNSS ONLY.
Yes appreciate that this was cleared up GrapheneOS is a hardened privacy and security focused OS with no Google services either baked into or used by the system by default.
LineageOS is not.
https://ente.io/ is another one I see recommended and you also have https://cryptomator.org/ too.
Interesting question and one GrapheneOS devs are all too familiar with...