Documentation about #GrapheneOS removing sensitive data in memory is now available in the features page.
https://grapheneos.org/features#clearing-sensitive-data-from-memory
Christmas has been a big day. Merry Christmas everyone. Wishing good luck over the new year and beyond.
GrapheneOS started in 2014 and was previously called CopperheadOS due to a sponsorship by an abusive, malicious company. GrapheneOS is a continuation from the original team and the product with the older name is now a low-effort proprietary fork. Original CopperheadOS is GrapheneOS.
It was known for a while DivestOS, Mull and others were going to end (at least internally), it's a big job for one person. GrapheneOS has 7 full time developers for comparison.
#DivestOS development has ended
There are rooms on SimpleX that are not official as there's no ability to bridge SimpleX with all our other platforms and that the nature of SimpleX makes it very difficult to moderate, worse than Matrix in fact and therefore bridging it would be a nightmare.
We had to disable bridging attachments through platforms except Discord due to a lot of gore, CSAM, pornography being sent in raids through Matrix. It would negatively impact all the other users.
A temporary General and Off Topic specific to Telegram has been made and will be unbridged.
I imagine these are pretty easy assumptions for some, but:
- How are OS / App updates managed?
- What is the Prime's battery life?
- What is the security model for apps? (Maybe explain App signing, sandboxing, permission management, available App APIs?)
- How is disk encryption implemented?
- My PC doesn't have Bluetooth, can I still use Prime?
- Can I use Prime airgapped?
- What protections are there against physical attacks?
- I already have a HWW, is Prime still useful?
- How does Stateless Mode work?
- What makes Prime better than a standard U2F Key (i.e. YubiKey)?
- What makes Prime better than a TOTP password manager on your phone?
- What is the feature roadmap for Prime?
⬆️⬆️
Interesting, thanks! I'll have to see more about this when more media becomes available.
A lot of positives from me to note, and I see a ton of the inspiration from the Precursor developer project on here. Hope this authenticator / storage device works well.
Want to get clarification on this before making any comments: are any uses the Bluetooth / QuantumLink mandatory? If there is, what would that be? I see there's no detailed manuals on site right now.
This isn't me making a concern of the device at all since Bluetooth as an attack surface would affect the device connecting to the Prime more than the Prime itself. I'm mainly asking for the users who choose to minimize remote attack surface on their phone by only using Wi-Fi and nothing else.
We're very disappointed Let's Encrypt is ending support for proper revocation checks via OCSP Must-Staple which is the only efficient, private and secure method not depending on a browser-specific service:
https://letsencrypt.org/2024/12/05/ending-ocsp/
No replacement is being offered for the feature.
The built-in nginx support for OCSP stapling doesn't have a way to properly save the last valid result and reuse it but nginx fully supports handling it via an external service. We use https://github.com/tomwassenberg/certbot-ocsp-fetcher for reliable OCSP stapling and it has always worked very well for us.
Short-lived certificates are officially defined as having a 7 day or lower lifetime. It would be a good replacement for OCSP Must-Staple not requiring any client/server support. Let's Encrypt doesn't support short-lived certificates and hasn't announced any plans for adding them.
Let's Encrypt has been very positive about the concept of short-lived certificates and is likely going to implement them which is great. Removing Must-Staple before those are available isn't great. Short-lived certificates aren't even being listed at https://letsencrypt.org/upcoming-features/ yet.
They've heavily implied that they'll try to implement short-lived certificates in 2025, so there will eventually be a replacement for Must-Staple. It will probably come after Must-Staple has been removed for quite a while already. It's not great having things regress before that.
Alpha and beta testing for regressions on the upgrade to Android 15 QPR1 has went well. Hopefully a version of GrapheneOS will reach Stable soon. Thank you!
Can we make Molly integrate bitcoin ecash?
nostr:nprofile1qqs9pk20ctv9srrg9vr354p03v0rrgsqkpggh2u45va77zz4mu5p6ccpzemhxue69uhk2er9dchxummnw3ezumrpdejz7qgkwaehxw309a5xjum59ehx7um5wghxcctwvshszrnhwden5te0dehhxtnvdakz7qrxnfk do you think it's doable? Your are the ecash master.
Last I heard they wanted to work with Monero for this, there's a Monero bounty for it
GrapheneOS version 2024120700 released:
https://grapheneos.org/releases#2024120700
See the linked release notes for a summary of the improvements over the previous release.
Forum discussion thread:
https://discuss.grapheneos.org/d/17970-grapheneos-version-2024120700-released
#GrapheneOS #privacy #security
FIRST GRAPHENEOS VERSION BASED ON ANDROID 15 QPR1 NOW OUT #GrapheneOS
I wouldn't know about what happened to that repo, sorry. A user on our forum reported it going a few days ago then another said it came back. If it is offline again then I'm not sure what happened as I am not Cake Wallet.
Given there's been no communication about it (that I can see) I'm not assuming it's been ditched.
Happy 100k! 🥳🎉
I will continue spending or swapping with my sats no matter the highs.
Welcome nostr:nprofile1qqsfzszrtw60ut24h28k0qy3cdyxhvpp2zx4lwyqzdfm7xwjsaxsj2qpzamhxue69uhhyetvv9ujumn0wd68ytnzv9hxgtc7qsr78 (and Cupcake) to Accrescent.
