@wonka @thomas @kkarhan Please bear in mind that apps are forbidding using alternate operating systems via the Play Integrity API and the end result of hiding that mock location is active would be the OS being forbidden instead of being able to convince them to allow it via hardware attestation. We fully intend to provide per-app location spoofing built into the OS instead of needing the mock location feature but hiding it from apps is pointless if they use the Play Integrity API for this.
@wonka @thomas @kkarhan There's already a mock location feature and we plan to provide a better per-app feature similar to our Contact Scopes and Location Scopes. Ingress and Pokemon Go use the Play Integrity API to enforce having a Google certified OS so they don't allow using GrapheneOS and that's unlikely to change. If we add a feature which doesn't appear via the mock location check, they'll simply not allow using GrapheneOS. If we don't hide it from the existing API, they may whitelist it.
@Kevin20221110 @Life_is_Beautiful @Orca That's not really what's expected since Vanadium only uses EasyList + EasyPrivacy and conditionally also EasyList Germany when the German language is enabled. Brave uses EasyList + EasyPrivacy combined with uBlock Origin's supplemental list for those and a partially enabled list of privacy invasive domains are blocked too. uBlock Origin list has exceptions it makes to unbreak sites so reduces blocking somewhat but it increases it more than it reduces.
@hipsterelectron Linux kernel doesn't really believe in tests, documentation, etc. so it gets done as separate projects. They don't even believe in bug trackers. They had things like sanitizers partially forced on them but aren't actually fixing a large amount of the reported memory corruption and other bugs which build up more and more.
GrapheneOS App Store version 25 released:
https://github.com/GrapheneOS/AppStore/releases/tag/25
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15559-grapheneos-app-store-version-25-released
@abdulrehmaan Probably a one time hardware glitch in that case.
@abdulrehmaan That's an error caused by a hardware issue, not something an update caused. Try fully turning off the device. If it still doesn't work next boot, it's due to hardware damage.
@as400 Our thread is about many of the most popular ad blockers cheating on a (flawed) test. It's not a recommendation to avoid using those ad blockers. We're simply informing people a test which recently got widespread coverage after being linked by Troy Hunt and others with lot of reach does not give accurate results due to ad blockers cheating to get ~100% instead of the ~70% they should actually get due to trying to avoid blocking anything which would break sites.
> I mean with Vanadium you can't just block scripts
That's not true.
> I also don't know if it has some sort of fingerprint resistance.
It doesn't have as many anti-fingerprinting features, but doesn't add lots of new fingerprinting methods. It doesn't currently have enough users to really do well at anti-fingerprinting, but we plan to eventually release it for other platforms when it has more features.
GrapheneOS Info app version 4 released:
https://github.com/GrapheneOS/Info/releases/tag/4
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15530-grapheneos-info-app-version-4-released
@Orca Yes, that's why Vanadium will always use a hard-wired filter list which gets extended based on the configured languages and can only be turned off rather than making specific changes to which filters are used or custom exceptions. We also don't actually see it as a particularly valuable privacy feature due to how easy it is to avoid content filtering for analytics, etc. by tying it together with functionality and even making it first party content despite being from a third party.
Author is willing to fix issues but since ad blockers are cheating it'd need to be moved to another domain after fixing it.
Vanadium will not include rules for cheating at content filtering tests because we think it would be a breach of user trust, regardless of flaws in a test.
Here's where Adguard cheats at the test, which is at least done case-by-case with explanations:
Some of the tested domains are simply not used on other sites. In other cases, it is used that way but blocking it would break sites so they don't do it.
Here's where uBlock Origin simply fudges the results for the test by blocking everything tested by d3ward.github.io:
https://github.com/uBlockOrigin/uAssets/blob/master/filters/filters.txt#L14202-L14206
Brave uses uBlock Origin filters as their base set of filters and then extends it, so it's cheating at the test through that too.
Ad blocking test at https://d3ward.github.io/toolz/adblock is extremely flawed. It tests domains which are not used for ads/tracking and doesn't take into account that mainstream ad blocking is blocking specific paths hosted at those domains. Mainstream ad blockers also cheat at these tests.
@screaminggoat @wdormann It seems they viewed wipe-without-reboot as a new feature which addresses a weakness and didn't treat it as a patch which could go into a non-major release or be backported for other devices. Initial firmware mitigation did not fully block interrupting wiping which is fundamentally not possible (could cut power, etc.) anyway.
The serious part which allowed companies to exploit fastboot mode and extract data was fixed in April 2024 for Pixels and is unfixed elsewhere.
@screaminggoat @wdormann We requested backporting it after it shipped in June and that happened for September 2024.
It took ~3 months to ship the initial 2 fixes, ~2 more months to ship the new wipe-without-reboot feature in Android 14 QPR3 and then ~3 more months after we asked if it could be backported for that to happen. The only thing we don't really understand is why they shipped a firmware mitigation for the wipe interrupt issue in April 2024 instead of just shipping wipe-without-reboot.
@screaminggoat @wdormann The wipe-without-reboot feature we proposed ended up having a device-independent implementation as part of AOSP they shipped in June 2024. We shipped it earlier, and we extended their implementation with 2 extra redundant forms of wiping material needed to derive the encryption keys.
June patch ended up being entirely in AOSP so other devices can ship it instead of making their own. They didn't consider it could be backported in ASB. We requested it and they did it.
@screaminggoat @wdormann We reported the issues as a set of Pixel vulnerabilities being exploited in the wild. The 2 main weaknesses enabling the exploits apply to other devices too, and both us and the Google people understood that but we'd have had to report it to each Android OEM separately and we have a bad experience trying to get non-Pixel OEMs to do anything so we didn't bother. Other Android devices have not yet shipped the reset attack mitigation feature they added in April 2024.
@screaminggoat @wdormann With few exceptions, non-Pixel devices do not ship monthly and quarterly updates. They stick with the initial yearly release and apply backported security patches from AOSP and the hardware vendors. The June 2024 patch was included in Android 14 QPR3 which is available for non-Pixels to ship but they don't do it. It was backported to older releases in the September 2024 Android Security Bulletin. Android Security Bulletin are backports of patches, not the main patches.
@screaminggoat @wdormann Every month, there's a new monthly, quarterly or yearly release of Android. These are the updates shipped by Pixels. This means each year, there's 1 yearly update, 3 quarterly updates and 8 smaller monthly updates. Since Android 14 QPR2, quarterly updates are trunk-based and have as many changes as yearly updates under the hood. Yearly updates enable a bunch of feature flags resulting in much more user-facing change and new features, but quarterly updates are as large.
@screaminggoat @wdormann In April 2024, they also shipped a partial mitigation for the issue of an attacker being able to interrupt wiping the device.
In June 2024, as part of Android 14 QPR3 (3rd quarterly releases of Android 14), they shipped our proposed wipe-without-reboot feature. They called this a Pixel firmware update in the Pixel Update Bulletin even though it was an AOSP patch because the initial partial mitigation was a Pixel firmware patch and the full fix got misclassified there.
@screaminggoat @wdormann These are issues impacting all Android devices, not only Pixels. However, the firmware changes to defend against them are Pixel specific and not within the scope of the Android Security Bulletin. Google can't make other OEMs fix firmware flaws outside the scope of ASB.
In April 2024, they shipped the reset attack mitigation feature we proposed as a Pixel firmware update, but they limited the scope of it to fastboot mode, which fully addresses what we reported to them.
@screaminggoat @wdormann We reported vulnerabilities being exploited by forensics companies in January 2024, but we lacked access to their exploits so we couldn't provide full details. We suggested implementing 2 major security improvements:
1) firmware-based reset attack mitigation zeroing memory on boot
2) wipe-without-reboot support in the OS to avoid needing to reboot to recovery to perform a wipe, which could be trivially interrupted by an attacker
They ended up shipping both of these.
@makuharigaijin @benoit Not initially but it's possible later on. It's already possible to do this with user profiles but not within the same UI.
@synapsenkitzler @korporal Fairphone 5 is an insecure device without basic security patches and security features we require. Our hardware requirements are listed here:
https://grapheneos.org/faq#future-devices
We can't successfully defend users from real world attacks with hardware, firmware and drivers bringing too much insecurity. We need the hardware vendor to be prioritizing security and striving to do much better. Only Pixels are doing this outside of the Apple world.
Vanadium version 128.0.6613.127.0 released:
https://github.com/GrapheneOS/Vanadium/releases/tag/128.0.6613.127.0
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15494-vanadium-version-128066131270-released
@a78e2b0fdcf0736ecc1e1d24477a20d66f06e38f22cb81a409d71d995d0d4479 @4aa5b96b5cfc1940c6e09a1b5c1feef03c1530f0efe995b617806d2a113e33d2 Verizon is one of the worst because unlike T-Mobile, etc. they don't even allow unlocking the device after fulfilling enough of the contract.
@a78e2b0fdcf0736ecc1e1d24477a20d66f06e38f22cb81a409d71d995d0d4479 @4aa5b96b5cfc1940c6e09a1b5c1feef03c1530f0efe995b617806d2a113e33d2 Most carriers don't lock the devices they sell. It's mainly an issue in the US.
GrapheneOS version 2024090400 released:
https://grapheneos.org/releases#2024090400
See the linked release notes for a summary of the improvements over the previous release.
Forum discussion thread:
https://discuss.grapheneos.org/d/15478-grapheneos-version-2024090400-released
Our initial port of device-independent GrapheneOS code to Android 15 is done and we're testing it in the emulator. We still need to port the kernels, device-specific repositories, adevtool and generate the new vendor state. Can already be built for emulator from our 15 branch.
Source code for Android 15 is currently being pushed to the Android Open Source Project. We've already been testing the Android 15 Beta feature flags with Android 14 QPR3 thanks to trunk-based releases. Difficulty of porting is similar to our port from Android 14 QPR2 to QPR3.
September 2024 Android Security Bulletin includes a patch for the wipe bypass we reported: CVE-2024-32896. It's actively exploited by forensic companies across devices. Pixels patched it in June 2024...
September ASB: https://source.android.com/docs/security/bulletin/2024-09-01
June PUB: https://source.android.com/docs/security/bulletin/pixel/2024-06-01
GrapheneOS support for the Pixel 9 Pro Fold is no longer marked experimental and is now available through our production site:
https://grapheneos.org/releases https://grapheneos.org/install/web
Our 2024083100 release has been confirmed to be working and to have a working future upgrade path.
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 135 released:
https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-135
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15450-gmscompatconfig-version-135-released
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 134 released:
https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-134
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15404-gmscompatconfig-version-134-released
GrapheneOS version 2024083100 released:
https://grapheneos.org/releases#2024083100
See the linked release notes for a summary of the improvements over the previous release.
Forum discussion thread:
https://discuss.grapheneos.org/d/15395-grapheneos-version-2024083100-released
We've published an initial experimental release for the Pixel 9 Pro Fold on our staging site:
https://staging.grapheneos.org/releases#comet-stable
https://staging.grapheneos.org/install/web
Our preordered Pixel 9 Pro Fold for our device testing farm hasn't arrived yet so we'll be relying on others to test the early builds.
Source code and factory images for the Pixel 9 Pro Fold have been published. We've added support for it to our Auditor app: https://grapheneos.social/@GrapheneOS/113047519006891751. We're beginning work on adding GrapheneOS support but our test device hasn't arrived yet so we won't be able to test ourselves yet.
Auditor app version 84 released:
https://github.com/GrapheneOS/Auditor/releases/tag/84
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15343-auditor-app-version-84-released
See https://attestation.app/about and https://attestation.app/tutorial for info about the app and optional monitoring service.
#GrapheneOS #privacy #security #android #attestation #VerifiedBoot #MeasuredBoot #HSM #SecureElement #auditor
Vanadium version 128.0.6613.99.0 released:
https://github.com/GrapheneOS/Vanadium/releases/tag/128.0.6613.99.0
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15317-vanadium-version-12806613990-released
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 133 released:
https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-133
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15308-gmscompatconfig-version-133-released
Our 5th release for Pixel 9, Pixel 9 Pro and Pixel 9 Pro XL is available. Main improvement is replacing Linux 6.1.75 with latest GKI LTS (6.1.95). Remaining gap should go away soon. Pixel Thermometer is now supported for 9 Pro / 9 Pro XL and can be installed via our App Store.
iVerify and Trail of Bits have cemented themselves as untrustworthy by not publishing retractions for their fake vulnerability media blitz. News sites failed to publish updates based on it being debunked by multiple security and Android internals experts.
Our 4th release for the Pixel 9, Pixel 9 Pro and Pixel 9 Pro XL is now available. It adds two Bluetooth bug fixes missing from the temporary Android Open Source Project branch for 9th generation Pixels. One of those is a Bluetooth issue we reported.
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 132 released:
https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-132
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15238-gmscompatconfig-version-132-released
Telegram has full access to all of the content of group chats and regular one-to-one chats due to lack of end-to-end encryption. Their opt-in secret chats use homegrown end-to-end encryption with weaknesses. Deleting the content from the app likely won't remove all copies of it.
GmsCompatConfig (sandboxed Google Play compatibility layer configuration) version 131 released:
https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/config-131
See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.
Forum discussion thread:
https://discuss.grapheneos.org/d/15231-gmscompatconfig-version-131-released
GrapheneOS support for the Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL is now available via our official site in addition to our staging site.
https://grapheneos.org/install/web
Most users don't have any issues. 2 people reported an occasional Wi-Fi connectivity issue not happening for others.
Our third release for the Pixel 9, Pixel 9 Pro and Pixel 9 Pro XL is now available with a fix for adjusting volume levels and support for configuration vibration intensity. There have been 2 reports of occasional Wi-Fi connectivity issues which we're currently investigating.