Post Arj7yn4UBYE75ctph2 by antsyboi@mastodon.social
(DIR) More posts by antsyboi@mastodon.social
(DIR) Post #Arj7yg1kNKsPF6Z2x6 by GrapheneOS@grapheneos.social
2025-03-04T19:08:34Z
0 likes, 0 repeats
The stable release of Android 15 QPR2 is coming out today. Since around the same time last year with Android 14 QPR2, quarterly releases have been trunk-based which means they ship the development branch changes. It's a large release similar to a yearly release under the hood.
(DIR) Post #Arj7yhMhOvELONNIFU by GrapheneOS@grapheneos.social
2025-03-04T19:12:01Z
0 likes, 0 repeats
We did some work to prepare for the quarterly release and we'll be hard at work porting to it. We made an early March security release with the Android Security Bulletin patches yesterday. The full Pixel 2025-03-05 patch level requires Android 15 QPR2 so it's a high priority.
(DIR) Post #Arj7yiI7xPASGUF9lI by GrapheneOS@grapheneos.social
2025-03-04T19:15:11Z
0 likes, 0 repeats
Android Security Bulletins are the subset of the Android security patches backported to older releases (12, 12L, 13, 14, 15). Those don't include Moderate or Low severity patches and only cover a small subset of hardware-related patches. The full patches require more than that.
(DIR) Post #Arj7yj3z5TRseudNM8 by GrapheneOS@grapheneos.social
2025-03-04T19:17:48Z
0 likes, 0 repeats
We regularly use the ASB backports to make an early security update prior to the stock Pixel OS and Android Open Source Project monthly, quarterly or yearly release being published. We're currently waiting for the AOSP quarterly release to be pushed, hopefully within a few hours.
(DIR) Post #Arj7yjZBDUP0DfEHyq by GrapheneOS@grapheneos.social
2025-03-04T19:18:45Z
0 likes, 0 repeats
Ideally, we'd have early access to the monthly, quarterly and yearly release to get the porting and testing done early. Instead, we need to make an enormous effort to quickly port everything and work through any issues to get quarterly and yearly releases out in a couple days.
(DIR) Post #Arj7ykJcQpY6XgxNMe by GrapheneOS@grapheneos.social
2025-03-04T19:19:57Z
0 likes, 0 repeats
Most Android OEMs have early access as Google partners. Google's security team wanted to get us partner access but their business team vetoed it and has unreasonable, essentially unobtainable requirements for getting it. We need an OEM to work with us and it would help us a lot.
(DIR) Post #Arj7ylYXop5AOGwoGe by jgoodleaf@mstdn.social
2025-03-04T19:27:09Z
0 likes, 0 repeats
@GrapheneOS Maybe this is common knowledge and I've missed it. But have you approached any OEMs? I would think Nothing would be a good fit.
(DIR) Post #Arj7ym93d4I0DW1yBE by antsyboi@mastodon.social
2025-03-04T19:54:24Z
0 likes, 0 repeats
@jgoodleaf @GrapheneOS From what I understand (so this may not be 100% correct) but fostering a complete relationship with an OEM would be hard and getting one that could produce a product that meets GrapheneOS's standards. Nothing uses less secure Qualcomm chips which don't meet the minimum spec for new support for a phone for GrapheneOS. (https://grapheneos.org/faq#future-devices) They also previously used Mediatek chips which are notorious for their security problems.
(DIR) Post #Arj7yn4UBYE75ctph2 by antsyboi@mastodon.social
2025-03-04T19:57:29Z
0 likes, 0 repeats
@jgoodleaf @GrapheneOS There are only very few companies that can support phones for as long as GrapheneOS wants (atleast 5 years for phones) while also maintaining the strict security standards they ask for. Only big manufacturers like Google or Samsung would be capable of making a phone to meet their standards and getting a good connection with them good enough to make dedicated grapheneOS phones or even offer it as an option for pre-existing phones would be a huge hurdle.
(DIR) Post #Arj7yng3vqHgyATqGO by jgoodleaf@mstdn.social
2025-03-04T20:01:28Z
0 likes, 0 repeats
@antsyboi @GrapheneOS Welp. That all makes sense. I can't imagine Samsung being helpful (maybe this is unfair) so I suppose we're stuck then…Thanks for the answer!
(DIR) Post #Arj7yoQr7riNJINDCS by AlexanderMars@mastodon.social
2025-03-04T21:05:01Z
0 likes, 0 repeats
@jgoodleaf @antsyboi @GrapheneOS what bothers me about the current situation, Google could simply decide to stop making pixel phones the way they do.What we need is a consortium of smaller manufacturers that get together and support a common "LTS" phone platform. Or a mandate from a market like the EU for a secure phone(France isn't leading the way). None of that seems likely.
(DIR) Post #Arj7ypK9oFx04oFNOi by jgoodleaf@mstdn.social
2025-03-04T21:32:17Z
0 likes, 0 repeats
@AlexanderMars @antsyboi @GrapheneOS That thought had occurred to me too. It's hard to imagine who could fill the void if Google opts out. The big vendors have more lucrative targets than us and the small vendors don't necessarily produce great hardware (guess who has a Purism cinderblock (phone)). The Swiftphone crew makes an interesting device, but even that's kind of a brick compared to the hardware designs from Apple, Google or Samsung.Sony might be the best bet. (I like Xperias)
(DIR) Post #Arj7ypx9TH8u1kUWB6 by AlexanderMars@mastodon.social
2025-03-04T22:25:12Z
0 likes, 0 repeats
@jgoodleaf @antsyboi @GrapheneOS my Japan phone is an Xperia 1 VI. From a hardware perspective it's the best phone I've ever owned, and I can't begin to describe how nice it is to have a wired headphone jack again. Unfortunately, Sony is a pretty crappy steward of the software side. 2-3 years of updates is ridiculous these days. While the phone is pretty bloate free compared to other phones, there still some sketchy software that you can only remove with shizuku.
(DIR) Post #Arj7yqtzwUDKyG1Vtw by GrapheneOS@grapheneos.social
2025-03-04T22:43:40Z
0 likes, 0 repeats
@AlexanderMars @jgoodleaf @antsyboi Sony devices don't meet our security requirements and have very poor non-stock OS support. It's much more than the poor support time that's a problem.
(DIR) Post #Arj7yrgZ1v3vOskIbI by jgoodleaf@mstdn.social
2025-03-04T22:55:09Z
0 likes, 0 repeats
@GrapheneOS @AlexanderMars @antsyboi In what way do they not meet your standards? Please note that I am in no way challenging your judgement since I know perfectly well I’m not qualified to argue. I'm sincerely curious.
(DIR) Post #Arj7yrigu0lPVTjzuq by antsyboi@mastodon.social
2025-03-04T20:00:04Z
0 likes, 0 repeats
@jgoodleaf @GrapheneOS There are some companies that do sell Pixels preflashed with GrapheneOS but it's hard to trust those for always shipping with the most up to date version or to even trust them with shipping unmodified gOS. Iiirc there have already been a few companies who have broken gOS's trust and the trust of their consumers through breaking security promises and things.
(DIR) Post #Arj7ysX1sr1u1bICNU by GrapheneOS@grapheneos.social
2025-03-04T22:57:23Z
1 likes, 1 repeats
@jgoodleaf @AlexanderMars @antsyboi Our hardware requirements are listed at https://grapheneos.org/faq#future-devices. Sony doesn't provide anything close to these requirements. They don't implement all of the recommended Android hardware-based security features including but not limited to lack of hardware memory tagging, lack of a secure element and full integration for it and other requirements on the list. They skip monthly and quarterly updates, extreme delays for yearly updates and overly short support.
(DIR) Post #Arj7yyIMSIrTtqTZLc by GrapheneOS@grapheneos.social
2025-03-04T22:59:05Z
1 likes, 0 repeats
@jgoodleaf @AlexanderMars @antsyboi It's also about more than features. Samsung has secure elements but they're easily bypassed by companies like Cellebrite in practice compared to them not having any success doing the same with modern iPhones/Pixels. Security is about more than a list of features, but these are the minimum requirements. There are certainly companies making far less secure devices than Sony including most of the supposedly "secure" niche phone products which are anything but.