this post was submitted on 19 Oct 2024
6 points (100.0% liked)

Privacy

1 readers
16 users here now

Everything about privacy (the confidentiality pillar of security) -- but not restricted to infosec. Offline privacy is also relevant here.

founded 1 year ago
MODERATORS
[email protected]
6
GrapheneOS version 2024101801 released: (grapheneos.social)
submitted 3 weeks ago by [email protected] to c/[email protected]
16 comments fedilink hide all child comments
 

GrapheneOS version 2024101801 released:

https://grapheneos.org/releases#2024101801

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

https://discuss.grapheneos.org/d/16564-grapheneos-version-2024101801-released

#GrapheneOS #privacy #security

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 1 points 3 weeks ago (1 children)

@[email protected]

> would love to see GrapheneOS develop further and be properly allowed to pass play integrity API.

We fully preserve the privacy/security model and then substantially improve it. We use all of the same hardware-based security features as the stock Pixel OS but also a lot more including MTE (hardware memory tagging), PAC/BTI for userspace too, hardware-level disabling of new USB connections, USB data and the overall port for our USB-C port control feature and other features.

[โ€“] [email protected] 1 points 3 weeks ago

@[email protected]

GrapheneOS fully supports hardware-based attestation. Google is entirely capable of verifying a device runs the genuine GrapheneOS releases:

https://grapheneos.org/articles/attestation-compatibility-guide

Play Integrity API has nothing to do with security regardless of how it's marketed. It allows a device to pass if it hasn't received security patches for 8 years. All it does is check if it's a Google certified device and tries to stop spoofing within constraints of allowing highly insecure, ancient devices to pass.