this post was submitted on 21 Jun 2024
17 points (100.0% liked)

GrapheneOS [Unofficial]

1713 readers
2 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
17
GrapheneOS version 2024062000 released (grapheneos.org)
submitted 4 months ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 

Since Android 14 QPR3 is a major release, the end-of-life Pixel 4a (5G) and Pixel 5 receiving extended support releases from GrapheneOS will need to be ported to it with additional work in a future release, which is done as a low priority. Pixel 4a (5G) and Pixel 5 are end-of-life and shouldn't be used anymore due to lack of security patches for firmware and drivers. We provide extended support for harm reduction.

Tags:

  • 2024062000 (Pixel 5a, Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, emulator, generic, other targets)

Changes since the 2024061400 release:

  • remove our USB peripheral security setting on devices supporting our much better USB-C port mode (Pixel 6 and later)
  • extend USB-C port setting to also handle pogo pins on the Pixel Tablet
  • kernel (5.10, 5.15, 6.1, 6.6): replace our deny_new_usb feature with a new deny_new_usb2 feature also disabling USB gadgets
  • extend USB-C port setting to enable deny_new_usb2 as a second layer of defense disabling new USB connections in the kernel (the existing implementation disables new connections and USB data at a hardware level via the USB controller, which disables more attack surface, but we want to keep around the higher level kernel approach too)
  • Files: fix upstream null pointer exception triggered on resuming activity
  • Settings: require user authentication for changing auto-reboot, USB peripheral and USB-C port security settings
  • Settings: avoid prompting for user authentication when selecting the same value as before for GrapheneOS settings requiring it
  • temporarily add back memory tagging exception for Pixel wifi_ext service
  • simplify implementation of our auto-reboot feature and properly handle the first lock after the user first sets up a lock method
  • avoid resetting USB-C port after first unlock if it was already connected Before First Unlock (fix for regression caused by upstream changes)
  • add GrapheneOS Linux kernel port to the 6.6 GKI LTS branch
  • kernel (5.10): update to latest GKI LTS branch revision including update to 5.10.215
  • kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.87
  • kernel (6.1, 6.6): add script for building emulator kernel
  • kernel (6.1, 6.6): enable forced module signing for x86_64 (emulator builds)
  • System Updater: increase update check interval to 6 hours from 4 hours
  • Vanadium: update to version 126.0.6478.110.0
  • GmsCompatConfig: update to version 118
  • GmsCompatConfig: update to version 119
  • fix cast in GrapheneOS package management infrastructure needed for upcoming App Communication Scopes work
no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here