Notices by GrapheneOS (grapheneos@grapheneos.social)

Our 2025030900 release currently in the Beta channel is the first one with support for managing hardware-based virtual machines via the Terminal app in Android 15 QPR2. Since then, we've backported massive improvements to the feature for an upcoming new release, maybe even today.

Backports include terminal tabs, GUI support with opt-in GPU hardware acceleration (ANGLE-based VirGL until GPU virtualization support is available), speaker/microphone support and fixes for a bunch of bugs including overly aggressive timeouts. We're working on VPN compatibility.

At the moment, the Terminal app isn't compatible with having a VPN in the Owner user. It only works if VPN lockdown (leak blocking) is disabled and the VPN allows local traffic to pass through. It's also not clear how it SHOULD interact with a VPN since VPNs are profile-specific.

As a preview of what's going to be possible in the upcoming release of GrapheneOS, here's a screenshot from a Pixel Tablet running desktop Chrome in a virtual machine with basic GPU acceleration via ANGLE on the host. The infrastructure is a lot more robust than the Terminal app.

@Canning1452

A random 6 digit PIN should be considered the minimum for highly secure encryption entirely reliant on the secure element throttling. An attacker unable to bypass the secure element through exploiting it will be unable to bypass this. An attacker able to exploit the secure element will trivially brute force it.

There's scrypt key derivation and then also hardware-bound key derivation in the TEE separate from the secure element throttling, which help make a passphrase stronger.

https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/

Amnesty International’s Security Lab has a post about 3 vulnerabilities exploited by Cellebrite to extract data from locked Android devices. GrapheneOS blocked exploiting these vulnerabilities in multiple different ways. We also patched them much earlier.

@voxel @torproject We've been quite specific about the details on how Firefox and the Tor Browser are much less secure browsers than Chromium. Not clear why you're claiming we haven't provided details.

@voxel @torproject You should search our forum and find one of many cases we've given lots of details about it.

Firefox has a far weaker sandbox without complete site isolation support. On Android, they have no sandbox at all, not even a basic content sandbox. They have drastically weaker exploit mitigations with nothing comparable to Oilpan, MiraclePtr, PartitionAlloc, etc. or the additional layer of sandboxing for JS provided by the V8 sandbox. Far less fuzzing, testing, hardening, etc.

@antlers @thestrangelet @xyhhx @chu Here's Rossmann's verified Kiwi Farms account where he regularly rants about the GrapheneOS and Asahi Linux developers:

https://kiwifarms.st/members/larossmann.132201/

The video you're referring to was directly based on Kiwi Farms style fabrications and talking points including baseless claims about someone's mental health, with the clear goal of directing harassment towards them. Rossmann has done the same with others including recently targeting Linus Tech Tips in a similar way.

@antlers @thestrangelet @xyhhx @chu Can see in your feed that you're stating this is because you watched content from a far right Kiwi Farms user heavily involved in directing harassment towards both us and other people through fabricated stories, spin and Kiwi Farms talking points. Calyx organization and their community have been extensively involved in this too. It was a Calyx supporter who did the severe swatting attacks aimed at killing one of our developers shortly before Rossmann's video.

@antlers @thestrangelet @xyhhx @chu CalyxOS is not a hardened OS like GrapheneOS. It's similar to LineageOS, not GrapheneOS. CalyxOS reduces security compared to the Android Open Source Project rather than improving it. It does not provide comparable privacy or security improvements to GrapheneOS but rather largely the opposite.

https://eylenburg.github.io/android_comparison.htm is a good third party comparison between different Android-based mobile OSes.

Shouldn't believe the fabricated stories people spread about us.

The functionality provided by Google's new Android System SafetyCore app available through the Play Store is covered here:

https://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html

Neither this app or the Google Messages app using it are part of GrapheneOS and neither will be, but GrapheneOS users can choose to install and use both. Google Messages still works without the new app.

@MediaActivist @MediaActivist /e/OS is genuinely a highly insecure OS without basic privacy and security intact.

Gael Duval is scamming people and is involved in harassment towards our team. They even personally used a bunch of sockpuppet accounts to spread misinformation about GrapheneOS and engage in harassment. We aren't interested in communicating with someone like this.

@MediaActivist

/e/OS is an entirely different kind of thing from GrapheneOS and is nearly the complete opposite of it. LineageOS already greatly reduces security compared to the Android Open Source Project and the /e/OS fork of LineageOS completely destroys it.

GrapheneOS is a hardened OS with substantial privacy/security improvements:

https://grapheneos.org/features

It doesn't just preserve baseline privacy and security but rather massively improves both. They're not at all similar projects.

@MediaActivist

https://eylenburg.github.io/android_comparison.htm is a third party comparison between different alternate mobile operating systems. It could include many more privacy/security features but it's a good starting point.

Their services are also not private and are far worse than the services from Apple with end-to-end encryption support.

/e/OS and Murena are putting people in danger not providing the most basic aspects of privacy and security. It's just a lot of false marketing to sell products.

@MediaActivist That comparison table shows the delay for partial security patches and full security patches on the devices where they're least behind. The delay is usually much more than what's shown there because for most devices they're much worse than that.

Strongly recommend doing research based on what actual privacy and security researchers/engineers have to say about /e/OS. Don't believe the marketing from /e/OS and Murena. They want to sell their highly insecure products.

@MediaActivist The products you're promoting are genuinely a scam harming people. You can confirm this with basic research to confirm that they have a year or more delays for privacy and security patches across devices. On many devices they don't really provide them at all. They mislead users about this by setting a fake Android Security patch level and making inaccurate claims about what's provided or the impact of what's missing. They don't preserve basic security features either.

Our features page now has a section listing the features added by our Vanadium browser and WebView:

https://grapheneos.org/features#vanadium

It explains the approach to content filtering, anti-fingerprinting and state partitioning including current limitations. Major improvements are coming.

The only other browser we can currently recommend is Brave. It preserves most of the security of mobile Chromium while adding more state partitioning, anti-fingerprinting and the most advanced content filtering engine. Vanadium is more secure but needs to catch up in those areas.

@MediaActivist /e/OS is highly insecure and lacks the most basic privacy and security. It does not keep the Android privacy and security model intact or provide proper privacy/security patches. They lag at least a year behind on full privacy/security patches, months behind on providing partial Android Security Bulletin backports and driver/firmware updates are not provided properly. It's genuinely not a safe option at all. The hardware lacks basic security too. Way worse than an iPhone.