Notices by GrapheneOS (grapheneos@grapheneos.social), page 3

@jeffcliff @gcvsa Purism went out of the way to lock down parts of the device to stop users replacing or updating the software/firmware. They even set up a special closed source core on the main SoC for the sole purpose of engaging in scamming through pretending the device doesn't have closed source firmware on the SoC. You're redefining the word freedom to a nonsense definition where taking away privacy, security and choices from people somehow makes them more free. It's still closed source.

@jeffcliff @gcvsa

> This is a lie. You can replace the software and I have.

They locked down certain components to prevent updating them in order to claim that it doesn't count, as you're doing. It's closed source hardware with closed source firmware, and they've locked that down more rather than less to block users modifying or inspecting it.

> Installing proprietary firmware

It's already installed. Not loading it or updating it from the OS doesn't make it not exist. It's a lie.

@jeffcliff @gcvsa

> It's not 'redefining' freedom to avoid proprietary firmware blobs no matter how many times you lie and claim otherwise.

You aren't avoiding proprietary firmware blobs with the Librem 5. It has a huge amount of proprietary firmware, the OS just isn't loading or updating it. That doesn't mean it's not there. It has known, verifiable vulnerabilities which are unpatched due to not being updated and the fact that some components are already effectively end-of-life.

@jeffcliff @gcvsa You're misinterpreting what we said. Purism's devices have closed source, proprietary hardware with closed source, proprietary firmware. The firmware is stored on the hardware components and loaded each boot from that storage. The OS not being involved in loading it doesn't make it somehow not exist. It doesn't make it any less important. It does mean the closed source firmware on Purism's devices is harder to inspect and the approach has lower security than the OS loading it.

@jeffcliff @gcvsa We're using the term end-of-life to refer to components no longer receiving firmware updates including for serious vulnerabilities either known to the company or publicly known. Purism does still have the closed source firmware on their devices. It's stored on the hardware components such as the SoC, cellular radio, Wi-FI radio, etc. and gets loaded from there. This is a much less transparent approach than not having firmware storage in components and the OS having to load it.

@jeffcliff @gcvsa These are extraordinarily insecure devices with bottom of the barrel components. They're not open as they claim to be and still use entirely closed source components from large companies around the world. How is massively downgrading the security of the hardware, firmware and software progress? It's still closed source hardware, but with many year old outdated components with much worse security and software on top with much worse privacy and security. What's the point of it?

@jeffcliff @gcvsa This is the GrapheneOS project account, not e a personal account.

Librem 5 is an insecure device with ancient components with ludicrous pricing for what it provides. It doesn't avoid components made in China, is not open and it's not compatible with providing basic privacy and security patches or protections. It's also lacking very basic functionality and compatibility with the apps most people want.

You didn't recommend GrapheneOS but rather you tried to fearmonger about it.

@jeffcliff @gcvsa Librem 5 has closed source hardware and firmware. It's priced as a high end flagship but has very old components with awful security at a hardware, firmware and software level. Purism markets the device with extremely false claims about privacy, security and openness. It's objectively a scam. Purism's hardware is not freedom respecting, not private, not secure and not a safe option. Providing basic privacy/security updates and protections is the bare minimum, and they don't.

@jeffcliff @gcvsa PureOS is lacking the most basic privacy and security protections. It's a fork of an OS with atrocious privacy and security including a history of introducing many vulnerabilities and only backporting a small portion of security patches which are assigned CVEs. Purism chooses not to ship firmware updates and goes out of the way to block them in some cases. They do not provide a working app sandbox, permission model, modern exploit protections or many other basic protections.

@jeffcliff @gcvsa

> Again: this is a good thing. They aren't shipping proprietary firmware.

Purism is shipping proprietary hardware and proprietary firmware with the device. They're leaving it non-updated without fixes for known, verifiable vulnerabilities both due to the end-of-life components and lack of OS updates for it. Not updating it doesn't mean there isn't proprietary firmware. It's still there. They blocked updating some of the firmware, not all of it, but they don't update it.

@jeffcliff @gcvsa Purism deploys proprietary hardware and firmware. That's what their devices provide. Selling people devices with proprietary firmware but not providing patches for known, verifiable vulnerabilities is their approach.

What we're going to do is respond to your massive flood of false claims to promote these insecure products by making a long form post and sharing it across platforms. It's a waste of time responding to you pushing false claims about it, so we won't keep doing it.

The new security update Android is using provides around 3 months of early access to OEMs with permission to make binary-only releases from the beginning. As far as we know, GrapheneOS is the first to take advantage of this and ship the patches early. Even the stock Pixel OS isn't doing this yet.

We're maintaining the upcoming Android security patches in a private repository where we've resolved the conflicts. Each of our security preview releases is tagged in this private repository. Our plan is to publish what we used once the embargo ends, so it will still be open source, but delayed.

Our security preview releases provide early access to Android Security Bulletin patches prior to the official disclosure. Our current security preview releases provide the current revision of the November 2025 and December 2025 patches for the Android Open Source Project. We recommend enabling this.

The only difference between our regular releases and security preview releases are the future Android Security Bulletin patches being applied with any conflicts resolved. The downside of security preview releases is we cannot provide the sources for the patches until the official disclosure date.

The delay for being able to publish the sources is why we're now going through the significant effort of building 2 variants of each release. Our most recent 3 releases have both a regular and security preview variant:

2025092500 and 2025092501
2025092700 and 2025092701
2025100300 and 2025100301

You can enable security preview releases via Settings > System > System update > Receive security preview releases.

Our plan is to keep it off-by-default with a new page added to the Setup Wizard which will have it toggled on as a recommendation. We'll prompt users on existing installs to choose.

@nemo @mgorny AOSP isn't dying but Pixels no longer have better support from AOSP than other devices. It's a similar process as supporting other devices now. We wouldn't get device trees for Android 16 / Android 16 QPR1 for any other device without an OEM partnership. A couple OEMs provide outdated, partial device trees. Note Pixels have never provided everything we needed for device support via AOSP so we already had tools we expanded.

See https://grapheneos.social/@GrapheneOS/115299586595207105 where we replied to this.

@mgorny We've worked around the device tree changes and don't need them anymore. There's no other device providing it so we can live without it for Pixels. The only way we can have it elsewhere is an OEM partnership. A couple OEMs release partial device trees, but not as much as Pixels did and they don't keep up with OS updates.

Security embargo change to 3-4 months impacts all of Android, but at least we have early access.

We can resolve the battery capacity limit regression they caused soon.

There have been multiple revisions of ARM MTE. FEAT_MTE4 (Enhanced Memory Tagging Extension) is the 4th generation of ARM MTE improvements, not the beginning of it. The baseline feature was already a game changer for defending devices. The improvements will make their way to devices providing it.