tranquil_cassowary @ tranquil_cassowary @sh.itjust.works

帖子

0

评论

21

加入于

1 wk. ago

I'm not going to participate in speculation and rumouring about this. I have an idea about who it might be myself but prefer to not talk about it. Negotations/talks are still ongoing.

Timewindow 2026, perhaps 2027 for release of such devices. Talks have been going on for a few months, if it wasn't working out at all that probably should've been clear already.

It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services.

It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. It doesn't bundle it and it's also not part of AOSP so that GrapheneOS is built on AOSP doesn't matter.

GrapheneOS still intends to support all the supported devices until EOL. The sideloading change doesn’t affect them. It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. As per the rip out of the device trees for Pixels, that just makes Pixels like other phones. GrapheneOS has been able to expand it’s automation to build that device support themselves. For new devices, making the support will take longer than it did in the past though, but they will still support those Pixels, as long as they meet the hardware requirements and still allow third-party OS support with all security features intact. Besides that GrapheneOS is actively talking with a major Android OEM right now in order to help them reach the security requirements for a subset of their future devices. They are very optimistic about that.

Android is Linux of course since the Android kernel is a Linux kernel. I’m aware you are probablly referring to using traditional Linux OSes that are typically used on desktops on mobile phones. That would, however, be a significant regression for security. Android and iOS are both modern mobile OSes with an in-depth security model which includes a mandatory app sandbox with a sane permission model. This is not present on traditional desktop OSes. This is not meant to diss on those OSes, they are just children of their time, they were created much earlier, security practices have evolved. I can see why it would be a fun experience though to tinker with, it would just not be a secure experience and it’s unlikely to get there because the improvements in traditional Linux distros go much slower than they go on Android and Android is already massively ahead.

GrapheneOS still intends to support all the supported devices until EOL. The sideloading change doesn’t affect them. It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. As per the rip out of the device trees for Pixels, that just makes Pixels like other phones. GrapheneOS has been able to expand it’s automation to build that device support themselves. For new devices, making the support will take longer than it did in the past though, but they will still support those Pixels, as long as they meet the hardware requirements and still allow third-party OS support with all security features intact. Besides that GrapheneOS is actively talking with a major Android OEM right now in order to help them reach the security requirements for a subset of their future devices. They are very optimistic about tha

It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services.

It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services.

GrapheneOS still intends to support all the supported devices until EOL. The sideloading change doesn't affect them. It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. As per the rip out of the device trees for Pixels, that just makes Pixels like other phones. GrapheneOS has been able to expand it's automation to build that device support themselves. For new devices, making the support will take longer than it did in the past though, but they will still support those Pixels, as long as they meet the hardware requirements and still allow third-party OS support with all security features intact. Besides that GrapheneOS is actively talking with a major Android OEM right now in order to help them reach the security requirements for a subset of their future devices. They are very optimistic about that.

They didn't step away from GrapheneOS. They are the founder and were the lead developer. They only stepped away from the lead developer role because they couldn't take the harassment anymore. They are now ex-lead developer but are still project member. They haven't left the project and will not leave the project. They will not cave for harassers and bullies.

Would be nice to have secure SoCs in phones that cut costs with regards to camera and screen, but there is not a market for it I guess because people think they don't care about security. Android is Linux of course since the Android kernel is a Linux kernel. I'm aware you are probablly referring to using traditional Linux OSes that are typically used on desktops on mobile phones. That would, however, be a significant regression for security. Android and iOS are both modern mobile OSes with an in-depth security model which includes a mandatory app sandbox with a sane permission model. This is not present on traditional desktop OSes. This is not meant to diss on those OSes, they are just children of their time, they were created much earlier, security practices have evolved. I can see why it would be a fun experience though to tinker with, it would just not be a secure experience and it's unlikely to get there because the improvements in traditional Linux distros go much slower than they go on Android and Android is already massively ahead.

They were written at some moment in time and major vendors often have multiple moments during the year when they release new phones. Even if GrapheneOS, while writing down the requirements, realized that only 1 brand met them at that time, they were still assuming and hoping other brands could also easily meet them in the time following. The main problem here was that other brands didn't seem to care. After hardware memory tagging was added to the ARM platform and Pixels immediatelly adopted this, GrapheneOS added it to the requirements, because it was such a subsantial feature that could outrule a large number of vulnerabilities. But, they have communicated multiple times across social media that they were willing to be much less strict about that requirement because earlier phones also didn't have to meet them and because Qualcomm didn't add ARM yet to their SoCs. They said back then they would be willing to support a Samsung phone if it would meet everything except for memory tagging (the main problem for Samsung is lack of proper third-party OS support). So, I think they've tried their best, to be honest. The current talks with the OEM I was talking abour earlier, also aren't the first time they do those efforts. They've had contact with OEMs in the past to try to push them towards meeting the requirements, but the efforts happened to fail. The negligence of other brands is just really that big. In the tech space, sadly, only Apple and Google seem to truly care about security, spending money on it, and hiring sufficiently large teams of security researchers. I really hope, together with you, that this will change 🙏 .

They are literally talking with a major OEM right now to help them meet their requirements so what you say does not make any sense. They aren't purposefully making requirements so only Pixels would fit them. The current hardware ecosystem is just bad with regard to security. Many GrapheneOS features depend on certain hardware security features being present, if they would also support lesser secure deivces, they would have to rip out too many fundamental features of GrapheneOS. That would go against the purpose of GrapheneOS, which is delivering a secure, private and usability mobile OS.

They won't get GrapheneOS support becuase they don't meet the hardware requirements: https://grapheneos.org/faq#device-support They are actually very far removed from meeting them, compared to OEMs like Samsung.

GrapheneOS has largely worked around this by automating creating device support themselves using "adevtool". The current Pixels' hardware supports installing third-party OSes and will continue to do so, they will support those Pixels until EOL. For future Pixels (Pixel 10 series has not yet launched, only available for pre-order), it remains to be seen whether they still fully support installing third-party OSes. If they do, GrapheneOS will also support them, but it might take much longer to implement device support because they need to make this by themselves and this is more difficult doing it from scratch than being able to use the old Android device support for it as a base, like they could do for the existing devices when Google did their rugpull.

They have not really vendor locked themselves for the future. They have hardware requirements listed in their FAQ: https://grapheneos.org/faq#device-support Google just happened to be the only company meeting those requirements, which weren't even that strict, becuase other OEMs just didn't prioritize security.

But, there is good news. GrapheneOS is currently in active talks with a major Android OEM right now in order to help them meet the security requirements for a subset of their future devices. They are very optimistic about that.

I understand what you mean, as in GrapheneOS is a bit dependent on Google right now allowing third-party OS support. But, you have used words which actually mean something different in the software world. Keys often refers to signing keys for software and it's important to note that Google doesn't control those keys for GrapheneOS at all. GrapheneOS owns the keys, and signs all of their builds locally.

GrapheneOS is currently actively talking to a major Android OEM in order to help them reach the security requirements for a subset of their future devices. If that succeeds GrapheneOS will be able to run on non-Pixel devices.

You can just read the requirements section on the FAQ page of their website. It explains the reasoning. It's all based on technical reasons: https://grapheneos.org/faq#device-support

There is a lot of misinformation and harassment material circulating online about Daniel Micay. Notice that they are the victim of extensive online bullying which has spread all the way onto KiwiFarms. Would suggest not consuming that content because it won't give you an accurate depiction at all.

I'm a community member of GrapheneOS and I've not had any bad experiences with the GrapheneOS team or Daniel Micay specifically. They maybe communicate a bit more directly than some other people do but they are not being toxic or aggressive at all. I've found them to be patient and understanding.

Note that the thing many people describe as "toxic behavior" refers to posts made by GrapheneOS social media accounts in response to harassment. Defending yourself against harassment is not toxic. It might not look good in isolation becuase the quality of those conversations often degrades very quickly, which will have an impact on the GrapheneOS responses, but you have to look at those messages in context.

GrapheneOS is not developed by a single individual. GrapheneOS has a team of around 10 full-time developers. They are not on bad terms with all other OSes, they say positive things about iOS regularly. They were also on positive terms with DivestOS before it was discontinued also mainly because it was being harassed by the same groups GrapheneOS is being harassed by.

The founder of GrapheneOS, to person you are referring to, is not mentally unstable. You are making this statement without any basis. You do not have access to their medical file. What you are saying is hugely inapprioriate and the behavior of a high school bully. Even if it were true (it isn't), you are being an ableist, which just makes you a mean person.

GrapheneOS only runs on Google phones currently because only Pixels are able to meet the hardware requirmeents. The hardware requirements aren't a very high bar, other OEMs just don't prioritize security. GrapheneOS in active talks with a major Android OEM right now in order to help them meet the security requirements for a subset of their future devices. They are very optimistic about how that is going.