@warzazel I use sandboxed google play exclusively for bank and Garmin connect, all other app are on my personal profile, I do not like Viber, but it is necessary because of my work. all other app are FOSS, and the social network is #mastodon and #matrix #grapheneos
Používám GrapheneOS už několik let a je super vidět, jak komunita pořád roste. Mám proto otázku na ostatní: Jak řešíte profily a Google služby?
– jedete jeden hlavní profil + sandboxed Google Play, – používáte více profilů (např. hlavní bez Googlu, druhý pro appky), – spoléháte na Private Spaces (soukromé prostory), – nebo jste úplně bez Googlu a stačí vám Aurora Store?
Vyzkoušel jsem všechny varianty, ale zajímají mě vaše reálné zkušenosti. Co vám dlouhodobě funguje nejlíp? Já se přiznám, že jedu jeden hlavní profil se sandboxed Google Play. Důvod je jednoduchý: – v práci mi volají přes WhatsApp, – jedna pracovní appka přes Auroru nefungovala, – a několikrát denně používám navigaci v autě.
Přepínání profilů mě po čase prostě přestalo bavit.
Anyone interested in #Pixel6a with #GrapheneOS pre-installed? I'm selling mine for 2500 CZK (€100) + shipping.
If you'd like to try GrapheneOS on something cheaper before committing to it with a more expensive phone, this is a great option. It's what I did and happily used the phone for almost a year. It has a surprisingly good camera for the price.
#GrapheneOS for #Pixel10 is finally here! The installation process was straightforward, but the most impressive aspect is how it restores (almost) all applications, along with their data. This is done from a backup, so you can do it even if your previous phone is lost. All you need is WebDAV storage. If only all Androids had this!
Thankyou from me, @akc3n and the whole team here at GrapheneOS we appreciate you all who contributed a nomination for our project for this year's Proton fundraiser. After writing to them to give us a festive treat. I hope you all get a peaceful, fulfilling, trouble free run up to the holidays. 🤝🫶
Thankyou from me, @akc3n and the whole team here at
@grapheneos.org we appreciate you all who contributed a nomination for our project for this year's Proton fundraiser. After writing to them to give us a festive treat.
Thankyou from me, @akc3n and the whole team here at
@grapheneos.org we appreciate you all who contributed a nomination for our project for this year's Proton fundraiser. After writing to them to give us a festive treat.
We no longer have any active servers in France and are continuing the process of leaving OVH. We'll be rotating our TLS keys and Let's Encrypt account keys pinned via accounturi. DNSSEC keys may also be rotated. Our backups are encrypted and can remain on OVH for now.
Our App Store verifies the app store metadata with a cryptographic signature and downgrade protection along with verification of the packages. Android's package manager also has another layer of signature verification and downgrade protection.
Our System Updater verifies updates with a cryptographic signature and downgrade protection along with another layer of both in update_engine and a third layer of both via verified boot. Signing channel release channel names is planned too.
Our update mirrors are currently hosted on sponsored servers from ReliableSite (Los Angeles, Miami) and Tempest (London). London is a temporary location due to an emergency move from a provider which left the dedicated server business and will move. More sponsored update mirrors are coming.
Our ns1 anycast network is on Vultr and our ns2 anycast network is on BuyVM since both support BGP for announcing our own IP space. We're moving our main website/network servers used for default OS connections to a mix of Vultr+BuyVM locations.
We have 5 servers in Canada with OVH with more than static content and basic network services: email, Matrix, discussion forum, Mastodon and attestation. Our plan is to move these to Netcup root servers or a similar provider short term and then colocated servers in Toronto long term.
France isn't a safe country for open source privacy projects. They expect backdoors in encryption and for device access too. Secure devices and services are not going to be allowed. We don't feel safe using OVH for even a static website with servers in Canada/US via their Canada/US subsidiaries.
We were likely going to be able to release experimental Pixel 10 support very soon and it's getting disrupted. The attacks on our team with ongoing libel and harassment have escalated, raids on our chat rooms have escalated and more. It's rough right now and support is appreciated.
It's not possible for GrapheneOS to produce an update for French law enforcement to bypass brute force protection since it's implemented via the secure element (SE). SE also only accepts correctly signed firmware with a greater version AFTER the Owner user unlocks successfully.
We would have zero legal obligation to do it but it's not even possible. We have a list our official hardware requirements including secure element throttling for disk encryption key derivation (Weaver) combined with insider attack resistance. Why aren't they blaming Google?
In Canada and the US, refusing to provide a PIN/password is protected as part of the right to avoid incriminating yourself. In France, they've criminalized this part of the right to remain silent. Since they're criminalized not providing a PIN, why do they need anything from us?
můžu se prosím zeptat? Při zběžné prohlídce webu #grapheneos jsem nenašel odpověď.
Plánuji si vytvořit 3 profily: 1. Degooglovaný, jako primární soukromý 2. Soukromý s Googlem kvůli bankovnictví 3. Firemní Dává to smysl?
Jestli jsem to správně pochopil, tak mají Pixely dvě SIM. Jedna je virtuální, druhá fyzická. (Mířím na Pixel 8a) Virtuální bych použil pro soukromou SIM, fyzickou pro firemní, abych ji mohl kdykoliv zahodit a nepárat se s přenastavováním virtuálky. Dává to smysl?
Jak ty SIM fungují s jednotlivými profily? Nějak se těm profilům přiřazují, nebo fungují obě na všech, nebo je to jinak?
add support for the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL and Pixel 10 Pro Fold with either the stock OS or near future GrapheneOS releases
add back check for Auditee support for remote verification
update Android target API level to 36 (Android 16)
switch transition for QR scanning activity to handle target API level 36 predictive back more smoothly
properly distinguish unknown vs. invalid values for extended GrapheneOS security information covering auto-reboot, etc.
fix displaying lowest possible auto-reboot timer supported at a low-level in the OS
remove unused support for new pairings without StrongBox (secure element keystore as opposed to a less secure Trusted Execution Environment keystore)
add support for new key attestation root certificate launching in February 2026
add new protocol version 7 with a new DEFLATE dictionary adding the new attestation root and dropping the non-StrongBox sample
raise minimum app version for Auditee to 87 which was released over a year ago
add new far future Let's Encrypt roots to TLS key pinning configuration
drop obsolete workaround for old Android versions on 6th gen Pixels not declaring attest key support
drop unsupported legacy devices without Android 13 or later from supported device list
enable hardware memory tagging for use outside of GrapheneOS in the narrow cases where it's available for apps opting into it (Android 16 Advanced Protection Mode on hardware with support for MTE)
The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.
It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification. Trust is chained through the verified OS to the app to bootstrap software checks with results displayed in a separate section.
This app is available through the Play Store with the app.attestation.auditor.play app id. Play Store releases go through review and it usually takes around 1 to 3 days before the Play Store pushes out the update to users. Play Store releases use Play Signing, so we use a separate app id from the releases we publish ourselves to avoid conflicts and to distinguish between them. Each release is initially pushed out through the Beta channel followed by the Stable channel.
Releases of the app signed by GrapheneOS with the app.attestation.auditor app id are published in the GrapheneOS App Store which provides fully automatic updates. Each release is initially pushed out through the Alpha channel, followed by the Beta channel and then finally the Stable channel. These releases are also bundled as part of GrapheneOS and published on GitHub.
disable DeviceDoctor subsystem to avoid failing to notify users about certain Play services crashes from it killing the process after handling uncaught exceptions itself
A full list of changes from the previous release (version 164) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).
GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims.
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.
add stub for BluetoothLeBroadcastAssistant::getConnectedDevices()
update Android Gradle plugin to 8.13.1
A full list of changes from the previous release (version 163) is available through the Git commit log between the releases (only changes to the gmscompat_config text file and config-holder/ directory are part of GmsCompatConfig).
GmsCompatConfig is the text-based configuration for the GrapheneOS sandboxed Google Play compatibility layer. It provides a large portion of the compatibility shims.
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release.
We host our own authoritative DNS servers to provide DNS resolution for our services. Authoritative DNS are the servers queried by DNS resolvers run by your ISP, VPN or an explicitly user chosen one such as Cloudflare or Quad9 DNS. We now have our own AS and IP space for this.
You can see information about our AS and IP space here:
We received a free ASN, IPv6 /40 and IPv4 /24 from ARIN. We use one IPv6 /48 for our ns1 anycast DNS network and one for our anycast ns2 network. We're using the IPv4 /24 for ns2 and need another.
Our ns1 network currently has 10 locations: New York City, Miami, Los Angeles, Seattle, London, Frankfurt, Singapore, Mumbai, Tokyo and Sydney. We're considering moving London to Amsterdam. We plan to add a South American location and perhaps Warsaw. ns2 isn't as scaled out yet.
Our ns2 network currently has New York City, Miami, Las Vegas and Bern.
We plan to add more locations to ns2 via another provider.
When we begin a reboot of a server, the change propagates across all internet backbone routers within a few seconds. This provides high availability for server downtime too. We have 2 networks so routing/transit issues or a malfunctioning server don't break using our services.
For ns1, there's a mix of different upstream transit providers. We've done traffic engineering with BGP communities configuration to get traffic routed to the right places. We prioritize Arelion and NTT since nearly all locations have both and we can configure their routing well.
We make the routes announced by our servers deprioritized when propagated into other continents for Arelion, Cogent and NTT. We deprioritize transit ruining global routing (GTT, Lumen) and block some peering (RETN, Bharti). We deprioritize Cogent since only 3 locations have it.
Our authoritative DNS server setup is largely in a public Git repository:
We're in the process of our website and OS network services away from OVH due to the threats from French law enforcement. We're going to add nodes in South America, India, Japan and Australia as part of this. We also have 5 non-static-content servers in Canada to move off OVH.
The servers with more than static content are our discussion forum and attestation service for our users along with our email, Matrix and Mastodon servers for our project. These will move to colocated servers in Toronto long term but short term we'll just switch providers for it.
We're going to be moving the production second release of GrapheneOS based on Android 16 QPR1 to our Stable channel in the near future. Most significant confirmed regression is a crash in a new clock customization UI. It's solid and we don't seem to need a 3rd release first.
We're actively working on finishing support for the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL and Pixel 10 Pro Fold. It will likely be ready within a few weeks but we can't provide any specific timeline. It depends on which issues come up and how quickly we can get those resolved.
France's cybersecurity agency was previously actively using GrapheneOS. They helped us by auditing our code and submitting bug reports such as this one:
They also made suggestions for security improvements to improve protection against exploits.
France was actively using GrapheneOS on a national level via ANSSI. They benefited from our open source code available to them for free as it is to everyone else in the world. This makes it all the more ridiculous that French state agencies are now heavily attacking GrapheneOS.
We're being contacted by a bunch of journalists about French law enforcement agencies sending out warnings about GrapheneOS and contacting the media to fearmonger with false and unsubstantiated claims. Meanwhile, ANSSI actively sought out our code to defend their infrastructure.
Every user of Android and other Linux distributions, macOS and iOS in France has benefited from GrapheneOS contributing to open source projects used in these systems. Ideas we came up with for defenses were also deployed in these. French law enforcement literally uses our code.
Based on our update server download statistics, GrapheneOS is approaching 400k users around the world. A majority of those users are in Europe with a large number in France. Only a small handful of people being arrested who use it is in fact strong evidence against their claims.
Meanwhile, the FBI and European law enforcement facilitated years of organized crime in Europe via Operation Trojan Shield while infringing on our copyright and trademarks. How about they start by arresting themselves? See our other thread about this:
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.
Changes in version 143.0.7499.34.0:
update to Chromium 143.0.7499.34
A full list of changes from the previous release (version 142.0.7444.171.0) is available through the Git commit log between th...
fix regression from our Android 16 QPR1 port causing enabling the Network permission to not work without a reboot
adevtool: fix SELinux policy handling issue causing fingerprint registration issues on the devices with power button fingerprint readers (Pixel Tablet, Pixel Fold, Pixel 9 Pro Fold) with Android QPR1
fix port of our notification forwarding between user profiles feature to Android 16 QPR1
enable new UI customization picker UI from Android 16 QPR1
Wallpaper Picker: don't use the CuratedPhotos categories which aren't setup in AOSP
Wallpaper Picker: hide the always-empty wallpaper carousel
Wallpaper Picker: enable integration of the embedded photo picker
System Updater, Sandboxed Google Play compatibility layer: switch to Material 3 Expressive theme for Settings app menus
Cell Broadcast Receiver: fix presidential alerts toggle added by GrapheneOS not being enabled without the main emergency alerts toggle being toggled off and on
All of the Android 16 security patches from the current December 2025, January 2026, February 2026 and March 2026 Android Security Bulletins are included in the 2025112101 security preview release. List of additional fixed CVEs:
The FBI ran a sting operation in Europe where they created their own 'secure' phone and messaging platform. Their OS used portions of our code and was heavily marketed as being GrapheneOS or based on GrapheneOS.
Through this operation, the FBI provided criminals in Europe with a communication network they heavily trusted. It gave them much more confidence to coordinate and commit crimes. The vast majority of this crime was ignored for years to avoid exposing ANOM as being a honey pot.
In cooperation with many European governments, the FBI heavily encouraged and facilitated organized crime in Europe. US and European governments facilitated drug trafficking, human trafficking, murders, rape, kidnapping and much more for years while claiming it was GrapheneOS.
It's an outrageous infringement on the GrapheneOS copyright and trademarks. US and European governments did massive harm to the GrapheneOS project through doing this. They placed us in very real danger of violence from organized crime by selling fake GrapheneOS devices to them.
GrapheneOS building technology to protect privacy and security is completely legal. Our work is strongly protected by Canadian, European and American laws. A minuscule portion of our userbase are criminals and the claims being made by the French government about that are lies.
It's very likely a lot of the crime facilitated by ANOM wouldn't have happened without these governments providing criminals with a communications network they believed was completely secure. The way they wrapped it up doesn't absolve them of what they facilitated for years.
France's government and law enforcement wants you to believe GrapheneOS and Signal are somehow responsible for crime. French law enforcement operates with impunity and has extraordinarily levels of corruption and criminal behavior. They're the ones committing and enabling crime.
TURN YOUTUBE into your most reliable source of qualified leads STOP treating YouTube like an afterthought! We use proven strategy and the ICE Framework – Impact, Core, and Explainer – to turn your expertise into discoverable, trust-building content …
Here's another French journalist participating in fearmongering about GrapheneOS. That article is not measured. It provided a platform to make both unsubstantiated and provably false claims about GrapheneOS while providing no opportunity to see and respond to those claims.
The claims the article platforms are conflating closed source products from European companies infringing on our copyright and trademarks with GrapheneOS. GrapheneOS doesn't have the features they claim it does, isn't distributed in the ways they claim and they don't understand open source software.
GrapheneOS is obtained from grapheneos.org/install/web and grapheneos.org/releases. There are a bunch of legitimate companies in Europe selling devices with real GrapheneOS including NitroKey. We aren't partnered with those companies and don't get funding from it but there's nothing shady about it.
Products using operating systems partially based on our code are not GrapheneOS. There's no such thing as a fake Snapchat app wiping the device in GrapheneOS. It has no remote management or remote wiping built into it. It does not have a subscription fee / licensing system built into it either.
Vast majority of the code for those products comes from elsewhere: Android Open Source Project, Linux kernel, Chromium, LLVM and other projects. Of course the non-profit open source project writing a small portion of the code being used by those companies being targeted rather than IBM, Google, etc.
Both Android and iOS try to defend users from the same attack vectors we do. We developed far better protections against exploits which we release as open source code. Open source means anyone can freely use it for any purpose, exactly like the Android Open Source Project used by GrapheneOS itself.
Open source is why we can build GrapheneOS based on the Android Open Source Project. It doesn't make Linus Torvalds, IBM, Google, etc. responsible for what we do. Similarly, others can make their own software based on GrapheneOS. A fork of GrapheneOS contains a small portion of code written by us.
France supposedly has a right to reply which we intend to exercise to respond at length to these articles containing libel from the French state.
We're going to be ending the small amount of operations we have in France as we don't feel the country is safe for open source privacy projects anymore.
GrapheneOS doesn't host services storing sensitive user data. We have signature verification and downgrade protection for updates to the OS, apps and app store metadata. We're going move our website and discussion server away from OVH. Our update mirrors and authoritative DNS are already elsewhere.
Our discussion forum, Matrix, Mastodon, etc. in OVH Bearharnois can be moved to local or colocated servers in Toronto instead. We can use Netcup (owned by Anexia, both German) as one of the main providers for website/network service instances. The majority of our servers are already not on OVH.
We won't travel to France including avoiding conferences and will avoid having people working in the country too. A simple heuristic for the EU is avoiding countries supporting Chat Control. We genuinely believe we cannot safely operate in France anymore as an open source project privacy project.
Our pinned post on this platform shows a great example of why they're actually upset with us:
It almost makes us willing to contribute to AOSP again to try to wipe out their ability to exploit a subset of non-GrapheneOS Android devices too. Google is welcome to reach out.
Attached: 1 image
Deux articles du Parisien hier, suivis aujourd'hui d'un article du Figaro, ont lancé une offensive honteuse contre GrapheneOS, un système d'exploitation open-source pour téléphones, gratuit et accessible à toutes et tous.
We ported the Android 16 security preview patches to 16 QPR1. 2025111801 is our first 16 QPR1 with December 2025, January 2026, February 2026 and March 2026 ASB patches:
We ported the Android 16 security preview patches to 16 QPR1. 2025111801 is our first 16 QPR1 with December 2025, January 2026, February 2026 and March 2026 ASB patches:
https://grapheneos.
We were contacted by a journalist at Le Parisien newspaper with this prompt:
I am preparing an article on the use of your secure personal data phone solution by drug traffickers and other criminals. Have you ever been contacted by the police?
Are you aware that some of your clients might be criminals? And how does the company manage this issue?
Absolutely no further details were provided about what was being claimed, who was making it or the basis for those being made about it. We could only provide a very generic response to this.
Our response was heavily cut down and the references to human rights organizations, large tech companies and others using GrapheneOS weren't included. Our response was in English was translated by them: "we have no clients or customers" was turned into "nous n’avons ni clients ni usagers", etc...
GrapheneOS is a freely available open source privacy project. It's obtained from our website, not shady dealers in dark alleys and the "dark web". It doesn't have a marketing budget and we certainly aren't promoting it through unlisted YouTube channels and the other nonsense that's being claimed.
GrapheneOS has no such thing as the fake Snapchat feature that's described. What they're describing appears to be forks of GrapheneOS by shady companies infringing on our trademark. Those products may not even be truly based on GrapheneOS, similar to how ANOM used parts of it to pass it off as such.
France is an increasingly authoritarian country on the brink of it getting far worse. They're already very strong supporters of EU Chat Control. Their fascist law enforcement is clearly ahead of the game pushing outrageous false claims about open source privacy projects. None of it is substantiated.
iodéOS and /e/OS are based in France. iodéOS and /e/OS make devices dramatically more vulnerable while misleading users about privacy and security. These fake privacy products serve the interest of authoritarians rather than protecting people. /e/OS receives millions of euros in government funding.
Those lag many months to years behind on providing standard Android privacy and security patches. They heavily encourage users to use devices without working disk encryption and important security protections. Their users have their data up for grabs by apps, services and governments who want it.
There's a reason they're going after a legitimate privacy and security project developed outside of their jurisdiction rather than 2 companies based in France within their reach profiting from selling 'privacy' products.
There's another article posted at lefigaro.fr/secteur/high-tech/…. We don't have a subscription to access it so we can't evaluate whether the coverage is fairer. Need our community to check. There's an ongoing attempt to smear GrapheneOS by French government agencies so there will be more articles.
The reality is that a tiny proportion of the GrapheneOS userbase are criminals, clearly far below 1%. It's a rounding error. The vast majority of criminals use Android and iOS. French law enforcement contains a vastly higher proportion of criminals than the GrapheneOS userbase.
French law enforcement has a disproportionately high number of domestic abusers, pedophiles and other criminals. They routinely illegally violate the human rights of French citizens. They're upset they can't break into phones of a small handful of people because of GrapheneOS.
DÉCRYPTAGE - Ce système d’exploitation créé en 2014 inquiète les autorités tricolores. Il permet, entre autres, de réinitialiser un smartphone aux paramètres d’usine grâce à un seul code.
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS reposito...
Following our experimental releases, this is our first non-experimental release based on Android 16 QPR1, the first quarterly release of Android 16. Android 16 QPR1 was pushed to the Android Open Source Project on November 11 rather than September 3 as expected. This is a very large quarterly release with more prominent user-facing improvements than Android 16 provided compared to Android 15 QPR2.
Terminal (virtual machine management app): re-enable GUI support now that the surfaceflinger crashes are resolved upstream by Android 16 QPR1
adevtool: massive overhaul entirely replacing the small remnants of the Pixel device trees to fix several regressions introduced since Android 16 such as charging mode booting into the regular OS and to prepare for adding 10th gen Pixel devices via automated device support without any need for device trees to use as a reference
adevtool: switch to obtaining Android 16 QPR1 backports from the latest November releases for relevant Pixels (there are no security patches listed for the Android or Pixel bulletins and not all Pixels received the tiny release)
kernel (6.12): update to latest GKI LTS branch revision
raise declared patch level to 2025-11-05 which has already been provided in GrapheneOS since our regular 2025090200 release (not a security preview) since the patches were included in the September security preview and were then pushed to AOSP despite not being listed in the bulletin along with there being no Pixel Update Bulletin patches for November 2025
Creating a security preview release on top of the new Android 16 QPR1 release is still in progress and will be available soon. For detailed information on security preview releases, see our post about it.
Releases of GrapheneOS based on Android 16 QPR1 are available for public testing. These are highly experimental and aren't being pushed out via the Alpha channel yet. Join our testing chat room if you have a spare device you can use to help with testing.
We've resolved all the major regressions reported during testing of our experimental 2025111700 release based on Android 16 QPR1. Our upcoming 2025111800 release will likely be our initial production release based on Android 16 QPR1. It should reach our Alpha and Beta channels.
We're aware a small company which wanted to partner with us but was unable to meet our security requirements has been attacking GrapheneOS with misinformation and libel since November 12. We'll write detailed a response to it once our port to Android 16 QPR1 is shipped to Stable.
They launched a device using a fork of LineageOS without standard privacy and security patches or protections. Their launch announcement goes out of the way to attack GrapheneOS with inaccurate claims. They doubled down on it on several forums where they got a negative response.
We have a serious OEM partnership with a large company actively working on implementing MTE and the rest of what we need. We need a proper secure device which can be refreshed yearly as a replacement for Pixels. We're not going to abandon properly protecting users to provide it.
Our focus is Android 16 QPR1, then Android 16 QPR1 security preview releases with all the current December 2025 / January 2026 / February 2026 / March 2026 patches and finally support for all four Pixel 10 models. We can find time to debunk another falsely marketed product too.
Companies marketing phones as being private while lacking basic privacy patches and protections clearly feel very threatened by GrapheneOS. Completely unprovoked attacks on us including linking harassment content is a bold launch strategy for a product asking people to trust it.
Our port to Android 16 QPR1 which was to AOSP on November 11 is currently being tested internally. Several important regressions have been discovered and we're working on resolving those before we release it for public testing. A few minor features also still need to be ported.
GrapheneOS expert MetropleX joins David Bombal to bust myths. We cover banking apps, notifications, Play Services, and why GrapheneOS is more secure than iOS...
Since 2018, the Proton community has helped raise more than $4 million in direct grants to over 40 organizations defending privacy, free speech, and human rights.
Help us choose recipients for our 2025 Lifetime Account Charity Fundraiser!
Deadline to nominate organizations: November 24, 2025
Raffle opens: December 16, 2025
Raffle closes: January 5, 2026
Winners announced: January 6, 2026
Now it’s time to choose this year’s beneficiaries. We’re asking you to nominate the organizations you believe are making a real difference. We’ll select 10 to receive support in the 2025 Proton Lifetime Account Charity Fundraiser.
GrapheneOS has already received two donations through past Proton Foundation fundraising campaigns. For more details, see: discuss.grapheneos.org/d/28065
Donations are what fund our work on upcoming features and improvements to GrapheneOS, maintaining our current ones, and the upkeep of our infrastructure.
Another GrapheneOS feature from April 2023:
• Dialer: add modernized call recording implementation using modern Android storage (no files permission) [cont...]
https://grapheneos.org/releases#2023040400
https://9to5google.
All the while damaging the innovators by refusing to whitelist the leading privacy and security focused OS and pushing the anti-competitive monopolistic Play Integrity API , GMS licensor protection racket.
Nothing new about what is being offered. Everything we've done and do is provided without strings FREE, while Google moves to make you opt-in to their platform for less robust provision or to make OEMS pay for it.
Since 2018, the Proton community has helped raise more than $4 million in direct grants to over 40 organizations defending privacy, free speech, and human rights.
Help us choose recipients for our 2025 Lifetime Account Charity Fundraiser!
Deadline to nominate organizations: November 24, 2025
Raffle opens: December 16, 2025
Raffle closes: January 5, 2026
Winners announced: January 6, 2026
Now it’s time to choose this year’s beneficiaries. We’re asking you to nominate the organizations you believe are making a real difference. We’ll select 10 to receive support in the 2025 Proton Lifetime Account Charity Fundraiser.
GrapheneOS has already received two donations through past Proton Foundation fundraising campaigns. For more details, see: discuss.grapheneos.org/d/28065
Donations are what fund our work on upcoming features and improvements to GrapheneOS, maintaining our current ones, and the upkeep of our infrastructure.
Yesterday (2025-11-11), the most recent major quarterly release of Android (Android 16 QPR1) was pushed to the Android Open Source Project after being delayed since 2025-09-03. We've completed our initial port of all our changes to it and are building an experimental release now.
We received an ASN and IPv6 space for GrapheneOS from ARIN: AS40806 and 2602:f4d9::/40.
We've deployed 2 anycast IPv6 networks for our authoritative DNS servers to replace our existing setup: 2602:f4d9::/48 for ns1 and 2602:f4d9:1::/48 for ns2. BGP/RPKI setup is propagating.
We applied for an IPv4 /24 for ns2 via NRPM 4.10 and can apply for one for ns1 after we obtain that one.
Our ns1 network has New Jersey, Miami, Los Angeles, Seattle, Frankfurt and Singapore. Our ns2 network currently has New York, Las Vegas and Bern. We'll be expanding both.
This provides an overview of worldwide latency for our ns1 cluster via the Rage4 anycast service we currently use for IPv4+IPv6 with ns1:
In the future, we plan to use these 2 anycast networks to provide recursive DNS resolvers as an option for our users. For now, it's only for the authoritative DNS used to provide other GrapheneOS services which is what DNS resolver servers query after the root and TLD servers.
ARIN gave us an IPv4 /24 based on our NRPM 4.10 request in under 24 hours. It's being announced from our ns2 network:
It will take a long time to propagate since the RPKI IRR/ROA data gets fetched via timed jobs rather than pushed hop-by-hop like BGP.
It cost us US$50 to register with ARIN as an organization and US$262.50/year paid in advance to become an 3X-Small network. It'll be US$525/year when we get a 2nd IPv4 since we'll get pushed into 2X-Small. 2X-Small covers IPv4 /22, i.e. 4x /24, which we can get via the waitlist.
We've deployed our IPv4 /24 and IPv6 /48 for ns2 in production to replace the IPv4-only anycast tunnel system it relied on before. It has somewhat better latency and significantly better reliability now. We're waiting a bit longer for production deployment of our ns1 IPv6 /48.
We need to choose a host in Singapore with IPv4+IPv6 BGP support to extend ns2 with a location in Asia. Once that's added, it will be good enough for our current needs. The subset of our dedicated/colocated update servers with BGP could be used as extra ns2 locations eventually.
Android 16 QPR1 is finally being pushed to the Android Open Source Project. This should have happened on 2025-09-03. We migrated to full Android 16 QPR1 kernel code (GPLv2 tarball) and firmware in September. We couldn't migrate userspace to QPR1 without it being pushed to AOSP.
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS reposito...
adevtool: fully automate handling SoC and radio firmware image backports, which resolves an issue with a version string mismatch in the previous release for the initial installation process which resulted in us cancelling the Stable channel release
All of the Android 16 security patches from the current December 2025, January 2026, February 2026 and March 2026 Android Security Bulletins are included in the 2025110801 security preview release. List of additional fixed CVEs:
2025110801 provides at least the full 2025-12-01 Android security patch level (a Pixel Update Bulletin for November 2025 hasn't been released could have fixes we don't get early, although it's likely empty) but will remain marked as providing 2025-11-01.
For detailed information on security preview releases, see our post about it.
disable Chrome Tips cards for the New Tab Page as many are inappropriate for Vanadium due to the removal of Google service integration and other changes
This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It depends on hardening in other GrapheneOS reposito...
