Verified boot is a very small part of why mobile devices with iOS/AOSP are more secure than traditional desktop operating systems and hardware. Verified boot is useful far beyond physical attack vector such as preventing privileged attacker persistence. It's a misconception that it's only useful against physical attacks. The Windows and desktop Linux ecosystem secure boot is incomplete both prior to the OS and for the OS. It doesn't provide the expected benefits.

iOS and the Android Open Source project are far more private and secure than traditional desktop operating systems. Every user installed application is sandboxed with a far better permission model than rare sandbox usage on desktops, there are much more modern exploit protections, far more code is written in memory safe languages especially for Android, there's far less attack surface and far more work on systemic privacy/security such as MAC/MLS policies and more.

A false narrative is being pushed about GrapheneOS claiming we're ending operations in France due to the actions of 2 newspapers. That's completely wrong. If both newspapers and the overall French media had taken our side instead of extreme bias against us, we'd still be leaving.

It's not possible for GrapheneOS to produce an update for French law enforcement to bypass brute force protection since it's implemented via the secure element (SE). SE also only accepts correctly signed firmware with a greater version AFTER the Owner user unlocks successfully.

We were likely going to be able to release experimental Pixel 10 support very soon and it's getting disrupted. The attacks on our team with ongoing libel and harassment have escalated, raids on our chat rooms have escalated and more. It's rough right now and support is appreciated.

France won't tolerate devices with a reasonable level of security where they can't use widely available off-the-shelf tools to extract data from them. GrapheneOS has massive privacy and security improvements planned. France's law enforcement sent out memos to all their police telling them to suspect Pixel phones and to give those special treatment due to GrapheneOS existing. Most of what they're talking about is clearly not even GrapheneOS but closed source forks...

See https://discuss.grapheneos.org/d/24134-devices-lacking-standard-privacysecurity-patches-and-protections-arent-private including the linked third party sources from Divested Computing, Mike Kuketz and others. /e/ and Fairphone have atrocious security. They provide far weak protection against commercial exploit tools than iPhones. It entirely fits with what the French government wants. They either want devices to have poor security where they can break into them very easily or to provide backdoors in the encryption and for remote/physical device access.

These are the main 3 articles with the misinformation and threats from French law enforcement: https://archive.is/UrlvK https://archive.is/AhMsj https://archive.is/FBc1U The 2nd newspaper was more balanced than the 1st. There's a lot of coverage elsewhere now and a lot of that is more positive. It's not how the media covers it which matters though. We got the message that French law enforcement is enraged by people having secure devices and expects backdoors, so we're leaving.

There were 2 articles from Le Parisien. One contains a bunch of misinformation about GrapheneOS from a French national law enforcement agency and the other contains and explicit threats towards us. They threaten to do what they did with SkyECC and Encrochat which are nothing like us. OVH was involved in both of those things. They imply that it will be their action if we do not include backdoors, which appears to be what they mean by 'cooperate' since we don't have user data.

Please listen to this podcast about ANOM: https://darknetdiaries.com/transcript/146/ The FBI ran a string operation in Europe where they created their own 'secure' phone and messaging platform. Their OS used portions of our code and was heavily marketed as being GrapheneOS or based on GrapheneOS.

It also does a similar thing for apps using Google Play via the SDK. For example, it intercepts calls to the location API and reimplements their location API with the OS location API directly from the app using it. It does NOT send the app's Google Play location requests to another service implementing that like microG does which would then need to correctly implement the permission checks, etc. It implements the redirection to the OS API within the apps using it.

You're wrong, it's nearly the entirety of how the sandboxed Google Play compatibility layer is implemented. The compatibility layer code runs almost entirely inside of the Google Play apps and apps using them. The whole point of the compatibility layer is that it's implemented through using the APIs available to a sandboxed app from within the app sandbox. It doesn't provide any special privileges but rather changes how the apps do things. https://grapheneos.social/@GrapheneOS/115675751733730710

Multiple of Braxman's products and services are proven by security researchers to contain backdoors including fake end-to-end encryption providing keys to the server. /e/ and iodéOS both claim to provide privacy/security patches they do not and set an inaccurate Android security patch level. The mislead users about how little their DNS filtering does for privacy from apps and bogus labels on apps. See https://discuss.grapheneos.org/d/24134-devices-lacking-standard-privacysecurity-patches-and-protections-arent-private and the linked third party content.

The context is important especially the references to SkyECC and Encrochat. They've made it clear they think we should providing them access and are demanding cooperation. They're also inaccurately conflating GrapheneOS with other things and talking about features, distribution and marketing it doesn't have. It's quite clear to us that it's not safe to operate in France or with French services. There are a huge amount of quotes attacking us from her across news sites.

This libel and harassment has been ongoing since long before recent state attacks. There's someone there linking harassment content filled with blatant lies while claiming there's no harassment. It's ridiculous and it's time for them to stop. Look through the links we gave and search for it. https://archive.is/UrlvK has a clear threat, as do numerous other quotes across media platforms French authorities went to with this. It's clearly not made up no matter the lies.

If you want private payments, use cash or Monero. Taking donations through a service is not an endorsement of the service. We're not going to recommend using any traditional financial app from a privacy perspective. We just tell people which ones allow using GrapheneOS for tap-to-pay for people who really want it.

We aren't partnered with Nothing. This is going to confuse people and you should remove it.

Releases of GrapheneOS based on Android 16 QPR1 are available for public testing. These are highly experimental and aren't being pushed out via the Alpha channel yet. Join our testing chat room if you have a spare device you can use to help with testing. https://grapheneos.org/contact#community-chat

We're working with a major Android OEM on improving the security and updates for their devices in order to provide official GrapheneOS support. We're making good progress towards it. There will be an announcement with them at some point and then later an initial phone launched with official GrapheneOS support. Initial aim is just to meet all our minimum requirements and provide a good alternative to Pixels. Making those more secure than Pixels is a long term goal, not an initial one.

GrapheneOS version 2025110800 released: https://grapheneos.org/releases#2025110800 See the linked release notes for a summary of the improvements over the previous release. Forum discussion thread: https://discuss.grapheneos.org/d/27936-grapheneos-version-2025110800-released #GrapheneOS #privacy #security

Pixel 10, Pixel 10 Pro and Pixel 10 Pro XL are getting closer despite Android still not pushing Android 16 QPR1 to AOSP. We're working around it for those 3 models via using the combination of the older and newer stock Pixel OS releases to work around not having an AOSP device branch for the Pixel 10, not having AOSP device trees for Pixels and not having AOSP tags for Android 16 QPR1 yet despite September 3 being when it was meant to be pushed according to how things still work.