We could still make updates for the Pixel 4a but the value of backporting partial security patches for the Android Open Source Project while not having driver and firmware patches is increasingly limited, so we stopped doing it. It takes significant time to port backports to the initial release of Android 13 to the Android 13 QPR3 release that it's branched from.

See the device recommendations here: https://grapheneos.org/faq#recommended-devices There's a table with support times here: https://grapheneos.org/faq#device-lifetime Pixel 4a was end-of-life after August 2023 but we provided extended support and then legacy extended support releases up to January 2025. We no longer provide those since it no longer provides real value and drains our limited resources.

GrapheneOS based on Android 16 is now available in our Beta channel. There are 2 main known issues which will be fixed in the next release: lockscreen date and media info are not properly displayed due to an upstream AOSP bug and Pixel Thermometer doesn't appear in our App Store.

They're a major Android OEM. As long as it works out, you'll see why it makes sense.

We're working with an OEM on getting a subset of their future devices to support GrapheneOS as an official supported OS option. These would be flagship Snapdragon devices meeting our security requirements (https://grapheneos.org/faq#future-devices). We can't say which OEM or any more about it, but that's what we've been wanting for a while and an OEM reached out to us about it.

The Android Open Source Project has infrastructure for this since it's a regular part of the app sandbox and permission model improving. We add Network and Sensors permission toggles in GrapheneOS where Network is based on the existing low-level INTERNET permission and Sensors is entirely new.

Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.

We're working with a major non-Pixel OEM to have their future devices meet our requirements and officially support GrapheneOS. It's likely they'll end up selling devices with the official GrapheneOS releases as an option. We can't say which OEM it is or provide more details but they definitely have the resources to meet our requirements. It would be flagship Snapdragon devices initially and not custom hardware, at least initially.

We're having some issues with federation and have temporary removed the previous thread until it's resolved. Can a few people confirm they can see this post being federated to their instance? We'll remove it and post the previous thread again once that's confirmed.

We want to be clear that GrapheneOS will continue supporting existing Pixels until end-of-life. We'll likely be able to add support for 10th gen Pixels but it will take significantly more time. It has been taking us around 24 hours after new Pixels launch to add support for them since after the Pixel 6 launched. It's not going to be that way anymore, even if future Pixels meet all our requirements and we can still support them.

See https://grapheneos.org/faq#recommended-devices and https://grapheneos.org/faq#device-lifetime.

We've repeatedly brought up F-Droid not properly listing permissions or checking for them. Their understanding of Android's permission model is wrong. The way they list permissions misleads and misinforms users. It's one of many major F-Droid flaws they consistently don't acknowledge or fix.

Multiple of the F-Droid developers wrongly blaming their app bug on GrapheneOS in that issue are Calyx contractors. They prioritize attacking GrapheneOS with inaccurate claims and fabricated stories about our team over fixing a bug in their app impacting both GrapheneOS and non-GrapheneOS users.

Note the Terminal app currently has a compatibility issue with VPNs in the same profile. You can work around this by putting it in a dedicated profile without a VPN since profiles each have their own VPN configuration. If you're interested in this area, you should try it out. Unlike stock OS, it can be used to run GUI applications or whole GUI environments already.

Here's an article from Citizen Lab on how the Spanish government used exploits against political opponents in Catalonia: https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/ Bear in mind even police using these will almost entirely be using them against people not convicted of a crime based on suspicion.

European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone. https://www.xatakandroid.com/sociedad/cada-vez-que-vemos-google-pixel-pensamos-que-puede-ser-narcotraficante-movil-perfecto-para-crimen-sencilla-razon

GrapheneOS is not immune to exploitation, but the fearmongering done in these ongoing attacks on it is very clearly fabricated. They feel threatened enough by GrapheneOS to engage in coordinated attempts at convincing people that it's unable to protect their privacy and security.

iPhones have good overall privacy and security but Apple does collect telemetry, forces people to have accounts and knows which apps each user/device has installed. They do not have magical privacy and security properties. An app like this claiming iOS gives them 100% anonymity is very strange.

There are ongoing coordinated attempts at misleading people about GrapheneOS and Signal in multiple European countries. A consistent pattern are completely unsubstantiated claims about exploits with no evidence. These are contradicted by actual evidence, leaks and their behavior.

Revolut incorporated at least 2 separate closed source third party libraries performing checks to specifically detect GrapheneOS. They were using the results from these libraries to ban using it. They do use the Play Integrity API but do not currently use it to ban GrapheneOS so working around the libraries they were using checking for it got it working again. They were checking specifically for ro.build.user / ro.build.host being "grapheneos" and boot state being yellow.

Fairphone doesn't meet basic security standards by providing proper updates and standard security features. They've explicitly expressed disinterest in meeting the higher standards required for GrapheneOS such as providing a secure element. Multiple OEMs have reached out to us about meeting our requirements and working with us. One of those is capable of meeting our security and support requirements in 2026 so it's our focus.

Fairphone's devices have atrocious security and they don't prioritize either privacy or security. They discontinued their OS without Google Mobile Services and replaced that with a partnership with Murena. Murena makes /e/OS, extraordinarily i and non-private fork of LineageOS. They've frequently attacked GrapheneOS and their attacks on DivestOS contributed to it dying. We won't be working with a Murena partner.

It hasn't stopped working. It has never been a particularly reliable app but has gotten slightly better.

Android has better support for VPNs, better internal OS sandboxing in some areas, etc. iOS privacy and security advantages are mostly in 2 areas: 1) the kernel, since Linux is resistant to introducing isolation, memory safe languages and exploit protections requiring lots of changes 2) app sandbox, due to backwards compatibility requiring Android to take years to catch up in many areas via new OS versions and target API levels improving things We improve both a fair bit.

That's the bridge someone runs. It shows your posts as coming from there to us. We aren't explicitly using it, it just bridges posts back and forth.