This looks awesome!

It is very real! Put a link to one race in my comment above. Also @bitcoin_racing on (not) nostr.

You can watch this Bitcoin Racing Mini race at the 2026 Mini Challenge here: https://www.youtube.com/watch?v=ii05MQ37Prg

Bitcoin Racing x GrapheneOS.

WIRED published an extremely inaccurate article about the history of GrapheneOS based on fabricated stories created by James Donaldson. We have published the original 50+ questions and answers provided to us. You can see for yourself what we provided and that it wasn't anywhere close to adequately incorporated into the article. https://discuss.grapheneos.org/d/34369-original-grapheneos-responses-to-wired-fact-checker

Not right now. The system apps handle many OS/app intents, like camera, contact management, webview and file management.

GrapheneOS doesn't persistently store notifications unless users explicitly enable notification history. For users enabling notification history, it's a 24 hour log that's cleared as soon as the feature is disabled again. This is the standard Android Open Source Project approach.

Privacy and security on computing devices need to become far stronger to protect people from pervasive violations of their rights. Users have their privacy pervasively violated by corporations, criminals and governments. There are endless privacy and security weaknesses in software with exploits of those happening on a large scale. Operating systems, browsers and other apps need to do a much better job protecting users. Enormous progress is needed on both privacy and security. #GrapheneOS provides a massive upgrade for privacy and security over the standard Android Open Source Project. GrapheneOS is nowhere near good enough and we have an enormous amount of work to do improving both. Our work is an ongoing process and doesn't have an end point. Privacy and security heavily involve competition between attackers and defenders. Most defenders are making little progress and falling increasingly far behind. Attackers continue improving their exploits of privacy and security weaknesses. Commercial exploit tools are increasingly widely deployed for broad attacks. Software has a very high density of privacy and security vulnerabilities. LLMs are accelerating both vulnerability discovery and exploit development. For most computing devices, defense is increasingly far behind offense. iOS and GrapheneOS are exceptional cases not representative of degrading privacy and security across computing devices. Growing numbers of internet connected devices are incorporated into botnets. This harms the privacy and security of the internet as a whole through heavily pushing it towards centralization behind services such as Cloudflare. I devices without security patches harm the internet as a whole. It isn't only embedded devices but also desktops, mobile devices and servers being used as part of these botnets. It isn't only people with these i devices who are harmed. It can get much worse. We're building GrapheneOS to protect everyone's privacy and security. It's aimed at widespread adoption and is highly usable. It's compatible with the vast majority of Android apps. It has major privacy benefits for every user including stopping a lot of data collection by apps and services with a better permission model increasingly addressing being coerced to grant access. GrapheneOS has many users with little technical knowledge and isn't hard to install or use. We're continuing to work on improving privacy, security, usability and app compatibility for all of our users. Contact Scopes, Storage Scopes, per-app Sensors toggle, VPN leak protection and many other features we provde are very important privacy protections. We're building alternatives to the Camera, Microphone and other permissions too. Our major improvements to exploit protections are there to protect user privacy. Privacy depends on security and that's why we heavily work on security too. Contrary to what's often claimed, GrapheneOS is far more usable and requires far less sacrifice compared to other alternatives. Providing far better protection against sophisticated exploits isn't at the expense of that. Our opt-in sandboxed Google Play compatibility layer combines privacy and high usability. We're gradually making replacements for more Google services apps rely on. Location services, network-based location, geocoding and more has already been replaced and much more is coming.

No, when a notification is swiped away it is gone. You can optionally choose to save a notification history but it's not on by default (Settings -> Notification -> Notification History).

We are replacing the Gallery app and this will have that kind of UI.

Too many apps on Android get away with doing bare minimum of having just an app on the phone. Support for tablets, desktop mode, widgets, and no dependency on Play services should be encouraged more.

It was a post about Nekogram (the telegram client) sending phone numbers and account IDs to the developer. Does this work?

Use what you want, but I really can't recommend Telegram in general when it comes to stuff like this.

There's always added risk when using a third party client since you trust an additional party when using the app. We know their dev and I trust it personally. Molly is also reproducible (you can test their APK matches an APK you build with their source code yourself). None of this stuff really matters if no one is assuring the app is safe through security testing. Open source is more of a distribution mechanism and ethical choice than a security one, but it definitely opens up to testers far more.

The binaries in the Releases section can be random binaries. Owner of the package can just upload malware or an app that is only slightly different to the original code. This app isn't just distributed through GitHub but also elsewhere. Obsidian, a proprietary note taking app, has a Releases page on GitHub but no code. GitHub does not build apps, it can be done separately through a feature called GitHub Actions that barely anyone uses and conscious developers would not recommend it. You'd be uploading your signing key to GitHub. If you want to validate a compiled binary matches the source code provided you need to check out reproducible builds and see if your app has a guide on reproducing the app. https://github.com/mollyim/mollyim-android/tree/main/reproducible-builds

Gaël Duval is the founder and president of the /e/ foundation along with the CEO of Murena. Duval and his organizations have consistently taken a stance against protecting users from exploits. In this video, he once again claims protecting against exploits is for only useful pedophiles and spies. Transcription in French: > Il y a la surface d'attaque, là pour le coup on est pas des spécialistes de la sécurité, donc je ne pourrais pas te répondre avec précision, mais des discussions que j'ai eu, il semblerait que tout ce qu'on fait, ça réduit la surface d'attaque. Donc oui, probablement ça aide. Par contre, on a pas une approche "sécurité durcie", on développe pas un téléphone pour les pédo(bip) pour qu'ils puissent échapper à la justice. Donc il y a pas des trucs pas possibles pour voir si la mémoire est pas corrompue, des trucs de sécu vraiment durcis qui pourraient être utiles clairement pour des dirigeants, dans les services secrets ou que sais-je. C'est pas notre but, notre but c'est de partir d'un constat, aujourd'hui nos données personnelles sont pillées en permanence et ça serait pas légal dans la vraie vie avec le courrier ou le téléphone, on veut changer ça. Donc on vous fait un produit qui change ça par défaut pour n'importe quelle personne. Translation to English: > There's the attack surface, on that front we're not security specialists here, so I couldn't answer you precisely, but from the discussions I've had, it seems that everything we do reduces attack surface. However, we don't have a "hardened security" approach, we aren't developing a phone for pedo(censored) so they can evade justice. So there aren't difficult things to check if the memory is corrupted, really hardened security stuff that could clearly be useful for executives, in the secret service, or whatever. That's not our goal, our goal is to start from an observation: today our personal data is constantly being plundered and that wouldn't be legal in real life with the mail or the telephone, we want to change that. So we are making you a product that changes that by default for anyone. GrapheneOS exists to protect users from having their privacy invaded by arbitrary individuals, corporations and states. Privacy depends on security. GrapheneOS heavily improves both privacy and security while providing a high level of usability and near perfect app compatibility. /e/ has far worse privacy and security than the Android Open Source Project. They fail to keep up with important standard privacy and security patches for Android, Linux, firmware, drivers and HALs. They fail to provide current generation Android privacy and security protections. For years, Gaël Duval has spearheaded a campaign to misrepresent GrapheneOS as not being usable, not compatible with apps and only useful to a tiny minority of people. He has repeatedly claimed GrapheneOS is for pedophiles, criminals and spies while claiming /e/ is for everyone. It's hardly only GrapheneOS focusing on protecting users against exploits. Apple and Google have put a ton of work into it. Apple heavily focuses on privacy and security. That includes protecting against remote exploits, local exploits from compromised apps and data extraction. GrapheneOS and iOS are both heavily focused on privacy and security. Both are gradually adding much stronger protections against apps/sites scraping data, coercion users into giving data via alternatives with case-by-case consent and increasingly strong exploit protections. /e/ is far weaker in all of these areas compared to the standard Android Open Source Project on secure hardware. It doesn't keep up with standards updates and protections. It adds tons of low security attack surface and privacy invasive services. It's not in the same space as us. /e/ and Murena devices are far worse for privacy and security than an iPhone. It's trivial to break into their devices remotely or extract data from them compared to an iPhone. They have weaker privacy protections from apps too. Their main approach to privacy is a DNS blocklist. Their DNS blocklist can only block domains not used for useful functionality to avoid ruining usability. Meanwhile, the most privacy invasive behavior by apps is rarely ever split out into separate domains. Even for those, apps and websites can trivially evade DNS blocklists. It's common for apps and websites to do everything through their own servers. That's best practice to avoid leaking API keys. It's increasingly common for invasive libraries to use hard-wired IPs and/or DNS-over-HTTPS to evade blocking. DNS filtering is increasingly less useful. Murena is a for-profit company owned by shareholders including Gaël Duval. /e/ has a non-profit organization which is also led by Gaël Duval. /e/ includes paid services from Murena. /e/ very clearly exists to build products for Murena to sell in order to enrich the shareholders.