Here is my scheduled corpo posting of a collage of software, now Please Buy My Fucking Products

Twitter for you feed is so awful. Even after following accounts the recommendations stink.

He isn't really good at rolling anyone elses crypto either. He was using libmcrypt for a time. The source also is a gold mine:

Since he is attacking us again, did you know that Rob Braxman's 'private' and 'encrypted' chat service is backdoored with fake end to end encryption? It's been like this for years. Make two accounts, and create an 'encrypted' chat with a room password to your other account. Make it anything you want. Then, on the browser of the user who did not create the room, go to your chat page then open the browser dev tools, go to the Network tab. Open the encrypted chat, then find "chatkey.php" in the resources section of the browser. You can then go to "Payload". The password of the room is sent to you by the server in plain text.

Pixel Camera works without sandboxed Google Play services again with the GmsCompatLib version 100 update available in our App Store for GrapheneOS 2025102300 or later. The same changes will also be bundled in the next #GrapheneOS release, but this is our first out-of-band GmsCompatLib update which we'll be using to avoid needing OS releases to fix nearly any GmsCompat (sandboxed Google Play compatibility layer) related compatibility issues. It includes 2 fixes for other things too.

Molly has a bounty for replacing MobileCoin with Monero. They have worked on a Monero library. https://github.com/mollyim/monero-wallet-sdk For a messenger with wallet and sending to recipients I can only think of Keychat at the moment.

#GrapheneOS GmsCompatLib version 100 released. - extend shim for background service starts to address edge cases where a foreground service is required - add shim implementation of GmsFontProvider to prevent crashes of apps depending on Play services when it's missing or disabled (restores support for using Pixel Camera without Play services) - fix NoOpPrewarmService chain crash in Pixel Camera caused by lack of privileged OS integration https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/releases/tag/lib-100

What I can say for now: - #GrapheneOS has partnered with a major Android OEM. One of the top ten. - We aim to have a device by H2 2026, but potentially 2027. - We have early source access for patches and, soon, major releases through our partner. - We are aiming to get their next generation flagship devices able to support installing GrapheneOS. - The device will have the flagship Snapdragon 8 Elite 2 (SM8850) SoC. - We will continue to support Pixels if they continue to release with support. We will also aim to have Pixel 10 support once Android 16 QPR1 sources are available.

#GrapheneOS version 2025102200 released. • adevtool: add satellite eSIM overlays to avoid the special Skylo eSIM on 9th/10th gen Pixels being listed as a regular eSIM and being possible to erase with the regular eSIM erase functionality • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.111 • kernel (6.12): update to latest GKI LTS branch revision including update to 6.12.52 • System Updater: prevent reboot and security preview notifications from timing out after 3 days which is standard behavior since Android 15 QPR1 • System Updater: mark notification permission as fixed to prevent disabling overall notifications, but enable blocking progress, failure and already up to date notification channels • Sandboxed Google Play compatibility layer: add support for overriding BinderProxy transactions • Sandboxed Google Play compatibility layer: add support for out-of-band updates to GmsCompatLib • Vanadium: update to version 141.0.7390.111.0 • Vanadium: update to version 141.0.7390.122.0 • raise emulator super / dynamic partition size due to reaching the limit in some cases • adevtool: prefer prebuilt AOSP JDK 21 All of the Android 16 security patches from the current November 2025, December 2025 and January 2026 Android Security Bulletins are included in the 2025102201 security preview release. List of additional fixed CVEs: • Critical: CVE-2025-48593, CVE-2025-48631 • High: CVE-2022-25836, CVE-2022-25837, CVE-2023-40130, CVE-2024-43766, CVE-2025-22420, CVE-2025-22432, CVE-2025-32319, CVE-2025-32348, CVE-2025-48525, CVE-2025-48536, CVE-2025-48555, CVE-2025-48564, CVE-2025-48565, CVE-2025-48566, CVE-2025-48567, CVE-2025-48572, CVE-2025-48573, CVE-2025-48574, CVE-2025-48575, CVE-2025-48576, CVE-2025-48577, CVE-2025-48578, CVE-2025-48579, CVE-2025-48580, CVE-2025-48582, CVE-2025-48583, CVE-2025-48584, CVE-2025-48585, CVE-2025-48586, CVE-2025-48587, CVE-2025-48589, CVE-2025-48590, CVE-2025-48592, CVE-2025-48594, CVE-2025-48596, CVE-2025-48597, CVE-2025-48598, CVE-2025-48600, CVE-2025-48601, CVE-2025-48602, CVE-2025-48603, CVE-2025-48604, CVE-2025-48605, CVE-2025-48609, CVE-2025-48612, CVE-2025-48614, CVE-2025-48615, CVE-2025-48616, CVE-2025-48617, CVE-2025-48618, CVE-2025-48619, CVE-2025-48620, CVE-2025-48621, CVE-2025-48622, CVE-2025-48626, CVE-2025-48628, CVE-2025-48629, CVE-2025-48630, CVE-2025-48632, CVE-2025-48633, CVE-2025-48634 2025100901 provides at least the full 2025-11-01 patch level and the Android 2025-11-05 patch level (Pixel Update Bulletin could have fixes we don't get early) but will remain marked as providing 2025-10-05. https://grapheneos.org/releases#2025102200

Just saying... #GrapheneOS 2025100300: - add support for force enabling VoLTE, VoNR and 5G for carriers where those aren't supported with the standard configurations https://grapheneos.org/releases#2025100300

We made an article about it a while back. https://discuss.grapheneos.org/d/20165-response-to-dishonest-attacks-on-the-grapheneos-project-by-robert-braxman In short, the guy is a hack who makes content about topics either scaremongering people or peddling misinformation without any oversight. His content disrupts numerous open source projects' communication channels because they ask questions about meaningless, made up things they learn from his videos. He said GrapheneOS is dying and that Google stopped open sourcing AOSP (both untrue). He creates a lot of products which as you can see, are terrible both security and privacy wise.

He just doesn't like that we don't let him say nonsense without us checking it. We'd ignore it, but once he started making videos about GrapheneOS then it became an issue. He posts tons of FUD about many projects to promote his own products.

You must install your own build first. GrapheneOS only allows installing newer versions signed by the same pinned per-device keys to prevent an evil maid attack where you can push a malicious update or downgraded version. GrapheneOS clean builds take about two hours or more. We build with consumer CPUs, Ryzen 7950x/5950x usually. Incremental builds after the previous build are very quick. Build guide is at https://grapheneos.org/build

No, they're unprivileged apps unlike the stock OS. If it made a request to install such an app from there (not documented to happen like that, they'd just bundle with the OS instead), you'd see the attempt and needs you to confirm it anyway. We won't be bundling any apps like this. It's up to users' choice to install... whatever that is

Competitive binge drinking and keeping six destroyed kidneys inside as trophies

Redox OS was ported to a Pixel. Currently, only the screen works. https://www.redox-os.org/news/this-month-250930/

Appears more than two have worked on this, but the company is mostly advertised as a dev duo. All for growth.

You may have seen releases for GmsCompatConfig before. This is just a text file that sets up configuration for GmsCompat. Some config examples are the type of data to return to Google Play when it attempts to do privileged functions. The sandboxed Google Play compatibility layer acts as an intermediary to allow app compatibility without privileged access. https://github.com/GrapheneOS/platform_packages_apps_GmsCompat/blob/45b13b45de7c76a528cdc236d66d3184595cd99a/gmscompat_config

People should blame other alternatives for not being viable... We make little marketing beyond word of mouth and content other people create often without our oversight. People go out of their way to just find out about GrapheneOS and use it. I think our team seriously can be quite light in the way they talk about other projects and their shortcomings. They all have serious problems and many criticisms on GrapheneOS are down to people's esoteric, unpopular (so, worthless) views on affairs and incorrect technical knowledge -- but GrapheneOS is far from perfect. What viable solutions? Running a desktop Linux distro on a phone with ancient hardware and moving the security model back to the early 2000s? A LineageOS fork whose dev team have all quit? An Android distribution for end of life, no update devices that get torn to shreds by Cellebrite, Grayshift etc.? Basic 2020s security standards are criticised as gatekeeping. We want what we make to be copied and improved. If there's only one of us, it's the fault of everybody else. We tell people on the project accounts all the time projects people should look at, like microkernel operating systems, app sandboxing, hardware security features.

You have these, enabled them all so they can be seen in the same pic. Obviously, enabling these kind of makes you fingerprinted by standing out. What should note is: - No automatic updates on platforms - No toggle to disable JS JIT at all levels per-site like Trivalent / Vanadium (huge security boost with minimum tradeoff) - Minimal dev team (two people) - Too early to trust

GmsCompat (sandboxed Google Play compatibility layer in GrapheneOS) will have it's library signed with a separate key to allow for out-of-band updates. Should allow faster delivery of app compatibility fixes without waiting on new releases of GrapheneOS for the most part.

Many people in the space are far too confident about their competency in cyber security. I've worked in it full time for years, I involve myself in lab training and I am still sure I know very little. Cryptocurrencies being associated with hackers in pop culture is to mostly blame for this. Using a couple apps and a HWW gets people over their heads. Growing anti-intellectualism by influencers (grifters offering to teach you better than a degree or an industry vet), unvetted GenAI content and a purity test mindset harms the movement. People are too confident to go against what every major company security team says. Working in technology doesn't immediately qualify someone as cyber security aware, never mind an expert. People always make basic mistakes. Cryptocurrency companies and people get pwned all the time.

You can use feature flags to get greater privacy enhancements, but they're not default and they don't list anywhere except a mention on their pages. I can't find any docs that instruct people on that. I just set up a slightly hardened config of Helium now. I'd like Brave a lot more if they just kept all their other shit away from their browser product. They do great things with state isolation, anti-fingeprinting and an extremely well designed content filtering. But they pulled a Mozilla of making a bunch of random services you likely aren't using. Cryptocurrencies don't belong in browsers. Their UI is also too much.

FYI: "Lockdown" button does not put an Android device BFU. It is still AFU, attack surface still applies. It just forces the user to use the primary credentials the next time. In GrapheneOS, the button "End Session" or "Power Off" is what you want.

Big fan of the compact UI, especially since Brave's is so fat even when you enable their secret compact mode. The sizes on older Safari were the gold. Couple design decisions I don't agree with, but they are me being picky -- like keeping MV2. It will just be growing legacy extension attack surface later as extensions are less developed. I would like to see more security and privacy features. A few are in their GitHub issues already. It's mostly just Ungoogled Chromium with a UI uplift, better search, network services and a pre-installed uBlock at this early stage.

If you like all these software, then these are actually my choices. I just use what I like. If you think they suck and you are now mad at me, then I am lying and you should consult the following: