Use 80% battery charge limit on #GrapheneOS but see it's going to 100%? That's just battery percentage recalibration and is intentional.

GrapheneOS Discussion Forum

Charging optimization (80% charge limit) recalibration with Android 15 QPR2 - GrapheneOS Discussion Forum

GrapheneOS discussion forum

#GrapheneOS version 2025030300 released. This is an early March security update release based on the March 2025 security patch backports since the quarterly Android Open Source Project and stock Pixel OS release (Android 15 QPR2) scheduled for this month hasn't been published yet. - full 2025-03-01 security patch level - Network Location: temporarily disable using altitude in trilateration for now because 3D trilateration is using an excessive amount of CPU time and we need to greatly optimize it with algorithm level improvements, porting it to Rust and other optimizations before we can use 3D - App Store: update to version 29 - App Store: update to version 30

Releases | GrapheneOS

Amnesty International’s Security Lab has a post about 3 vulnerabilities exploited by Cellebrite to extract data from locked Android devices. #GrapheneOS blocked exploiting these vulnerabilities in multiple different ways. We also patched them much earlier.

Amnesty International Security Lab

Cellebrite zero-day exploit used to target phone of Serbian student activist - Amnesty International Security Lab

Amnesty International’s Security Lab uncovers sophisticated Cellebrite zero-day exploit, impacting billions of Android devices.

Each of these is an upstream Linux kernel vulnerability: * CVE-2024-53104: heap overflow in a Linux kernel USB webcam driver * CVE-2024-53197: heap overflow in a Linux kernel USB sound card driver * CVE-2024-50302: uninitialized heap memory in a Linux kernel USB touchpad driver GrapheneOS blocks reaching any of these vulnerabilities for locked devices through our USB-C port and pogo pins control feature disabling new connections at a hardware level and a software level after locking along with disabling USB data in hardware too:

Features overview | GrapheneOS

CVE-2024-50302 is benign on GrapheneOS. For both the kernel and the rest of the OS, we use the combination of use zero-on-free and either zero-on-allocate or a write-after-free check at allocation time. On devices with hardware memory tagging (MTE), it's done as part of tagging. CVE-2024-53104 and CVE-2024-53197 are both kernel heap overflows in slab allocations. We provide improved defenses against these attacks in multiple ways covered in the kernel section at

Features overview | GrapheneOS

Our defenses in userspace are far stronger due to hardened_malloc. We recently enabled hardware memory tagging (MTE) for Linux kernel after over a year of deploying it for userspace via hardened_malloc. It provides an approximation of memory safety which can be improved over time. It requires hardware support exclusive to 8th/9th gen Pixels. GrapheneOS shipped patches for these 3 vulnerabilities significantly before the stock Pixel OS or inclusion in an Android Security Bulletin through shipping the latest Linux kernel GKI LTS releases. However, what really matters is we prevented them being used before discovery. We have a recent post at

GrapheneOS Mastodon

GrapheneOS (@GrapheneOS@grapheneos.social)

In April 2024, Pixels shipped a partial implementation of our January 2024 proposal for firmware-based reset attack protection. Fastboot mode now z...

covering how we've significantly improved our defenses against forensic data extraction since January 2024. It covers a lot more than what we talked about here and we recommend reading it along with our features page covering more.

#GrapheneOS version 2025022700 released. Introducing opt-in network location, 5G-Only mode, blocking callers not in contacts and back port patches. • add opt-in GrapheneOS network location implementation available via Settings > Location > Location services based on using the Apple Wi-Fi positioning API either through a GrapheneOS proxy or directly via Apple's service, which will be extended with much more functionality in the near future including incorporating altitude into trilateration, using cell towers if it provides a better estimate than Wi-Fi and using our own network location database either via a service or offline database downloads (we're in the process of building our own database by scraping all of the data from Apple's service and have already done a test run obtaining essentially all the cell tower data along with lots of Wi-Fi data) • fix Wi-Fi APEX issues preventing an OS network location service from doing Wi-Fi scans without the INTERACT_ACROSS_USERS / INTERACT_ACROSS_USERS_FULL privileged permissions • Sandboxed Google Play compatibility layer: add support for using an OS network location provider for the default enabled rerouting of Google Play location requests to the OS location service • add support for "5G only" and "4G or 5G only" modes in addition to our existing "4G only" mode • enable support for blocking callers not in Contacts • resolve regression for secondary user SMS in Android 15 QPR1 by enabling partial upstream fix since we dropped this part of our fix for the issues but the upstream fix wasn't actually active • fix Storage Scopes / Contact Scopes app settings link not working for apps in nested profiles in some cases • Launcher: limit 4x5 grid option to phones • kernel (6.1): update to latest GKI LTS branch revision • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.79 • backport mainline APEX module patches for DocumentsUI, Media Provider and Network Stack • Vanadium: update to version 133.0.6943.89.0 • Vanadium: update to version 133.0.6943.121.0 • Vanadium: update to version 133.0.6943.137.0 • Vanadium: update to version 134.0.6998.39.0 • App Store: update to version 27 • App Store: update to version 28 • Messaging: update to version 5 • Messaging: update to version 6 • Messaging: update to version 7 • PDF Viewer: update to version 21 • PDF Viewer: update to version 22 • PDF Viewer: update to version 23 • PDF Viewer: update to version 24 • PDF Viewer: update to version 25 • PDF Viewer: update to version 26 • Camera: update to version 79 • Camera: update to version 80 • Camera: update to version 81

Releases | GrapheneOS

Appears Clicks is going to be releasing a Pixel 9 case with a physical keyboard attached to it soon. Black one releases first.

Clicks for Pixel: More control. More screen. More you.

With real buttons, a full-screen experience, and powerful shortcuts you can type faster, see more, and take control like never before.

Unlikely some #GrapheneOS users will use it because of the requirement to disable USB port controls... but more ordinary users or Stock OS users might. A nice novelty item I guess.

Work towards a #GrapheneOS network location service is coming to fruition:

GitHub

add NetworkLocation by muhomorr · Pull Request #69 · GrapheneOS/platform_build

NetworkLocation repo: https://github.com/GrapheneOS/platform_packages_apps_NetworkLocation Part of a changelist: GrapheneOS/platform_frameworks_bas...

This is a major feature. Network location providers will allow faster results and greater accuracy with locations inside buildings, by default GrapheneOS uses the OS' satellite location (GNSS) for location, with an optional toggle for using Google's existing location service. For users who want network location and not Google, this network location service would use a GrapheneOS proxy to Apple's WiFi positioning service. Users may choose to not use the proxy. Eventually, we'll be making our own local database using scraped data from Apple's service to implement network location and SUPL for users who want network-based location without connecting to them.

If you are an #Apple user in the United Kingdom affected by the disabling of Advanced Data Protection (ADP, end-to-end encryption of iCloud backups), then understand: - If you do not have ADP, you cannot enable it now. Your account uses the standard iCloud backup system which is default everywhere else. ADP is an opt-in feature. - If you still have ADP, it is still activated but you will eventually be forced to deactivate to keep using your iCloud account. There is no specified time on when, so the soonest, most appropriate time is best. - If you have ADP enabled, you can use this period to choose between keeping your data and not have it encrypted in the future, or backing up your already end-to-end encrypted iCloud data offline or to another cloud provider, or deleting the data entirely. - You may choose to disable iCloud backups. This prevents future data being sent to iCloud and will keep it stored on your device. You can choose to disable them in Settings -> Apple ID -> iCloud -> Saved to iCloud / iCloud Backup. - In the same "Saved to iCloud" settings, you may choose to erase all data. MAKE BACKUPS BEFORE DOING THIS. For photos, there is a 30-day period to download all of them. - Certain data like iCloud Email mailboxes are never end to end encrypted regardless of ADP, so clear your mailbox for emails you don't want or need. - If you are considering deleting your account, be VERY SURE you know what you are doing because your account being deleted will become irreversible. Do not leave online accounts stranded because you used your iCloud email addresses and then deleted the account that controls the email. Change the email address or delete the accounts based on your own intuition. Backups are also important if you plan to move device, as we're hearing a lot of #GrapheneOS mentions right now. Please don't move without preparation else you'll find yourself having a problematic experience. Read the website and our docs.

As an open source project this can be overlooked or forgotten, but GrapheneOS is hiring remote developers:

Hiring | GrapheneOS

New #GrapheneOS installs now default to 4x5 grid instead of 5x5 for the launcher. This makes it resemble the stock OS a little more. If you were used to that, you can now change that back instead of using 5x5.