Final's avatar
Final
final@stacker.news
npub1hxx7...g75y
Cypherpunk forensic scientist and security specialist. Associate #GrapheneOS. Matrix: f1nal:grapheneos.org
Final's avatar
Final 5 months ago
#GrapheneOS version 2025080600 released. - full 2025-08-05 security patch level - apply the only change not related to the Pixel 6a battery workaround from the August 2025 Pixel kernel drivers obtained via GPL source request - update to August 2025 Pixel vendor/firmware code - Messaging: update to version 12
Releases | GrapheneOS
Final's avatar
Final 5 months ago
#GrapheneOS version 2025080400 released. This is an early August security update release based on the August 2025 security patch backports since the monthly Android Open Source Project and stock Pixel OS release scheduled for this month hasn't been published yet. Android Security Bulletin tags have not yet been pushed to the Android Open Source Project this month but we've had access to the signed partner bulletin zip with the same patches for a month. There are only 3 patches in the August 2025-08-01 bulletin and one of those doesn't impact Android 16. Of the 2 marked as impacting Android 16, the critical severity issue was already fixed in the initial Android 16 release. Therefore, there's only a single High severity patch to Android 16 for the Android Open Source Project for August. • full 2025-08-01 security patch level • add opt-in service for geocoding (translating location names to coordinates) and reverse geocoding (translating coordinations to location names) with the option of either a GrapheneOS proxy to Nomanatim or direct use of Nominatim which will improve compatibility with a tiny subset of apps depending on the OS providing this without an alternative (the service is open source with open data so our proxy is temporary and will be replaced with a self-hosted service, but we need to determine if we want to use Nominatim or Photon along with dealing with the high hardware requirements far beyond what our current network servers can provide) • add a workaround for bug in sonycast.sdk.ScMediaRouteProvider used by Tidal and other apps causing occasional NsdService related crashes in combination with VPN lockdown due to us fixing NsdService related VPN leaks • override pseudo locales with their respective base locales in the Android Runtime since they're currently broken and break using the device (we already disabled enabling pseudo locales in the previous release but a couple users enabled this developer option and need a release fixing it to use their device) • kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.147 • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.100 • Vanadium: update to version 139.0.7258.62.0 • Vanadium: update to version 139.0.7258.62.1
Releases | GrapheneOS
Final's avatar
Final 5 months ago
We have slightly updated our features page to document new protections against VPN leaks that are not fixed in stock Android. > #GrapheneOS closes a hole in Android's eBPF-based firewall system which made it possible to bypass the VPN by specifying a specific interface with a special system call.
Features overview | GrapheneOS
Final's avatar
Final 5 months ago
Seeing countless mentions of the project on Twitter because some Ethereum token made a web app that had a similar name to an unmaintained fork of GrapheneOS. Now it is flooded with AI slop accounts promoting this random web app as a GrapheneOS distribution. AI slop is the best!
Final's avatar
Final 5 months ago
We have the latest documentation from Cellebrite Premium in June 2025 and there are no changes to their #GrapheneOS support. Brute forcing remains unsupported for Pixel 6 and later. We can see if there's anything documented about it in the next Cellebrite Premium update for the stock Pixel OS based on the launch of Android 16 and the opt-in Advanced Protection enabling a weaker USB protection than ours while locked. Despite being weaker, we'd expect it still defeats their current exploits not targeting the lower level attack surface but rather only drivers.
Final's avatar
Final 5 months ago
Fox News
New Android attack tricks you into giving dangerous permissions
TapTrap Android attack works by launching transparent system prompts over regular app interfaces. The result is a near-invisible layer that silentl...
 > #GrapheneOS, a security-focused operating system based on Android, confirmed that its current version is also affected. However, it plans to release a fix in its next update. No, we said that on July 7 and then shipped
Releases | GrapheneOS
 fixing it on the same day.