GrapheneOSJul 23, 2025

Information from the privacy and security researcher who founded the divested projects on the insecurity of /e/OS including hard data on update delays and skipped updates:

Issues with /e/OS: https://codeberg.org/divested-mobile/divestos-website/raw/commit/c7447de50bc8fadd20a30d4cbf1dcd8cf14805a0/static/misc/e.txt

ASB update history: https://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history

Chromium update history: https://web.archive.org/web/20250119212018/https://divestos.org/misc/ch-dates.txt

Chromium update summary: https://infosec.exchange/@divested/112815308307602739

For the Chromium update summary from July 2024, note 128/135 was shipping each update on a given update path. /e/OS only shipped 12/135.

Show threadsuomynona1405Jul 23, 2025
@GrapheneOS I wish the people would realise that privacy ≠ security. If they want both they need a Pixel phone with your custom rom.
Show threadGrapheneOSJul 23, 2025

@suomynona1405

> I wish the people would realise that privacy ≠ security.

/e/OS is severely lacking in both privacy and security. Many privacy issues are documented in the linked list of issues with /e/OS. The patches which are regularly delayed for long periods of time for both the OS and browser engine are privacy and security patches, not specifically security patches. Privacy also depends on security. Security vulnerabilities are important because they're privacy vulnerabilities too.

Show threadGrapheneOSJul 23, 2025
@suomynona1405 GrapheneOS is an operating system, not a custom ROM. It's an inaccurate and misleading term which has never been how we refer to GrapheneOS since we started in 2014. The correct terminology of OS is what should be used. GrapheneOS is a fork of the Android Open Source Project and is software running on the device. It ships firmware updates but is not firmware itself. GrapheneOS and the firmware it ships are installed on an SSD. It's verified cryptographically but not read-only.
Show threadsuomynona1405Jul 23, 2025
@GrapheneOS ah alright, OS then, not custom ROM. My bad^^
Show threadGrapheneOS
@suomynona1405 It's fine, we're just providing information. There are ROMs on the devices but those are much lower level components than GrapheneOS. Aside from that, GrapheneOS is not inherently an aftermarket OS (custom) but rather can be the stock OS on a device. It's an aftermarket OS for Pixels but we're working with an OEM towards them selling it on their devices and we've been in contact with multiple other OEMs about it. It's just most couldn't meet our security and update requirements.
Jul 23, 2025 at 1:46pmWeb
Show threadsuomynona1405Jul 23, 2025
@GrapheneOS thanks for the explanation, that makes is clear for me - So I can accurate talk about GrapheneOS when providing informations to other people:)