GrapheneOSPrivacy and security on computing devices need to become far stronger to protect people from pervasive violations of their rights. Users have their privacy pervasively violated by corporations, criminals and governments. There are endless privacy and security weaknesses in software with exploits of those happening on a large scale. Operating systems, browsers and other apps need to do a much better job protecting users. Enormous progress is needed on both privacy and security.
GrapheneOS provides a massive upgrade for privacy and security over the standard Android Open Source Project. GrapheneOS is nowhere near good enough and we have an enormous amount of work to do improving both. Our work is an ongoing process and doesn't have an end point. Privacy and security heavily involve competition between attackers and defenders. Most defenders are making little progress and falling increasingly far behind.
Attackers continue improving their exploits of privacy and security weaknesses. Commercial exploit tools are increasingly widely deployed for broad attacks. Software has a very high density of privacy and security vulnerabilities. LLMs are accelerating both vulnerability discovery and exploit development. For most computing devices, defense is increasingly far behind offense. iOS and GrapheneOS are exceptional cases not representative of degrading privacy and security across computing devices.
Growing numbers of internet connected devices are incorporated into botnets. This harms the privacy and security of the internet as a whole through heavily pushing it towards centralization behind services such as Cloudflare. Insecure devices without security patches harm the internet as a whole. It isn't only embedded devices but also desktops, mobile devices and servers being used as part of these botnets. It isn't only people with these insecure devices who are harmed. It can get much worse.
We're building GrapheneOS to protect everyone's privacy and security. It's aimed at widespread adoption and is highly usable. It's compatible with the vast majority of Android apps. It has major privacy benefits for every user including stopping a lot of data collection by apps and services with a better permission model increasingly addressing being coerced to grant access. GrapheneOS has many users with little technical knowledge and isn't hard to install or use.
We're continuing to work on improving privacy, security, usability and app compatibility for all of our users. Contact Scopes, Storage Scopes, per-app Sensors toggle, VPN leak protection and many other features we provde are very important privacy protections. We're building alternatives to the Camera, Microphone and other permissions too. Our major improvements to exploit protections are there to protect user privacy. Privacy depends on security and that's why we heavily work on security too.
Contrary to what's often claimed, GrapheneOS is far more usable and requires far less sacrifice compared to other alternatives. Providing far better protection against sophisticated exploits isn't at the expense of that. Our opt-in sandboxed Google Play compatibility layer combines privacy and high usability. We're gradually making replacements for more Google services apps rely on. Location services, network-based location, geocoding and more has already been replaced and much more is coming.
zabold@GrapheneOS GOS ❤️ Thank you for your awesome work!
frutiger@GrapheneOS I LOVE GRAPHENEOS 🥰
Tolong4uHello Grapheneos team,
I just wanted to reach out and say thank you for your great work. Grapheneos is an excellent project, and it really shows how much effort and quality you put into it. Much appreciated!
I also had a quick question: do you provide your own UnifiedPush service/server, or are users expected to rely on external UnifiedPush providers? Is there any plan to offer an integrated UnifiedPush solution in the future?
Thanks again, and best regards
tolong4u