profile
viewpoint
Daniel Micay thestinger Toronto, Ontario, Canada https://twitter.com/DanielMicay Security researcher

thestinger/termite 2476

A keyboard-centric VTE-based terminal, aimed at use within a window manager with tiling and/or tabbing support.

thestinger/playpen 289

A secure application sandbox built with modern Linux sandboxing features - no longer actively developed, but still works fine, use bubblewrap if you need more functionality

thestinger/vte-ng 105

enhanced vte terminal widget

thestinger/allocator 45

experimental high performance, low fragmentation memory allocator

thestinger/paxd-archive 42

PaX exception daemon - Temporarily abandoned due to the PaX and grsecurity patches becoming private

thestinger/hardening-wrapper-deprecated 26

Wrapper scripts for building hardened executables by default (deprecated, replaced by standard Arch Linux toolchain changes)

thestinger/wiki 9

toy wiki implementation

thestinger/util 6

various utility functions and classes

GrapheneOS/branding_extra 2

Branding for everything outside the OS. This is not used as part of the OS.

GrapheneOS/device_google_bonito 2

Pixel 3a and Pixel 3a XL device sources.

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 73b49cd62424fb72d9b9e4a0881b5b4308f4103d

restoration of some native code exec changes

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Daniel Micay

commit sha 4bf910ec5721804da2ac18fa617724d232f1e4f9

remove zygote execmem

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Daniel Micay

commit sha 1b9aacbc66620fef18ffc273b6908c4c69537175

remove zygote execmem

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Daniel Micay

commit sha 70d8b4026d42737d8bb7f40b0ca9162ed017133b

remove zygote execmem

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 6e1af70695a72ad0718f4a4684311a4e5cf20ce2

remove base system app execmem

view details

Renlord

commit sha 74407215949148faea63febf6c2406c8165ba087

remove base system app app_data_file execute

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha d4bbd0843c2d6ba5093d2e78ca294dd56c8b8c52

remove base system app execmod

view details

Renlord

commit sha 4bebd64a54977ceea453cf984dea220685fb3109

remove base system app execmem

view details

Renlord

commit sha 6078921fbcd9bd9986511c5e50c6c3a2575b676a

remove base system app app_data_file execute

view details

push time in 10 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha fe88559676ce1c57cf28a79d64096ac0897d278f

remove base system execmem

view details

Renlord

commit sha 3bdf7e67cad106c1550fa09eba99606015ae9697

remove base system app_data_file execute

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha c56834f1038a534c442586aae3e4d2ac348d41ba

remove base system execmem

view details

Renlord

commit sha 414479eba1c26826db2dfab4d9574987733e3fb2

remove base system app_data_file execute

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 7ef746bbe204e4ba0183997ee974f03a74122042

remove base system execmod

view details

Renlord

commit sha 035ef7ff55fb1ddc48e486194a673acc8b08abc4

remove execmem for privileged app domains

view details

Renlord

commit sha b6064525d8027b39e4797f49ae65fdf43304fd2b

remove base system app_data_file execute

view details

push time in 11 hours

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 9aea4121892d2b70a37c404116e4250cc481b224

changes for next release

view details

push time in 11 hours

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha 840308a755ba2df10cd8b9937dad2d66dcc9caf9

update to 80.0.3987.119

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 703948a29b791c89c1eb9d74714576be7ad180bc

split out untrusted base app domains

view details

Renlord

commit sha d00e441913503a0678c326fef5d733e63eb271cc

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 270ae1a4f27ca57ad3cd8236fd4d0939aec6e140

split out untrusted base app domains

view details

Renlord

commit sha f6218d4e14e45297366a155b21e60db13d16cd85

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 9c792f7f317f9f8a5d8ebbafdf643e025d3406f2

split out untrusted base app domains

view details

Renlord

commit sha c514fae995eaedfb3abd4189eef482e57debfcc9

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha b77d0b09feb89c6781319eeb096ec980b054a3c3

split out untrusted base app domains

view details

Renlord

commit sha 81fb043d224f68638743afd2fc44b50508704a22

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 866ef8819f88f44e797e472630883e6054033831

split out untrusted base app domains

view details

Renlord

commit sha ff1df5a6cbb2ffa36d028bcc15c7fa0bbaa278f7

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 5b34a8dbdf5bf723ede6ca9dc0d4bf002fce1b03

split out untrusted base app domains

view details

Renlord

commit sha b2eebe1e0beff3df71870ee1a464ae2773af7236

split base isolated app

view details

push time in 11 hours

push eventGrapheneOS/platform_system_sepolicy

Renlord

commit sha 85d6977a165f5c6a26e19a341c4bd526ab70f085

use untrusted_base sepolicy for packages signed using release/shared keys

view details

Renlord

commit sha 34b15aa3810daebc526a22eac9b43eb91ad8a31f

split out untrusted base app domains

view details

Renlord

commit sha bf2d5055b7368503a381e07c2314cf661302768d

split base isolated app

view details

push time in a day

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A: securing data at rest, and FBE vs FDE

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="securing-data-at-rest">+                <a href="#securing-data-at-rest">How does GrapheneOS secure data at rest?</a>+            </h2>+            <p>GrapheneOS makes full use of the hardware-bound encryption in modern Android devices.+            The Titan M, a specially designed hardware security module on Pixel 3 handsets handles+            validation of the user's pincode or password. Upon getting the correct password, the HSM+            will calculate an access token from the password, from a secret contained in the+            confines of the HSM, and from a hash of a two-kilobyte partition at the start of the+            phone's SSD by means of a key derivation function. The HSM will only be able to release+            the token to the phone so it can in turn derive the keys to decrypt the files if it gets+            the correct password.</p>++            <p>This system ensures that an adversary in possession of your phone cannot simply+            extract the SSD and connect it to a much more powerful system to run guessing attacks on+            it offline, and instead must go through the specific HSM on the phone. The HSM is+            about the size of a grain of rice and is difficult to attack. Each file is encrypted+            with AES-256-XTS, and the filesystem metadata is encrypted with AES-256-HEH.</p>++            <p>File Based Encryption on GrapheneOS is always on, enforced, and cannot be switched+            off or fall back to plaintext. The Titan M hardware security module has its own internal+            timer which cannot be accessed from the host operating system, and can enforce+            progressively lengthening delays between guesses at the password. On enough failed+            guesses, the Titan M can increase the time between guesses to allow only one guess+            per day. At this rate, to search through all the combinations of a four-digit pin code+            from 0000 to 9950 would take over 27 years, or for a relatively weak two-word passphrase

It allows attaching a keyboard but only detects it at boot or when unlocked, by default.

Peter-Easton

comment created time in 2 days

MemberEvent

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 63de0eb955d90beefb288246d511386e28767b13

fix always-on MAC randomization option

view details

push time in 2 days

push eventGrapheneOS/platform_frameworks_opt_net_wifi

Renlord

commit sha 4055cdcae311f132409bb786ce752f3e4720fd82

bugfix: randomization always will always work after restarting Signed-off-by: Renlord <me@renlord.com>

view details

push time in 2 days

PR merged GrapheneOS/platform_frameworks_opt_net_wifi

bugfix: randomization always will always work after restarting

Signed-off-by: Renlord me@renlord.com

Closes https://github.com/GrapheneOS/os_issue_tracker/issues/178

Tested by following "steps to re-produce" on Sargo.

+6 -4

0 comment

1 changed file

renlord

pr closed time in 2 days

issue closedGrapheneOS/os_issue_tracker

Use randomized MAC always not working on first connection

Bug description

On the first connection to a Wi-Fi network with privacy set to use randomized MAC always will use the device's true Wi-Fi MAC address. A workaround is to reconnect to Wi-Fi.

Steps to reproduce

  1. Go to settings > network and internet > Wi-Fi > saved networks > choose a network > set privacy to use randomized MAC always (default)
  2. Turn Wi-Fi off and restart device.
  3. Turn Wi-Fi on and reconnect to the same network.

Actual result: The MAC address for the connected network is the device's true MAC address. Expected result: The MAC address for the connected network is a randomly chosen MAC address.

Screenshots

GrapheneOS-network-details GrapheneOS-about-phone

Device info

Device: Google Pixel 3a XL (aosp_bonito) Android version: 10 (2020.02.07.19, QQ1A.200205.002.2020.02.07.19)

closed time in 2 days

Jawshy

PR closed GrapheneOS/grapheneos.org

Add "Back To Top" links on all currently existant answers.

I included the up arrow for this but I can remove it if it doesn't render correctly.

+16 -0

1 comment

1 changed file

Peter-Easton

pr closed time in 2 days

pull request commentGrapheneOS/grapheneos.org

Add "Back To Top" links on all currently existant answers.

I'd rather not include this kind of navigation, at least right now.

Peter-Easton

comment created time in 2 days

push eventGrapheneOS/grapheneos.org

Peter Easton

commit sha f283e2a3078caac02d523674b90a14c1995c79a9

Minor grammatical edit. Minor clarification.

view details

push time in 4 days

pull request commentGrapheneOS/grapheneos.org

Minor grammatical edit in FAQ about cell tracking

Can you change "any" to "the"?

Peter-Easton

comment created time in 4 days

pull request commentGrapheneOS/grapheneos.org

Add the udev rules to the installation prerequisites.

The adbusers group isn't required to permit using devices from local sessions, so you shouldn't need to include it. It's only needed to permit using devices that are plugged in locally from a remote session. That's generally how udev permissions work. It already grants permission to access all the local devices for local sessions.

Peter-Easton

comment created time in 4 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 8a8d19fe76283581d1ef25d61517c8f23d5d5d0d

request sending USD as USD instead of converting

view details

push time in 4 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha fe933fc926c675b993e598269e7783faa0cee643

request sending USD as USD instead of converting

view details

push time in 4 days

pull request commentGrapheneOS/platform_system_sepolicy

split out untrusted base app domains

@renlord You'll need to do untrusted_app too, since that's the modern one:

user=_app minTargetSdkVersion=29 domain=untrusted_app type=app_data_file levelFrom=all
user=_app minTargetSdkVersion=28 domain=untrusted_app_27 type=app_data_file levelFrom=all
user=_app minTargetSdkVersion=26 domain=untrusted_app_27 type=app_data_file levelFrom=user
user=_app domain=untrusted_app_25 type=app_data_file levelFrom=user
renlord

comment created time in 4 days

pull request commentGrapheneOS/grapheneos.org

Add Q&A about vpn support

This should probably mention the built-in VPN support in the OS, the always-on VPN option and the option to block connections not going via the configured VPN to prevent leaks if the VPN connection drops, etc.

Peter-Easton

comment created time in 5 days

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A: securing data at rest, and FBE vs FDE

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="securing-data-at-rest">+                <a href="#securing-data-at-rest">How does GrapheneOS secure data at rest?</a>+            </h2>+            <p>GrapheneOS makes full use of the hardware-bound encryption in modern Android devices.+            The Titan M, a specially designed hardware security module on Pixel 3 handsets handles+            validation of the user's pincode or password. Upon getting the correct password, the HSM+            will calculate an access token from the password, from a secret contained in the+            confines of the HSM, and from a hash of a two-kilobyte partition at the start of the+            phone's SSD by means of a key derivation function. The HSM will only be able to release+            the token to the phone so it can in turn derive the keys to decrypt the files if it gets+            the correct password.</p>++            <p>This system ensures that an adversary in possession of your phone cannot simply+            extract the SSD and connect it to a much more powerful system to run guessing attacks on+            it offline, and instead must go through the specific HSM on the phone. The HSM is+            about the size of a grain of rice and is difficult to attack. Each file is encrypted+            with AES-256-XTS, and the filesystem metadata is encrypted with AES-256-HEH.</p>++            <p>File Based Encryption on GrapheneOS is always on, enforced, and cannot be switched+            off or fall back to plaintext. The Titan M hardware security module has its own internal+            timer which cannot be accessed from the host operating system, and can enforce+            progressively lengthening delays between guesses at the password. On enough failed+            guesses, the Titan M can increase the time between guesses to allow only one guess+            per day. At this rate, to search through all the combinations of a four-digit pin code+            from 0000 to 9950 would take over 27 years, or for a relatively weak two-word passphrase

The Titan M is only involved for the initial unlock after rebooting. Make sure you're properly testing this.

Peter-Easton

comment created time in 5 days

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha f1ac190e2903ba0343c6d096bfc6d28c337fa719

backport patch removing broken DCHECK

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha e18706ee00dcdf462aabd0a00a3836192c937e4e

fix header levels for nested sections

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha dcc5003ee5a6e4dc6589c42802ae4c27536b2e52

expand cellular tracking section further

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha d5b071c6ef2b788acab1c588692c87d14f818a84

elaborate on other baseband functionality

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 9f4223a3fda4b8205059433d79d51f5a376a0c11

clarification

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 32b12435d9e33a914bd10c55d4eb440ca7785e9a

Wi-Fi information belongs elsewhere

view details

Daniel Micay

commit sha 9f6d18fa2684913bcefbf42fb77f732e70ca280b

fix spelling errors

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 670faeb14af822e05d902a2036a74b80a732333a

add LICENSE file to sitemap

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Peter Easton

commit sha 8b5204de5106f4e7772dcd73558012a0e3d1a301

Add Q&A about cell tracking and silent sms

view details

push time in 6 days

push eventGrapheneOS/branding_tools

Daniel Micay

commit sha d3ce73c817e349a176e0422eb3bff1970961d950

add GitHub Sponsors metadata

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 80df37aa40ecdb3f661f99f9a8f7f5e75379c2fd

jshint: show message codes

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 8dcbd4c2eb439dd0a32adf9f25a6b0a410a0a3a1

jshint: show message codes

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 9ad7cd730868086ca345c540af7cf09709ab26d9

add jshint to validation

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 674ff645b50a64cc592e3e77ef3cd4904ee95f45

add jshint to validation script

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 47f55da39e64888320f5223b464d38e838f61b6f

split out validation script

view details

Daniel Micay

commit sha 9cac3f85437a37a7ae762b16c698ad87d15c4589

update copyright notice

view details

Daniel Micay

commit sha d0d3080f224b8a43d8e09a6dac76557d9d57a0fd

include license with static web assets

view details

Daniel Micay

commit sha e0ad7165ed28582f60ddfa1f5cc2e00aab3345e7

add .jslintrc

view details

Daniel Micay

commit sha 0efbaa93adb622d6b83d170fc1074bf9d36b5151

add missing semicolons reported by jshint

view details

Daniel Micay

commit sha 6f2fe290e1e2f981381422653328e57cabd6f32e

remove old development logging

view details

Daniel Micay

commit sha ae06f34e443b64467da279e2eade82827094ff39

jshint: enable devel to allow using console.log

view details

Daniel Micay

commit sha 051a0ba7f2fe806442155164ecb404eca6416a69

avoid unnecessary use of `this`

view details

Daniel Micay

commit sha f49d1da91a9f8c1be648a33832573cbb678f4bc8

disable bad jshint warning about captures in loops

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 623f972b4fc3cc08a92750109b6f933474e34dde

disable bad jshint warning about captures in loops

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha cdb32e02317fab0dfe7baceecbaf6528d123e440

avoid unnecessary use of `this`

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 21ac333070eec4756eb66f7c9312d7efac52664a

add jshint to validation

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha bd5567009c199031fb3c9a84d2a2e92c7af709fd

jshint: enable devel to allow using console.log

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha cfea79270c16007012f7ab4e022929c8d5f11e36

jshint: enable devel to allow console.log

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 0573f0ede76c429e8fd58ca93ea460359a491017

jshint: allow using console.log

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha 31e3d131482f08884e6fe5c9b3e27b9984a6159d

remove old development logging

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha e6f92b690f2dc294cc12e649b7698141fb298fe8

add missing semicolons reported by jshint

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 14b8abbec83975d5cd71cd44c8b7af81eb7edeaa

add .jshintrc

view details

push time in 6 days

push eventGrapheneOS/AttestationServer

Daniel Micay

commit sha b05ff542175a3355ad528663f05ea53472c5995c

add .jslintrc

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha f4d389ef75eb58be049cc997f2caeba3445929ed

add .jslintrc

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 64837579a337a819b91314dfea3694acfb3806b2

add initial legacy devices section

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 6d5e36cba86e4d9c7eccab0b8b55c26789ffd9ee

add initial legacy devices section

view details

push time in 6 days

push eventGrapheneOS/grapheneos.org

inthewaves

commit sha eaa01c67ae1485809761278b6230eec508219572

fix typos, reword some phrases, and add extra info Also, mention IP68 water and dust resistance for Pixel 3/3 XL

view details

push time in 6 days

PR merged GrapheneOS/grapheneos.org

fix typos, reword some phrases, and add extra info

Also, mention IP68 water and dust resistance for Pixel 3/3 XL

+15 -14

0 comment

1 changed file

inthewaves

pr closed time in 6 days

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A about cell tracking and silent sms

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="cellular-tracking">+                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and+                silent SMS?</a>+            </h2>++            <p>GrapheneOS always considers the network to be hostile. Merely getting a silent SMS is+            not a good indicator of being targeted by your cell carrier, police or government+            because <i>anyone on the cell network can send them</i>. Cellular triangulation will

It matters for accessibility, since accessibility tools can read the text in a different way for em and strong, but the others are more subtle.

Peter-Easton

comment created time in 6 days

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A about cell tracking and silent sms

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="cellular-tracking">+                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and+                silent SMS?</a>+            </h2>++            <p>GrapheneOS always considers the network to be hostile. Merely getting a silent SMS is+            not a good indicator of being targeted by your cell carrier, police or government+            because <i>anyone on the cell network can send them</i>. Cellular triangulation will

https://html.spec.whatwg.org/multipage/text-level-semantics.html#the-em-element vs. https://html.spec.whatwg.org/multipage/text-level-semantics.html#the-i-element

https://html.spec.whatwg.org/multipage/text-level-semantics.html#the-strong-element vs. https://html.spec.whatwg.org/multipage/text-level-semantics.html#the-b-element

Essentially, em and strong are for the semantic meanings associated with those, and i and b are for more subtle cases without those clear semantic meanings but rather a more subtle reason. For a long time, i and b were deprecated, but they came up with new meanings for them giving them purpose again and they aren't deprecated anymore.

Peter-Easton

comment created time in 6 days

Pull request review commentGrapheneOS/grapheneos.org

fix typos, reword some phrases, and add extra info

 <h2 id="supported-devices">             support repositories for the Android Open Source Project can simply be dropped into             the source tree, with at most minor modifications within them to support GrapheneOS.             In most cases, substantial work beyond that will be needed to bring the support up to-            the same standards. For most devices, the hardware and firmware will prevent providing-            a reasonably secure device, regardless of the work put into device support.</p>+            the same standards. For most devices, the hardware and firmware will prevent them from

I'd rather leave this part as it was, since this is changing the meaning in a way that wasn't intended.

inthewaves

comment created time in 7 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha c2eaa511dcad6385a1f89eeca0712bcf97c93309

remove extra word

view details

push time in 7 days

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A about cell tracking and silent sms

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="cellular-tracking">+                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and+                silent SMS?</a>+            </h2>++            <p>GrapheneOS always considers the network to be hostile. Merely getting a silent SMS is+            not a good indicator of being targeted by your cell carrier, police or government+            because <i>anyone on the cell network can send them</i>. Cellular triangulation will+            happen regardless of whether or not SMS texts are being sent or recieved by the phone,+            and they don't have to even be a silent SMS; it wouldn't be much different than+            recieving an unsolicited spam SMS!</p>++            <p>Activating airplane mode will switch the cell radio off entirely. While airplane mode

Should clarify and state that it fully disables cellular radio transmit / receive capabilities. The baseband processor provides more than the cellular radio. On the currently supported devices, it provides both the Wi-Fi and cellular radios with separately sandboxed code for each.

Peter-Easton

comment created time in 7 days

Pull request review commentGrapheneOS/grapheneos.org

Add Q&A about cell tracking and silent sms

 <h2 id="default-connections">                 </li>             </ul> +            <h2 id="cellular-tracking">+                <a href="#cellular-tracking">What does GrapheneOS do about cellular tracking and+                silent SMS?</a>+            </h2>++            <p>GrapheneOS always considers the network to be hostile. Merely getting a silent SMS is+            not a good indicator of being targeted by your cell carrier, police or government+            because <i>anyone on the cell network can send them</i>. Cellular triangulation will

You should use <em></em>, not <i></i> which is deprecated in modern HTML. Similarly, use <strong></strong> rather than <b></b>.

Peter-Easton

comment created time in 7 days

PR closed GrapheneOS/android-prepare-vendor

Fix ophan bytecode in product partition

I notice files weren't being included because it thought it was an orphan bytcode in /product

+5 -1

4 comments

1 changed file

shareefalis

pr closed time in 7 days

push eventGrapheneOS/platform_external_vanadium

Daniel Micay

commit sha ecca135c96db0991fd3ee3717e245cf8ab2d42a5

update to 80.0.3987.117

view details

push time in 7 days

issue commentGrapheneOS/os_issue_tracker

No service on Visible (Verizon)

The black screen issue just sounds like you have a defective screen protector blocking the proximity sensor rather than a software issue. The AOSP values for the proximity sensor might be tuned differently than the stock OS ones.

daradib

comment created time in 7 days

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha 29d3463e671bfab4a26964a3f97bf5afff507070

update patches for 80.0.3987.117

view details

push time in 7 days

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha 02b14e09784976461ec818a64cfec6f4482a1dcb

update to 80.0.3987.117

view details

push time in 7 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha 27def62e171092b46c06aa7309bb896d0b09dd8f

update build instructions to Trichrome

view details

push time in 7 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha cccf970e093bd7c7a1331d607e448b2ad6e1d98a

add Trichrome to release notes

view details

Daniel Micay

commit sha a273c6f55039fb269a74e95c2629251018494be9

update Vanadium to Chromium 80.0.3987.117

view details

push time in 7 days

push eventGrapheneOS/grapheneos.org

Daniel Micay

commit sha f66e5da62dfd74e535ea6d5baa81303b31407820

add Trichrome to release notes

view details

push time in 7 days

PR closed GrapheneOS/platform_system_sepolicy

remove base system app_data_file execute

closes https://github.com/GrapheneOS/os_issue_tracker/issues/16

+2 -4

1 comment

4 changed files

renlord

pr closed time in 7 days

pull request commentGrapheneOS/platform_system_sepolicy

remove base system app_data_file execute

This won't work since it will also remove it for third party apps and some of them are going to break. You'll need the split of these domains into base vs. non-base from the AndroidHardeningArchive repository.

renlord

comment created time in 7 days

push eventGrapheneOS/platform_external_vanadium

Daniel Micay

commit sha f1f7c5a3ac0ad726e2191c86a99526f16a67bd75

workaround to replace icon

view details

push time in 8 days

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha 88afb71b569bbfcbd26936adc1da74d0873e0597

work around Vanadium resources being ignored

view details

push time in 8 days

push eventGrapheneOS/Vanadium

Daniel Micay

commit sha 6e54c9d694edca8c22fb63f246c43e66d1886385

work around Vanadium resources being ignored

view details

push time in 8 days

push eventGrapheneOS/platform_build

Daniel Micay

commit sha 1b5a980c4afb935cf43f68cadba0ef58e637fe5c

replace webview with TrichromeWebView

view details

push time in 9 days

push eventGrapheneOS/platform_external_vanadium

Daniel Micay

commit sha a66d3dde76f9256115fe8a276702a08f650c9957

remove overrides

view details

push time in 9 days

push eventGrapheneOS/platform_build

Daniel Micay

commit sha b71de2a9ccd2b44b79b60e562ce5f96c253aefce

replace Browser2 with TrichromeChrome

view details

push time in 9 days

push eventGrapheneOS/script

Daniel Micay

commit sha 1ba3c1120a3ff764cbe119c6100dbb638d64dfea

remove extra newline

view details

Daniel Micay

commit sha 77e9dd0b364e1f498ba521b05d44d355147b9c54

update copyright notice

view details

push time in 9 days

push eventGrapheneOS/platform_external_vanadium

Daniel Micay

commit sha 462ca578d81c29bc65083beaeda748397ed6b861

update copyright notice

view details

push time in 9 days

push eventGrapheneOS/platform_external_vanadium

Daniel Micay

commit sha 3f81b580246f191f7b82f6e48ef0b4a80a795b4b

update copyright header

view details

push time in 9 days

PR closed GrapheneOS/PdfViewer

Add splash screen

Show a splash screen while the app launch in a lightweight way.

+16 -0

1 comment

3 changed files

Virgiel

pr closed time in 9 days

pull request commentGrapheneOS/PdfViewer

Add splash screen

I like the other proposals, but I'd rather not add a splash screen.

Virgiel

comment created time in 9 days

more