@ashaman2007@lemm.ee,
We’re open to working with most OEM’s, including Nothing.

Presently, Nothing’s devices don’t meet our hardware requirements and still have a long way to go. One example and a key main requirements is hardware memory tagging (MTE), which is currently missing on any Snapdragon-based device. We use MTE to provide a lot of our core protections against exploitation. A secure element with the required features is only one of part of our requirements.

These requirements are part of what we need to provide strong security. Qualcomm needs to do part of that work by implementing memory tagging like Exynos/MediaTek.

However, they might eventually release devices we could support for GrapheneOS in the future.

privacy is a team game, so still not much point. the most secure os ever barely anyone can use.

GrapheneOS cannot provide a high level of privacy and security on other Android devices not meeting our requirements, which is why we don’t support them. There aren’t other devices providing those important industry standard security features with support for us using them. We’ve tried to get OEMs to do it.

no point in making a super private os that only a tiny moneyed minority can run. and honestly i don’t buy it that compatmentalization like this can’t be done on other phones.

The main reason no other devices meet our requirements is because the most secure non-Pixel Android devices do not allow using another OS or disable a bunch of important security features with one. The devices not crippling non-stock OS support are much lower security devices.

ok now do it on any phone that isn’t a pixel

We can support other devices not specifically made for GrapheneOS which meet the requirements: https://grapheneos.org/faq#future-devices
Unfortunately, none currently do.

These are very reasonable requirements and Pixels are the only Android devices with the hardware/firmware security meeting industry standard features.

There are other devices providing the required features, but without non-stock OS support for them.

Thank you for your feedback.

Suggesting we use personal accounts for discussions like this overlooks the accountability we have to provide accurate and transparent feedback on issues directly impacting our infrastructure. Constructively critiquing software that affects the performance of hosting critical organizational chat rooms is not entitlement—it’s responsibility. These concerns are real and measurable, with tangible effects on user experience and scalability.

This is based on firsthand experience hosting our own Matrix homeserver instance for our community space chat rooms using their software, not on tautological reasoning.

For obvious reasons, we prefer linking updates and posts from our Mastodon instance rather than to the Twitter version of the same content.

End users who prefer RSS can add either:
https://grapheneos.social/@GrapheneOS.rss
or
https://grapheneos.social/@GrapheneOS/with_replies.rss

deleted by creator

Hi @henfredemars@infosec.pub,

The official statement from Google can be found here: https://support.google.com/pixelphone/thread/241474288

As for the bug eport itself, that is available on their issue tracker here:
https://issuetracker.google.com/issues/305766503
https://issuetracker.google.com/issues/307592536

The repos issue tracker is slightly more up to date.

There are some banking apps and apps in general that may be problematic. For such cases, here are the possible work around solutions.

You’re quite welcome.

No issues with running the RSA Authenticator (SecurID) app on both the Pixel 6 and 8 on the latest Android 14 build of GrapheneOS.

See previous reply for details as to why it wasn’t working for non-GrapheneOS users as well - over a year ago is when it started being problematic.

It works as far as I can tell. However, it wasn’t always the case.

My company also mentioned that GrapheneOS isn’t supported by them.

Version 4.3.12 is - I just installed it on both the Pixel 6 and the new Pixel 8, both running the latest GrapheneOS builds with Android 14.

they don’t support grapheneos though, specifically said the app won’t work on it

In the summer of 2022, numerous issues arose for non-GrapheneOS users as well, as reflected in the reviews. This was because the SecurID update began utilizing the Play Integrity API to detect non-certified OS/devices. The Play Integrity API has since replaced the now-obsolete SafetyNet attestation API.

Here’s a crowd-sourced list of international banking apps that are compatible with GrapheneOS:
https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/

The issue tracker has slightly more current banking app reports:
https://github.com/PrivSec-dev/banking-apps-compat-report

Some banking apps may be problematic and here are some possible workaround solutions:
https://discuss.grapheneos.org/d/8330-app-compatibility-with-grapheneos