matchboxbananasynergy
@mbananasynergy.bsky.social
Community manager @GrapheneOS. Mod for a few open-source projects. This is a personal account and the hot takes you'll find here are exclusively my own.
#grapheneos #mollyim #accrescent
#grapheneos #mollyim #accrescent
Reposted by matchboxbananasynergy
Things were a bit different with Android this time, likely due to a functionality vs security trade-off that made it harder to address the issue in AOSP. Going forward, we'll continue reporting to Google but jointly disclose to GrapheneOS for any future Android-related issues.
July 23, 2025 at 12:25 AM
Things were a bit different with Android this time, likely due to a functionality vs security trade-off that made it harder to address the issue in AOSP. Going forward, we'll continue reporting to Google but jointly disclose to GrapheneOS for any future Android-related issues.
Reposted by matchboxbananasynergy
DHS is urging law enforcement to treat even skateboarding and livestreaming as signs of violent intent during a protest, turning everyday behavior into a pretext for police action. www.wired.com/story/dhs-te...
Skateboards and Livestreams: DHS Tells Police That Common Protest Activities Are ‘Violent Tactics’
DHS is urging law enforcement to treat even skateboarding and livestreaming as signs of violent intent during a protest, turning everyday behavior into a pretext for police action.
www.wired.com
July 10, 2025 at 10:06 PM
DHS is urging law enforcement to treat even skateboarding and livestreaming as signs of violent intent during a protest, turning everyday behavior into a pretext for police action. www.wired.com/story/dhs-te...
Signal. Tor. GrapheneOS. People should be loud and proud about using security and privacy tools that work - that's the best way to counter the narrative that only people with something to hide would.
www.androidauthority.com/why-i-use-gr...
www.androidauthority.com/why-i-use-gr...
Cops say criminals use a Google Pixel with GrapheneOS — I say that’s freedom
GrapheneOS offers some of the best privacy and security features of any smartphone operating system, but is it too effective at what it does?
www.androidauthority.com
July 12, 2025 at 1:06 PM
Signal. Tor. GrapheneOS. People should be loud and proud about using security and privacy tools that work - that's the best way to counter the narrative that only people with something to hide would.
www.androidauthority.com/why-i-use-gr...
www.androidauthority.com/why-i-use-gr...
Reposted by matchboxbananasynergy
Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.
July 3, 2025 at 3:07 PM
Android regularly adds and splits permissions for new API levels. Legacy apps are handled by treating them as requesting the permission to provide a toggle for it. For example, Android 13 converted the existing toggle for disabling notifications for an app into a new POST_NOTIFICATIONS permission.
Reposted by matchboxbananasynergy
ICEBlock is incredibly false privacy claims for marketing. They falsely claim it provides complete anonymity when it doesn't. They're ignoring both data kept by Apple and data available to the server but not stored. They're also spreading misinformation about Android:
www.iceblock.app/android
www.iceblock.app/android
July 3, 2025 at 12:22 PM
ICEBlock is incredibly false privacy claims for marketing. They falsely claim it provides complete anonymity when it doesn't. They're ignoring both data kept by Apple and data available to the server but not stored. They're also spreading misinformation about Android:
www.iceblock.app/android
www.iceblock.app/android
Reposted by matchboxbananasynergy
bsky.app/profile/iceb...
Apple stores which devices/users install which apps. They have the device IDs. US government could obtain a list of people who installed the app if a court authorized it. Not clear what they mean by having to storing device IDs. Those IDs aren't accessible to Android apps.
Apple stores which devices/users install which apps. They have the device IDs. US government could obtain a list of people who installed the app if a court authorized it. Not clear what they mean by having to storing device IDs. Those IDs aren't accessible to Android apps.
Sorry, there will not be an Android version because there is no way to provide 100% anonymity. Each person's device ID would have to be stored and that information becomes discoverable should the government issue a subpoena.
Only iOS made this possible and completely protects the users.
Only iOS made this possible and completely protects the users.
July 1, 2025 at 11:36 PM
bsky.app/profile/iceb...
Apple stores which devices/users install which apps. They have the device IDs. US government could obtain a list of people who installed the app if a court authorized it. Not clear what they mean by having to storing device IDs. Those IDs aren't accessible to Android apps.
Apple stores which devices/users install which apps. They have the device IDs. US government could obtain a list of people who installed the app if a court authorized it. Not clear what they mean by having to storing device IDs. Those IDs aren't accessible to Android apps.
Reposted by matchboxbananasynergy
European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.
www.xatakandroid.com/sociedad/cad...
www.xatakandroid.com/sociedad/cad...
"Cada vez que vemos un Google Pixel pensamos que puede ser un narcotraficante". Es el móvil perfecto para el crimen por un motivo
Los Google Pixel son los máximos representantes de Android, con permiso de Samsung. Es por ello que convencen a los usuarios entusiastas del sistema...
www.xatakandroid.com
July 2, 2025 at 4:00 PM
European authoritarians and their enablers in the media are misrepresenting GrapheneOS and even Pixel phones as if they're something for criminals. GrapheneOS is opposed to the mass surveillance police state these people want to impose on everyone.
www.xatakandroid.com/sociedad/cad...
www.xatakandroid.com/sociedad/cad...
Reposted by matchboxbananasynergy
We're going to be moving forward under the expectation that future Pixel devices may not meet the requirements to run GrapheneOS (grapheneos.org/faq#future-d...) and may not support using another OS. We've been in talks with a couple OEMs about making devices and what it would cost.
June 12, 2025 at 3:02 PM
We're going to be moving forward under the expectation that future Pixel devices may not meet the requirements to run GrapheneOS (grapheneos.org/faq#future-d...) and may not support using another OS. We've been in talks with a couple OEMs about making devices and what it would cost.
Reposted by matchboxbananasynergy
WebRTC is a peer-to-peer communications protocol for web sites and therefore causes numerous privacy issues through making direct connections between participants. By default our Vanadium browser disables the peer-to-peer aspect by only using server-based (proxied) connections.
June 3, 2025 at 3:58 PM
WebRTC is a peer-to-peer communications protocol for web sites and therefore causes numerous privacy issues through making direct connections between participants. By default our Vanadium browser disables the peer-to-peer aspect by only using server-based (proxied) connections.
Reposted by matchboxbananasynergy
One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. We soon learned their disappearance was completely unrelated to GrapheneOS. Our priority has been keeping them safe.
April 18, 2025 at 3:25 PM
One of our two senior developers has been forcibly detained and conscripted to participate in a war. When they first went missing, we revoked their repository access as a precaution. We soon learned their disappearance was completely unrelated to GrapheneOS. Our priority has been keeping them safe.
Reposted by matchboxbananasynergy
Our 2025040700 release was an early April 2025 security update release based on the Android Security Bulletin backports.
April 2025 monthly release of Android 15 QPR2 is in the process of being published today and we'll make a new release after the tags are all pushed to AOSP.
April 2025 monthly release of Android 15 QPR2 is in the process of being published today and we'll make a new release after the tags are all pushed to AOSP.
April 10, 2025 at 9:44 PM
Our 2025040700 release was an early April 2025 security update release based on the Android Security Bulletin backports.
April 2025 monthly release of Android 15 QPR2 is in the process of being published today and we'll make a new release after the tags are all pushed to AOSP.
April 2025 monthly release of Android 15 QPR2 is in the process of being published today and we'll make a new release after the tags are all pushed to AOSP.
Reposted by matchboxbananasynergy
Macarne has provided a sponsored server to replace our current EU update servers so we can handle current traffic and near future growth. Ryzen 9950X, 128GB RAM, 2x 2TB NVMe and most importantly 25Gbps bandwidth. It's greatly appreciated!
macarne.com
macarne.com
Macarne | IP Transit & Ethernet Solutions | Global Networking Services and Connectivity Solutions
Experience Macarne's reliable, low-latency IP Transit and Ethernet services, powered by AS64289. Enjoy seamless, scalable global connectivity with high-performance network solutions.
macarne.com
April 1, 2025 at 7:53 PM
Macarne has provided a sponsored server to replace our current EU update servers so we can handle current traffic and near future growth. Ryzen 9950X, 128GB RAM, 2x 2TB NVMe and most importantly 25Gbps bandwidth. It's greatly appreciated!
macarne.com
macarne.com
Reposted by matchboxbananasynergy
For @grapheneos.org users missing Google Pay, it would now appear that
Curve are now running Curve Pay in parallel, even in GPay enabled regions where previously unavailable.
Tap to Pay is here.
Curve are now running Curve Pay in parallel, even in GPay enabled regions where previously unavailable.
Tap to Pay is here.
March 31, 2025 at 5:04 PM
For @grapheneos.org users missing Google Pay, it would now appear that
Curve are now running Curve Pay in parallel, even in GPay enabled regions where previously unavailable.
Tap to Pay is here.
Curve are now running Curve Pay in parallel, even in GPay enabled regions where previously unavailable.
Tap to Pay is here.
Reposted by matchboxbananasynergy
For an idea of what we're looking for, see the 10Gbps options at tempest.net/dedicated-se... with 64GB memory. They're also willing to give us a significant discount, which other major providers haven't offered. Tempest is currently IPv4-only though, which isn't ideal for our usage.
Premium Dedicated Server Hosting | Tempest Hosting
Experience fast, reliable, and secure hosting with Tempest. Choose from a range of dedicated servers and game servers such as Rust, CSGO, Gmod, and more! 24/7 support available.
tempest.net
March 31, 2025 at 9:13 PM
For an idea of what we're looking for, see the 10Gbps options at tempest.net/dedicated-se... with 64GB memory. They're also willing to give us a significant discount, which other major providers haven't offered. Tempest is currently IPv4-only though, which isn't ideal for our usage.
Reposted by matchboxbananasynergy
We've made 2 attempts at talking to OVH about offering us something different than their publicly available products which hasn't gone anywhere. We likely need to move this part of our infrastructure to 1 or 2 other providers with unmetered 10Gbps dedicated servers like Tempest.
March 31, 2025 at 8:48 PM
We've made 2 attempts at talking to OVH about offering us something different than their publicly available products which hasn't gone anywhere. We likely need to move this part of our infrastructure to 1 or 2 other providers with unmetered 10Gbps dedicated servers like Tempest.
Reposted by matchboxbananasynergy
We currently have 16Gbps total bandwidth for our update servers and that's not nearly enough for major releases anymore. Rather than further scaling up our current 2Gbps unmetered VPS approach, we're currently looking into other options. OVH lacks cost effective 10Gbps servers.
March 31, 2025 at 8:29 PM
We currently have 16Gbps total bandwidth for our update servers and that's not nearly enough for major releases anymore. Rather than further scaling up our current 2Gbps unmetered VPS approach, we're currently looking into other options. OVH lacks cost effective 10Gbps servers.
Reposted by matchboxbananasynergy
Apps enforcing enforcing a Play Integrity API check have nothing to lose by permitting GrapheneOS too via hardware attestation. You'll get positive reviews from our rapidly growing userbase instead of negative. GrapheneOS is much more secure than anything Play Integrity permits.
March 30, 2025 at 10:33 PM
Apps enforcing enforcing a Play Integrity API check have nothing to lose by permitting GrapheneOS too via hardware attestation. You'll get positive reviews from our rapidly growing userbase instead of negative. GrapheneOS is much more secure than anything Play Integrity permits.
Reposted by matchboxbananasynergy
See github.com/PrivSec-dev/... for details. They responded on the issue.
This is one of several apps which has recently stopped banning GrapheneOS due to the guide we provide on using hardware-based attestation as an alternative or full replacement for the Play Integrity API.
This is one of several apps which has recently stopped banning GrapheneOS due to the guide we provide on using hardware-based attestation as an alternative or full replacement for the Play Integrity API.
Yuh - Your App. Your Money. · Issue #509 · PrivSec-dev/banking-apps-compat-report
Is there an existing issue for this? I have searched the existing issues App name Yuh - Your App. Your Money. Link to app https://play.google.com/store/apps/details?id=com.yuh&hl App version 1.30.1...
github.com
March 30, 2025 at 10:27 PM
See github.com/PrivSec-dev/... for details. They responded on the issue.
This is one of several apps which has recently stopped banning GrapheneOS due to the guide we provide on using hardware-based attestation as an alternative or full replacement for the Play Integrity API.
This is one of several apps which has recently stopped banning GrapheneOS due to the guide we provide on using hardware-based attestation as an alternative or full replacement for the Play Integrity API.
Reposted by matchboxbananasynergy
Yuh app from Swissquote temporarily disabled Play Integrity API enforcement due to complaints from GrapheneOS users and is reimplementing their security checks with support for GrapheneOS based on grapheneos.org/articles/att.... We removed it from the list of apps banning GrapheneOS.
GrapheneOS attestation compatibility guide
Guide on using remote attestation in a way that's compatible with GrapheneOS.
grapheneos.org
March 30, 2025 at 10:26 PM
Yuh app from Swissquote temporarily disabled Play Integrity API enforcement due to complaints from GrapheneOS users and is reimplementing their security checks with support for GrapheneOS based on grapheneos.org/articles/att.... We removed it from the list of apps banning GrapheneOS.
Reposted by matchboxbananasynergy
March 21, 2025 at 12:50 AM
Reposted by matchboxbananasynergy
Chromium team developed a new font rendering library (Skrifa) as part of their Fontations library written in Rust. Skrifa now provides memory safe rendering for all web fonts since Chromium 133 for Android, ChromeOS and other Linux distributions:
developer.chrome.com/blog/memory-...
developer.chrome.com/blog/memory-...
Memory safety for web fonts | Blog | Chrome for Developers
Learn how and why the Chrome team has replaced FreeType with Skrifa.
developer.chrome.com
March 19, 2025 at 10:41 PM
Chromium team developed a new font rendering library (Skrifa) as part of their Fontations library written in Rust. Skrifa now provides memory safe rendering for all web fonts since Chromium 133 for Android, ChromeOS and other Linux distributions:
developer.chrome.com/blog/memory-...
developer.chrome.com/blog/memory-...
Reposted by matchboxbananasynergy
We recently analyzed the latest Cellebrite device support matrix published in February 2025.
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.
Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.
Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...
A deep dive into Cellebrite: Android support as of February 2025
A deep dive into Cellebrite: Android support as of February 2025
osservatorionessuno.org
March 17, 2025 at 10:35 AM
We recently analyzed the latest Cellebrite device support matrix published in February 2025.
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.
Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.
Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...
Reposted by matchboxbananasynergy
GrapheneOS network location implementation is now available in the Stable channel after several rounds of fixes and improvements for it.
bsky.app/profile/grap...
We had to fix an upstream Android system_server crash bug it uncovered along with improving sandboxed Google Play.
bsky.app/profile/grap...
We had to fix an upstream Android system_server crash bug it uncovered along with improving sandboxed Google Play.
This release adds an opt-in GrapheneOS network location client providing location detection based on nearby Wi-Fi networks using a local trilateration algorithm run on the device. It fetches a list of nearby Wi-Fi networks from Apple's location service either directly or through a GrapheneOS proxy.
March 3, 2025 at 3:22 PM
GrapheneOS network location implementation is now available in the Stable channel after several rounds of fixes and improvements for it.
bsky.app/profile/grap...
We had to fix an upstream Android system_server crash bug it uncovered along with improving sandboxed Google Play.
bsky.app/profile/grap...
We had to fix an upstream Android system_server crash bug it uncovered along with improving sandboxed Google Play.
Reposted by matchboxbananasynergy
Accrescent 0.25.0 is out with Android 15 app archiving support, Private Space support, and settings UI improvements!
We also forgot to announce that since 0.24.0, Accrescent supports in-app predictive back!
Check out the release notes below 👇
github.com/accrescent/a...
We also forgot to announce that since 0.24.0, Accrescent supports in-app predictive back!
Check out the release notes below 👇
github.com/accrescent/a...
Release 0.25.0 · accrescent/accrescent
This release adds initial app archiving support on Android 15, makes Accrescent show up as an installer in Private Space, and improves the settings UI! We also forgot to mention that since 0.24.0, ...
github.com
October 21, 2024 at 9:20 AM
Accrescent 0.25.0 is out with Android 15 app archiving support, Private Space support, and settings UI improvements!
We also forgot to announce that since 0.24.0, Accrescent supports in-app predictive back!
Check out the release notes below 👇
github.com/accrescent/a...
We also forgot to announce that since 0.24.0, Accrescent supports in-app predictive back!
Check out the release notes below 👇
github.com/accrescent/a...