GrapheneOS doesn’t ship its own dialer and messaging apps. They’re just AOSP apps that are basically in maintenance mode.
1 Like
Correct me if I am wrong, but doesn’t GrapheneOS apply some hardening patches to all the base apps? Such as the Camera app removing metadata by default.
Camera, Apps, PDF Viewer, and Vanadium are developed by GrapheneOS. The rest are just AOSP applications that are compiled in a more secure way.
1 Like
Recent news coverage:
1 Like
It’s vindicating to see GOS finally changing their approach from expecting app developers to support their OS to focusing on the play integrity API itself.
1 Like
Twitter thread
https://xcancel.com/shawnwillden/status/1817928681618305278#m
Actually nice to see Google isn’t closed to the idea, just low priority and cautious from a legal peespective.
Don’t forget the worst part of this issue, there is technically a way to bypass this “security” feature, that is by lowering your security even more
Haha don’t be silly. I literally warned of this impending issue (play integrity apocalypse) months ago on the GOS forum and Daniel personally banned me and purged any of my posts that even slightly pointed out limitations of GOS. IMO they deserve this. They could have taken action ages ago but now more and more apps are using the play integrity api
My authy install just got randomly deleted with no warning. Fuck google
2 Likes
Well, this has been an ongoing problem for custom ROMs since long before GrapheneOS was even around.
True but the old verification scheme was easily bypassed where as integrity api is hardware backed and cannot be bypassed without a security chip exploit
Heh, me too, kind of. I made a thread warning of Play Integrity becoming mandatory as Safetynet gets deprecated and I ended up getting a 3 day ban from one of their forum mods.
Yeah another user made a post about this issue a few days ago and the thread has been subsequently purged…
https://discuss.grapheneos.org/d/14710-coinbase-not-showing-in-play-store
What did they talk about in that thread?
I find this very funny - my banking app doesn’t use SafetyNet and works, but something like the McDonalds app will block CalyxOS lol.
There was a brief moment where Uber was redirecting me to a lite UI and saying “We’re having trouble with your device”, but that has since been fixed. Hoping that Uber doesn’t migrate to Play Integrity.
See Google Cache and WebCache Archive
https://xcancel.com/GrapheneOS/status/1825904540752994401#m
Google is entirely capable of permitting GrapheneOS to pass both device and strong integrity by using the hardware attestation API. We fully intend to force them to do this via a lawsuit or regulatory action.
This is going to be interesting.
2 Likes
Honestly hope that they actually do this. It will be expensive to fight google but they are fully in the right. There is really no reason to not allow other OSes to be verified. Google knows.
8 Likes
Any updates ? Does someone has more information ?
I read the answer from the EU and they were not very forward they just said they would take the complain into account when investigating but where is the investigation at ?
EU enforcment body lacks ressources, so don’t expect anything anytime soon