My question is: could you run down the requirements GrapheneOS has for hardware on which they will make the OS available.
Frequently Asked Questions | GrapheneOS provides a nice non-exhaustive summary. I know you have already mentioned knowing this, but it may be nice for it to be summarised in written form as well with a little bit of extra context:
- Support for using alternate operating systems including full hardware security functionality
This is requirement #1 for good reason. Fewer and fewer devices across the Android OEM landscape support this nowadays. The best way to find out tends to be through custom operating system projects that have tested and released their OS on those devices for example Install CalyxOS , https://web.archive.org/web/20250117034458/https://divestos.org/pages/devices & Supported devices · Issue #299 · chenxiaolong/avbroot · GitHub . Essentially if you piece it together only Google have consistently supported and documented support for this. Newer Fairphone, Nothing, Motorola and Sony devices seem to generally also have support.
- Complete monthly Android Security Bulletin patches without any regular delays longer than a week for device support code (firmware, drivers and HALs)
Ha…
In all seriousness, I suspect this has improved a lot since 2017-ish when Android had an atrocious reputation for this. From a quick browse it seems:
- Fairphone 6 and some Motorola Razr models may still be on Android 15 and non-current security patch levels (not October 5).
- Sony upgraded the Xperia 1 VII to Android 16 recently and on the September SPL.
- Nothing is on Android 15 and on the September SPL.
So 1/4 on Android 16, and 0/4 on the latest Android SPL. Seems about right.
- At least 5 years of updates from launch for device support code with phones (Pixels now have 7) and 7 years with tablets
- Motorola 3 years of OS upgrades, 4 years of security updates (5/5 depending on model)
- Sony 4 OS upgrades, 6 years of security updates https://www.sony.eu/presscentre/sony-introduces-its-latest-flagship-smartphone-xperia-1-vii
- Nothing 5 OS upgrades, 7 years of security updates (only for Nothing 3 flagship)
- Hardware memory tagging (ARM MTE or equivalent)
I think this was supported in Exynos and Mediatek SoCs around the time Tensor G3 released in the Pixel 8. It should be available as an option for any processor packages using reference Arm cores. Qualcomm use their own custom cores in their Snapdragon SoCs which is partially why MTE support wasn’t accelerated/requested by Google. Until now…
- StrongBox keystore provided by secure element
- Hardware key attestation support for the StrongBox keystore
- Attest key support for hardware key attestation to provide pinning support
- Weaver disk encryption key derivation throttling provided by secure element
- Insider attack resistance for updates to the secure element (Owner user authentication > required before updates are accepted)
I think the main sticking point here is the Weaver feature support for the secure element. This is how Pixel (Titan M) and Samsung (eSE/Knox) enforce throttling/rate-limiting on attempts to guess the encryption PIN for their devices, which is a major reason why GrapheneOS are comfortable recommending people can use 6-digit access PINs for their Pixels.