GrapheneOS, an open source privacy and security focused mobile OS comes with Android app compatibility. The GrapheneOS releases are supported by the Auditor app as well as attestation service for hardware-based attestation. The GrapheneOS research and engineering project has been in progress for over 5 years. In March, the AndroidHardening project got renamed to GrapheneOS. Two days ago, GrapheneOS released a new website grapheneos.org with additional documentation, tutorials and coverage of topics related to software, firmware and hardware as well as privacy/security features expected in the future. The team has also released a new version PQ3A.190605.003.2019.06.03.18 with device support, Auditor app and Hardened malloc among other fixes.
Changes in GrapheneOS project
Auditor: update to version 12
The Auditor app has an added support for verifying CalyxOS on the Pixel 2, Pixel 2 XL, Pixel 3 and Pixel 3 XL and even verified boot hash display has been added. Auditor uses hardware security features on supported devices for validating the integrity of the operating system from another Android device. The Auditor app will now also verify that the device is running the stock operating system with the bootloader locked and further will check that no tampering has occurred with the operating system.
The list of supported devices for the auditor app include BlackBerry Key2, BQ Aquaris X2 Pro, Google Pixel, 2, Google Pixel 2 XL, Google Pixel 3, Google Pixel 3 XL, Google Pixel 3a, Google Pixel 3a XL, Huawei Honor 7A Pro, Huawei Honor 10, and more. Full list here.
Auditor is now available under the MIT license thanks to everyone who donated to support GrapheneOS and the attestation projects:https://t.co/twVVoy7GnG
It's also bundled into GrapheneOS as one of the base system apps in the latest release, which provides some nice advantages.
— GrapheneOS (@GrapheneOS) May 8, 2019
Hardened malloc is a security-focused general purpose memory allocator that provides the malloc API along with various extensions. This security-focused design leads to lesser metadata overhead and memory waste from fragmentation than a traditional allocator design.
The attestation sub-projects already have their own dedicated site at https://t.co/zM2RKempC2 with some documentation and the web interface to the optional device monitoring service. Since the hardened malloc is a standalone project, documentation is at https://t.co/XL7MgG6GqT.
— GrapheneOS (@GrapheneOS) April 3, 2019
It also offers substantial hardening against heap corruption vulnerabilities and aims to provide a decent overall performance focused on long-term performance and memory usage.
Hardened malloc currently supports Bionic (Android), musl and glibc and it may also support other non- Linux operating systems in the future. There’s custom integration along with other hardening features for which has also been planned for musl in the future. The hardened_malloc for GrapheneOS only is further expanded to workaround for Pixel 3 and Pixel 3 XL camera issues.
GrapheneOS now needs to move towards a microkernel-based model with a Linux compatibility layer and it needs to adopt virtualization-based isolation. According to the team, the project will have to move into the hardware space in the long term.
Restoration of past features
Restoration of past features since the 2019.05.18.20 release include:
- Exec spawning while using debugging options has been disabled.
- Exec spawning has been enabled by default.
- Verizon visual voicemail support has been enabled.
- Toggle for disabling newly added USB devices has been added to Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL
- Properties for controlling deny_new_usb has been added
- Implementation of dynamic deny_new_usb toggle mode
- deny_new_usb feature is set to dynamic by default
Many are happy with this latest update. A user commented on HackerNews, “They’re making good progress and I can’t wait to be able to update my handheld device with mainline pieces for as long as anyone who still uses one cares to update it. Currently my Samsung Android device is at Dec 2018 patchlevel and nothing I can do about it.”
Few others are skeptical about this news, another user commented, “There is security, and then there is freedom. You can have the most secure system in the world — but if there are state sponsored, or company back doors it means nothing.”
To know more about this news, check out the official website.