• Development
  • What features will be missing in GOS' Android 15 version?

GrapheneOS Awesome! Do you mean it will be possible to run sandboxed Play inside a private space, confined along with apps that need Play services, as a more convenient option than different profiles for users with lower threat models? Will there be a possibility to run a separate userspace VPN? Is it possible to have more than one private space?

    GrapheneOS Will I be able to set a separate VPN in the private space just like a normal profile? I read from the official documentation that the Private Space bypasses any VPN that is set on the Owner profile.

      I really would like to see secure face unlock, a convenience feature introduced already with P8. Unfortunately it hasn't found its way to GrapheneOS although there were some vague promises to look into. The Hardware to make it secure is there, but the software is missing on GOS. Later on this year it was stated that secure face unlock is interfering with 2FA unlock implementation although these are totally different topics. I don't want to be to negative, I like GOS, but this was a very disappointing decision by GOS Team since my wife uses this feature on her P8 with stock Android and loves this feature. She always is laughing that I am not able to use it.

      Probably, secure face unlock isn't open source and must invented and written completely new and probably that's timewise and technically (know how) not possible, an I right?

        androidin Later on this year it was stated that secure face unlock is interfering with 2FA unlock implementation although these are totally different topics.

        The issue isn't about whether face-unlock hardware and fingerprint-unlock hardware are the same (they're not), or whether a user's face is the same as a user's finger (they're not). The issue is whether or not the code for face unlock and the code for PIN/passphrase unlock and the code for fingerprint unlock are interrelated, and my understanding is that the Android unlock code in general is a complicated interwoven carnival.

        androidin Probably, secure face unlock isn't open source and must invented and written completely new and probably that's timewise and technically (know how) not possible, an I right?

        I think the things that would be necessary are something like:

        • high-resolution IR face camera (clearly some Pixel devices have this)
        • face-recognition software core (online I read that this is closed-source and proprietary, though in theory an open-source alternative could be found or written)
        • integrating face-recognition software with the IR face camera ("a simple matter of programming")
        • sufficient testing (presumably including twins!) to believe it's reasonably secure

        I suspect if this were easy then some Android variants would already be doing it, especially ones with large user communities. Is this feature available on LineageOS, DivestOS, crDroid, etc.? If it's available on all of them except GrapheneOS, maybe it's easy-ish? If it's available on none of them maybe it isn't easy.

          de0u I think the things that would be necessary are something like:

          de0u

          • high-resolution IR face camera (clearly some Pixel devices have this)
          • face-recognition software core (online I read that this is closed-source and proprietary, though in theory an open-source alternative could be found or written)
          • integrating face-recognition software with the IR face camera ("a simple matter of programming")
          • sufficient testing (presumably including twins!) to believe it's reasonably secure

          well pixel has the hardware & i know some twins so in a certain sense we're already halfway there

          DeletedUser88 Will I be able to set a separate VPN in the private space just like a normal profile?

          On the stock PixelOS, the latest Android 15 Beta, the Settings app in Owner has a nice UI for switching between settings for the Owner profile and the Private Space profile. When you go to Settings > Network & internet > VPN, the VPN apps are marked with icons to differentiate between the VPN slots for Owner and Private Space profiles. I expect this to be the case for AOSP as well.

          I think that Private Space is very nicely done – UI-wise it's easy to quickly differentiate between apps, settings and notifications in Owner and Private Space. You can run two instances of the same app side-by-side and quickly note which one you're currently using by activating the app switcher. I took some screenshots to better explain this but I think seeing it for yourself when GrapheneOS based on AOSP15 is released will explain it better.

          Please note that I have only tested this on PixelOS.

            de0u

            high-resolution IR face camera (clearly some Pixel devices have this)

            Only the Pixel 4 and Pixel 4 XL had IR face scanning. They had dual IR scanners for 3D scanning, a dot projector and a flood illuminator. Face unlock on the recent Pixel generations is a software feature entirely based on the front camera. The front camera is far more primitive than the rear cameras and didn't even support autofocus until the Pixel 8 Pro and all models of the 9th generation Pixels, but it's a more primitive kind of autofocus. They use phase detection autofocus rather than dual pixel autofocus which is more primitive and doesn't provide as much data for face scanning. We could add support for it if we really wanted but it's not really a good implementation of face unlock and we're not fans of it. 9th gen Pixels moved to nicer ultrasonic fingerprint scanners.

              GrapheneOS Oh, I didn't realize that the stock OS's face unlock on the Pixel 8 and Pixel 9 was using a regular visual camera. Thanks for clarifying that. I can imagine that might dampen the project's enthusiasm.

              Dumdum Ah, little bit disappointing but it serves as a nice feature to confine sandboxed Play along with the apps requiring it into a Private Space. We will see how the UI looks and if there is possibility to share files and images in a Storage Scopes setting spanning both the Owner and Private Space.

              fid02 Thanks for your response. I was curious about clipboard functionality as well. Can I copy and paste text from the private space to my main profile and vice versa?

                GrapheneOS We already added Private Space integration

                Will GOS' implementation allow nesting VPNs such that if I have a VPN active in my owner profile and a simultaneously active but different VPN in the private space, the 'entry or real user IP' the private space VPN sees or reports is that of the owner profile's VPN? In this case, if only the owner profile has an active VPN, the IP of the space as visible to its apps and reported while browsing any IP testing site would be that of the owner's profile VPN.

                  missing-root They also removed the headphone jack, which I guess is the biggest security issue

                  The USB-C port works just fine as a headphone jack, I am using it all the time. You just need USB-C earplugs or an adapter from USB-C to analog headphone jack. I cannot see how USB-C would be less secure than a regular analog headphone jack. But I totally understand not wanting to use Bluetooth.