• Development
  • What features will be missing in GOS' Android 15 version?

ryrona

I talked about security. Headphone jacks work waaay better than a dongle, trust me, do an A/B comparison.

It works better, is faster and most importantly it just does audio I/O and like 3 commands for the buttons.

The GrapheneOS USB port settings can set it to "charging only" which is a big security advantage against unknown attacks.

    17 days later

    missing-root No, they didn't degrade security by moving back to fingerprint unlock for the Pixel 4a and later. Pixel 4 and Pixel 4 XL are the only Pixel devices with no fingerprint unlock. Every Nexus/Pixel since the Nexus 5X and Nexus 6P has had fingerprint unlock other than those two phones. It was not well received due to being significantly more expensive with few benefits. They also added to the cost by including Soli radar alongside the dual IR cameras, dot projector and flood illuminator. They dropped all of this for the Pixel 4a and later, and have never included any of it again. That's how badly received it was with the 4th gen flagships. Every device since then has fingerprint unlock. Pixel 6 and later moved to under screen, other than the 7th gen Fold and Tablet which used the power button and the 9 Pro Fold which does the same.

    Face unlock is only included as a secondary frill alongside fingerprint unlock for the Pixel 7 and later. It was quite bad on the Pixel 7 and couldn't even qualify as a strong biometric unlock option despite the low bar for that so not all apps would work after using it to unlock without further authentication. Pixel 8 and later fixed that, but it's still not up to our standards. We prefer fingerprint unlock over even the 4th gen flagship face unlock, but GrapheneOS did support face unlock for the flagship 4th generation Pixels. We have nothing against supporting it when it's properly secured.

      missing-root The audio input and output for the analog audio jack was always very low quality due to never having a high end DAC. There's still wired headphone support via USB-C. Even the basic Apple and Google USB-C DAC provide far high quality audio.

      USB-C headphones are fully compatible with our USB-C port control feature with the default Charging-only while locked node. It allows the existing connection to continue while locked but disables new USB connections immediately and then fully disables USB when the headphones are disconnected. It does reduce security compared to not using it through keeping USB data partially active after locking while it's in use, but only while in use and data is fully disabled immediately as soon as it's unplugged. New connections are also blocked immediately after locking including at a hardware level, not just a software level. The USB-C controller in Pixels supports blocking the new connections at a hardware level while keeping existing connections working and has disabling data completely as a separate thing we can do once the existing connections end. It also has the option to fully disable it for even charging, which is quite useful since USB-PD isn't simple.

      Analog audio jacks going away is simply something you're going to have to accept as part of devices becoming more modern in the same way that laptops rarely have an Ethernet port anymore despite that being more secure than exposing Wi-Fi attack surface. Phones also don't have Ethernet ports but you can still use Ethernet if you really want to via USB-C in the same way you can still use wired headphones. Dedicated charging ports on laptops are also going away and being replaced by USB-C charging. USB-C technically supports up to 240W power being supplied... Dedicated display outputs are also being replaced with USB-C via DisplayPort alternate mode. This is simply how things are going. Eventually there will probably be no ports on devices... By then, hopefully all the firmware and driver code is in a memory safe language combined with far better exploit mitigations and fuzzing, etc.

        ignition VPNs are per-profile and it's no different with Private Space. Private Space is essentially a replacement for managing a work profile with a local device management app. It can be used alongside it and has better integration for local usage.

        NightSky
        Bars are nonsense, look up the real signal strength is settings > about phone > SIM status slot n

        Disregard if you were looking for bars for WiFi only. I’m not too clear on which signal strength you want bars for, WiFi or cellular.

        GrapheneOS Every device since then has fingerprint unlock

        On an unrelated and more nostalgic note, I was (am) a big fan of the Pixel 2 fingerprint implementation. It also added the nice feature of the swiping-down gesture. Also, at the end of its lifetime I was able to pull it out of my pocket already unlocked. Felt pretty dope.

        If the GrapheneOS phone is ever going to be made pretty please consider this ;)

          Sirut OTA as normal. You will receive a normal System Update Notification and can get your beautiful hands on a shiny GOS with Android 15.

          GrapheneOS

          I do not doubt that the OS has all the needed audio capabilities.

          But:

          • I never heard distortion with the builtin DAC of a 4a
          • plug-and-play just works soo much better, on Laptops and phones, than with a usb-c data dongle
          • I need to keep data enabled, which I would otherwise block entirely
          • For security reasons that means I need to unlock my phone, then plug the dongle in
          • the Google Pixel DAC is unavailable in any german electronics store and afaik also in the online store. Which is hillarious
          • the apple DAC works fine, but reduces the max volume on non-Apple devices, "for safety". This is a problem with bigger headphones
          • I use the usb-c port way more, especially when travelling, meaning way more wear and potential need to replace, which is costy when not doing it yourself, and takes long shipping times when doing yourself

          There simply is no reason, if you dont need very HQ audio (again which I never heard a difference even with very nice headphones) to remove a simple, unhackable analog AUX port and replace it with an overcomplicated USB-C port.

          You can't change the Pixel hardware and that is okay. I donate to your project and comment under videos like Techlores how absurd their "GrapheneOS ignorance" is.

          But Google went a few stupid directions with their phones (aux removal, glass back, too large, worse fprint sensor), which is not anything you need to defend.

            Phead

            I agree a lot, the 5a was the last one with that. It didnt require pressing the power button (or keeping touch always enabled), worked way faster had less false negatives, thus allowed to register more fingers in practice.

            @GrapheneOS do you know if the newer sensors since the 6 had any security benefit, i.e. less false positives? I think to have heard that the new sensors in the 9 (?) have security benefits

            Has there been an announcement on when GOS with Android 15 will release?
            Private space could potentially remove my need for profiles :)

            Thanks

              epileptic055 Has there been an announcement on when GOS with Android 15 will release?

              GrapheneOS based on Android 15 will be released shortly after Android 15 has been officially released to Google Pixel phones. The porting work is already done, but the GrapheneOS team has said they won't make a release based on a beta.

              The last rumors I heard was that Google will release it for Pixels on 15th October. But I do not know if this has been confirmed officially.

                GrapheneOS

                I forgot about face unlock, I only mean fingerprint. It is way faster on my 4a than on my 6a, where I need to register every finger twice, and also had occasions where after some time I needed to re-register (which for whatever reason requires all apps like KeepassDX to re-setup).

                I was only asking if the switch from back to under-screen had any security benefit, i.e. less false positives. As UX wise it was just such a degradation, really sad.

                TrustExecutor Do you mean it will be possible to run sandboxed Play inside a private space, confined along with apps that need Play services, as a more convenient option than different profiles for users with lower threat models?

                Could someone confirm this is the case? @GrapheneOS?

                This would be an excellent thing. It would make the proposed app communication/visibility scopes for non-system components feature a bit less pressing. I've been hoping for it to become a high-priority feature since always!

                Will notification cooldown make it to GOS? Either with stable release or QPR1 later on?

                ryrona using a regular headphone jack would have meant less or no DRM protection for the music u listen to. Music is more easily copied when it's analog already.. that's my guess

                  nullable Nah, the USB-C DAC is just a converter to an analog headphone jack, so that should be no different from the DAC being built into the device. And copying DRM protected music does not exactly sound very legal.

                    ryrona we got too used to being told we don't own the $hit we bought. DRMing CDs and DVDs was the start. Then we let big tech get away with fraud. Consumers, lawmakers, the FTC, the police, etc think it's OK that you click "buy" on a kindle ebook you're actually renting. And that's how we ended up owning nothing and some of us actually being happy about it.