Why does Graphene update so often?

zzz

My phone does not get hot at all while optimizing.
Perhaps it depends on how many apps one has, and how bloated those apps are.

I've never ever noticed mine being warm, with <90 apps (including stock apps) that are mostly lightweight and FOSS (minimal megacorp bloat) on a P7.

AlphaElwedritsch

missing-root . I am on Beta, only Alpha updates every day.

Under normal circumstances, the betas and stable come at the same frequency as the alphas, but with a time delay.
As they are the same updates and go through the release channels

other8026

missing-root only Alpha updates every day.

Not sure if I'm following you here. The alpha channel doesn't get updates every day.

Maybe you mean that only the alpha channel may get multiple updates in a day or once a day for brief periods when the developers are busy updating and testing new OS releases, especially bigger updates? If that's what you meant, yes, that does sometimes happen. Anyone who has their phones set to the alpha and (sometimes) the beta channel, may get way more updates if there's a new release and an issue is found during testing and the release is cancelled and the issue fixed.

missing-root The optimization of apps after the update is (afaik) because Android apps use Java (not sure if exclusively, afaik there are rust apps) which is an interpreted language. That interpretation takes time and resources, so the apps are precompiled for your device which makes stuff smoother.

Here's a quote from the website about this:

Android Runtime Just-In-Time (JIT) compilation/profiling is fully disabled and replaced with full ahead-of-time (AOT) compilation. The only JIT compilation in the base OS is the V8 JavaScript JIT which is disabled by default for the Vanadium browser with per-site exception support.

It's not to make apps run faster, it's to make GrapheneOS more secure.

missing-root The playstore does this too when installing apps, but only for code pages that are used very often, afaik.

I'm not sure this is correct? GrapheneOS still "optimizes" apps when they're installed too, I don't know of Google Play doing anything like this.

missing-root

other8026

Yes probably alpha updates were only daily on the 15 testing.

Thanks for the AOT quote, yes this makes sense.

JIT takes more resources though, so the playstore precompiles parts of apps to make them faster but also keep installs fast.

Really cool that GrapheneOS simply replaces this entirely.

angela

ieure

im not a hacker, but let's say I were and wanted to compromise you

this is how i would do it:

1) social engineer you to open something to corrupt your system

2) look for either a 0day exploit (an unpublished software or os or firmware vulnerability) or unpatched vulnerability to hack you

0day exploits are hard to find and cost money. governments hoard these when they can find them so their teams can hack people. most hackers don't have those or use them on high value targets

unpatched vulnerabilites are easier

you hack the published vulnerabilities that the developers openly say are dangerous and could lead to hacking and hack the person to too lazy to update their system

patching vulnerabilities constantly and quickly makes #3 harder

which means regular non-government hackers will have a harder time hacking you

most hacking is done the first way these days it but 3 tends to be used for high value targets

this is a lot of extra work for the developers to be always patching so fast btw

de0u

Viewpoint0232 Stupid question but if you enable "automatic reboot", will the alarm still go off in the morning?

You may wish to test. I believe you may need to set the alarm in the owner profile and use one of the built-in alarm sounds instead of a custom sound.

DeletedUser370

de0u use one of the built-in alarm sounds instead of a custom sound.

With the GrapheneOS Clock app, when I set a custom sound for an alarm, and the alarm is activated in BFU, the alarm just plays one of the default alarm sounds instead. At least it did when I tested it just now! :)

r134a

@Viewpoint0232 Good question!

@de0u @DeletedUser370 Thanks for the proposal and testing.

GrapheneOS

ieure It's not clear why you have a problem with frequent updates. You don't have to reboot the device right after installing it and you can do it when you're done using the phone for the day or another time you don't need to use it for a couple minutes.

You can see exactly why we ship updates from reading our release notes. Each of the releases is important and we wouldn't make them otherwise. If you want to know why they're being made you should read the release notes, which are available in the Info app within the OS or here:

https://grapheneos.org/releases#changelog

We tend to make around 4 releases in a month. It's mandatory to have at least 2 or 3 to cover an initial release at the start of the month with the monthly/quarterly/yearly Android update and one at the end of the month with our changes. We ship the Android Security Bulletin patches prior to the monthly/quarterly/yearly release if the AOSP/Pixel OS release is delayed. Android releases are not the only security patches we need to ship. There are also kernel updates we ship far earlier than Android does, among others. We also want to ship important security patches we make ourselves quickly.

The port to Android 15 had 7 releases which didn't make it to the Stable channel since it was very time sensitive but needed to be well tested with regressions fixed. It's unusual for a release to not make it to the Stable channel other than quarterly and especially yearly Android releases. You can't count the ones not making it to Stable if you're using Stable.

When important issues are fixed, we ship a release. When there are security updates to ship, we ship a release. This is indeed not CalyxOS, which a highly insecure OS where it's the norm for them to lag behind privacy/security patches by months as they're in the process of doing right now. They downplay the importance of security patches and mislead their users about what's shipped including false statements about what's patched in their release notes and an inaccurate patch level in the OS. You were using an insecure OS without realizing it. You would have been far better off using an iPhone instead of falling for that. CalyxOS also doesn't do any significant privacy or security research, so it's not as if they're finding and fixing issues themselves in practice with the need to make releases for those. You're comparing a hardened OS which providing a high level of privacy and security to an OS that's only pretending to be doing that and doesn't do the basics required including giving people proper privacy/security updates or doing real work on improving privacy and security at a fundamental level.

GrapheneOS

Stephan-P

Release 20241031 was the first release of the major upgrade from Android 14 to Android 15

No, that was 2024101600. 2024102100 was the first Android 15 release to reach Stable, the previous 7 releases only reached Alpha/Beta (only Alpha for the first one or two).

Only a few days later 20241104 comes along and the user base is presented with the first update fixing a couple of inhibiting bugs in AOSP plus some more.

2024110400 was the Android Security Bulletin release for November. The latest 2024110700 release is the monthly Android update for November. The normal reason we would have released 2024110400 is because the monthly Android update was delayed and we wanted to ship the baseline patches to our users faster. However, we also had a bunch of very important SMS and MMS patches fixing the functionality in secondary profiles to ship. We highly prioritize fixing regressions and Android 15 regressed support for SMS and MMS in secondary profiles upstream. Stock OS users hardly use secondary profiles so it wasn't noticed much or prioritized by Android. We also fixed all the previously existing issues with SMS and MMS in secondary profiles since it was a bit broken before 15, but it got a lot worse in 15.

ieure

To articulate some specific things I think could be improved:

I'm never prompted whether to download an update, only to install a previously-downloaded one. There doesn't appear to be a setting to control whether updates are downloaded or not.
The updater seems to stop checking for / preparing updates once it has one ready, so if I wait a few days after getting prompted for an update, then install it, I have to update again right away.
I can't directly control the frequency of update checks. Setting it to check when charging doesn't help, because I charge my phone every night, so it delays the prompt by at most a few hours. And delaying the install of any update only increases the chances that you'll have to update again right after installing one.
There's no mechanism within the update system to tell me what the changes are, so I don't know if it's something important or not.
"Automatic reboot" will terminate any apps I have open, including stuff like my VPN client, ntfy to get push notifications, etc.

These are all problems no matter what the update frequency is, but the large number of stable updates makes them all much worse.

I appreciate that there are updates, but can't the less important stuff get batched together and released on a slower cadence? I fundamentally believe that stable software doesn't need to be updated this often. A channel that constantly changes phone behavior through twice a week updates does not feel stable.

Dumdum

ieure There's no mechanism within the update system to tell me what the changes are, so I don't know if it's something important or not.

You can look at the Info app.

zzz

ieure I'm never prompted whether to download an update, only to install a previously-downloaded one. There doesn't appear to be a setting to control whether updates are downloaded or not.

You might have missed my earlier post - there is some control over update downloads in the settings: zzz

There's no mechanism within the update system to tell me what the changes are, so I don't know if it's something important or not.

Check out the default Info app, all update info is there. Also on here on the forum. Also on the GOS website, Mastodon, Bluesky, etc. Its quite easy to find this info.

« Previous Page