GrapheneOS accessed Android security patches but not allowed to publish sources

Posted by uneven9434 9/11/2025

GrapheneOS accessed Android security patches but not allowed to publish sources(grapheneos.social)

337 points | 84 commentspage 2

dcow 9/11/2025|

The only responsible disclosure is full disclosure.

t1234s 9/11/2025||

I currently use LineageOS on my pixel. Is it worth trying GraphineOS?

Freak_NL 9/11/2025||

On a Pixel from 6 upwards? Absolutely. GrapheneOS is what Android should be in terms of privacy and security. Its major drawback is only being available on Pixels, but if that is what you have…

I bought my Pixel 6 specifically to run GrapheneOS, and I really hope I can repeat that for my next device.

skeaker 9/11/2025||

It's a crying shame that there isn't a Graphene compatible phone that also has a micro SD slot and headphone jack. The perfect phone just doesn't exist in our timeline

lawn 9/11/2025|||

GrapheneOS is by far the better OS security and privacy wise.

It should be the default choice for everyone IMO, as long as they have a phone that supports it.

See this comparison: https://eylenburg.github.io/android_comparison.htm

palata 9/11/2025|||

My rule is: if you can run GrapheneOS, you should run GrapheneOS.

My second rule is: if you are buying a new phone and can afford one that supports GrapheneOS (at the moment it means a Pixel), then you should go for that.

jcul 9/12/2025||

I haven't used LineageOS for a long time, but I remember it being really good. And I used cyanogenmod which IIRC was it's predecessor.

GraapheneOS is a different ball game IMO, especially if you need to use Google play services etc, banking apps etc. I'm not sure what the current state of microg is or Google services on lineage.

I bought a second hand pixel 6, just for Graphene and when that died I bought another pixel.

g-b-r 9/11/2025||

If the smart plan of having others reverse-engineer the fixes won't work, I imagine they'll turn into a delayed-source product.

To my recollection, they always maintained that being open-source doesn't matter for security, after all

g-b-r 9/11/2025|

(I strongly disagree)

zxv 9/13/2025||

> Companies like NSO can easily obtain access. It's not a safe system.

If NSO group develops exploits, why would they have early access?

cyberkendra 9/11/2025||

[dead]

llyou_m1233 9/12/2025||

llyou_m1233

Velocifyer 9/11/2025||

Don't trust these guys.

ibeff 9/11/2025|

That's not helpful without context and substance.

mcflubbins 9/11/2025|

"They can easily get it from OEMs or even make an OEM."[0]

I agree with their points in the thread, but could Graphene "become" an OEM to get access to the security patches sooner? Just curious.

[0] https://grapheneos.social/@GrapheneOS/115164297480036952

evgpbfhnr 9/11/2025||

They have access to the patches.

They just can't make an official release with it, because they can't publish the patch sources (embargoed) and their releases being open-source must match what they published...

mcflubbins 9/16/2025|||

What if that OEM stops giving them patches?

Also, if they're asking an OEM to release the patches, why can't they become an OEM to do that?

qingcharles 9/11/2025||

They have an OEM partner right now who funnels them the updates, which is how they get access to them.

acqbu 9/11/2025||

Is it Framework?

hollerith 9/11/2025||

Why would Framework have access to Android patches?

acqbu 9/12/2025||

You're absolutely right

Motorola/Lenovo then?

Andromxda 9/21/2025||

Yeah