Hacker News new | ask | show | jobs
by lordofgibbons 111 days ago
Given that Google has said they'll be delaying source code release for Android to every X months intervals (iirc), how is GrapheneOS planning to handle security updates? Will they just be Google's binary blobs?
3 comments
zeech 111 days ago
Graphene already uses binary blobs (though one can disable them if they want). Info at [0].

[0] https://discuss.grapheneos.org/d/27068-grapheneos-security-p...

link
khimaros 111 days ago
this isn't quite right. the blobs are produced by GrapheneOS and are reproducible once the source code embargo lifts.
link
zeech 111 days ago
Whoops, nice catch - comment edited.
link
izacus 111 days ago
Motorola is a partner that has access to Android source sooner.
link
Aachen 111 days ago
Isn't that about feature releases? My understanding was that security patches are separate from this

edit: looked up the announcement https://www.androidauthority.com/google-android-development-... but it doesn't even mention the word security. I don't know enough about the manufacturer side of things to say whether this means there's also no security updates while they work on new features

link