move related topics together in the FAQ
This commit is contained in:
Daniel Micay
parent
c77f20e27f
commit
baffdc4ec8
136
static/faq.html
136
static/faq.html
@ -113,12 +113,12 @@
|
||||
<li><a href="#features">What features does GrapheneOS implement?</a></li>
|
||||
<li><a href="#anti-theft">Does GrapheneOS provide Factory Reset Protection?</a></li>
|
||||
<li><a href="#bundled-apps">Why aren't my favorite apps bundled with GrapheneOS?</a></li>
|
||||
<li><a href="#copyright-and-licensing">Who owns the GrapheneOS code and how is it licensed?</a></li>
|
||||
<li><a href="#trademark">What about the GrapheneOS name and logo?</a></li>
|
||||
<li><a href="#roadmap">What is the roadmap for GrapheneOS?</a></li>
|
||||
<li><a href="#company">Will GrapheneOS create a company?</a></li>
|
||||
<li><a href="#install">How do I install GrapheneOS?</a></li>
|
||||
<li><a href="#build">How do I build GrapheneOS?</a></li>
|
||||
<li><a href="#company">Will GrapheneOS create a company?</a></li>
|
||||
<li><a href="#copyright-and-licensing">Who owns the GrapheneOS code and how is it licensed?</a></li>
|
||||
<li><a href="#trademark">What about the GrapheneOS name and logo?</a></li>
|
||||
</ul>
|
||||
</nav>
|
||||
|
||||
@ -1037,6 +1037,71 @@
|
||||
down devices.</p>
|
||||
</article>
|
||||
|
||||
<article id="roadmap">
|
||||
<h2><a href="#roadmap">What is the roadmap for GrapheneOS?</a></h2>
|
||||
|
||||
<p>To get an idea of the near term roadmap, check out the
|
||||
<a href="/contact#reporting-issues">issue trackers</a>. The vast majority of the
|
||||
issues filed in the trackers are planned enhancements, with care taken to make sure
|
||||
all of the issues open in the tracker are concrete and actionable.</p>
|
||||
|
||||
<p>In the long term, GrapheneOS aims to move beyond a hardened fork of the Android
|
||||
Open Source Project. Achieving the goals requires moving away from relying on the Linux
|
||||
kernel as the core of the OS and foundation of the security model. It needs to move
|
||||
towards a microkernel-based model with a Linux compatibility layer, with many stepping
|
||||
stones leading towards that goal including adopting virtualization-based
|
||||
isolation.</p>
|
||||
|
||||
<p>The initial phase for the long-term roadmap of moving away from the current
|
||||
foundation will be to deploy and integrate a hypervisor like Xen to leverage it for
|
||||
reinforcing existing security boundaries. Linux would be running inside the virtual
|
||||
machines at this point, inside and outside of the sandboxes being reinforced. In the
|
||||
longer term, Linux inside the sandboxes can be replaced with a compatibility layer
|
||||
like gVisor, which would need to be ported to arm64 and given a new backend alongside
|
||||
the existing KVM backend. Over the longer term, i.e. many years from now, Linux can
|
||||
fade away completely and so can the usage of virtualization. The anticipation is that
|
||||
many other projects are going to be interested in this kind of migration, so it's not
|
||||
going to be solely a GrapheneOS project, as demonstrated by the current existence of
|
||||
the gVisor project and various other projects working on virtualization deployments
|
||||
for mobile. Having a hypervisor with verified boot still intact will also provide a
|
||||
way to achieve some of the goals based on extensions to Trusted Execution Environment
|
||||
(TEE) functionality even without having GrapheneOS hardware.</p>
|
||||
|
||||
<p>Hardware and firmware security are core parts of the project, but it's currently
|
||||
limited to research and submitting suggestions and bug reports upstream. In the long
|
||||
term, the project will need to move into the hardware space.</p>
|
||||
</article>
|
||||
|
||||
<article id="install">
|
||||
<h2><a href="#install">How do I install GrapheneOS?</a></h2>
|
||||
|
||||
<p>Follow the <a href="/install">official GrapheneOS installation guide</a>. Third
|
||||
party installation guides tend to be out-of-date and often contain misguided
|
||||
advice and errors. If you have trouble with the installation process, ask for help
|
||||
from the <a href="/contact#community">#grapheneos Matrix / IRC channel</a>.</p>
|
||||
</article>
|
||||
|
||||
<article id="build">
|
||||
<h2><a href="#build">How do I build GrapheneOS?</a></h2>
|
||||
|
||||
<p>Follow the <a href="/build">official GrapheneOS building guide</a>. Third party
|
||||
build guides tend to be out-of-date and often contain misguided advice and errors.
|
||||
If you have trouble with the build process, ask for help from the
|
||||
<a href="/contact#community">#grapheneos Matrix / IRC channel</a>.</p>
|
||||
</article>
|
||||
|
||||
<article id="company">
|
||||
<h2><a href="#company">Will GrapheneOS create a company?</a></h2>
|
||||
|
||||
<p>No, GrapheneOS will remain a non-profit open source project / organization. It
|
||||
will remain an independent organization not strongly associated with any specific
|
||||
company. We partner with a variety of companies and other organizations, and we're
|
||||
interested in more partnerships in the future. Keeping it as an non-profit avoids
|
||||
the conflicts of interest created by a profit-based model. It allows us to focus
|
||||
on improving privacy/security without struggling to build a viable business model
|
||||
that's not in conflict with the success of the open source project.</p>
|
||||
</article>
|
||||
|
||||
<article id="copyright-and-licensing">
|
||||
<h2><a href="#copyright-and-licensing">Who owns the GrapheneOS code and how is it licensed?</a></h2>
|
||||
|
||||
@ -1085,71 +1150,6 @@
|
||||
modifications beyond that isn't simply an unofficial build and should be presented
|
||||
as a distinct OS based on GrapheneOS.</p>
|
||||
</article>
|
||||
|
||||
<article id="roadmap">
|
||||
<h2><a href="#roadmap">What is the roadmap for GrapheneOS?</a></h2>
|
||||
|
||||
<p>To get an idea of the near term roadmap, check out the
|
||||
<a href="/contact#reporting-issues">issue trackers</a>. The vast majority of the
|
||||
issues filed in the trackers are planned enhancements, with care taken to make sure
|
||||
all of the issues open in the tracker are concrete and actionable.</p>
|
||||
|
||||
<p>In the long term, GrapheneOS aims to move beyond a hardened fork of the Android
|
||||
Open Source Project. Achieving the goals requires moving away from relying on the Linux
|
||||
kernel as the core of the OS and foundation of the security model. It needs to move
|
||||
towards a microkernel-based model with a Linux compatibility layer, with many stepping
|
||||
stones leading towards that goal including adopting virtualization-based
|
||||
isolation.</p>
|
||||
|
||||
<p>The initial phase for the long-term roadmap of moving away from the current
|
||||
foundation will be to deploy and integrate a hypervisor like Xen to leverage it for
|
||||
reinforcing existing security boundaries. Linux would be running inside the virtual
|
||||
machines at this point, inside and outside of the sandboxes being reinforced. In the
|
||||
longer term, Linux inside the sandboxes can be replaced with a compatibility layer
|
||||
like gVisor, which would need to be ported to arm64 and given a new backend alongside
|
||||
the existing KVM backend. Over the longer term, i.e. many years from now, Linux can
|
||||
fade away completely and so can the usage of virtualization. The anticipation is that
|
||||
many other projects are going to be interested in this kind of migration, so it's not
|
||||
going to be solely a GrapheneOS project, as demonstrated by the current existence of
|
||||
the gVisor project and various other projects working on virtualization deployments
|
||||
for mobile. Having a hypervisor with verified boot still intact will also provide a
|
||||
way to achieve some of the goals based on extensions to Trusted Execution Environment
|
||||
(TEE) functionality even without having GrapheneOS hardware.</p>
|
||||
|
||||
<p>Hardware and firmware security are core parts of the project, but it's currently
|
||||
limited to research and submitting suggestions and bug reports upstream. In the long
|
||||
term, the project will need to move into the hardware space.</p>
|
||||
</article>
|
||||
|
||||
<article id="company">
|
||||
<h2><a href="#company">Will GrapheneOS create a company?</a></h2>
|
||||
|
||||
<p>No, GrapheneOS will remain a non-profit open source project / organization. It
|
||||
will remain an independent organization not strongly associated with any specific
|
||||
company. We partner with a variety of companies and other organizations, and we're
|
||||
interested in more partnerships in the future. Keeping it as an non-profit avoids
|
||||
the conflicts of interest created by a profit-based model. It allows us to focus
|
||||
on improving privacy/security without struggling to build a viable business model
|
||||
that's not in conflict with the success of the open source project.</p>
|
||||
</article>
|
||||
|
||||
<article id="install">
|
||||
<h2><a href="#install">How do I install GrapheneOS?</a></h2>
|
||||
|
||||
<p>Follow the <a href="/install">official GrapheneOS installation guide</a>. Third
|
||||
party installation guides tend to be out-of-date and often contain misguided
|
||||
advice and errors. If you have trouble with the installation process, ask for help
|
||||
from the <a href="/contact#community">#grapheneos Matrix / IRC channel</a>.</p>
|
||||
</article>
|
||||
|
||||
<article id="build">
|
||||
<h2><a href="#build">How do I build GrapheneOS?</a></h2>
|
||||
|
||||
<p>Follow the <a href="/build">official GrapheneOS building guide</a>. Third party
|
||||
build guides tend to be out-of-date and often contain misguided advice and errors.
|
||||
If you have trouble with the build process, ask for help from the
|
||||
<a href="/contact#community">#grapheneos Matrix / IRC channel</a>.</p>
|
||||
</article>
|
||||
</main>
|
||||
<footer>
|
||||
<a href="/"><img src="/logo.png" width="512" height="512" alt=""/>GrapheneOS</a>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user