diff --git a/static/features.html b/static/features.html
index a1b0c39e..d42289d2 100644
--- a/static/features.html
+++ b/static/features.html
@@ -880,19 +880,23 @@
Type-based Control Flow Integrity (CFI)
Hardware memory tagging (MTE) enabled for the main allocator
Strict site isolation and sandboxed iframes
- JavaScript JIT disabled by default with per-site toggle via drop-down permission menu
+ JavaScript JIT disabled by default with per-site toggle via drop-down
+ permission menu
Native Android autofill implementation to avoid needing sandboxed Google
Play for autofill support
WebGPU disabled for attack surface reduction
WebRTC IP handling policy toggle to control peer-to-peer WebRTC mode
- Compiler hardening: automatic variable initialization, strong stack protector, well-defined signed overflow
+ Compiler hardening: automatic variable initialization, strong stack
+ protector, well-defined signed overflow
High performance content filtering engine using EasyList + EasyPrivacy
with per-site toggle via drop-down permission menu
More complete state partitioning without origin trial opt-out
- High entropy client hints are replaced with the frozen user agent values to avoid leaking device/OS info
+ High entropy client hints are replaced with the frozen user agent values
+ to avoid leaking device/OS info
Battery API always shows the battery as charging and at 100% capacity
Trivial subdomain hiding disabled
- Consistent browser behavior across users without usage of feature flags and seed-based trials
+ Consistent browser behavior across users without usage of feature flags
+ and seed-based trials
Nearly all remote services disabled by default or removed. Only connects
to GrapheneOS servers by default. There are only 2 default services:
component updates such as certificate authority and certificate revocation
@@ -903,6 +907,9 @@
and share intents in Incognito mode
Option to reduce or disable sending cross-origin referrer information
sharing where a link was opened
+ Hybrid post-quantum cryptography enabled by default to match the
+ behavior of Chromium on desktop since the devices we support are more
+ than fast enough
Better default settings, including non-user-facing flags: