120 lines
		
	
	
		
			7.7 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
			
		
		
	
	
			120 lines
		
	
	
		
			7.7 KiB
		
	
	
	
		
			HTML
		
	
	
	
	
	
| <!DOCTYPE html>
 | |
| <html lang="en" prefix="og: http://ogp.me/ns#">
 | |
|     <head>
 | |
|         <meta charset="utf-8"/>
 | |
|         <title>GrapheneOS</title>
 | |
|         <meta name="description" content="GrapheneOS is a security and privacy focused mobile OS with Android app compatibility."/>
 | |
|         <meta name="theme-color" content="#212121"/>
 | |
|         <meta name="msapplication-TileColor" content="#ffffff"/>
 | |
|         <meta name="viewport" content="width=device-width, initial-scale=1"/>
 | |
|         <meta name="twitter:site" content="@GrapheneOS"/>
 | |
|         <meta name="twitter:creator" content="@GrapheneOS"/>
 | |
|         <meta property="og:title" content="GrapheneOS"/>
 | |
|         <meta property="og:description" content="GrapheneOS is a security and privacy focused mobile OS with Android app compatibility."/>
 | |
|         <meta property="og:type" content="website"/>
 | |
|         <meta property="og:image" content="https://grapheneos.org/opengraph.png"/>
 | |
|         <meta property="og:image:width" content="512"/>
 | |
|         <meta property="og:image:height" content="512"/>
 | |
|         <meta property="og:image:alt" content="GrapheneOS logo"/>
 | |
|         <meta property="og:url" content="https://grapheneos.org/"/>
 | |
|         <meta property="og:site_name" content="GrapheneOS"/>
 | |
|         <link rel="icon" type="image/vnd.microsoft.icon" href="/favicon.ico"/>
 | |
|         <link rel="mask-icon" href="/mask-icon.svg" color="#1a1a1a"/>
 | |
|         <link rel="stylesheet" href="/grapheneos.css?14"/>
 | |
|         <link rel="manifest" href="/manifest.webmanifest"/>
 | |
|         <link rel="canonical" href="https://grapheneos.org/"/>
 | |
|     </head>
 | |
|     <body>
 | |
|         <nav>
 | |
|             <ul>
 | |
|                 <li class="active"><a href="/">GrapheneOS</a></li>
 | |
|                 <li><a href="/install">Install</a></li>
 | |
|                 <li><a href="/build">Build</a></li>
 | |
|                 <li><a href="/usage">Usage</a></li>
 | |
|                 <li><a href="/faq">FAQ</a></li>
 | |
|                 <li><a href="/releases">Releases</a></li>
 | |
|                 <li><a href="/source">Source</a></li>
 | |
|                 <li><a href="/donate">Donate</a></li>
 | |
|                 <li><a href="/contact">Contact</a></li>
 | |
|             </ul>
 | |
|         </nav>
 | |
|         <div id="content">
 | |
|             <h1 id="grapheneos">
 | |
|                 <a href="#grapheneos">GrapheneOS</a>
 | |
|             </h1>
 | |
|             <p>GrapheneOS is an open source privacy and security focused mobile OS with Android
 | |
|             app compatibility.</p>
 | |
|             <p>Official releases are available on the <a href="/releases">releases page</a> and
 | |
|             installation instructions are on the <a href="/install">install page</a>.</p>
 | |
|             <p>See the <a href="https://github.com/GrapheneOS">GitHub organization</a> for sources
 | |
|             of the OS and various standalone sub-projects including the cutting edge
 | |
|             <a href="https://github.com/GrapheneOS/hardened_malloc/blob/master/README.md">new
 | |
|             hardened memory allocator</a> and other projects.</p>
 | |
|             <p>The official GrapheneOS releases are supported by the
 | |
|             <a href="https://github.com/GrapheneOS/Auditor/releases">Auditor app</a> and
 | |
|             <a href="https://attestation.app/">attestation service</a> for hardware-based
 | |
|             attestation. For more details, see the <a
 | |
|             href="https://attestation.app/about">about page</a> and <a
 | |
|             href="https://attestation.app/tutorial">tutorial</a>. You can also extend these with
 | |
|             support for your own builds.</p>
 | |
|             <h2 id="early-stage-of-development">
 | |
|                 <a href="#early-stage-of-development">Early stage of development</a>
 | |
|             </h2>
 | |
|             <p>GrapheneOS is a privacy / security research and engineering project that has been
 | |
|             under way for over 5 years. It recently became rebranded as GrapheneOS and is taking a
 | |
|             different direction based on obtaining funding for the research and development work
 | |
|             as a non-profit open source project rather than being a company. The reborn project is
 | |
|             still in a very early stage and lots of the past work on privacy and security has not
 | |
|             yet been restored for the new incarnation of the OS.</p>
 | |
|             <p>The grapheneos.org site is still being put together. It will have lots of
 | |
|             additional documentation and tutorials in the future along with coverage of various
 | |
|             software, firmware and hardware privacy/security topics.</p>
 | |
|             <p>GrapheneOS is being supported with funding and developers from various companies
 | |
|             and other organizations interested in contributing to this shared base for a feature
 | |
|             rich private and secure mobile operating system able to run many existing
 | |
|             applications. It will take more time to organize and deploy these resources in order
 | |
|             for the project to have a strong development team with proper infrastructure behind
 | |
|             it.</p>
 | |
|             <h2 id="roadmap">
 | |
|                 <a href="#roadmap">Roadmap</a>
 | |
|             </h2>
 | |
|             <p>Details on the roadmap of the project will be posted on the site in the near
 | |
|             future. In the long term, it aims to move beyond a hardened fork of the Android Open
 | |
|             Source Project. Achieving the goals requires moving away from relying the Linux kernel
 | |
|             as the core of the OS and foundation of the security model. It needs to move towards a
 | |
|             microkernel-based model with a Linux compatibility layer, with many stepping stones
 | |
|             leading towards that goal including adopting virtualization-based isolation.</p>
 | |
|             <p>The initial phase for the long-term roadmap of moving away from the current
 | |
|             foundation will be to deploy and integrate a hypervisor like Xen to leverage it for
 | |
|             reinforcing existing security boundaries. Linux would be running inside the virtual
 | |
|             machines at this point, inside and outside of the sandboxes being reinforced. In the
 | |
|             longer term, Linux inside the sandboxes can be replaced with a compatibility layer
 | |
|             like gVisor, which would need to be ported to arm64 and given a new backend alongside
 | |
|             the existing KVM backend. Over the longer term, i.e. many years from now, Linux can
 | |
|             fade away completely and so can the usage of virtualization. The anticipation is that
 | |
|             many other projects are going to be interested in this kind of migration, so it's not
 | |
|             going to be solely a GrapheneOS project, as demonstrated by the current existence of
 | |
|             the gVisor project and various other projects working on virtualization deployments
 | |
|             for mobile. Having a hypervisor with verified boot still intact will also provide a
 | |
|             way to achieve some of the goals based on extensions to Trusted Execution Environment
 | |
|             (TEE) functionality even without having GrapheneOS hardware.</p>
 | |
|             <p>Hardware and firmware security are core parts of the project, but it's currently
 | |
|             limited to research and submitting suggestions and bug reports upstream. In the long
 | |
|             term, the project will need to move into the hardware space.</p>
 | |
|             <h2 id="device-support">
 | |
|                 <a href="/faq#device-support">Device support</a>
 | |
|             </h2>
 | |
|             <p>See <a href="/faq#device-support">the FAQ section on device support</a>.</p>
 | |
|         </div>
 | |
|         <footer>
 | |
|             <a href="/"><img src="https://grapheneos.org/logo.png" width="512" height="512" alt=""/>GrapheneOS</a>
 | |
|             <ul id="social">
 | |
|                 <li><a href="https://twitter.com/GrapheneOS">Twitter</a></li>
 | |
|                 <li><a href="https://github.com/GrapheneOS">GitHub</a></li>
 | |
|                 <li><a href="https://reddit.com/r/GrapheneOS">Reddit</a></li>
 | |
|             </ul>
 | |
|         </footer>
 | |
|         <script src="/redirect.js?3"></script>
 | |
|     </body>
 | |
| </html>
 | 
