I am never calling EnCase 'OpenText Forensic', don't be silly

Our security preview releases provide early access to Android Security Bulletin patches prior to the official disclosure. Our current security preview releases provide the current revision of the November 2025 and December 2025 patches for the Android Open Source Project. We recommend enabling this. The only difference between our regular releases and security preview releases are the future Android Security Bulletin patches being applied with any conflicts resolved. The downside of security preview releases is we cannot provide the sources for the patches until the official disclosure date. The delay for being able to publish the sources is why we're now going through the significant effort of building 2 variants of each release. Our most recent 3 releases have both a regular and security preview variant: 2025092500 and 2025092501 2025092700 and 2025092701 2025100300 and 2025100301 You can enable security preview releases via Settings > System > System update > Receive security preview releases. Our plan is to keep it off-by-default with a new page added to the Setup Wizard which will have it toggled on as a recommendation. We'll prompt users on existing installs to choose. We're maintaining the upcoming Android security patches in a private repository where we've resolved the conflicts. Each of our security preview releases is tagged in this private repository. Our plan is to publish what we used once the embargo ends, so it will still be open source, but delayed. The new security update Android is using provides around 3 months of early access to OEMs with permission to make binary-only releases from the beginning. As far as we know, #GrapheneOS is the first to take advantage of this and ship the patches early. Even the stock Pixel OS isn't doing this yet. During the initial month, many patches are added or changed. By around the end of the month, the patches are finalized with nothing else being added or changed. Our 2025092500 release was made on the day the December 2025 patches were finalized, but we plan to ship the March 2026 patches earlier. Previously, Android had monthly security patches with a 1 month embargo not permitting early releases. For GrapheneOS users enabling security preview releases, you'll get patches significantly earlier than before. We'd greatly prefer 3 day embargoes over 3 month embargoes but it's not our decision. Security preview releases currently increment the build date and build number of the regular release by 1. You can upgrade from 2025100300 to 2025100301 but not vice versa. For now, you can switch back to regular releases without reinstalling such as 2025092701 to 2025100300, but this may change.

The remaining core developer working on CalyxOS (Tommy Webb) left the organization. That leaves almost no one working on the project. One of their core developers left prior to this being public, their lead developer left following that and then the leader of the organization left too. You can see from https://review.calyxos.org/q/status:open that they were the remaining active core developer. Their initial 4-6 month estimate for resuming updates on August 1st is looking overly optimistic. CalyxOS users still don't have the 2025-06-05 patch level or above including being missing the Critical severity remote cellular radio vulnerability from June 2025, other driver/firmware patches from June 2025, driver/firmware patches from August 2025 or the massive set of September 2025 patches for both AOSP and Pixels. It's increasingly unsafe for remaining CalyxOS users to continue using it especially since 2 of the September 2025 vulnerabilities are marked in the bulletin as being known to be exploited in the wild. It's worth noting they don't go back and update past bulletins with news about in the wild exploitation being discovered, that information is only provided when the issues are first patched and then it's assumed everyone is updated to them. The in the wild exploitation info is only provided for what Android considers 0 days in terms of the Android Security Bulletins, not N days after patches are officially disclosed. That's also based on very limited insight into exploitation, as far more issues are exploited in the wild prior to being patched in reality. View quoted note →

#GrapheneOS version 2025100300 released: • add support for force enabling VoLTE, VoNR and 5G for carriers where those aren't supported with the standard configurations • revert backport of Pixel Wi-Fi extension APEX from Android 16 QPR1 due to it causing a system_server crash since system_server needs changes there too (this does not reduce the patch level) • kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.154 • kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.108 • kernel (6.12): update to latest GKI LTS branch revision including update to 6.12.49 • update SQLite to 3.44.5 LTS release • Network Location, System Updater: add new Let's Encrypt roots to TLS key pinning configuration • GmsCompatConfig: update to version 162 • Camera: update to version 89 Additional security patches from the November 2025 and December 2025 Android Security Bulletins are included in the 2025100301 security preview release.

Releases | GrapheneOS

This is the same project who claimed to make their app only for Apple platforms for anonymity and numerous inaccurate privacy claims for Android on why they wouldn't support it... I don't know why they didn't assume Apple would do such a thing, they did it with a similar Hong Kong protest map app years ago. Apple store which accounts, devices install which apps. They also force apps to use their push notification service. View quoted note →