/u/DanielMicay is shedding the temporary name "Android Hardening" to rebrand as "GrapheneOS" in response to a request to move on from the /r/CopperheadOS subreddit (which itself was triggered by...
This allocator is intended as a successor to a previous implementation based on extending OpenBSD malloc with various additional security features. It's still heavily based on the OpenBSD malloc design, albeit not on the existing code other than reusing the hash table implementation for the time being.
The Auditor app uses hardware-based security features to validate the identity of a device along with authenticity and integrity of the operating system. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. A downgrade to a previous version will also be detected.
Sample builds and installation instructions are available for the Pixel 2/3 and XL variants (OTA updates included and provided through a built-in updater app).
/u/DanielMicay is shedding the temporary name "Android Hardening" to rebrand as "GrapheneOS" in response to a request to move on from the /r/CopperheadOS subreddit (which itself was triggered by confusion from the news that insecure continuation of CopperheadOS just migrated to Android Pie).
The main elements of the Android Hardening project currently consists of:
Sample builds and installation instructions are available for the Pixel 2/3 and XL variants (OTA updates included and provided through a built-in updater app).