Skip to content

Releases: GrapheneOS/Auditor

57

13 Sep 01:33
@thestinger thestinger
57
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
b50a1ee
Compare
Choose a tag to compare
57

Notable changes in version 57:

  • fix getApplicationInfo compatibility wrapper

A full list of changes from the previous release (version 56) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

56

13 Sep 01:09
@thestinger thestinger
56
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
ee842c4
Compare
Choose a tag to compare
56

Notable changes in version 56:

  • add Android 13 themed icon support
  • replace all deprecated Android APIs
  • use remote verification executor for disabling remote verification to prevent a theoretical exception from a race condition
  • improve feedback about the success or failure of background tasks (clearing pairings, enabling/disabling remote verification, scheduling sample submission)
  • update AndroidX appcompat library to 1.5.1

A full list of changes from the previous release (version 55) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

55

01 Sep 10:53
@thestinger thestinger
55
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
88adc30
Compare
Choose a tag to compare
55

Notable changes in version 55:

  • build with API 33 SDK
  • replace an API call deprecated in API 33
  • raise target API level to 33
  • add support for requesting notification permission only when needed
  • update CameraX library to 1.2.0-beta01
  • update AndroidX appcompat library to 1.5.0
  • update Bouncy Castle library to 1.71.1
  • update Gradle to 7.5.1
  • update Android Gradle plugin to 7.2.2

A full list of changes from the previous release (version 54) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

54

31 Jul 09:25
@thestinger thestinger
54
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
111c9ac
Compare
Choose a tag to compare
54

Notable changes in version 54:

  • update CameraX to 1.2.0-alpha04

A full list of changes from the previous release (version 53) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

53

28 Jul 07:36
@thestinger thestinger
53
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
07e791b
Compare
Choose a tag to compare
53

Notable changes in version 53:

  • add Google Pixel 6a support for both the stock OS and the near future GrapheneOS releases
  • update Android build tools to 33.0.0

A full list of changes from the previous release (version 52) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

52

16 Jul 22:10
@thestinger thestinger
52
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
17f15c5
Compare
Choose a tag to compare
52

Notable changes in version 52:

  • update CameraX to 1.2.0-alpha03
  • update Kotlin Gradle plugin to 1.7.10
  • update Gradle to 7.5

A full list of changes from the previous release (version 51) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

51

07 Jun 21:08
@thestinger thestinger
51
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
d87a509
Compare
Choose a tag to compare
51

Notable changes in version 51:

  • implement attest key downgrade support to work around bug with the current Pixel 6 / Pixel 6 Pro implementation of the bleeding edge attest key feature (see commit message for technical details)
  • switch to jdk18on variant of Bouncy Castle

A full list of changes from the previous release (version 50) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

50

04 Jun 17:49
@thestinger thestinger
50
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
6d2d9db
Compare
Choose a tag to compare
50

Notable changes in version 50:

  • fall back to using front camera if rear camera is unavailable
  • update CameraX library to 1.2.0-alpha02
  • update AndroidX appcompat library to 1.4.2
  • update Bouncy Castle library to 1.71

A full list of changes from the previous release (version 49) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

49

01 Jun 03:33
@thestinger thestinger
49
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
0f7409b
Compare
Choose a tag to compare
49

Notable changes in version 49:

  • use correct size format for QR scanning focus size
  • update Material library to 1.6.1

A full list of changes from the previous release (version 48) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading

48

28 May 01:02
@thestinger thestinger
48
This tag was signed with the committer’s verified signature.
thestinger Daniel Micay
GPG key ID: F9E712E59AF5F22A
Learn about vigilant mode.
89f52e4
Compare
Choose a tag to compare
48

Notable changes in version 48:

  • extend the attestation reference implementation library with a way to precisely detect the key description extension
  • prevent bypass for the initial verification inherited from Android's key attestation reference implementation (our pinning approach prevents these issues after pairing) by checking that only the first and second certificates have a key description extension and if the second certificate has a key description extension it needs to be a valid attest key with a matching security level, challenge and the attest key purpose
  • enforce that the redundant data provided by the key description for the attest key matches the key that it's signing since despite the lack of a clear security benefit we might as well check that all the data fields have the expected values
  • remove unused code and improve code quality
  • update Material to 1.6.0
  • update CameraX to 1.2.0-alpha01
  • update Android gradle plugin to 7.2.1

A full list of changes from the previous release (version 47) is available through the Git commit log between the releases.

The Auditor app uses hardware security features on supported devices to validate the integrity of the operating system from another Android device. It will verify that the device is running the stock operating system with the bootloader locked and that no tampering with the operating system has occurred. It will also detect downgrades to a previous version.

It cannot be bypassed by modifying or tampering with the operating system (OS) because it receives signed device information from the device's Trusted Execution Environment (TEE) or Hardware Security Module (HSM) including the verified boot state, operating system variant and operating system version. The verification is much more meaningful after the initial pairing as the app primarily relies on Trust On First Use via pinning. It also verifies the identity of the device after the initial verification.

See the tutorial for detailed usage instructions. This is included as the Help entry in the app menu. The app also provides basic guidance through the process. See the documentation for a more detailed overview.

Assets 2
Loading