I've received initial funding for continuing my privacy and security work. The development time based on this funding will be split between my hardened malloc implementation (github.com/AndroidHardeni) and a new project aiming to implement first class Android support for QubesOS.
Conversation
Since there's funding for the work, the hardened malloc implementation is now MIT licensed: github.com/AndroidHardeni.
The work on Android support for QubesOS will be permissively licensed too, although it's still unclear how large of a project that's going to end up being.
Replying to
The initial goal will simply be having fully working production builds of the Android Open Source Project running inside QubesOS. AppVM integration and an update system will need to be developed from that baseline. It should really be done differently than existing OS support.
2
3
38
The integration should provide an equivalent or better implementation of Android Verified Boot and atomic A/B updates. It doesn't fit well into the system used for existing OS support since the base system is read-only and updated atomically as a single unit at the block level.
23