Other projects we're going to fund soon:
* eSIM activation app not depending on Play services
* minimalist app install/update system with deltas and automated updates
* fancy ARM memory tagging (MTE) support for hardened_malloc (github.com/GrapheneOS/har) - QEMU as initial target
Conversation
Looking for someone to work on the memory tagging feature for hardened_malloc. Why you want to do this:
* remote work
* no meetings (just chatting on Matrix)
* you own your work (MIT licensed)
* get paid via Bitcoin if you want (or PayPal...)
* no NDA, can blog or tweet about it
1
15
45
Can live anywhere in the world, doesn't matter. Living somewhere with a low cost of living helps the funding go further. It's flexible and we can figure out something that works.
Having open source contributions we can look at helps a lot with finding people for these projects.
1
3
30
For the memory tagging project, low-level programming and debugging experience is important. Need someone that knows arm64 assembly, etc. well already. It's a simple memory allocator. Mostly about making primitives we need in a little proof of concept, then fitting those into it.
2
20
This Tweet was deleted by the Tweet author. Learn more
Definitely, and that's planned, but we aren't interested in anything that's a downgrade for privacy or security from Pixels. The baseline expectation is matching them. Ideally, doing better in certain ways, even limited ways like a very specific security frill via the hardware.
1
3
That's quite difficult to do without substantial resources and investment in making more than a limited edition phone. Do not want to attach our brand to something that's not at least as secure as a Pixel. It has to be good. That's not easy. It's not really a small batch thing.
Our expectation is that if we find a hardware partner that's a good match, we can build something amazing and they can sell a LOT of phones with GrapheneOS on great hardware. Should expect it'd be expensive for a current generation SoC, lots of memory, secure element and so on.
1
3
It's much easier to make a high-end phone for this. It masks the high cost of making a secure phone, and it needs a current generation modern SoC, etc. for it to be worth anything. Making a cheap device that's at least as secure would be very difficult, and we want to do better.
1
4
Show replies