GrapheneOS statement on Mastodon: https://grapheneos.social/@GrapheneOS/114661914197695338
Calyx made an official statement on this development here: https://calyxos.org/news/2025/06/11/android-16-plans/
Concerning stuff. Hopefully a workaround or solution is found at some point, but if not, I'm already thinking of how to manage without them.
I can't see myself going back to a standard Android phone, so I suppose worse case scenario, I'd have to settle with LineageOS, or potentially abandon Android altogether and see if I can manage with discrete separate devices to fulfill the same needs, such as:
- a pocketable mini-Linux PC like a MNT Pocket Reform, which has the ability to use cellular networks. Should be able to text, browse web, and maybe GPS? Alternatively, perhaps the Mecha Comet?
- Small pocket-able dumb camera
- MP3 player
- Dumb-phone kept in a faraday bag when not in use?
EDIT:
Update on the situation from GrapheneOS in this thread (using Redlib, a proxy of Reddit)
The biggest problem for GrapheneOS is not the change to AOSP but rather our lead developer since 2022 being forcibly conscripted to fight in a war in April. That's why we've been asking for help since April.
In April, we were contacted by someone about upcoming changes to AOSP impacting us including the removal of device support in Android 16. We talked about it internally but didn't know if the information was credible. We prepared as much as we could for the Android 16 port but didn't know exactly what would happen with device support. If we had clearer information on it and knew it was accurate, we could have prepared much more in advanced.
Porting to Android 16 is required to continue shipping full Android privacy/security patches regardless of device. Only the latest stable release gets full privacy/security patches, which was the May release of Android 15 QPR2 and is not Android 16. Older releases only get backports.
Pixels also only have their driver and firmware patches for Android 16, although we're working on a release within the next 24 hours with backports of the most important firmware patches. We would normally have an experimental Android 16 release out already, if they hadn't made changes to AOSP.
There are further changes coming to AOSP. It is not only what is talked about there.
In another comment:
We're going to be continuing GrapheneOS but in the long term we'll need to shift to our own devices with an OEM partner.
It's not only Pixels which are going to be impacted. Pixels are still the only devices meeting our hardware requirements (https://grapheneos.org/faq#future-devices). It's clear we need our own hardware in partnership with an OEM that's serious about security and capable of delivering on it. We've had several attempts at OEM partnerships but they were unable to provide what we needed. It will cost millions of dollars to get a device meeting our basic requirements. We can do that, but we hoped for an OEM wanting to work with us instead of us needing to pay for everything through raising funds. We didn't end up finding a good OEM to work with that way so we'll do it the hard way.
first off, you can continue using your existing gOS phone, it's not like it's gonna melt in yo hands the moment it's not "up to date" and there's gonna be security updates for the A15 base for a long time, no need to dig up MP3 players and NIKONs from 1970.
I personally can't stand the idea that it's only possible to be safe and secure if you use gOS, an Android fork that runs only on Pixel phones. leave aside the ridiculous concept that you have to give money to Google in order to escape its clutches, I maintain that those things are unnecessary. they are secure, but in the wrong way.
they have kernel hardening shit and encrypt this and that and verifiable boot and evil maid safe and sandbox to prevent malicious apps to get at your shit and whatnot, and if you're a MIT-educated Jason Bourne on the run from 5eyes or whoever, all of them things can come in handy.
but the humongously vast majority of us need but two things:
a) a lost or stolen device doesn't compromise me; the fuck that got it can't access my data and/or impersonate me. practically every AOSP/LineageOS version has this. b) the apps I get and the underlying OS are my agents; they do shit I want, the way I want to and if that's in conflict with its creator's ideas, I take precedence and not the other way around; forgoing Google in its entirety via AOSP/LOS/F-droid takes care of this.
both easily accomplished with a repurposed $50 phone and fixing and/or replacing the fucker at that price point is a no-brainer, wherever you're based.
the idea that a used phone that was touched and rubbed and spat all over and taken to the shitter and godknowswhatelse at $300 should be the entry barrier for not getting assraped on the reg, I don't know what to tell you, except maybe check your privilege, idk.
Considering that a significant portion of the US population may be targeted by the regime at some point in the future, having a device that is more resistant and private against those threats is a massive boon.
If you're not engaging in any resistance or are lucky enough to live in an area where that isn't a concern, sure, those features aren't essential, but they also don't hurt in most cases (I'd want sandboxing no matter what, it's just a nice layer of security against potentially compromised apps, which can be on any distribution platform).
I'm not really sure where this is coming from, since no one here ever suggested that LineageOS isn't adequate for some (probably even most) use cases. I only spoke for myself, and I value privacy and security far more than the average person due to needing it.
people who are at risk of this should be minimizing their phone use in the first place, if the US government wants into your phone they will get into it eventually.
there's a reason that one of the main rules of protests is to NEVER bring your phone
Don't disagree with you there.
The US government doesn't have magic word to break into every device. That is paranoia, unless you're talking about "if given an infinite amount of time...".
frankly i just laugh at the concept of safe and secure, anyone who seriously wants into your device will get into it, if you can't live with that idea then you shouldn't own a modern complex device with chips that could be doing precisely whatever the fuck they want without you knowing.
it's the same as physical locks, someone who wants to get past them will get past them, locks don't exist to wholesale prevent entry, they exist so only the highly motivated break in, and that's just a fact we have to live with.
This is paranoia.
Encryption works very differently. A user can encrypt a machine with an Argon2id password that requires 1GB of ram per parallel attempt, requires an average of 1s per attempt, and would take every computer on earth billions of years for a 0.1% chance to crack it if they all worked in parallel.
It's not even close to as insecure as a physical lock.
Yes it is. There are locks out there, that have extremely sophisticated keys that are basically impossible to clone or "break in". The way those locks are cracked or opened is nearly always unrelated to the key itself. Same goes for Encryption. Even a "simple" 20 Characters password is near impossible to brute force. Most entry points are through various other ways, which is also why i find GrapheneOS for the average user stupid.
There are other things that are needed to actually protect privacy and one of the main things it awareness. Just because stuff is sandboxed and you have some Ad-Blockers on, doesn't mean shit these days.
With encryption, the data is changed so that only the key could decrypt it. If there are no encryption backdoors, then the key is the only end goal of attack. Compared to a physical lock, where, even if the lock was perfect, you still need to secure the structure it locks.
I still appreciate defense against the less common. Easier to focus on the more common.
Sandboxing and Ad-blockers are quite different. One gives restricted permissions, so a program has less tools to be able to cause harm, and less visibility into the system to violate privacy. Ad blockers need only to stop an ad from displaying. The security and privacy gain would likely only come from stopping you from clicking them (since they're blocked), or stopping the resources from being networked to in the first place.
Sandboxing I would consider much better for security and privacy. That's why its a valuable tool for security researchers.