We have early access to Android Security Bulletin patches and will be able to set up a workflow where we can have releases already built and tested prior to the embargo ending. For now, we've still been doing the builds after the embargo ends. It will mainly help when they screw up pushing to AOSP.
Sounds more like a confidential source for upstream patches that are no longer being published publicly. It’s not Graphene’s fault that google isnt releasing the source code anymore. If they’re able to get a hold of it through other (less transparent) means, that’s not better but it’s not as bad as what we feared would happen.
Security thru obscurity doesn’t work.
Sounds more like a confidential source for upstream patches that are no longer being published publicly. It’s not Graphene’s fault that google isnt releasing the source code anymore. If they’re able to get a hold of it through other (less transparent) means, that’s not better but it’s not as bad as what we feared would happen.