The big issue that the post is trying to address is that AOSP and therefore derivatives like LineageOS are also missing these patches for up to 6 months. When OEMs get security preview patches, they may only push ~10% of them earlier than their assigned date too. When switching you could be *less* patched, and it is the upstream's fault.
GrapheneOS on the security preview channel is the ONLY Android distribution delivering all available patches on a regular basis. Despite the embargo preventing releasing the sources, it is easy to use reverse engineering tools to compare differences between standard and security preview builds to find the vulnerability AND the embargo doesn't protect against a resourceful threat actor somehow getting that access.
Final
npub1hx…sg75y
2026-06-06 13:42:00 UTC
in reply to nevent1q…qzst
Author Public Key
npub1hxx76n82ags8jrduk0p3gqrfyqyaxnrlnynu9p5rt2vmwjq6ts3q4sg75ySeen on
wss://relay.primal.netPublished at
2026-06-06 13:42:00 UTCEvent JSON
{
"id": "82831683da04adf54ac916a30a51dab17f6a209ba4342dcb008336c33749a849",
"pubkey": "b98ded4ceaea20790dbcb3c31400692009d34c7f9927c286835a99b7481a5c22",
"created_at": 1780753320,
"kind": 1,
"tags": [
[
"p",
"7cf2c528ef7c940a4f12c0493203b620ef0454a47d75cc105f34652a6e70f6f7"
],
[
"p",
"b7cf9f42a796b091e843dce919d3ef4c0dc82e029452edf0bdbcdeb9ecb93e78",
"wss://nos.lol/ "
],
[
"e",
"00002a69d1cb71e1b1c56006ca140bbf6865148367d3bb8c4e92e423117b8314",
"wss://nos.lol/ ",
"root",
"b7cf9f42a796b091e843dce919d3ef4c0dc82e029452edf0bdbcdeb9ecb93e78"
],
[
"client",
"Primal Android"
]
],
"content": "The big issue that the post is trying to address is that AOSP and therefore derivatives like LineageOS are also missing these patches for up to 6 months. When OEMs get security preview patches, they may only push ~10% of them earlier than their assigned date too. When switching you could be *less* patched, and it is the upstream's fault.\n\nGrapheneOS on the security preview channel is the ONLY Android distribution delivering all available patches on a regular basis. Despite the embargo preventing releasing the sources, it is easy to use reverse engineering tools to compare differences between standard and security preview builds to find the vulnerability AND the embargo doesn't protect against a resourceful threat actor somehow getting that access. \n\n",
"sig": "3859556c4c9f44ea0ca26e5771da7151e8946012e26c6160e3ba5209c21b77dfb6f8ce63e75f42c0f8be0d2b16ce396b665dce38e2df4dd077609cc53082bc3f"
}