SDF Chatter

Our latest OS release adds a sandboxed Google Play toggle for extending RCS compatibility in Google Messages to the rest of the carriers supporting it by granting ICC authentication access to sandboxed Play services. T-Mobile is the main one requiring it.

https://grapheneos.social/@GrapheneOS/116064966731823046

There are also the usual updates to the Linux kernel and the latest Android security preview patches. March 2026 AOSP patches have been finalized for a while other than patches being deferred. Most of the ones being added now are for the next major quarterly batch in June 2026.

We also added a new implementation of call recording which should be more robust including better handling of network handovers. It's an opt-in toggle in the Dialer app until it gets a lot of testing and then it can replace the existing implementation we made a long time ago.

Tags:

• 2026021200 (Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, Pixel 9 Pro Fold, Pixel 9a, Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL, Pixel 10 Pro Fold, emulator, generic, other targets)

Changes since the 2026020600 release:

• Sandboxed Google Play compatibility layer: add toggle for granting Play services access to ICC auth in order to support RCS with carriers requiring it for RCS in Google Messages including T-Mobile
• Launcher: fix rare upstream crash when switching users
• Dialer: add new opt-in implementation of call recording using the same framework APIs as Google Dialer with the goal of improving functionality (handover support) and robustness (currently an opt-in setting for testing and then it will replace the previous implementation)
• kernel (6.1, 6.6, 6.12): re-enable standard forced module signing with a workaround to make pKVM compatible with it
• kernel (6.1): update to latest GKI LTS branch revision including update to 6.1.162
• kernel (6.6): update to latest GKI LTS branch revision including update to 6.6.123
• kernel (6.12): update to latest GKI LTS branch revision including update to 6.12.69
• change default quick tile configuration for the new UI (replacing cast, wallet and device controls with camera, microphone and NFC toggles by default)
• Vanadium: update to version 145.0.7632.45.1
• update release signing to handle AOSP APEX changes
• migrate otatools.zip changes to Android's modern build system (soong)

All of the Android 16 security patches from the current March 2026, April 2026, May 2026, June 2026, July 2026 and August 2026 Android Security Bulletins are included in the 2026021201 security preview release. List of additional fixed CVEs:

• Critical: CVE-2026-0039, CVE-2026-0040, CVE-2026-0041, CVE-2026-0042, CVE-2026-0043, CVE-2026-0044, CVE-2026-0047, CVE-2026-0049, CVE-2026-0052
• High: CVE-2025-22424, CVE-2025-22426, CVE-2025-32348, CVE-2025-48600, CVE-2025-48615, CVE-2025-48617, CVE-2025-48630, CVE-2025-48641, CVE-2025-48642, CVE-2025-48644, CVE-2025-48645, CVE-2025-48646, CVE-2025-48649, CVE-2025-48652, CVE-2025-48653, CVE-2025-48654, CVE-2026-0011, CVE-2026-0014, CVE-2026-0015, CVE-2026-0016, CVE-2026-0017, CVE-2026-0018, CVE-2026-0020, CVE-2026-0021, CVE-2026-0022, CVE-2026-0023, CVE-2026-0024, CVE-2026-0025, CVE-2026-0033, CVE-2026-0034, CVE-2026-0035, CVE-2026-0036, CVE-2026-0048, CVE-2026-0050, CVE-2026-0053, CVE-2026-0054, CVE-2026-0055, CVE-2026-0056

For detailed information on security preview releases, see our post about it.

Changes in version 145.0.7632.75.0:

• update to Chromium 145.0.7632.75

A full list of changes from the previous release (version 145.0.7632.45.1) is available through the Git commit log between the releases.

This update is available to GrapheneOS users via our app repository and will also be bundled into the next OS release. Vanadium isn't yet officially available for users outside GrapheneOS, although we plan to do that eventually. It won't be able to provide the WebView outside GrapheneOS and will have missing hardening and other features.

Does anyone know how I can cross-compile software for a 1999 iMac G3 with a PowerPC processor? Are there resources on how to develop for this CPU and is there any community around it?

http://archive.today/2026.02.14-151910/https://www.washingtonpost.com/national-security/2026/02/14/havana-syndrome-cia-norway-experiment/

Working in strict secrecy, a government scientist in Norway built a machine capable of emitting powerful pulses of microwave energy and, in an effort to prove such devices are harmless to humans, in 2024 tested it on himself. He suffered neurological symptoms similar to those of “Havana syndrome,” the unexplained malady that has struck hundreds of U.S. spies and diplomats around the world.

The bizarre story, described by four people familiar with the events, is the latest wrinkle in the decade-long quest to find the causes of Havana syndrome, whose sufferers experience long-lasting effects including cognitive challenges, dizziness and nausea. The U.S. government calls the events Anomalous Health Incidents (AHIs).

Much about the Norway test remains obscured by its highly classified nature. People familiar with the events declined to identify the scientist or the Norwegian government agency he worked for.

The results were all the more shocking because the Norwegian researcher had earned a reputation as a leading opponent of the theory that directed-energy weapons can cause the type of symptoms associated with AHIs, those familiar with the events said. Trying to dramatically prove his point, with himself as a human guinea pig, he achieved the opposite.

The secret test in Norway has not been previously reported. The Norwegian government told the CIA about the results, two of the people said, prompting at least two visits in 2024 to Norway by Pentagon and White House officials.

In a separate development that has become public in recent weeks, the U.S. government covertly purchased at the end of the Biden administration a different foreign-made device that produces pulsed radio waves and which some experts suspect could be linked to AHI incidents, according to two people familiar with the matter.

The device is being tested by the Defense Department. It has some Russian-origin components, but the U.S. government still has not determined conclusively who built it, said one of the people.

The U.S. acquisition of the device was first reported last month by independent journalist Sasha Ingber and CNN, which said it had been purchased for millions of dollars by Homeland Security Investigations, part of the Department of Homeland Security.

The device that the scientist constructed in Norway was not identical to the one that the U.S. government covertly acquired, one of the people familiar with the events said. The Norwegian device was built based on “classified information,” suggesting it was derived from blueprints or other materials stolen from a foreign government, this person said.

At about the same time the U.S. became aware of the two pulsed-energy machines, two spy agencies altered their previous judgment and concluded that some of the incidents involving AHIs could be the work of a foreign adversary, delivering that verdict in an updated U.S. intelligence assessment issued in January 2025 during the Biden administration’s final weeks.

One was the National Security Agency, which intercepts and decodes foreign electronic communications, several people familiar with the issue said. The other, said two of those people, was the National Ground Intelligence Center, a U.S. Army intelligence agency in Charlottesville that produces intelligence on foreign adversaries’ scientific, technical and military capabilities.

The majority of U.S. intelligence agencies, including the CIA and four others, said they continued to judge it “very unlikely” that the attacks were the result of a foreign adversary or that a foreign actor had developed a novel weapon. In conversations intercepted by U.S. spy agencies, American adversaries were heard expressing their own surprise at the AHI incidents and denying involvement, U.S. officials have said.

At a Foreign Policy Research Institute conference in Philadelphia earlier this month, retired Air Force Lt. Col. Chris Schlagheck, at times his voice breaking, said he was hit five times in 2020 in his home in Northern Virginia, where a Russian family lived across the street. It was not until last year that a doctor told him his symptoms were the same as those reported from Havana a decade earlier.

What are some lesser known songs that should be more appreciated?

1. Childhood's end (Obscured by clouds)
2. Alan's psychedelic breakfast (Atom hearth mother)
3. Two suns in the sunset (The Final Cut)
4. High hopes (The division bell)
5. Sorrow, live from Pulse
6. bonus: Allons-y from The endless river (this is going to be controversial)

http://archive.today/2026.02.14-124214/https://www.nytimes.com/2026/02/13/technology/dhs-anti-ice-social-media.html

The Department of Homeland Security is expanding its efforts to identify Americans who oppose Immigration and Customs Enforcement by sending tech companies legal requests for the names, email addresses, telephone numbers and other identifying data behind social media accounts that track or criticize the agency.

In recent months, Google, Reddit, Discord and Meta, which owns Facebook and Instagram, have received hundreds of administrative subpoenas from the Department of Homeland Security, according to four government officials and tech employees privy to the requests. They spoke on the condition of anonymity because they were not authorized to speak publicly.

Google, Meta and Reddit complied with some of the requests, the government officials said. In the subpoenas, the department asked the companies for identifying details of accounts that do not have a real person’s name attached and that have criticized ICE or pointed to the locations of ICE agents. The New York Times saw two subpoenas that were sent to Meta over the last six months.

In September, for example, it sent Meta administrative subpoenas to identify the people behind Instagram accounts that posted about ICE raids in California, according to the A.C.L.U. The subpoenas were challenged in court, and the Department of Homeland Security withdrew the requests for information before a judge could rule.

The Department of Homeland Security also sought more information on the Facebook and Instagram accounts dedicated to tracking ICE activity in Montgomery County, Pa., outside Philadelphia. The accounts, called Montco Community Watch, began posting in Spanish and English about ICE sightings in June and, over the next six months, solicited tips from their roughly 10,000 followers to alert people to the locations of agents on specific streets or in front of local landmarks.

On Sept. 11, the Department of Homeland Security sent Meta a request for the name, email address, post code and other identifying information of the person or people behind the accounts. Meta informed the two Instagram and Facebook accounts of the request on Oct. 3.

“We have received legal process from law enforcement seeking information about your Facebook account,” the notification said, according to court records. “If we do not receive a copy of documentation that you have filed in court challenging this legal process within ten (10) days, we will respond to the requesting agency with information.”

The account owner alerted the A.C.L.U., which filed a motion on Oct. 16 to quash the government’s request. In a hearing on Jan. 14 in U.S. District Court for the Northern District of California, the A.C.L.U. argued that the government was using administrative subpoenas to target people whose speech it did not agree with.

Two days later, the subpoena was withdrawn.

Silicon Valley has long had an uneasy relationship with the federal government and how much user information to provide it. Transparency reports published by tech companies show that the number of requests for user information from different governments around the world has climbed over the years, with the United States and India among those submitting the most.

Some social media companies previously fought government requests for user information. In 2017, Twitter (now X) sued the federal government to stop an administrative subpoena that asked it to unmask an account critical of the first Trump administration. The subpoena was later withdrawn.

I like this recording of Sorrow soo much!

Page 8 of the dot2texi manual gives this example:

\documentclass{article}
\usepackage{tikz}
\usetikzlibrary{arrows,shapes}
\usepackage{dot2texi}
\begin{document}
% Define layers
\pgfdeclarelayer{background}
\pgfdeclarelayer{foreground}
\pgfsetlayers{background,main,foreground}
% The scale option is useful for adjusting spacing between nodes.
% Note that this works best when straight lines are used to connect
% the nodes.
\begin{tikzpicture}[>=latex’,scale=0.8]
% set node style
\tikzstyle{n} = [draw,shape=circle,minimum size=2em,
inner sep=0pt,fill=red!20]
\begin{dot2tex}[dot,tikz,codeonly,styleonly,options=-s -tmath]
digraph G {
node [style="n"];
A_1 -> B_1; A_1 -> B_2; A_1 -> B_3;
B_1 -> C_1; B_1 -> C_2;
B_2 -> C_2; B_2 -> C_3;
B_3 -> C_3; B_3 -> C_4;
}
\end{dot2tex}
% annotations
\node[left=1em] at (C_1.west) (l3) {Level 3};
\node at (l3 |- B_1) (l2){Level 2};
\node at (l3 |- A_1) (l1) {Level 1};
% Draw lines to separate the levels. First we need to calculate
% where the middle is.
\path (l3) -- coordinate (l32) (l2) -- coordinate (l21) (l1);
\draw[dashed] (C_1 |- l32) -- (l32 -| C_4);
\draw[dashed] (C_1 |- l21) -- (l21 -| C_4);
\draw[<->,red] (A_1) to[out=-120,in=90] (C_2);
% Highlight the A_1 -> B_1 -> C_2 path. Use layers to draw
% behind everything.
\begin{pgfonlayer}{background}
\draw[rounded corners=2em,line width=3em,blue!20,cap=round]
(A_1.center) -- (B_1.west) -- (C_2.center);
\end{pgfonlayer}
\end{tikzpicture}
\end{document}

It’s a broken example. gives:

ERROR: Package pgf Error: No shape named `C_1' is known.

An example in a manual should just work. What’s the problem?

Seems like a dead project. These two locations are mentioned in the manual and non-existent:

https://www.ctan.org/tex-archive/help/Catalogue/entries/dot2tex.html
http://www.fauskes.net/code/dot2tex/

(edit) CTAN location apparently moved here, but it may be out of maintenance:

https://www.ctan.org/pkg/dot2texi

All similare graphviz pkgs were last modified in 2018.

TL;DR: .. hosting a website on a 25-year-old Sun Netra X1 SPARC server running OpenBSD 7.8. The setup includes: Noctua fan mods for quiet operation, httpd serving static HTML/CSS, OpenBSD’s pf firewall with default-deny rules, and Cloudflare tunnels to expose it safely without port forwarding. The server pulls ~55MB of RAM and serves pages from my garage. Check it out live at sparc.rup12.net - because why not?

Well, the guy licks Cloudflare’s boots. Fuck that. He doesn’t understand the problem with that. So perhaps the real answer is NO, if he depends on Cloudflare Inc.