Next release for 9th generation Pixels will have further hardening with RANDSTRUCT enabled for the kernel with a deterministic seed (the commit timestamp).
RANDSTRUCT randomizes the order of data structures and function pointer tables at compilation based on a seed, so exploits need to be catered to specific seeds. We've made it deterministic to preserve #GrapheneOS reproducible builds by using the hash of the commit date as a seed so it changes the layouts with each base kernel change and we can make it per-device-model later too.
When other devices get Kernel 6.1 (the upstream is in testing) it can be possible for them to get it too.
Telegram has full access to all of the content of group chats and regular one-to-one chats due to lack of end-to-end encryption. Their opt-in secret chats use homegrown end-to-end encryption with weaknesses. Deleting the content from the app likely won't remove all copies of it.
Telegram has heavily participated in misinformation campaigns targeting actual private messaging apps with always enabled, properly implemented end-to-end encryption such as Signal. Should stop getting any advice from anyone who told you to use Telegram as a private messenger.
Telegram is capable of handing over all messages in every group and regular one-to-one chat to authorities in France or any other country. A real private messaging app like Signal isn't capable of turning over your messages and media. Telegram/Discord aren't private platforms.
A major example of how Telegram's opt-in secret chat encryption has gone seriously wrong before:
.
The practical near term threat is for the vast majority of chats without end-to-end encryption: 100% of Telegram group chats and the regular 1-to-1 chats.
![final [GrapheneOS] ๐ฑ๐๏ธโ๐จ๏ธ's avatar](https://image.nostr.build/d837117ca56e292d9f16143a673f47fdb0c3f7273573a2394b1892b3c8c8a688.jpg)
