final [GrapheneOS] 📱👁️🗨️ on Nostr: We have posted some clarifications regarding the BleepingComputer article on Twitter ...
We have posted some clarifications regarding the BleepingComputer article on Twitter in response to some Android security experts who have criticisms on how the article is read out. The reporting is not as accurate as it should be. While the article is positive there are still some mistakes.
The mitigation the project is suggesting is a reset attack protection where memory is zeroed to help prevent ramdumps from being taken advantage of in these scenarios. The article suggests the positive use of a auto reboot function, however it reads out like it is our solution to the exploit -- it is not. This is not a primary mitigation, rather a simple countermeasure.
Twitter: https://x.com/GrapheneOS/status/1746585083279028276?s=20
Nitter: https://nitter.cz/GrapheneOS/status/1746585083279028276?s=20
The mitigation the project is suggesting is a reset attack protection where memory is zeroed to help prevent ramdumps from being taken advantage of in these scenarios. The article suggests the positive use of a auto reboot function, however it reads out like it is our solution to the exploit -- it is not. This is not a primary mitigation, rather a simple countermeasure.
Twitter: https://x.com/GrapheneOS/status/1746585083279028276?s=20
Nitter: https://nitter.cz/GrapheneOS/status/1746585083279028276?s=20
quoting nevent1q…9yp2Our current affair about #GrapheneOS automatic reboot and our project's disclosed vulnerabilities on Fastboot firmware to Google has reached some media outlets.
It appears BleepingComputer received a statement from Google confirming the reported issues and will be taking steps to review it.
The GrapheneOS project once again is leading the forefront of mobile security research.
https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/