GrapheneOS on Nostr: Firmware images are fully verified via the hardware root of trust before being used, ...
Firmware images are fully verified via the hardware root of trust before being used, including fuse-based downgrade protection. GrapheneOS is fully verified via key flashed to secure element while unlocked. You can check that it's the correct key at boot:
https://grapheneos.org/install/cli#verified-boot-key-hash.
Published at
2023-05-11 15:46:01Event JSON
{
"id": "14b6584b741361a025c42c8dd52a90dd903a17716bf2510a1eaaaec740d8031c",
"pubkey": "5468bceeb74ce35cb4173dcc9974bddac9e894a74bf3d44f9ca8b7554605c9ed",
"created_at": 1683819961,
"kind": 1,
"tags": [
[
"e",
"8c4e6de750f92cd8f4ab8ff225c15dec733243f30e94cc4974809df29384bc6b",
"wss://relay.mostr.pub",
"reply"
],
[
"mostr",
"https://grapheneos.social/users/GrapheneOS/statuses/110350825012713928"
]
],
"content": "Firmware images are fully verified via the hardware root of trust before being used, including fuse-based downgrade protection. GrapheneOS is fully verified via key flashed to secure element while unlocked. You can check that it's the correct key at boot: https://grapheneos.org/install/cli#verified-boot-key-hash.",
"sig": "207b6fcdf8de7b3e50fb1942c1a1b575bc609edd71c50770eb197b609f84eff15e519632fd5c759521b16e18096ce2dc11747356db2ecdc027881a004ea07ec6"
}
