🔥 Hello again, new #GrapheneOS Update 2024022600. This time we have a new security ...

final [GrapheneOS] 📱👁️‍🗨️

npub1c9d…sqfm

2024-02-27 03:07:02

🔥 Hello again, new #GrapheneOS Update 2024022600. This time we have a new security feature that's been worked on for a while: USB-C Port Security. This is a significant security enhancement.

This feature allows users of Tensor Pixels (6 and later) to have fine grained controls on USB controller functionality including totally disabling data lines or the port when the OS is in use.

There are 5 modes:

- On (current)
- Charging-only when locked except in BFU (before first-unlock)
- Charging-only when locked
- Charging-only
- Off (which even disables charging while booted into the normal OS mode).

This is different from the previous existing USB control features including the Android 12 USB HAL toggle which only disable high-level kernel functionality which still left all the low-level kernel driver, USB protocol and USB controller attack surface enabled.

Other changelogs:

- kernel (5.10, 5.15): add support for ignoring USB alt modes

- kernel (Tensor Pixels): extend max77759 USB-C controller driver used by Tensor Pixels with support for a sysfs node providing fine-grained control over the USB-C data path at the USB controller level

- Setup Wizard: fix crash for SIM locales not recognized by com.android.internal.app.LocalePicker

https://grapheneos.org/releases#2024022600

#GrapheneOS #Privacy #Security

Author Public Key

npub1c9d95evcdeatgy6dacats5j5mfw96jcyu79579kg9qm3jtf42xzs07sqfm

Show more details

Published at

2024-02-27 03:07:02

Kind type

1 Short Text Note

Event JSON

{ "id": "356ceca8ad1d3a6e9d477a5930cfbdb98078278b68a021f3ace3853482531924", "pubkey": "c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185", "created_at": 1709003222, "kind": 1, "tags": [ [ "t", "GrapheneOS" ], [ "t", "grapheneos" ], [ "t", "Privacy" ], [ "t", "privacy" ], [ "t", "Security" ], [ "t", "security" ], [ "r", "com.android.internal.app.LocalePicker" ], [ "r", "https://grapheneos.org/releases#2024022600" ] ], "content": "🔥 Hello again, new #GrapheneOS Update 2024022600. This time we have a new security feature that's been worked on for a while: USB-C Port Security. This is a significant security enhancement.\n\nThis feature allows users of Tensor Pixels (6 and later) to have fine grained controls on USB controller functionality including totally disabling data lines or the port when the OS is in use.\n\nThere are 5 modes:\n\n- On (current)\n- Charging-only when locked except in BFU (before first-unlock)\n- Charging-only when locked\n- Charging-only\n- Off (which even disables charging while booted into the normal OS mode). \n\nThis is different from the previous existing USB control features including the Android 12 USB HAL toggle which only disable high-level kernel functionality which still left all the low-level kernel driver, USB protocol and USB controller attack surface enabled.\n\nOther changelogs:\n\n- kernel (5.10, 5.15): add support for ignoring USB alt modes\n\n- kernel (Tensor Pixels): extend max77759 USB-C controller driver used by Tensor Pixels with support for a sysfs node providing fine-grained control over the USB-C data path at the USB controller level\n\n- Setup Wizard: fix crash for SIM locales not recognized by com.android.internal.app.LocalePicker\n\nhttps://grapheneos.org/releases#2024022600\n\n#GrapheneOS #Privacy #Security", "sig": "71b05c40814cec02927dbda26bf1c21c24f43ee6a5510cd541e181a87e372c0668c81d03183fcd8b42c75db6cd570078910d69bdb7706e369ff9f565a34a6373" }