all InfoSec news
GrapheneOS fixes massive flaws in Android's verified boot with big improvements
Feb. 2, 2023, 3:12 p.m. | /u/JackDonut2
Privacy & Freedom in the Information Age www.reddit.com
https://grapheneos.org/releases#2023012500
This is part of our ongoing verified boot improvements to fix massive flaws we've discovered in the standard Android verified boot which largely break it.
On Android, verified boot won't detect malicious updates to APK-based components. An attacker can do privileged persistence via fake APK-based component updates after exploiting the OS. They can't do this for APEX components but many APK-based components are quite privileged too.
Our …
android apex apk big boot detect exploiting fake fix fixes flaws malicious persistence privacy privileged release standard system updates verified
More from www.reddit.com / Privacy & Freedom in the Information Age
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)