all InfoSec news
GrapheneOS fixes massive flaws in Android's verified boot with big improvements
Feb. 2, 2023, 3:12 p.m. | /u/JackDonut2
Privacy & Freedom in the Information Age www.reddit.com
https://grapheneos.org/releases#2023012500
This is part of our ongoing verified boot improvements to fix massive flaws we've discovered in the standard Android verified boot which largely break it.
On Android, verified boot won't detect malicious updates to APK-based components. An attacker can do privileged persistence via fake APK-based component updates after exploiting the OS. They can't do this for APEX components but many APK-based components are quite privileged too.
Our …
android apex apk big boot detect exploiting fake fix fixes flaws malicious persistence privacy privileged release standard system updates verified
More from www.reddit.com / Privacy & Freedom in the Information Age
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Consultant
@ Auckland Council | Central Auckland, NZ, 1010
Security Engineer, Threat Detection
@ Stripe | Remote, US
DevSecOps Engineer (Remote in Europe)
@ CloudTalk | Prague, Prague, Czechia - Remote
Security Architect
@ Valeo Foods | Dublin, Ireland
Security Specialist - IoT & OT
@ Wallbox | Barcelona, Catalonia, Spain