That means shit, if someone can compromise your bootloader in an hotel or some other public place then they’ll get to your data either way once you turn on the phone.
I never really understood how this kind of attack happens. Can it simply be done in any phone? What are the required conditions?
Where is GrapheneOS securing millions of dollars from to buy Cellebrite kits that Israel government only sells to governments and contractors? Or are they lying? Because they lie everywhere on the internet to manufacture myths so they can later quote themselves as the source of “truth”. https://i.imgur.com/woNxPhx.jpg
Ah I see, does that mean that in terms of security, switching to another ROM on a phone with non re-lockable bootloader is a downgrade from the stock ROM?
Don’t you think it’s easier, due to inattention when installing a compromised app, a privilege escalation attack through root or actually an invasion due to the amount of bloatware from companies that take their piece of the pie in the Stock ROM (even though they do would cleaning via ADB) and even worse rooted to block these suspicious traffic be something more harmful for the user?
Because the ability to steal the decryption password in RAM memory due to the unlocked bootloader is a little less likely for the thief to have.
I use LineageOS and I feel much better, since my cell phone is Xiaomi, than using MIUI, which is from a chinese big tech company and has proprietary code.
Tell you what: I agree with you on this. If one is truly paranoid and takes physical security into account, a rooted stock OS is a far better option in terms of restricting access to system files (not saying the CIA/MOSSAD can’t do it, but your random reddit-informed script kiddie definitely can’t). Indeed, rooting your stock OS, firewalling everything and deleting telemetry might be a decent idea (there are ways to install security patches on rooted mobiles, not to worry).
Edit: on the matter of CalyxOS, I wouldn’t go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work. Oh, and what domain do Google chips use for almanacs anyway?
One could argue about funding/interest when there are other things to fix. Essentially, when someone develops FOSS, people don’t get to order them around on what to do. I’m very pleased with what Calyx and Graphene have achieved till date and support them wholeheartedly (speaking of which, I should get back to donating, money is a bit tight though). But yes, perhaps a disclaimer for the paranoid people on Calyx’s website could be a decent idea.
Removed by mod
I never really understood how this kind of attack happens. Can it simply be done in any phone? What are the required conditions?
Removed by mod
Where is GrapheneOS securing millions of dollars from to buy Cellebrite kits that Israel government only sells to governments and contractors? Or are they lying? Because they lie everywhere on the internet to manufacture myths so they can later quote themselves as the source of “truth”. https://i.imgur.com/woNxPhx.jpg
Didn’t they get some grant from twitter or something like that? Cuz calyxos did get a million dollar grant last year from that jak dorsie guy.
Ah I see, does that mean that in terms of security, switching to another ROM on a phone with non re-lockable bootloader is a downgrade from the stock ROM?
Removed by mod
Don’t you think it’s easier, due to inattention when installing a compromised app, a privilege escalation attack through root or actually an invasion due to the amount of bloatware from companies that take their piece of the pie in the Stock ROM (even though they do would cleaning via ADB) and even worse rooted to block these suspicious traffic be something more harmful for the user?
Because the ability to steal the decryption password in RAM memory due to the unlocked bootloader is a little less likely for the thief to have.
I use LineageOS and I feel much better, since my cell phone is Xiaomi, than using MIUI, which is from a chinese big tech company and has proprietary code.
Removed by mod
Tell you what: I agree with you on this. If one is truly paranoid and takes physical security into account, a rooted stock OS is a far better option in terms of restricting access to system files (not saying the CIA/MOSSAD can’t do it, but your random reddit-informed script kiddie definitely can’t). Indeed, rooting your stock OS, firewalling everything and deleting telemetry might be a decent idea (there are ways to install security patches on rooted mobiles, not to worry).
Edit: on the matter of CalyxOS, I wouldn’t go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work. Oh, and what domain do Google chips use for almanacs anyway?
Removed by mod
One could argue about funding/interest when there are other things to fix. Essentially, when someone develops FOSS, people don’t get to order them around on what to do. I’m very pleased with what Calyx and Graphene have achieved till date and support them wholeheartedly (speaking of which, I should get back to donating, money is a bit tight though). But yes, perhaps a disclaimer for the paranoid people on Calyx’s website could be a decent idea.
Removed by mod
Thanks for the info! I agree, without being able to outright change phone, you can only choose your tradeoffs
Removed by mod