Why Nostr? What is Njump?
2024-09-05 19:40:04
in reply to

GrapheneOS on Nostr: We reported vulnerabilities being exploited by forensics companies in January 2024, ...

We reported vulnerabilities being exploited by forensics companies in January 2024, but we lacked access to their exploits so we couldn't provide full details. We suggested implementing 2 major security improvements:

1) firmware-based reset attack mitigation zeroing memory on boot
2) wipe-without-reboot support in the OS to avoid needing to reboot to recovery to perform a wipe, which could be trivially interrupted by an attacker

They ended up shipping both of these.
Author Public Key
npub1kwarc5z9lwhen05uknd2nuwhhthd4ws0cku3t9j3rchm0fcd6luslse0nj