GrapheneOS has been working on a duress PIN/password feature for a while, and as part of that we already implemented our own wipe-without-reboot system. We care a lot about doing things properly and the way this was done in existing apps and operating systems was highly insecure.
Can see the announcement of these being exploited in the wild at https://source.android.com/docs/security/bulletin/pixel/2024-04-01#Announcements.
In addition to them working on our proposal to implement wipe-without-reboot, we've spotted work on our other suggestions such as wiping key derivation results from memory after unlocking.
MetropleX [GrapheneOS] ⚡🟣
npub1gd…7cn8c
2024-04-02 23:52:46
in reply to nevent1q…qujn
Author Public Key
npub1gd3h5vg6zhcuy5a46crh32m4gjkx8xugu95wwgj2jqx55sfgxxpst7cn8cPublished at
2024-04-02 23:52:46Event JSON
{
"id": "cd2899fb1f3f6d22d92ab901d5345fd113fbdb63b27907bc077ebadbedaf6313",
"pubkey": "43637a311a15f1c253b5d60778ab7544ac639b88e168e7224a900d4a41283183",
"created_at": 1712101966,
"kind": 1,
"tags": [
[
"e",
"a916a7cc1cdc81ae6b033f414e9462cd3a7c0a688384fc100ba56fba63a13a34",
"",
"root"
],
[
"p",
"43637a311a15f1c253b5d60778ab7544ac639b88e168e7224a900d4a41283183"
],
[
"r",
"https://source.android.com/docs/security/bulletin/pixel/2024-04-01#Announcements."
]
],
"content": "GrapheneOS has been working on a duress PIN/password feature for a while, and as part of that we already implemented our own wipe-without-reboot system. We care a lot about doing things properly and the way this was done in existing apps and operating systems was highly insecure.\n\nCan see the announcement of these being exploited in the wild at https://source.android.com/docs/security/bulletin/pixel/2024-04-01#Announcements.\n\nIn addition to them working on our proposal to implement wipe-without-reboot, we've spotted work on our other suggestions such as wiping key derivation results from memory after unlocking.",
"sig": "0884a0bbaf37dde0f2a0cf3ef14b5871acb227986c206075389ea2389d630dc874b2c4aaa80e8cd47b00f5b313b36187f4f84c5357263e50c628c218a18de972"
}