final [GrapheneOS] 📱👁️🗨️ on Nostr: A company that sells a security theater product that misleads people about detecting ...
A company that sells a security theater product that misleads people about detecting sophisticated remote attacks made a misrepresented claim that an unused, disabled app meant to run on Pixels for display in stores is an exploitable component. Mainstream media went with it without doing prior research.
Pixels cannot enable this app without physical access with ADB which requires the user's password, or a sophisticated remote execution exploit that would be more dangerous than the security implications they are trying to imply are.
GrapheneOS does not bundle this app and we were aware of it for years (2017 or earlier) so it's irrelevant to GrapheneOS users. It's scaremongering for marketing for a product that they can't even possibly do what they claim.
Published at
2024-08-16 20:11:13Event JSON
{
"id": "627c1728fec79aab2ade7993a943fe8c5ce5f56eb7ca6e34af842ba1a343d187",
"pubkey": "c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185",
"created_at": 1723839073,
"kind": 1,
"tags": [
[
"e",
"fd549f1b76b3f264b3c84df521baddf08191291312a8489e9296962de95cbd47",
"",
"root"
],
[
"e",
"e6fa85ef51d8cbe3c99a3d31a9ccd943cd8635001a0c21781d76c7762eb4ec80"
],
[
"e",
"29d26f4f4948eb9f8de805cc3fd642309cd20c17029014c849d8cdb4305a189e",
"",
"reply"
],
[
"p",
"c15a5a65986e7ab4134dee3ab85254da5c5d4b04e78b4f16c82837192d355185"
],
[
"p",
"9c334494dd631fee5e003302e08d5facfd32c4e476ba23229cc70b4b9ecd2ed1"
]
],
"content": "A company that sells a security theater product that misleads people about detecting sophisticated remote attacks made a misrepresented claim that an unused, disabled app meant to run on Pixels for display in stores is an exploitable component. Mainstream media went with it without doing prior research.\n\nPixels cannot enable this app without physical access with ADB which requires the user's password, or a sophisticated remote execution exploit that would be more dangerous than the security implications they are trying to imply are.\n\nGrapheneOS does not bundle this app and we were aware of it for years (2017 or earlier) so it's irrelevant to GrapheneOS users. It's scaremongering for marketing for a product that they can't even possibly do what they claim.",
"sig": "fa7ad6ed1ff2cf229e9114f498e83ec3838de7b96b1ab0a814e0cd3d6e3a64800c0c54d28df3a04f4ec8548e637dc46ce5b8839f9730391d7a89592398586e33"
}