Date: January 16, 2024. — A team of security researchers from GrapheneOS, a privacy and security-focused Android-based operating system, has suggested that Android should implement an auto-reboot feature to protect users from firmware attacks. Firmware attacks are a type of cyberattack that target the low-level software that controls the hardware of a device. Examples include the bootloader, the kernel, or the modem.These attacks can compromise user data, enable unauthorized surveillance, or even brick the device.
Forensic organizations with physical access to devices are already using firmware hacks. This is particularly true for Google Pixel and Samsung Galaxy phones, according to GrapheneOS. Only active devices can carry out these attacks. This implies that someone has unlocked them at least once since booting. Rebooted devices that remain unlocked are secure from this attack.
To decrease the window of opportunity for these and other yet-to-be-discovered vulnerabilities, GrapheneOS has an auto-reboot feature. It reboots the device after a period of inactivity. The device will reboot after 3 days if no profile successfully unlocks, but customers can choose a shorter time limit to retrieve their data quickly. GrapheneOS also offers enhancements to Android’s reboot process. This includes requiring a PIN or password to boot the device, encrypting the bootloader, and validating firmware integrity.
GrapheneOS claims that its operating system is more secure than stock Android because it incorporates a hardened kernel, a verified boot process, a sandboxed app environment, and a privacy-preserving firewall. Moreover, GrapheneOS also has Tor integration, microG support, and web-based attestation. Can install GrapheneOS on certain Pixel devices by following the instructions on the website.
