Security News > 2024 > January > GrapheneOS: Frequent Android auto-reboots block firmware exploits

GrapheneOS: Frequent Android auto-reboots block firmware exploits
2024-01-14 15:32

The GrapheneOS team behind the privacy and security-focused Android-based operating system with the same name is suggesting that Android should introduce an auto-reboot feature to make exploitation of firmware flaws more difficult.

The project revealed that it recently reported firmware vulnerabilities in the Android operating system that impact Google Pixel and Samsung Galaxy phones, which could be exploited to steal data and spy on users when the device is not at rest.

The GrapheneOS team highlights that locking the screen after using the device does not place it back into the "At rest" state because some security exemptions persist.

Although GrapheneOS devs have not shared many details about the exploited firmware bugs, they proposed a generic mitigation that would work well in most cases: an auto-reboot feature that is already present in their operating system.

"GrapheneOS is a third-party mobile operating system based on the Android Open Source Project. GrapheneOS reported these issues to our Android Vulnerability Reward Program on January 2. We are in the process of reviewing and determining next steps" - Google.

Frequently rebooting your Android or iOS device has been touted as a good idea for fixing problems such as heating, memory, or even call signal but also.


News URL

https://www.bleepingcomputer.com/news/security/grapheneos-frequent-android-auto-reboots-block-firmware-exploits/