- Edited
We've reported a vulnerability about missing reset attack mitigation explaining how fastboot mode is being exploited.
Reference Info: 318411468 Tensor Pixel fastboot mode vulnerability being exploited by forensic companies due to lack of reset attack mitigation
It's entirely possible to fix this whole class of problem via reset attack mitigation by clearing all the memory on reset while locked. It might as well also be cleared when shutting down. We've also brought up the fastboot mode vulnerability that's being exploited but we don't know the details of it. That vulnerability wouldn't be serious if there was reset attack mitigation. It could be used to flash another verified boot, enable debugging features, etc. As a side note, we also mentioned that the device management factory reset API is being used by apps in an insecure way where they expect that it can't be stopped once it's started even though an attacker can just interrupt it. We've always known this and therefore our work on a duress password feature and panic feature has focused on implementing a way to wipe without a reboot to recovery, which is why it's taking so long to perfect it and ship the features.