anarsec @matchboxbananasynergy Is there any official or unofficial advice for what services to access if Auditor ever detects tampering? The guide currently links to Access Now’s Digital Security Helpline.
Actually, I have a question with a broader scope. What is the recommended user behavior upon Auditor detecting tampering? @GrapheneOS
As a baseline, users should immediately consider the device untrusted and start fresh with a new one, but I'm wondering if there are additional recommendations? From the user's perspective, forensic analysis could be in their interest - if such an analysis can determine how the compromise occurred, and this can be mitigated, then the adversary can no longer simply compromise the new device with the same attack vector. For instance, do GrapheneOS devs want to receive firmware images for forensic analysis?