Someone told me that there is spyware that cannot be removed with a factory reset/ROM flash because it is set to be persistent in an area a user cannot touch (even with root + TWRP), only the factory tools can. But what about GrapheneOS? Could someone infect it with this serious type of spyware? And if yes, could it be done wirelessly, or would they need physical access & need to plug in something? Lastly, if grapheneOS was infected, or there was suspicion it was, would reverting it to an earlier restore point wipe any spyware? Could any spyware persist? What should be done? -Thanks!
Exploit protections in GrapheneOS
The answer here is likely generally not. Exploits that would achieve anything even remotely similar to what you're describing cost millions, and they're used in very specific circumstances.
GrapheneOS does implement measures to prevent exploitation of unknown vulnerabilities in multiple ways, at least some of which are documented here:
https://grapheneos.org/features#exploit-protection
That, alongside the fact that GrapheneOS ships patches/updates extremely quickly, I would say you're more than likely fine.
If that isn't enough assurance for you, it's possible that your threat model is so extreme (and potentially unrealistic) that no digital device will be secure for you.
- Edited
matchboxbananasynergy Thanks Mr. Banana! Worst case scenario I would hypothetically just restore to a previous backed up restore point I guess.
matchboxbananasynergy . Check these two links out, very scary.
https://www.bbc.com/news/technology-54106863
https://www.cnet.com/news/privacy/nsa-planted-surveillance-software-on-hard-drives-report/