Which public audits or reverse-engineering reports (e.g., by Project Zero, SRLabs, Corellium) confirm that Pixel’s bootloader, firmware, or drivers have no hidden telemetry when running GrapheneOS? Please share links and exact version numbers they examined.
Which researchers or teams are most trusted for inspecting Pixel/Qualcomm low-level code under GrapheneOS, and where can I find their detailed analyses (papers, GitHub repos)?
How can I verify that the firmware blobs on my GrapheneOS-flashed Pixel exactly match the versions those auditors tested (e.g., “golden” SHA-256 hash lists or manifests)?
Are there any CVEs or published exploits showing Pixel bootloader or Qualcomm blobs exfiltrating data beneath GrapheneOS? Which CVE IDs or papers should I review?