Hi,
Was forwarded here from the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread.
Regarding:
other8026
Before booting, a hash is displayed and it's not hard to determine the OS is GrapheneOS.
Can someone clarify how it would be not hard (aka trivial) to determine that a device is using GOS just from looking at that 8 digit/character hex-number?
How would it be determined in the first place? And:
other8026
If they get into recovery, the name "GrapheneOS" shows up instead of generic "Android" (I haven't checked, but saw it was rebranded on GitHub, so I think I should be right about this part).
Which GitHub commit states this?
Just checked and neither the Recovery mode nor the Fastboot mode show any GOS branding, at least not on a pre-Tensor device.
GrapheneOS
It's not possible to hide this because the key fingerprint will still be shown at boot.
That fingerprint is not the same as the boot animation, i.e. the boot animation could still be changed.
As already suggested on the other "Replacing GOS boot animation with vanilla AOSP boot animation" thread, can the @GrapheneOS team consider to replace the GOS boot animation with the vanilla AOSP boot animation with the next GOS release(s)?
Otherwise it would continue to be immediately obvious that a device is using GOS when it boots.
Regarding:
GrapheneOS
They could also simply read the OS images from the SSD which show it's using GrapheneOS. The OS data partition has all blocks encrypted but the OS images are publicly available so there's no point hiding parts of them, and it's what implements the encryption so it can't be hidden that it's GrapheneOS installed on the SSD.
Can someone clarify how it would be "simple" to access any unencrypted contents of a device flash storage when the flash storage is soldered onto the device's mainboard and when the device has its bootloader locked?