thetraveller1 Cellular baseband firmware is updated by the OS and must have a valid signature. It has verified boot as with the rest of the firmware and the OS. Carriers do not provide the updates to it and do not have control over it. The cellular baseband is isolated from the OS like other radios. Cellular, Wi-Fi and Bluetooth are implemented in a similar way. It's a misconception that cellular basebands are significantly different from Wi-Fi/Bluetooth basebands, and in fact on Snapdragon devices they're the same isolated component with internal sandboxing for the different radio processes.

    de0u The secure element is not part of the SoC and does not simply store data unencrypted on regular flash memory. If you have a strong random passphrase, then you aren't depending on the secure element for security against brute force. If you have a 6 digit random PIN, you depend on it entirely.

        DVDVDV Booting up recovery and performing a factory reset is enough to remove all of the operating system's persistent state. Please read https://grapheneos.org/install/web#verifying-installation. Reinstalling the OS via fastboot mode has the same end result as a factory reset. Either way, the firmware and OS images are fully verified to be genuine by verified boot and data is wiped. Recovery vs. fastboot mode are both very minimal with extremely minimal persistent state used only for a few specific things.

            DVDVDV There are vulnerabilities in every radio fixed on a regular basis. The amount of media coverage and hype for vulnerabilities does not reflect their severity of uniqueness. It largely depends on who finds it and how they promote it. Google Project Zero invested resources into finding vulnerabilities in the modem used by Pixels to help make it more secure. Finding and fixing these vulnerabilities is a good thing, not a bad thing. Google Project Zero not investing the same resources into other radios doesn't mean they're more secure, but does mean they didn't get this major round of bugs getting found and fixed.

              • [deleted]

              • Post #14

              GrapheneOS Is booting to recovery to factory reset equivalent to doing it through Settings > System > Reset?

                Blastoidea
                Maybe you will find this interesting, I certainly did!

                https://youtu.be/lhbSD1Jba0Q

                This is really cool, but most surely does not have any relevance to any of the chips in the Pixel, it should be infinently more complex than what you find in an old Set Top Box. But the fact that this is possible, is crazy :D