Do any examples exist of Graphene's hardening preventing security breaches?

jumpdeer

I appreciate the improvements GOS has made to AOSP's security models. But are there any real-world examples of the OS' hardening preventing security breaches? Software, firmware, or hardware?

Thanks and I look forward to the discussion.

de0u

jumpdeer I appreciate the improvements GOS has made to AOSP's security models. But are there any real-world examples of the OS' hardening preventing security breaches?

How would that be measured?

If somebody breaks into a phone which wasn't patched for the horrible PUK unlock bug that GrapheneOS discovered, where would that be reported?

Google has taken security patches submitted by GrapheneOS. Presumably they believe that without those patches somebody would have been breached. But that doesn't mean we can identify which people, or how many.

What sort of evidence are you hoping for?

Paflechien

jumpdeer https://github.com/GrapheneOS/os-issue-tracker/issues

[deleted]

Paflechien What does this have to do with their question?

Paflechien

[deleted] in order to answer the initial question which was "real-world examples of the OS' hardening preventing security breaches" All identified flaws are in this link: https://github.com/GrapheneOS/os-issue-tracker/issues

Paflechien

[deleted] when a security breach is detected it is in this link that it must be explained, or on Matrix to one of the devs by personal and encrypted message.

Blastoidea

That sounds a bit like trying to prove a negative.

Maybe I’m confused.

Paflechien

Blastoidea nothing can prevent a security breach, not even GOS

itsjpb

Paflechien what do you mean by this? that it's impossible to stop any breach attempt?

Blastoidea

Paflechien

Okay, before we go further, let’s define the term “security breaches” as used by OP.

Otherwise this is a circular discussion.

jumpdeer

Blastoidea For simplicity's sake, anything outlined here https://grapheneos.org/features#exploit-protection