One-minute hack allowed lock screen bypass on Android, current Pixels are safe - An article published on November 11, 2022 on androidpolice.com:
Initially stated:

Some people have already reported devices running Lineage are vulnerable, and likely GrapheneOS as well.

We contacted the news site and got the correction issue resolved right away. Thanks to the author, Cody Toombs for addressing our concern on this first matter.

UPDATE: 2022/11/11 21:10 EST BY CODY TOOMBS
GrapheneOS is reportedly patched already
A member of the GrapheneOS team has reached out to confirm that the latest patch has been applied and released as part of an update released on November 8, 2022.

The second matter is https://twitter.com/GrapheneOS/status/1591306063454031872 | nitter, which I hope will get address on that article as well.

14 days later
akc3n unstickied the discussion .
8 days later
  • [deleted]

malatoi Awesome! Wish I had a translation haha! It seems good from the Graphics! Can anyone translate a TLDR?

a year later
13 days later

maxsi I guess I see where the "enable USB debugging to install" advice comes from. It is true that installing adb on one's system and authorizing USB debugging is one way to reboot into the bootloader, but it seems like a lot more work than just holding down the Volume-down button while powering the device on (as the GrapheneOS web installer instructions say to do).

    de0u A lot of unofficial install guides mention that, despite it not being mentioned in any of our official guides.

    We've contacted 9to5Google to have that detail corrected for the written article, but they wouldn't be the first to make that mistake.

    https://cs.uwaterloo.ca/~m285xu/assets/publication/s2malloc-paper.pdf

    Hardened_malloc is the default allocator of GrapheneOS, a privacy and security focused Android-based OS. Hardened malloc incorporates all security features discussed in §2.1 and focuses on UAF-write protections. Similar to other entropybased allocators, Hardened malloc suffers from reduced randomness. It also incurs increased overheads for larger blocks, which limits its use scenarios.

    NBTV on yt and other channels pushes for mobile privacy, and always points out the benefits of GOS, and how apps etc are failing us