How does GrapheneOS defend against attacks on the cellular baseband, Wi-Fi baseband or other firmware / hardware?
reddit.com/r/GrapheneOS/c
By carefully choosing hardware targets since the OS is only part of what matters. OS mostly just needs to avoid screwing up IOMMU isolation.
Conversation
Replying to
Hardening in the OS improving the security of the drivers in the kernel and userspace is relevant by protecting against exploitation of the OS from the hardware. Most of what matters is the security of the firmware itself, the isolation for it and providing full security updates.
1
4
Running a different operating system is not going to fix underlying issues in the hardware and firmware. At best, it can reduce attack surface and preserve the hardware-based isolation. IOMMU isolation is worthless if the driver fully trusts the hardware which is not uncommon.
1
1
4
It's common to see Linux kernel drivers trusting data from the hardware or sharing memory with it in a way that exposes data structures, function pointers, etc. to the hardware and breaks down the isolation. Bugs can also be exploited as always. Mostly not an OS issue though.
1
1
In the long-term, my vision for GrapheneOS includes having a substantially larger development team and the resources to make custom devices. I want to make truly privacy and security focused hardware, rather than simply marketing it that way and not even matching iPhones/Pixels.
2
1
9
Until that future becomes a reality, if ever, it's all about choosing hardware targets wisely based on actual research into them and an understanding of the real privacy and security properties. Marketing / branding or gimmicks without real threat models / purpose aren't factors.
1
This Tweet was deleted by the Tweet author. Learn more
On past devices, it made some changes, but it isn't currently part of the downstream changes. It's an important area for research and improvements in GrapheneOS though. It's not desirable to end up maintaining security fixes downstream though but rather features with trade-offs.
2