How does GrapheneOS defend against attacks on the cellular baseband, Wi-Fi baseband or other firmware / hardware?
reddit.com/r/GrapheneOS/c
By carefully choosing hardware targets since the OS is only part of what matters. OS mostly just needs to avoid screwing up IOMMU isolation.
Conversation
Hardening in the OS improving the security of the drivers in the kernel and userspace is relevant by protecting against exploitation of the OS from the hardware. Most of what matters is the security of the firmware itself, the isolation for it and providing full security updates.
1
4
Running a different operating system is not going to fix underlying issues in the hardware and firmware. At best, it can reduce attack surface and preserve the hardware-based isolation. IOMMU isolation is worthless if the driver fully trusts the hardware which is not uncommon.
1
1
4
It's common to see Linux kernel drivers trusting data from the hardware or sharing memory with it in a way that exposes data structures, function pointers, etc. to the hardware and breaks down the isolation. Bugs can also be exploited as always. Mostly not an OS issue though.
1
1
In the long-term, my vision for GrapheneOS includes having a substantially larger development team and the resources to make custom devices. I want to make truly privacy and security focused hardware, rather than simply marketing it that way and not even matching iPhones/Pixels.
Replying to
Until that future becomes a reality, if ever, it's all about choosing hardware targets wisely based on actual research into them and an understanding of the real privacy and security properties. Marketing / branding or gimmicks without real threat models / purpose aren't factors.
1
Replying to
That would be the convincing case for me to leave iOS, which I only moved to reluctantly due to exhaustion from constantly trying to protect myself from Google...