• henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    5 months ago

    You do it because it makes an attacker’s life harder because now I have to find two bugs instead of one.

    The entire boot chain of the phone up to the apps you run are verified successively by the component that loads it. A digital signature helps ensure that only trustworthy code ever runs. A bug must be found to bypass these checks to load malware code. For example, a bug in the image code in a web browser might cause loading of code that isn’t checked. This way the malware gets smuggled onto the phone.

    This means that if you get hacked via one bug and malware is loaded, the attacker has to work harder to solve the problem of how do I convince the phone to load it again at boot because the code it’s made of isn’t going to be approved code. When you reboot, you are effectively forcing a validation that all the code you have running is authentic, which would exclude the malware. Trick me once sure, can you survive a full pat down? Probably not. It’ll get caught.

    Unless I have a second bug to fool the normal code loading systems too, the malware can’t run. You have to go back and trigger the first bug again somehow, which places more strain on the attacker.

    • username@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      Exactly, as you already explained in detail this is primarily for security.

      GrapheneOS has a feature to set a time after which the phone reboots in case there was no unlock. So in case a bad actor gets your phone they only have that time with a running system after the first unlock. However, if you use it normally, and unlock it in regular intervals it does not auto-reboot. This is especially neat if your threat level is not “investigative journalist” or “political activist on the run”, because then you can set the time to a longer interval and the phone does not reboot every night when you are asleep which also leads to the SIM card being locked and nobody being able to call you…

        • Chozo@fedia.io
          link
          fedilink
          arrow-up
          1
          ·
          5 months ago

          I hope you get more chances to do so; you explained the situation in a much better way than the article and convinced me to reboot my phone.

          • SeekPie@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            5 months ago

            You restart your phone because of security.

            I ‘restart’ my phone, because it’s overheated and lost its battery % to 0.

            We’re not the same.