logoalt Hacker News

NooneAtAll3yesterday at 2:30 PM5 repliesview on HN

fascinating how GrapheneOS achieves high security level on the same hardware where Google failed to even randomize android's kernel location

Replies

jnwatsonyesterday at 3:06 PM

Randomizing the kernel location is of marginal utility at best. There are so many info leaks that KASLR ends up being only a small speed bump on the way to exploitation.

Here's a cool project that inventories all your KASLR info leaks: https://github.com/bcoles/kasld

aftbityesterday at 4:42 PM

Is Graphene vulnerable to these exploits?

StilesCrisisyesterday at 2:57 PM

It's easy to be secure if you just remove features. There's obvious tension here.

show 1 reply
icf80yesterday at 2:35 PM

google has lost its focus with pixel phones

show 1 reply
jeffbeeyesterday at 3:33 PM

KASLR isn't an effective mitigation against anything, and to me this is part of GrapheneOS's catalog of superficial but meaningless claims.

show 1 reply