logoalt Hacker News

Arnttoday at 7:12 AM4 repliesview on HN

I know Graphene has innovative security measures, do you happen to know whether that includes anything wrt. phishing or social engineering?

(For those who haven't been following along: this whole affair started with phishing. People were social-engineered into installing an app and a little later their bank accounts were empty. A big issue in various poor countries.)


Replies

Aachentoday at 8:14 AM

That's one of its primary arguments: besides the hardening against exploits, they're considered such a safe OS because you cannot access your data either and give the wrong app root access. Everything lives in a sandbox. Whether not being able to grant full access to e.g. adb shell, Termux, or Restic is what you want is a personal choice, but it adds a layer of security against any malware that tries to get you to grant them root access

This is also the argument they use to try to convince app vendors to add their keys to the allowlist, because the app makers can trust that their DRM will be active (if Netflix sets a "no screen recording" flag, you the user cannot circumvent it by e.g. reading /dev/fb0). It should have broader compatibility than other FOSS Android builds (when running the officially signed version of course, you can't compile it yourself and expect such apps to run there)

show 1 reply
jabwdtoday at 8:18 AM

It is not an OS with bubblewrap, you can still mess up your privacy / security if you want to, that includes phishing and social engineering.

show 1 reply
preisschildtoday at 8:22 AM

> do you happen to know whether that includes anything wrt. phishing or social engineering?

Yes. For example if you install an apk from an unknown source (like a random website via browser or messenger) it will warn you what you are about to do and what effects that has.

You don't need to block stupid behavior. Just make sure users are well aware of their actions as long as they actually read warnings.

vlian2088today at 9:55 AM

my brother in Christ, people who root their phones don't fall for "Hello sir, I'm sir John from Microsoft, you have virus sir, please do the needful install antivirus and send gift card sir."

show 3 replies