security/hakurei.app
security/hakurei.app
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 4 Wiki Activity

document system component downgrade protection

Browse Source
This commit is contained in:
Daniel Micay 2022-12-28 13:29:38 -05:00
parent 9ba49c8e2e
commit 43b3fbbf93
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
static/features.html
View File

@ -383,6 +383,12 @@
<ul> <ul>
<li>Enhanced <a href="https://source.android.com/docs/security/features/verifiedboot">verified boot</a> <li>Enhanced <a href="https://source.android.com/docs/security/features/verifiedboot">verified boot</a>
with better security properties and reduced attack surface</li> with better security properties and reduced attack surface</li>
<li>GrapheneOS closes a loophole where app-based system components
built as part of the OS can be downgraded to an older version due to
versionCode not being incremented when system components get updated
as part of changes to the OS. We prevent this for both package updates
and as part of detecting whether to use out-of-band updates to system
apps at boot.</li>
<li>Enhanced hardware-based attestation with more precise version information</li> <li>Enhanced hardware-based attestation with more precise version information</li>
<li>Hardware-based security verification and monitoring via our <li>Hardware-based security verification and monitoring via our
<a href="#auditor">Auditor app and attestation service</a></li> <a href="#auditor">Auditor app and attestation service</a></li>