Debunking fake stock Pixel OS vulnerability from an EDR company
discuss.grapheneos.orgWhat I found funny about the Wired piece, is that one of the worlds top big brother companies, Palantir (do they see themselves as Saruman or are they on the good side, I earnestly wonder, perhaps someone from the inside could comment on that, highly appreciated), makes the point.
Where's the debunking? The linked post seems to only say that the various media outlets are "misrepresenting a vulnerability" and "fearmongering", but doesn't really expand on that aside from saying it's disabled and "Stock Pixel OS no longer gives the same level of access to the active carrier". It doesn't expand on why those make the vulnerability a non-issue. I expected far more from a "debunking".
> "The most straightforward way to do this would involve having physical access to a victim's phone as well as their system password or another exploitable vulnerability that would allow them to make changes to settings."
If I have all that, why would I need a second level vulnerability? In fairness, the Wired piece might be technically correct, but it does seem overblown; a nice fluffy PR piece rolled up with clickbait.
It's a preloaded app with possibly privileged permissions (ie. permissions that apps you install normally can't get), so it's possibly worse than what you can normally achieve via physical access. I checked the iVerify report[1], and it doesn't look like such permissions exist, but I'd appreciate more elaboration about the actual vulnerability from grapheneos's debunking post, rather than spending half the article ranting about how various entities are bad.
[1] https://40052983.fs1.hubspotusercontent-na1.net/hubfs/400529...
Even if it has more permissions than a normal app, if you have the password and unrestricted local access to the phone you can already put it in debugging mode and connect to it via adb.
Permissions with protectionLevel of "signature|privileged" can't be granted with adb, so having such an app installed would give you more access than you can get via adb.
https://developer.android.com/reference/android/R.attr#prote...
Thank you, I did not know that.