Exploits of a local machine with hardware access are a dime a dozen.
For most things everyone assumes if you can run arbitrary code you already have total effective control. That is why the gold standard is RCE remote code execution not root.
Privilege escalation is a problem but is the majority of the vulnerabilities found so far. And it is really only a problem in mixed environments where you are expecting to run untrusted code.
To me this reads more like a cope for Cellebrite. How about start by disabling JTAG debugging on cell phones and have bluetooth default off? Even better prompt the user if something tries to communicate on USB before accepting any data at all. That is not a Linux problem, that is a design problem. Sometimes adding a little friction for the user is acceptable.
Exploits of a local machine with hardware access are a dime a dozen.
For most things everyone assumes if you can run arbitrary code you already have total effective control. That is why the gold standard is RCE remote code execution not root.
Privilege escalation is a problem but is the majority of the vulnerabilities found so far. And it is really only a problem in mixed environments where you are expecting to run untrusted code.
To me this reads more like a cope for Cellebrite. How about start by disabling JTAG debugging on cell phones and have bluetooth default off? Even better prompt the user if something tries to communicate on USB before accepting any data at all. That is not a Linux problem, that is a design problem. Sometimes adding a little friction for the user is acceptable.
Xcancel: https://xcancel.com/GrapheneOS/status/2035450069118296272
Wow that's a hard take if I've read one