I'm no expert but I have a question about GrapheneOS (npub1kwa…e0nj)
does it
1. enforce a cryptographically verified boot sequence.
- and who says which keys are ok? google, gOS?
2. allow-list only controls for executables, which themselves are cryptographically verified.
- why not allow-list filesystem locations too
#grapheneos #security
Tariq
npub1hd…ah4dh
2025-07-14 15:01:51 UTC
Author Public Key
npub1hdjwjeq20wqlr6up9f3fv060uemqmf0haj205vlm6akqpj9dyw8smah4dhSeen on
wss://relay.momostr.pinkPublished at
2025-07-14 15:01:51 UTCEvent JSON
{
"id": "d9084e7daf2c7687ccf1a7c4726a5a752d391ebfef87e518fb8c4e860f59e850",
"pubkey": "bb64e9640a7b81f1eb812a62963f4fe6760da5f7ec94fa33fbd76c00c8ad238f",
"created_at": 1752505311,
"kind": 1,
"tags": [
[
"p",
"b3ba3c5045fbaf99be9cb4daa9f1d7baeedaba0fc5b91596511e2fb7a70dd7f9"
],
[
"t",
"security"
],
[
"proxy",
"https://mastodon.social/@rzeta0/114852188084588390",
"web"
],
[
"t",
"grapheneos"
],
[
"proxy",
"https://mastodon.social/users/rzeta0/statuses/114852188084588390",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.social/users/rzeta0/statuses/114852188084588390",
"pink.momostr"
],
[
"-"
]
],
"content": "I'm no expert but I have a question about nostr:npub1kwarc5z9lwhen05uknd2nuwhhthd4ws0cku3t9j3rchm0fcd6luslse0nj \n\ndoes it\n\n1. enforce a cryptographically verified boot sequence.\n\n- and who says which keys are ok? google, gOS?\n\n2. allow-list only controls for executables, which themselves are cryptographically verified.\n\n - why not allow-list filesystem locations too\n\n#grapheneos #security",
"sig": "a36e0ad3549ed588c0d86b4d666b9a6befd4994e8ae187a7214c7fb93bbcca40a89ce2ff50346455210aa90d892c159b0e620450fd655fed3951e044c33ec3f2"
}