Smartphones are not safe

GrapheneOS can’t modify the chip’s firmware, but it can modify the Linux kernel (Android is based on Linux). GrapheneOS patches the kernel so that during a reboot or shutdown (including switching to Fastboot/Bootloader), the RAM is filled with “garbage.” This erases encryption keys from RAM before a potential attacker can extract them via a cold boot or bootloader bug. Titan M State Management: In the Pixel, the security chip (Titan M/M2) is responsible for storing keys. GrapheneOS modifies the logic for interacting with this chip so that when a reboot command to special modes, access to the protected key slots is immediately blocked at the hardware level. Process Termination: If the system detects an abnormal shutdown, protection mechanisms attempt to prevent the “After First Unlock” state from being saved. Driver Patches (Kernel-level Patches) A driver is a “translator” between Android and the processor firmware. If there’s a bug in how the processor processes data, GrapheneOS can patch the driver in the system kernel. How it works: Instead of patching the hardware itself, it changes the way commands are sent to it, bypassing the vulnerable areas.