{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibvqjzv7qgd5vj64ztnthumfzijibzudv6l54s5hyagvumig24qem",
    "uri": "at://did:plc:34cg4tn4iwemk3v5k3n3adwf/app.bsky.feed.post/3mekcglkvbyy2"
  },
  "path": "/t/smartphones-are-not-safe/34004?page=2#post_38",
  "publishedAt": "2026-02-11T00:42:58.000Z",
  "site": "https://forum.f-droid.org",
  "textContent": "GrapheneOS can’t modify the chip’s firmware, but it can modify the Linux kernel (Android is based on Linux).\n\nGrapheneOS patches the kernel so that during a reboot or shutdown (including switching to Fastboot/Bootloader), the RAM is filled with “garbage.” This erases encryption keys from RAM before a potential attacker can extract them via a cold boot or bootloader bug.\n\nTitan M State Management: In the Pixel, the security chip (Titan M/M2) is responsible for storing keys. GrapheneOS modifies the logic for interacting with this chip so that when a reboot command to special modes, access to the protected key slots is immediately blocked at the hardware level.\n\nProcess Termination: If the system detects an abnormal shutdown, protection mechanisms attempt to prevent the “After First Unlock” state from being saved.\n\nDriver Patches (Kernel-level Patches)\nA driver is a “translator” between Android and the processor firmware. If there’s a bug in how the processor processes data, GrapheneOS can patch the driver in the system kernel. How it works: Instead of patching the hardware itself, it changes the way commands are sent to it, bypassing the vulnerable areas.",
  "title": "Smartphones are not safe"
}