On device boot the device screen will show an OS fingerprint which is used by Android Verified Boot to match the signing keys of the Operating System installed. Comparing the fingerprint on boot to the keys below is a foolproof way to determine if the device has a verified CopperheadOS install. If the fingerprints below do not match the device boot screen there is a possibility it is a non-CopperheadOS install. If that is the case proceed with caution if the device was not purchased from an authorized CopperheadOS partner.
Updates can also be downloaded from Copperhead and installed via recovery with adb sideloading. The zip files are signed and will be verified by the CopperheadOS recovery image. Sideloading should only be done if OTA updates are not working and there is a critical issue with Updater.
How To Install reFX Nexus 1 4 1 On Mac Verified
Download: https://tinourl.com/2vFjmR
The verified boot and attestation features provided by the supported devices can be used to verify that the hardware, firmware and GrapheneOS installation are genuine. Even if the computer you used to flash GrapheneOS was compromised and an attacker replaced GrapheneOS with their own malicious OS, it can be detected with these features.
Checking this is useful after installation, but you don't need to check it manually for verified boot to work. The verified boot public key flashed to the secure element can only be changed when the device is unlocked. Unlocking the device performs the same wiping of the secure element as a factory reset and prevents data from being recovered even if the SSD was cloned and your passphrase(s) are obtained because the encryption keys can no longer be derived anymore. The verified boot key is also one of the inputs for deriving the encryption keys in addition to the user's lock method(s) and random token(s) on the secure element. 2ff7e9595c
Comments