The GrapheneOS team behind the privacy and security-focused Android-based operating system with the same name is suggesting that Android should introduce an auto-reboot feature to make exploitation of firmware flaws more difficult
The project revealed that it recently reported firmware vulnerabilities impacting Android devices such as Google Pixel and Samsung Galaxy phones, which could be exploited to steal data and spy on users when the device is not at rest
The first unlock after a reboot causes multiple cryptographic keys to move to the quick access memory so installed apps to work properly and the device switches to a "not at rest" state.
The GrapheneOS team highlights that locking the screen after using the device does not place it back into the "at rest" state because some security exemptions persist.