Buried lede at the end of the abstrac: They got execution on the Titan M.

That seems like a BFD.

They downgraded the firmware to one with a known vulnerability and used it to gain code execution, yes.

There's a video of the conference presentation of this paper

https://www.youtube.com/watch?v=UNPblJup5ko

> user-controlled memcpy bug in 2021

I'm starting to think these Rust people might be onto something here.

I noticed the paper concludes with "All vulnerabilities we found had been reported to Google and are now fixed."

Meanwhile it was reported recently that Google dropped support [1] for Pixel 3. Anyone know if these fixes were included in the "final" Pixel 3 update? [2]

[1] https://support.google.com/pixelphone/answer/4457705?hl=en#z...

[2] https://www.androidpolice.com/the-pixel-3-deserves-longer-up...

Oh my god. Is no Secure Boot safe?

Let's just give up the charade already.

No system is truly safe. That doesn't mean anyone should give up.