> https://signal.org/blog/cellebrite-vulnerabilities/
There’s always the hope they are hit back: Cellebrite can develop solutions to automate the hacking of target phones, but in doing so their physical devices are exposed to being hacked as well.
Here's the full document without the blurriness: https://www.documentcloud.org/documents/24833831-cellebrite-...
(it's been available since 2024 -- found by searching for "android os access support matrix" on documentcloud)
A ~dozen programmers are shipping a demonstrably more secure version of a multi-billion-dollar corporation's own operating system on that company's own hardware. That's incredible.
Testament to GrapheneOS' competence and commitment to it's purpose that it's called out by name by Cellebrite.
One super simple usability v. security tradeoff that Graphene made is that if you plug a new device into the USB while the screen is locked, it just won't work until you unlock the screen. This is kinda annoying the three times a year I want to use wired earbuds, but it's a major impediment for any kind of AFU hacking.
I've set up GrapheneOS on my Pixel with 2FA fingerprint + PIN unlock. No way will anyone be getting into it without my cooperation.
My only issue was less compatibility with my local emergency services, since they can't see me on a map for some reason if I call from a GOS phone.
My solution to that was a second Pixel as an emergency phone - one with the stock OS, that I'll swap sims with and take with me when hiking, stand up paddle bording and doing other activities that carry risk. This phone has no sensitive information in it. I also have a PLB for added protection.
Another great thing about GrapheneOS (besides security) is that Google Play Services can be installed without elevated privileges and even in a separate profile which can't run in the background. This makes the phone suitable for both normal usage and for those cases where you need to use some "official" app.
It passes Play Integrity "MEETS_BASIC_INTEGRITY" but of course doesn't pass higher levels but not because it's insecure - it's because it refuses to grant GMS elevated privileges. Good news is that banking apps can whitelist GrapheneOS using standard Android attestation mechanism (and some already did).
How come not a single Cellebrite device got "lost" and thoroughly analyzed? Surely quite a few police depts are rather lax.
So I'm running Pixel 6a with GrapheneOS beta updates, I'm okay? Tho if law enforcement needs in my phone they just need to hold me until after lunch, I get pretty hungry. And those Doritos and coke they offered me sure looks tasty...
Since nobody else has mentioned it... "vulnerable to hacking" is doing a lot of heavy lifting here. It's "vulnerable" about as much as my LUKS desktop system is vulnerable.
These charts have been available for years and don't tell us anything particularly scary IMO.
This "hacking" especially for BFU/turned-off Pixel devices, at best would amount to brute-forcing your password, either on-device or after copying the flash elsewhere.
Short of using top-secret multi-million dollar 0days or something, there is no inherent Pixel flaw that lets them bypass the device's encryption or anything crazy like people are thinking. They still have to get your password somehow, just like anyone else.
> Notably, the Pixel 10 series is moving away from physical SIM cards.
Is it? I hadn't followed news of the new Pixels.
I don't like the idea of modernizing this and going full eSIM. It will introduce a lot of new friction, somehow I don't doubt it. Just now arrived to Mexico for a quick trip and grabbed a prepaid SIM from a 7-11 in the airport. All quick and simple. I doubt things would be so seamless when not having a SIM tray in the phone. Having to go through an official process to register a new card, ID oneself, hope to not have any incompatibility with the eSIM slots in your phone (admittedly I don't know how this works)... vs. just paying MXN100 and leave the store with a ready to use number.
<3 GrapheneOS, it does what I need without me spending the time.
I only wished they'd add Automatic call recording.
Those slides have been in the GrapheneOS Forums for ages.
Oh, that's what you get by being unaware of the cellphone brands. I was all excited thinking "hey, they found a way to hack phones through, I guess, screen firmware by setting a special sequence of pixels? How frakking cool!". How disappointed I was...
Wow. I was just thinking about jumping ship from iPhone to Pixel.
If there's one thing I find the most galling about Cellebrite and the larger realm of state-sponsored hacking, it's that it's practically destroyed the ability to jailbreak devices. Pretty much everything on PPL/SPTM has no public jailbreaks to speak of anymore, at least not until way after the feds have thoroughly 0wned you first.
While some of this comes down to "Apple increased their security posture", a lot of it is that these exploits are $$$ now... and also that nation state actors only really care about data exfiltration. It's https://xkcd.com/1200/ all over again. The thing the nerds actually want is, well, not useless to the glowies, but it is definitely overkill.
BFU inside the table cells means:
"BFU extraction can only pull the small amount of "Device Encrypted" (DE) data that is accessible. This is mostly system logs, some app settings, and other non-personal data. It does not get messages, photos, or detailed app data." It basically gets them the list of apps, when the phone has been powered on and off and perhaps some cell geo location history.
FFS means Full Filesystem Search.
What this implies in practice:
All locked stock Android Pixels (including 10 I am almost sure) are vulnerable to FFS after the first unlock, even in the locked state. If you want to protect your data (crossing a border, or when you are about to be interrogated by Russian FSB), turn off your stock Android Pixel.
Congratulations to the GrapheneOS team. Holding your ground against fucking government backed intelligence corporations is no easy feat. May fortune always smile upon them.
>However, rogueFed also called out the meeting organizer by name (the second screenshot, which we are not reposting).
The FBI?
[dead]
[dead]
They couldn't answer the question most on my mind: "We’ve reached out to Google to inquire about why a custom ROM created by volunteers is more resistant to industrial phone hacking than the official Pixel OS. We’ll update this article if Google has anything to say."