Misinterpretation of MSAB/XRY marketing

Mmcl · Jan 19, 2024

Is this true? Here the link https://www.msab.com/updates/now-out-xry-10-6-1-release-support-for-ios-17-beta-wider-device-range-and-multiple-app-enhancements/

Vve3jlg · Jan 19, 2024

mcl Is this true?

The question to always be asked is "How do I determine this is true?"

How does one determine trustworthy truth (claims) for both for and against GrapheneOS, especially from anonymous sources?

CConstant · Jan 19, 2024

This has been discussed before.

Iirc the team said that there has to be some kind of exploit for a full filesystem extraction yes, but in this case it only possible with the users consent (give away your password)
"full file system consent-based extractions "

matchboxbananasynergy · Jan 19, 2024

You should read https://discuss.grapheneos.org/d/8624-msab-xry-cracking-pixels/3 and https://discuss.grapheneos.org/d/7703-protection-from-xry-pro/3 from @final.

The extremely short TL;DR is that they're claiming to be able to do constent-based filesystem extraction. That means you have to give them the password. That's what "consent-based" means.

Closing this as a duplicate of the other threads, but feel free to further discuss in the threads linked above.