Is privacy and security of users data safe on GrapheneOS when the device is off?

Yes and no.
Anyone can access the recovery mode and do a factory reset, thus making you lose any data you did not back up elsewhere. That’s part of the data security definition.

Otherwise, as long as the firmware and software have not been tampered with (check with Auditor), the data should be safe and private due to the encryption.
I guess that in some extreme cases, you should not enter the passphrase again on the device.
Obviously, if someone already knows your passphrase or is threatening you, it’s another story.

Not sure it answers your question. And not sure everything is accurate.

11 days later

Today my remote attestation will not engage. I've set it to 2 hours, been on phone, nothing.
I logged into the attestation app. Found some discrepancies.
My history shows:

  1. Accessibility Service enabled.
    My settings show none.
  2. Device Administrator is enabled.
    My settings show I have not given any app this permission.

My settings show Nearby Devices was used in the last 24 hours. I have not tried to access anything through WiFi or Bluetooth. So I didn't use this program.

I've seen people sitting outside my house with their cars running for over an hour. I don't want to be paranoid, but no one ever gets in or our of the car.

I compare the attestation history for both my phones and all my settings are identical. Don't know why or how the Accessibility Service would be enabled or the Device Administrator when my settings show otherwise.

other8026 changed the title to Security of powered off phone question .