What steps should I take before disposing my Pixel?

jjw96716

I have a pixel 4 and 5 both of which had GrapheneOS installed from start to finish. As both are now end of life I transferred my data to a pixel 8. I am going to sell them in the secondhand market.

When I sold an old Galaxy S series phone I factory reset it multiple times and recorded empty screen captures in 1080p in an attempt to rapidly fill the internal memory with dummy data, preventing data recovery.

Is Pixel's security robust enough that such shenanigans are not necessary? Can I just factory reset once and forget about it?

other8026

jjw96716 Can I just factory reset once and forget about it?

Yes. Since all user data is encrypted, a factory reset would be enough.

For details about this topic, you can read through this section of the website: https://grapheneos.org/faq#encryption

Anticrime

jjw96716

They will continue using your IMEI though which is linked to your past cell phone activity

BillHurdle

I've always wondered if when this will be possible. Wait while I adjust my tinfoil hat...

Typically device PINs are 6 digits, or in any event, nothing that would scare a modern processor away from a brute force attack. The encryption key might be 256 bits stored in a trusted platform module (TPU). But that key is some hash function of the PIN and probably a random number burned into the TPU during manufacture. If you can access the TPU's flash storage (expensive but not physically impossible) then you can find that random number. If you can also learn the hash function, or if it's standardized, then you know how to combine that number with the PIN in order to generate an encryption key for the media. Try every PIN that the user might have used. Use the resulting candidate key to try to decrypt the drive. Wash, rinse, repeat.

Oh, but the drive pages containing the keys encrypting most of the data were deleted when the drive itself was erased! Ah but were they? Let's say they were overwritten with zeroes. A flash memory cell is really just an electron trap. If you can measure the voltage in the trap with exquisite precision, then you might be able to recover the binary state which it contained before the erase. So for example, a previous zero might be closer to zero volts, than a previous one which was overwritten with zero.

Put this all together for a mountain of money, and you might get somewhere. But it's all intensively handson work, unless and until robots start collecting phones to analyze from landfills. Conceivable? Yes. Current threat? No.

raccoondad

BillHurdle Never read the documentation, but im pretty sure the Titan M randomly generates a key using PRNG when in start up and destroys it during factory reset

other8026

Sensitive data is stored in user profiles. User profiles each have their own unique, randomly generated disk encryption key and their own unique key encryption key is used to encrypt it.

from https://grapheneos.org/faq#encryption

BillHurdle But that key is some hash function of the PIN and probably a random number burned into the TPU during manufacture.

I don't believe so. If I understand what you're suggesting here, then changing a PIN or password would mean the key changes and then suddenly all data is inaccessible or needs to be encrypted with the new key.

BillHurdle If you can access the TPU's flash storage (expensive but not physically impossible) then you can find that random number.

Here's how a GrapheneOS developer responds to the question "What if somebody, an adversary, physically removes the Titan M chip from this and tries to brute-force the encryption passphrase?" https://youtu.be/WkQ_OCzuLNg?t=391. In short, I don't believe it's possible to do what is being suggested here.

Arnauld

Is it ok to re-install GrapheneOS instead of doing a factory reset?

BillHurdle

other8026 Interesting interview. I didn't listen to all of it but the comments on the Titan and other secure SoCs is pretty compelling. I was working with similar chips many years ago, which the hardware team had embedded with layers of "glue" that would hose the chip if it were physically compromised. But the main vulnerability back then was the same as it is today, which is atomic ablation ("atomic" in the sense of "one tiny fragment at a time"). That will give you the physical structure of the device. Then you need to run it in simulation so you can learn how to read all the flash memory cells, ideally from the pads on the bottom of the chip, but if necessary by burrowing into the device and reading the rails at the right points in 3D. (Where did I leave my MEMS tunnel boring machine?) Once you know the chip's physical structure, and you've actually read all the flash memory cells on the particular instance that you wish to attack, then you can just run through 6-digit PINs in simulation. No new physics required, but probably some engineering advances.

But this would be extremely expensive (probably billions) and demanding of expertise. Not a risk that I lose sleep over. More of a thought experiment about the limits of security. But probably nowhere near as intractable as cracking currently popular encryption ciphers. Ultimately, then, the encryption is only as strong as the physical vault holding the key.

And your point about changing the PIN and therefore losing access to the storage is spot on. I glazed over the fact that the storage would be encrypted with a master key (which would be the profile key that you're referring to), which can then be encrypted with any PIN, or any replacement for that PIN, and safely stored in memory after being encrypted yet again by the TPU via its burned-in random key. If not literally, then in effect. So ultimately, the situation is the same: extract the state of the TPU by atomic ablation, create a simulation of it, and run through all the (short) possible PINs.

I'm pretty sure I read about a shortcut to all this which was employed in a sub-million-dollar hack. They just found a wire they could ground that would prevent the chip from increasing the delay after each PIN was tried, and then brute forced it until it unlocked the phone. One would hope that modern TPUs aren't quite so daft. I don't think they are.

ve3jlg

BillHurdle They just found a wire they could ground that would prevent the chip from increasing the delay after each PIN was tried, and then brute forced it until it unlocked the phone. One would hope that modern TPUs aren't quite so daft. I don't think they are.

Manufacturing and testability. One should think about these.

How are the off-wafer TPUs going to be tested? JTAG and serial ports are common for testing other CPUs, as two examples.

If I was given a few $NNN,000,000 and a task to exploit a TPU I would certainly start looking for those, and leftovers from the device development, prototyping, and validation which are still active but not normally accessible.

BillHurdle

Anticrime IMEI is the "number of the beast". Nobody wants to go out on a limb to make it "negotiable" for lack of a better word. At least, a nice "Are you fucking crazy?" popup would help when trying to enable 5G.

BillHurdle

ve3jlg Brilliant insight. But it's not possible. I'm sure the interview and background check process at TPU Inc. is airtight. And the factory too.

A2 Brutus?

Sorry I just had to say that.