How secure GOS actually is?

unobomber

Hi to everyone!
I am new to the community and wanted to as probably simple and obvious questions. Sorry beforehand haha =)

Basically, I wanted to ask about security of the OS. I’ve read somewhere, that GOS allows its users to crypt its storage and even to crypt a bootloader. Is it true?

And if yes, after crypting a bootloader how then they should decrypt it? Is there some kind of a key or a hash sum for that? And if they forget it, does it mean that the phone is basically is locked from flashing forever?

Thanks in advance!

user

unobomber

Please read the documentation
https://grapheneos.org/features

other8026

unobomber User data is encrypted. I'm not sure how a bootloader can be encrypted. Maybe you're referring to verifying the boot hash?

I think the only way someone can be unable to unlock their bootloader is if the device is bricked somehow, but if that happens it's most likely caused by a hardware problem. On a phone without any hardware problems or disc corruption, I can't think of a scenario off the top of my head where it wouldn't be possible to unlock the bootloader.

unobomber

other8026 easy... if a phone is locked by the carrier =( I had such a smartpone google pixel 7 pro. It was locked to T-mobile and there's no way to get around this lock. Well, I didn't find one and there's also no solution on the net =(

other8026

unobomber oh. My mistake. I wasn't considering phones that have bootloader unlocking disabled by a carrier. I was thinking of phones that already have GrapheneOS on them.

I went into a deep dive on this a long time ago. It's possible the setup is still the same. Pixels with the Stock OS have to check against a remote service if bootloader unlocking is permitted. It's not possible to enable bootloader unlocking with the internet disabled. Blocking the phone's access to the server doesn't work either.

I read online that there is a command that can be sent to the bootloader along with a PIN/password/something, but I was never able to confirm this. I suspect it was possible before, but now (also not sure but suspect) Google and carriers fully rely on controlling bootloader unlocking ability via the aforementioned remote service.

As far as I know, there's no publicly known way to bypass the bootloader unlocking restriction.

unobomber

other8026

Not yet... but there has to be for sure, because it's a programmed system and any system can be hacked. On Pixel 6 there’s still a command which unlinkы a device from a carrier, however pixel 7 and above are well protected from this vulnerability.

One option may be is changing IMEI buy plugging it to QPST. If it’s not possible by a native usb plug it’s probably possible to solder a usb cord directly to the modem board and download and upload a modified firmware back to the chip. I did it for my router many times, but I just don’t have enough skills and tools to do the same with the phone.

other8026

unobomber I doubt that would make any difference because bootloader unlocking has been blocked by the carrier. It's already done. Using a fake IMEI won't be enough to change that. You'd likely have to fake the serial number as well as other IDs.

People are always trying to get past carrier locks. If there's a way around them on a pixel, it's a secret. You can attempt it yourself, but any attempt is likely to fail. Messing with hardware will more likely result in a damaged phone than an unlocked one. Better to return the locked one.

jackFang

Slightly off topic but carrier lock should be a thing of the past. I would like it to be gone at some point, that would be a good news one day when you wake up. Just another way to keep customers bound to a service

ErnestThornhill

jackFang Just another way to keep customers bound to a service

This isn't entirely true. Providers (temporarily) carrier lock newly purchased devices as a security measure (i.e. to mitigate theft and other fraudulent activity). Some providers lock a device's bootloader to protect them from things such as hacking and also to cover themselves from issuing replacements for something the user caused.