6 digit pin and in BFU state question.

spiral

It's not super clear to me what these settings mean.

Mine is set to "Charging only when locked" which I assume means, for both BFU and AFU, that the usb-c port will only work to charge the phone when the phone is locked. Does my description sound accurate?

DeletedUser370

spiral No. With "Charging-only when locked" (notice the hyphen there), the OS will always disable all USB functionality when the phone is locked, except for charging. Then, the phone can charge regardless of being locked or unlocked, and regardless of being in a BFU or AFU state.

The community manager summarized the various options in this post which, incidentally, I see that you replied to and engaged with: https://discuss.grapheneos.org/d/11178-grapheneos-version-2024022800-released/12

[deleted]

DeletedUser370 So if i wanted to use android auto wired with the phone locked what option should I do? Sorry I don't know why I can't grasp this.

spiral

DeletedUser370

Did we not just write the same thing?

And yes, I remember engaging in this conversation before, that is beside the point. When I look at the options on my phone for usb-c, many weeks after having them explained to me in this forum, they still present unclearly to me.

Xtreix

[deleted] The phone must be unlocked to use Android Auto, so the default setting "Charging-only when locked, except before first unlock" or "Charging-only when locked" is OK.

[deleted]

Xtreix okay I think i get it!

DeletedUser370

spiral Did we not just write the same thing?

That wasn't clear to me. I'm sorry if my explanation isn't helpful.

spiral And yes, I remember engaging in this conversation before, that is beside the point.

True, it was irrelevant of me to make a remark about that. To be clear, I didn't mean that as a criticism. It was a throw-away comment, but I see now it's irrelevant.

It seemed to me that you found the post by matchboxbananasynergy that I linked to to have previously helped you understand this, so I thought it would be helpful as a reminder in case you had forgotten the content, and perhaps useful to others reading this thread. I can't really put it any more clearly than they did.

spiral

DeletedUser370

Sure, I understand what you're saying and thanks for your help.

I'm wondering if perhaps it could be worded more clearly in the settings. Maybe it cannot and maybe the problem lies with me, however I'm betting that if I can look at those settings options and find myself confused, unable to explain them to another person, other people probably find them to be confusing too.

GrapheneOS

Beamproton Cellebrite's non-public documentation states that they cannot do brute force attacks bypassing the secure element throttling on the Pixel 6 or later. They also state that they cannot exploit GrapheneOS BFU or AFU when the security patch level is beyond late 2022. If you don't want to depend on the secure element throttling in case a forensic company develops an exploit for the secure element as they did for iPhones and legacy Snapdragon Pixels, you can use a strong random passphrase with 7 diceware words.

xuid0

GrapheneOS

Would this Diceware Password Generator be okay to recommend? https://diceware.dmuth.org

I'm sorry for reviving old forum post too.

[deleted]

Just genuinely curious, but i would love to move to 6 pin when i switch to grapheneos. Currently i use a 20+ character password for my iPhone but curious who hear uses the six pin an relies on the secure element?

Eirikr70

[deleted] I do, but I'm neither a drug dealer nor an iranian journalist.

Murcielago

Eirikr70

I have read and really appreciate many of your well written, thoughtfull and helpful comments here in the forum. So I'm sure you didn't want to paint a black and white picture dividing the world into Iranian journalists and drug dealers on one side and the rest of the world on the other. But as others maybe don't know, i wanted to add on:

I agree with you that relying on the secure element may be enough for many users here. However, in addition to the groups you mentioned above, there are people whose threat model may require a strong password.

As we saw with Pegasus (Pegasus != Cellebrite, just as a quite well documented example of misuse), it's not always just governments that have the financial means to deploy powerful state-of-the-art tools. And even in countries with a more constitutional state than maybe Iran, exploits can be misappropriated and used outside of democratic legislation.

Long things short: I think the much-cited threat model and a little reflection on whether you can and want to rely on the secure element is probably a little more helpful than considering whether you belong to one of the two groups mentioned.

Eirikr70

Murcielago You are right. I just wanted to state that protecting my privacy is not a life concern (sorry for my poor english but I think you understand) but more a kind of a political posture. I don't want my data in the hands of the Big Tech. I would say in a way I have no threat model since I bear no threat. I am just a "Français moyen" willing not to give away their privacy. So all I want to achieve is put a higher entry price to my data than what it would be worth for anyone not authorised by me. If in the end, someone is still willing to spend enough effort to enter my phone, then I would just like them to tell me why.

Murcielago

Eirikr70
Merci beaucoup pour l'explication, citoyen français! That's more or less my approach too. I hope I haven't offended you - i also didn't want to derail the discussion too as this threat is about 6 digit pin and BFU.

GrapheneOS

xuid0 No, we certainly can't recommend using a website. The whole point of diceware is that you can use dice. Until we integrate into the OS, use dice.

xuid0

GrapheneOS so not even using the diceware site I linked then adding a word or two onto the result? That would in theory reduce or eliminate any data being caught "on the wire" so to speak.

I'm obviously confused now. I'm also using a password manager to store the secrets too (Not a Google related product). So I can bring the result up on a separate device if I need to have a peak at it again?

GrapheneOS

xuid0 What if the site turns out to be malicious, such as if the person hosting it didn't do a good job securing the server and it got compromised?

xuid0

Just so you can understand me I was provided the Diceware URL I shared by an individual on the GrapheneOS Public Matrix Channel. I appreciate that it is not recommended by GOS at all and using a physical dice is the way.

I was only asking as someone provided me the URL in the chat and I wasn't aware you even needed physical dice until today earlier. I'm sorry if I caused any upset this was not intended.

xuid0

GrapheneOS i was under the impression it was all running in the users browser when using that site but I definitely see your point. Passive listening via HTTP access logs on the site is 100% a possibility that I notice the web site owner has not mentioned. The website owner could be logging everything and a threat actor would only need to access those logs once to have a gold mine of other users generated secrets.

xuid0

I took the initiative to ask dmuth via email to reply to myself via email or to this forum post to address my concerns and just a quick reply so I can understand a few things regarding their Dicewire Generator. I as a person who uses his site would like clarified.