Cellebrite Premium July 2024 documentation

AAlllus · 2025-03-03T17:39:11+00:00

GrapheneOS Aside from that, a password is hardly immune to brute force unless you use something like 6-8 random diceware words.

Do you think that the police will do BruteForce PIN code of more than 10-15 digits BFU State? Even Oxygen Forensic Detective does not see it appropriate to hack a PIN code of more than 9 digits. All BruteForce templates are designed for a graphic key (up to 9 points) and PIN code (up to 9 digits). Everything else is months and years. The criminalistic police department has hundreds of smartphones for analysis per week ...
In addition - it makes no sense to reboot in a few hours, if the UFED - is a mobile portable device and the dump of your owner’s phone will be extracted immediately during a police search of the apartment (in AFU State).

The user of the phone that has with important data - must do all efforts to turn off the phone before his return to the police. With one button or gesture of the finger. Any options.

P.S. Support for Pixel 8 and 9 (Physical Dump ( ADB(Rooted) ), File Dump (Android Backup, APK Downgrade), Logical (Apps Data, Phone book, Call logs, SMS etc) ) added to the UFED version 7.72 (release from 2024-10-31).

GrapheneOS - nice security OS, but no Applepay/Gpay method payment(((. Its very important minus for me..

GrapheneOS · 2025-03-04T00:49:55+00:00

Alllus

In addition - it makes no sense to reboot in a few hours, if the UFED - is a mobile portable device and the dump of your owner’s phone will be extracted immediately during a police search of the apartment (in AFU State).

Cellebrite Premium doesn't have exploits which work with GrapheneOS with a patch level later than mid-2022. The purpose of the locked device auto-reboot feature is getting the device back to Before First Unlock state before they develop exploits for a current GrapheneOS and Pixel firmware release. It defends against future exploits.

The user of the phone that has with important data - must do all efforts to turn off the phone before his return to the police. With one button or gesture of the finger. Any options.

We provide strong defenses against exploitation combined with getting the device back to Before First Unlock state. Whether or not people manage to reboot to turn it off, GrapheneOS does a great job protecting their data.

https://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024 is a thread about recent improvements to the defenses.

https://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist is a thread about a recent example where GrapheneOS blocks all the exploited vulnerabilities for locked devices. It prevents one from being exploited even unlocked and the other 2 would be much harder to exploit due to the generic memory exploitation protections.

P.S. Support for Pixel 8 and 9 (Physical Dump ( ADB(Rooted) ), File Dump (Android Backup, APK Downgrade), Logical (Apps Data, Phone book, Call logs, SMS etc) ) added to the UFED version 7.72 (release from 2024-10-31).

You're talking about an extraction tool requiring them to already have the PIN/password. We're talking about their exploit products for law enforcement which do not have the ability to exploit modern GrapheneOS in practice, only iOS and Android. We have access to Cellebrite Premium documentation from January 2025 and can obtain more recent documentation if we ask.

AAlllus · 2025-03-04T19:39:45+00:00

GrapheneOS https://discuss.grapheneos.org/d/20401-grapheneos-improvements-to-protection-against-data-extraction-since-2024 is a thread about recent improvements to the defenses.

https://discuss.grapheneos.org/d/20402-cellebrite-exploits-used-to-target-serbian-student-activist

You are very convincing in your arguments! Today, the Pixel 9 order). I have a question - I used the Honor MAGIC 6 Pro (Quallcom Snapdragon 8 Gen 3, MagicOS 9.0 Android 15, with descret security chip S1, MagicOS-8.0-Security-White-Paper.pdf ) and use processes automation - "Macrodroid" on the phone. I provided this application with all possible access. I write triggers under my phone model:

turning off the phone in 15 seconds when turning off the mobile network (Faraday box);
blocking the phone when stealing a phone from my hands;
Turning off the phone within 10 seconds when connecting the USB cable;
the second factor in the authorization of PIN when unlocking with a finger;
turning off the phone if not unlocked within 1 hour,
turning off the phone after 2sec clicking the volume button up and other safety macros.

This is a good set of security addons functions. Therefore, is it possible to use a macrodroid on your OS for extra experiment for me?
My profession is an activist ... And every day it can be dangerous for my work. All information in my phone.

Ttroika · 2025-03-04T21:08:17+00:00

Alllus I asked Macrodroid to format the phone without unlocking it for a certain period of time, but they didn't agree.

AAlllus · 2025-03-05T11:52:36+00:00

troika no any problems. Example trigger actions - Run "settings" applet, Enter search "factory reset", click confirm button...

P. S. Its very simple example.. You can make it more complex. For example, add a screen sensor lock, multiple retries, etc.

FFartimoji · 2025-03-06T13:42:37+00:00

GrapheneOS are you saying, that a pixel 7a with grapheme is less secure than a newer Pixel device? If so, which is the safest device for graphene?

Dde0u · 2025-03-06T13:53:46+00:00

Fartimoji Are you saying, that a pixel 7a with grapheme is less secure than a newer Pixel device?

Correct.

For example, the 8's and 9's have MTE. More information: https://grapheneos.org/faq#recommended-devices

AAlllus · 2025-03-07T09:53:58+00:00

If I bought a Pixel 9. I install GraphenOS, install all Google programs (google translate, Play Market, Chrome, Google Drive, Google Photos and others), completely disable the USB port, set an 18-character password and a fingerprint (for convenience), set the device reboot time to 1 hour. I am not interested in anonymizing the phone. What is important to me is counteraction to hardware complexes UFED, GRAYKEY, etc. Will this be enough? Will this be a protection mode similar to the iPhone downlock mode?

Finik · 2025-03-09T01:28:17+00:00

GrapheneOS Does Windows protect better than Linux? Microsoft has more resources to implement security technology

GrapheneOS · 2025-03-09T03:03:18+00:00

Finik Depends on what you mean by Linux. It's not nearly as secure as ChromeOS or Android. It's easily more secure than Debian. Some traditional desktop Linux distributions are doing a lot better than Debian. The topic of the thread is forensic data extraction and essentially no traditional desktop OS other than macOS and ChromeOS have any serious defenses against it but ChromeOS is generally on hardware without serious defenses against it. If you're talking about security from data extraction on a laptop, there isn't much more choice than a Mac with macOS as long as you had some kind of locked device auto-reboot set up. Anything else is not able to defend seriously against it while powered up and locked.

AAlllus · 2025-03-13T07:38:50+00:00

Here's the Cellebrite Premium 7.73.1 Pixel Support Matrix from February 2025.

Pixel 6-9 with GrapheneOS - the best! No any access to BFU/AFU state

PPixelpioneer88 · 2025-03-14T12:43:57+00:00

Alllus what is is the 2022 SPL?

AAlllus · 2025-03-14T13:42:43+00:00

Pixelpioneer88
It's GrapheneOS not updated from 2022 year.

PPixelpioneer88 · 2025-03-14T13:53:05+00:00

Alllus oh awesome. So any current update is good?

EExhort14 · 2025-03-15T04:53:36+00:00

Pixelpioneer88 Yes.